def test_encrypt_decrypt_sym(self): # generate 256-bit key key = Random.new().read(32) iv, cyphertext = crypto.encrypt_sym( 'data', key, method=crypto.EncryptionMethods.AES_256_CTR) self.assertTrue(cyphertext is not None) self.assertTrue(cyphertext != '') self.assertTrue(cyphertext != 'data') plaintext = crypto.decrypt_sym( cyphertext, key, iv=iv, method=crypto.EncryptionMethods.AES_256_CTR) self.assertEqual('data', plaintext)
def test_decrypt_with_wrong_iv_fails(self): key = Random.new().read(32) iv, cyphertext = crypto.encrypt_sym( 'data', key, method=crypto.EncryptionMethods.AES_256_CTR) self.assertTrue(cyphertext is not None) self.assertTrue(cyphertext != '') self.assertTrue(cyphertext != 'data') iv += 1 plaintext = crypto.decrypt_sym( cyphertext, key, iv=iv, method=crypto.EncryptionMethods.AES_256_CTR) self.assertNotEqual('data', plaintext)
def test_decrypt_with_wrong_key_fails(self): key = Random.new().read(32) iv, cyphertext = crypto.encrypt_sym( 'data', key, method=crypto.EncryptionMethods.AES_256_CTR) self.assertTrue(cyphertext is not None) self.assertTrue(cyphertext != '') self.assertTrue(cyphertext != 'data') wrongkey = Random.new().read(32) # 256-bits key # ensure keys are different in case we are extremely lucky while wrongkey == key: wrongkey = Random.new().read(32) plaintext = crypto.decrypt_sym( cyphertext, wrongkey, iv=iv, method=crypto.EncryptionMethods.AES_256_CTR) self.assertNotEqual('data', plaintext)
def test_decrypt_with_wrong_iv_fails(self): key = Random.new().read(32) iv, cyphertext = crypto.encrypt_sym( 'data', key, method=crypto.EncryptionMethods.AES_256_CTR) self.assertTrue(cyphertext is not None) self.assertTrue(cyphertext != '') self.assertTrue(cyphertext != 'data') # get a different iv by changing the first byte rawiv = binascii.a2b_base64(iv) wrongiv = rawiv while wrongiv == rawiv: wrongiv = os.urandom(1) + rawiv[1:] plaintext = crypto.decrypt_sym( cyphertext, key, iv=binascii.b2a_base64(wrongiv), method=crypto.EncryptionMethods.AES_256_CTR) self.assertNotEqual('data', plaintext)