def test_verify_true(self):
decryption = Decryption(self.recipient_key, self.sender_key)
message = 'ERROR=aA321\nTOKEN=e975ffc4f0605ddf3afc299eee6aeffb59efba24769548acf58e34a89ae4e228\n'
hash = SHA512.new(message)
signer = PKCS1_v1_5.new(self.sender_key_private)
signature = signer.sign(hash)
self.assertTrue(decryption.verify(signature, message))
def test_get_message(self):
sender_key_bytes = int(self.sender_key.publickey().n.bit_length() / 8)
decryption = Decryption(self.recipient_key, self.sender_key)
signature = Random.new().read(sender_key_bytes)
message = Random.new().read(500)
decrypted_message = signature + message
self.assertEqual(message, decryption.get_message(decrypted_message))
def test_verify_true(self):
decryption = Decryption(self.recipient_key, self.sender_key)
message = 'ERROR=aA321\nTOKEN=e975ffc4f0605ddf3afc299eee6aeffb59efba24769548acf58e34a89ae4e228\n'
message = message.encode('utf-8')
hash = SHA512.new(message)
signer = PKCS1_v1_5.new(self.sender_key_private)
signature = signer.sign(hash)
self.assertTrue(decryption.verify(signature, message))
def test_get_key(self):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(16)
key = Random.new().read(32)
cipher = PKCS1_OAEP.new(self.recipient_key.publickey())
encrypted_key = cipher.encrypt(key)
raw += encrypted_key + Random.new().read(2000)
self.assertEqual(key, decryption.get_key(raw))
def test_get_message(self):
sender_key_bytes = int(self.sender_key.publickey().n.bit_length() / 8)
decryption = Decryption(self.recipient_key, self.sender_key)
signature = Random.new().read(sender_key_bytes)
message = Random.new().read(500)
decrypted_message = signature + message
self.assertEqual(message, decryption.get_message(decrypted_message))
def test_get_key(self):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(16)
key = Random.new().read(32)
cipher = PKCS1_OAEP.new(self.recipient_key.publickey())
encrypted_key = cipher.encrypt(key)
raw += encrypted_key + Random.new().read(2000)
self.assertEqual(key, decryption.get_key(raw))
def test_verify_false(self):
decryption = Decryption(self.recipient_key, self.sender_key)
wrong_message = 'ERROR=0\nTOKEN=e975ffc4f0605ddf3afc299eee6aeffb59efba24769548acf58e34a89ae4e228\n'
message = 'ERROR=aA321\nTOKEN=e975ffc4f0605ddf3afc299eee6aeffb59efba24769548acf58e34a89ae4e228\n'
wrong_message = wrong_message.encode('utf-8')
message = message.encode('utf-8')
hash = SHA512.new(wrong_message)
signer = PKCS1_v1_5.new(self.sender_key_private)
signature = signer.sign(hash)
self.assertFalse(decryption.verify(signature, message))
def test_get_decrypted_message(self):
recipient_key_bytes = int(self.recipient_key.publickey().n.bit_length() / 8)
decryption = Decryption(self.recipient_key, self.sender_key)
iv = Random.new().read(16)
key = Random.new().read(32)
encrypted_key = Random.new().read(recipient_key_bytes)
message = "a" * 2000
block_size = AES.block_size
pad = lambda s: s + (block_size - len(s) % block_size) * chr(block_size - len(s) % block_size)
message_to_encrypt = pad(message)
cipher = AES.new(key, mode=AES.MODE_CBC, IV=iv)
encrypted_message = cipher.encrypt(message_to_encrypt)
self.assertEqual(message,
decryption.get_decrypted_message(iv, key, iv + encrypted_key + encrypted_message))
def test_get_key_incorrect_length(self):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = base64.b64decode(RESPONSE_WITH_ERROR)
six.assertRaisesRegex(self, DecryptionError,
'Incorrect message length.', decryption.get_key,
raw)
def test_get_decrypted_message(self):
recipient_key_bytes = int(
self.recipient_key.publickey().n.bit_length() / 8)
decryption = Decryption(self.recipient_key, self.sender_key)
iv = Random.new().read(16)
key = Random.new().read(32)
encrypted_key = Random.new().read(recipient_key_bytes)
