示例#1
0
    def test_symmetric_encrypt_decrypt_roundtrips_1(self):
        encrypt_keys = [
            AESKey.generate(),
            AESKey.generate(),
            AESKey.generate(),
            AESKey.generate()
        ]

        # Verify all keys are unique
        aes_key_strings = set()
        hmac_key_strings = set()

        for key in encrypt_keys:
            aes_key_strings.add(key.aes_key_string)
            hmac_key_strings.add(key.hmac_key_string)

        self.assertEqual(len(aes_key_strings), 4)
        self.assertEqual(len(hmac_key_strings), 4)

        plaintext = 'hello world test dummy 8 9 5 1 bar2'

        # Verify that round trips work and that cryptography based primitives are fully compatible
        # with keyczar format

        count = 0
        for key in encrypt_keys:
            data_enc_keyczar = keyczar_symmetric_encrypt(key, plaintext)
            data_enc_cryptography = cryptography_symmetric_encrypt(
                key, plaintext)

            self.assertNotEqual(data_enc_keyczar, data_enc_cryptography)

            data_dec_keyczar_keyczar = keyczar_symmetric_decrypt(
                key, data_enc_keyczar)
            data_dec_keyczar_cryptography = keyczar_symmetric_decrypt(
                key, data_enc_cryptography)

            self.assertEqual(data_dec_keyczar_keyczar, plaintext)
            self.assertEqual(data_dec_keyczar_cryptography, plaintext)

            data_dec_cryptography_cryptography = cryptography_symmetric_decrypt(
                key, data_enc_cryptography)
            data_dec_cryptography_keyczar = cryptography_symmetric_decrypt(
                key, data_enc_keyczar)

            self.assertEqual(data_dec_cryptography_cryptography, plaintext)
            self.assertEqual(data_dec_cryptography_keyczar, plaintext)

            count += 1

        self.assertEqual(count, 4)
示例#2
0
    def test_decrypt_ciphertext_is_too_short(self):
        aes_key = AESKey.generate()
        plaintext = 'hello world ponies 1'
        encrypted = cryptography_symmetric_encrypt(aes_key, plaintext)

        # Verify original non manipulated value can be decrypted
        decrypted = cryptography_symmetric_decrypt(aes_key, encrypted)
        self.assertEqual(decrypted, plaintext)

        # Corrupt / shortern the encrypted data
        encrypted_malformed = binascii.unhexlify(encrypted)
        header = encrypted_malformed[:KEYCZAR_HEADER_SIZE]
        encrypted_malformed = encrypted_malformed[KEYCZAR_HEADER_SIZE:]

        # Remove 40 bytes from ciphertext bytes
        encrypted_malformed = encrypted_malformed[40:]

        # Add back header
        encrypted_malformed = header + encrypted_malformed
        encrypted_malformed = binascii.hexlify(encrypted_malformed)

        # Verify corrupted value results in an excpetion
        expected_msg = 'Invalid or malformed ciphertext'
        self.assertRaisesRegexp(ValueError, expected_msg,
                                cryptography_symmetric_decrypt, aes_key,
                                encrypted_malformed)
示例#3
0
    def test_decrypt_ciphertext_is_too_short(self):
        aes_key = AESKey.generate()
        plaintext = 'hello world ponies 1'
        encrypted = cryptography_symmetric_encrypt(aes_key, plaintext)

        # Verify original non manipulated value can be decrypted
        decrypted = cryptography_symmetric_decrypt(aes_key, encrypted)
        self.assertEqual(decrypted, plaintext)

        # Corrupt / shortern the encrypted data
        encrypted_malformed = binascii.unhexlify(encrypted)
        header = encrypted_malformed[:KEYCZAR_HEADER_SIZE]
        encrypted_malformed = encrypted_malformed[KEYCZAR_HEADER_SIZE:]

        # Remove 40 bytes from ciphertext bytes
        encrypted_malformed = encrypted_malformed[40:]

        # Add back header
        encrypted_malformed = header + encrypted_malformed
        encrypted_malformed = binascii.hexlify(encrypted_malformed)

        # Verify corrupted value results in an excpetion
        expected_msg = 'Invalid or malformed ciphertext'
        self.assertRaisesRegexp(ValueError, expected_msg, cryptography_symmetric_decrypt,
                                aes_key, encrypted_malformed)
示例#4
0
    def test_symmetric_encrypt_decrypt_roundtrips_1(self):
        encrypt_keys = [
            AESKey.generate(),
            AESKey.generate(),
            AESKey.generate(),
            AESKey.generate()
        ]

