def test_socket_wrapper(self):
secret = generate_shared_secret()
cipher = create_AES_cipher(secret)
encryptor = cipher.encryptor()
decryptor = cipher.decryptor()
server_cipher = create_AES_cipher(secret)
server_encryptor = server_cipher.encryptor()
server_decryptor = server_cipher.decryptor()
mock_socket = MockSocket(server_encryptor, server_decryptor)
wrapper = EncryptedSocketWrapper(mock_socket, encryptor, decryptor)
self.assertEqual(wrapper.fileno(), 0)
# Ensure that the 12 bytes we receive are the same as the 12 bytes
# sent by the server, after undergoing encryption
self.assertEqual(wrapper.recv(12), mock_socket.raw_data[:12])
# Ensure that hello reaches the server properly after undergoing
# encryption
test_data = "hello".encode('utf-8')
wrapper.send(test_data)
self.assertEqual(test_data, mock_socket.received)
def test_file_object_wrapper(self):
cipher = create_AES_cipher(generate_shared_secret())
encryptor = cipher.encryptor()
decryptor = cipher.decryptor()
test_data = "hello".encode('utf-8')
io = BytesIO()
io.write(encryptor.update(test_data))
io.seek(0)
file_object_wrapper = EncryptedFileObjectWrapper(io, decryptor)
decrypted_data = file_object_wrapper.read(len(test_data))
self.assertEqual(test_data, decrypted_data)
def _run_login_encryption(self):
# Set up protocol encryption with the client, then return.
server_token = b'\x89\x82\x9a\x01' # Guaranteed to be random.
self.write_packet(clientbound.login.EncryptionRequestPacket(
server_id='', verify_token=server_token,
public_key=self.server.public_key_bytes))
packet = self.read_packet()
assert isinstance(packet, serverbound.login.EncryptionResponsePacket)
private_key = self.server.private_key
client_token = private_key.decrypt(packet.verify_token, PKCS1v15())
assert client_token == server_token
shared_secret = private_key.decrypt(packet.shared_secret, PKCS1v15())
cipher = create_AES_cipher(shared_secret)
enc, dec = cipher.encryptor(), cipher.decryptor()
self.socket = EncryptedSocketWrapper(self.socket, enc, dec)
self.socket_file = EncryptedFileObjectWrapper(self.socket_file, dec)
def _run_login_encryption(self):
# Set up protocol encryption with the client, then return.
server_token = b'\x89\x82\x9a\x01' # Guaranteed to be random.
self.write_packet(clientbound.login.EncryptionRequestPacket(
server_id='', verify_token=server_token,
public_key=self.server.public_key_bytes))
packet = self.read_packet()
assert isinstance(packet, serverbound.login.EncryptionResponsePacket)
private_key = self.server.private_key
client_token = private_key.decrypt(packet.verify_token, PKCS1v15())
assert client_token == server_token
shared_secret = private_key.decrypt(packet.shared_secret, PKCS1v15())
cipher = create_AES_cipher(shared_secret)
enc, dec = cipher.encryptor(), cipher.decryptor()
self.socket = EncryptedSocketWrapper(self.socket, enc, dec)
self.socket_file = EncryptedFileObjectWrapper(self.socket_file, dec)