message = ("a" * 2000).encode('utf-8')
block_size = AES.block_size
pad = lambda s: s + (block_size - len(s) % block_size) * chr(
block_size - len(s) % block_size).encode('utf-8')
message_to_encrypt = pad(message)
cipher = AES.new(key, mode=AES.MODE_CBC, IV=iv)
encrypted_message = cipher.encrypt(message_to_encrypt)
self.assertEqual(
message,
decryption.get_decrypted_message(
iv, key, iv + encrypted_key + encrypted_message))
def test_decrypt_invalid(self, verify, get_message, get_signature,
get_decrypted_message, get_key, get_iv):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(2000)
encrypted = base64.b64encode(raw)
verify.return_value = False
six.assertRaisesRegex(self, InvalidMessageException,
"Invalid message signature", decryption.decrypt,
encrypted)
def test_decrypt_incorrect_length(self, verify, get_message, get_signature,
get_decrypted_message, get_key, get_iv):
decryption = Decryption(self.recipient_key, self.sender_key)
get_key.side_effect = DecryptionError("Incorrect message length.")
raw = Random.new().read(2000)
encrypted = base64.b64encode(raw)
verify.return_value = False
six.assertRaisesRegex(self, DecryptionError,
"Incorrect message length.", decryption.decrypt,
encrypted)
def test_decrypt(self, verify, get_message, get_signature, get_decrypted_message, get_key, get_iv):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(2000)
encrypted = base64.b64encode(raw)
message = get_message.return_value
signature = get_signature.return_value
decrypted_message = get_decrypted_message.return_value
iv = get_iv.return_value
key = get_key.return_value
verify.return_value = True
returned_message, returned_signature = decryption.decrypt(encrypted)
self.assertEqual(message, returned_message)
self.assertEqual(signature, returned_signature)
get_message.assert_called_once_with(decrypted_message)
get_decrypted_message.assert_called_once_with(iv, key, raw)
get_iv.assert_called_once_with(raw)
get_key.assert_called_once_with(raw)
get_signature.assert_called_once_with(decrypted_message)
verify.assert_called_once_with(signature, message)
def test_decrypt(self, verify, get_message, get_signature,
get_decrypted_message, get_key, get_iv, hexlify):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(2000)
encrypted = base64.b64encode(raw)
message = get_message.return_value
signature = get_signature.return_value
hexlify_signature = hexlify.return_value
decrypted_message = get_decrypted_message.return_value
iv = get_iv.return_value
key = get_key.return_value
verify.return_value = True
returned_message, returned_signature = decryption.decrypt(encrypted)
self.assertEqual(message, returned_message)
self.assertEqual(hexlify_signature, returned_signature)
get_message.assert_called_once_with(decrypted_message)
get_decrypted_message.assert_called_once_with(iv, key, raw)
get_iv.assert_called_once_with(raw)
get_key.assert_called_once_with(raw)
get_signature.assert_called_once_with(decrypted_message)
verify.assert_called_once_with(signature, message)
hexlify.assert_called_once_with(signature)
def test_decrypt_not_binary(self):
decryption = Decryption(self.recipient_key, self.sender_key)
message = "not binary"
six.assertRaisesRegex(self, DecryptionError, "Message must be binary.",
decryption.decrypt, message)
def test_get_iv(self):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(2000)
iv = raw[:16]
self.assertEqual(iv, decryption.get_iv(raw))
def test_init(self):
decryption = Decryption(self.recipient_key, self.sender_key)
self.assertEqual(self.sender_key, decryption.sender_key)
self.assertEqual(self.recipient_key, decryption.recipient_key)
def test_get_iv(self):
decryption = Decryption(self.recipient_key, self.sender_key)
raw = Random.new().read(2000)
iv = raw[:16]
self.assertEqual(iv, decryption.get_iv(raw))