        # Verify all keys are unique
        aes_key_strings = set()
        hmac_key_strings = set()

        for key in encrypt_keys:
            aes_key_strings.add(key.aes_key_string)
            hmac_key_strings.add(key.hmac_key_string)

        self.assertEqual(len(aes_key_strings), 4)
        self.assertEqual(len(hmac_key_strings), 4)

        plaintext = 'hello world test dummy 8 9 5 1 bar2'

        # Verify that round trips work and that cryptography based primitives are fully compatible
        # with keyczar format

        count = 0
        for key in encrypt_keys:
            data_enc_keyczar = keyczar_symmetric_encrypt(key, plaintext)
            data_enc_cryptography = cryptography_symmetric_encrypt(key, plaintext)

            self.assertNotEqual(data_enc_keyczar, data_enc_cryptography)

            data_dec_keyczar_keyczar = keyczar_symmetric_decrypt(key, data_enc_keyczar)
            data_dec_keyczar_cryptography = keyczar_symmetric_decrypt(key, data_enc_cryptography)

            self.assertEqual(data_dec_keyczar_keyczar, plaintext)
            self.assertEqual(data_dec_keyczar_cryptography, plaintext)

            data_dec_cryptography_cryptography = cryptography_symmetric_decrypt(key,
                data_enc_cryptography)
            data_dec_cryptography_keyczar = cryptography_symmetric_decrypt(key, data_enc_keyczar)

            self.assertEqual(data_dec_cryptography_cryptography, plaintext)
            self.assertEqual(data_dec_cryptography_keyczar, plaintext)

            count += 1

        self.assertEqual(count, 4)
示例#5
0
    def test_symmetric_encrypt_decrypt_cryptography(self):
        key = AESKey.generate()
        plaintexts = [
            'a b c', 'ab', 'hello foo', 'hell', 'bar5'
            'hello hello bar bar hello', 'a', '', 'c'
        ]

        for plaintext in plaintexts:
            encrypted = cryptography_symmetric_encrypt(key, plaintext)
            decrypted = cryptography_symmetric_decrypt(key, encrypted)

            self.assertEqual(decrypted, plaintext)
示例#6
0
    def test_symmetric_encrypt_decrypt_cryptography(self):
        key = AESKey.generate()
        plaintexts = [
            'a b c',
            'ab',
            'hello foo',
            'hell',
            'bar5'
            'hello hello bar bar hello',
            'a',
            '',
            'c'
        ]

        for plaintext in plaintexts:
            encrypted = cryptography_symmetric_encrypt(key, plaintext)
            decrypted = cryptography_symmetric_decrypt(key, encrypted)

            self.assertEqual(decrypted, plaintext)
示例#7
0
    def test_exception_is_thrown_on_invalid_hmac_signature(self):
        aes_key = AESKey.generate()
        plaintext = 'hello world ponies 2'
        encrypted = cryptography_symmetric_encrypt(aes_key, plaintext)

        # Verify original non manipulated value can be decrypted
        decrypted = cryptography_symmetric_decrypt(aes_key, encrypted)
        self.assertEqual(decrypted, plaintext)

        # Corrupt the HMAC signature (last part is the HMAC signature)
        encrypted_malformed = binascii.unhexlify(encrypted)
        encrypted_malformed = encrypted_malformed[:-3]
        encrypted_malformed += b'abc'
        encrypted_malformed = binascii.hexlify(encrypted_malformed)

        # Verify corrupted value results in an excpetion
        expected_msg = 'Signature did not match digest'
        self.assertRaisesRegexp(InvalidSignature, expected_msg, cryptography_symmetric_decrypt,
                                aes_key, encrypted_malformed)
示例#8
0
    def test_exception_is_thrown_on_invalid_hmac_signature(self):
        aes_key = AESKey.generate()
        plaintext = 'hello world ponies 2'
        encrypted = cryptography_symmetric_encrypt(aes_key, plaintext)

        # Verify original non manipulated value can be decrypted
        decrypted = cryptography_symmetric_decrypt(aes_key, encrypted)
        self.assertEqual(decrypted, plaintext)

        # Corrupt the HMAC signature (last part is the HMAC signature)
        encrypted_malformed = binascii.unhexlify(encrypted)
        encrypted_malformed = encrypted_malformed[:-3]
        encrypted_malformed += b'abc'
        encrypted_malformed = binascii.hexlify(encrypted_malformed)

        # Verify corrupted value results in an excpetion
        expected_msg = 'Signature did not match digest'
        self.assertRaisesRegexp(InvalidSignature, expected_msg,
                                cryptography_symmetric_decrypt, aes_key,
                                encrypted_malformed)