From 620c2aec10423c11e49cbffc71efe19a190f9187 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 19 Oct 2013 14:12:04 -0500 Subject: block cipher decryption support This is a squash of previous commits plus new ones. Ran into a pile of conflicts during the rebase and decided this was an easier way to retain a sane commit history --- tests/primitives/test_block.py | 54 ++++++++++++++++++++++++------------------ tests/primitives/utils.py | 9 +++++-- 2 files changed, 38 insertions(+), 25 deletions(-) (limited to 'tests') diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py index 9f5905bf..4a67002f 100644 --- a/tests/primitives/test_block.py +++ b/tests/primitives/test_block.py @@ -15,11 +15,9 @@ from __future__ import absolute_import, division, print_function import binascii -import pretend import pytest from cryptography.primitives.block import BlockCipher, ciphers, modes -from cryptography.primitives.block.base import _Operation class TestBlockCipher(object): @@ -29,40 +27,42 @@ class TestBlockCipher(object): modes.CBC(binascii.unhexlify(b"0" * 32)) ) - def test_use_after_finalize(self, api): + def test_creates_encryptor(self): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)), - api + modes.CBC(binascii.unhexlify(b"0" * 32)) ) - cipher.encrypt(b"a" * 16) - cipher.finalize() - with pytest.raises(ValueError): - cipher.encrypt(b"b" * 16) - with pytest.raises(ValueError): - cipher.finalize() + assert cipher.encryptor() is not None - def test_encrypt_with_invalid_operation(self, api): + def test_creates_decryptor(self): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)), - api + modes.CBC(binascii.unhexlify(b"0" * 32)) ) - cipher._operation = _Operation.decrypt + assert cipher.decryptor() is not None - with pytest.raises(ValueError): - cipher.encrypt(b"b" * 16) - def test_finalize_with_invalid_operation(self, api): +class TestBlockCipherContext(object): + def test_use_after_finalize(self, api): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)), api ) - cipher._operation = pretend.stub(name="wat") - + context = cipher.encryptor() + context.update(b"a" * 16) + context.finalize() + with pytest.raises(ValueError): + context.update(b"b" * 16) + with pytest.raises(ValueError): + context.finalize() + context = cipher.decryptor() + context.update(b"a" * 16) + context.finalize() + with pytest.raises(ValueError): + context.update(b"b" * 16) with pytest.raises(ValueError): - cipher.finalize() + context.finalize() def test_unaligned_block_encryption(self, api): cipher = BlockCipher( @@ -70,7 +70,15 @@ class TestBlockCipher(object): modes.ECB(), api ) - ct = cipher.encrypt(b"a" * 15) + context = cipher.encryptor() + ct = context.update(b"a" * 15) assert ct == b"" - ct += cipher.encrypt(b"a" * 65) + ct += context.update(b"a" * 65) assert len(ct) == 80 + ct += context.finalize() + context = cipher.decryptor() + pt = context.update(ct[:3]) + assert pt == b"" + pt += context.update(ct[3:]) + assert len(pt) == 80 + context.finalize() diff --git a/tests/primitives/utils.py b/tests/primitives/utils.py index a3759b03..70ece52a 100644 --- a/tests/primitives/utils.py +++ b/tests/primitives/utils.py @@ -37,9 +37,14 @@ def encrypt_test(api, cipher_factory, mode_factory, params, only_if, mode_factory(**params), api ) - actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext)) - actual_ciphertext += cipher.finalize() + encryptor = cipher.encryptor() + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() assert actual_ciphertext == binascii.unhexlify(ciphertext) + decryptor = cipher.decryptor() + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) def generate_hash_test(param_loader, path, file_names, hash_cls, -- cgit v1.2.3 From 653463f0e133def71425a26fdd80bfe7c8ad5961 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 21 Oct 2013 17:55:01 -0500 Subject: address review comments * inline some methods * refactor enc/dec classes * modify docs --- tests/primitives/test_block.py | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) (limited to 'tests') diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py index 4a67002f..8e429085 100644 --- a/tests/primitives/test_block.py +++ b/tests/primitives/test_block.py @@ -49,20 +49,20 @@ class TestBlockCipherContext(object): modes.CBC(binascii.unhexlify(b"0" * 32)), api ) - context = cipher.encryptor() - context.update(b"a" * 16) - context.finalize() + encryptor = cipher.encryptor() + encryptor.update(b"a" * 16) + encryptor.finalize() with pytest.raises(ValueError): - context.update(b"b" * 16) + encryptor.update(b"b" * 16) with pytest.raises(ValueError): - context.finalize() - context = cipher.decryptor() - context.update(b"a" * 16) - context.finalize() + encryptor.finalize() + decryptor = cipher.decryptor() + decryptor.update(b"a" * 16) + decryptor.finalize() with pytest.raises(ValueError): - context.update(b"b" * 16) + decryptor.update(b"b" * 16) with pytest.raises(ValueError): - context.finalize() + decryptor.finalize() def test_unaligned_block_encryption(self, api): cipher = BlockCipher( @@ -70,15 +70,16 @@ class TestBlockCipherContext(object): modes.ECB(), api ) - context = cipher.encryptor() - ct = context.update(b"a" * 15) + encryptor = cipher.encryptor() + ct = encryptor.update(b"a" * 15) assert ct == b"" - ct += context.update(b"a" * 65) + ct += encryptor.update(b"a" * 65) assert len(ct) == 80 - ct += context.finalize() - context = cipher.decryptor() - pt = context.update(ct[:3]) + ct += encryptor.finalize() + decryptor = cipher.decryptor() + pt = decryptor.update(ct[:3]) assert pt == b"" - pt += context.update(ct[3:]) + pt += decryptor.update(ct[3:]) assert len(pt) == 80 - context.finalize() + assert pt == b"a" * 80 + decryptor.finalize() -- cgit v1.2.3 From b2c94fd22e0da4159be8c98dd32917bdf9cfb504 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 22 Oct 2013 12:45:07 -0500 Subject: verify that encryptor/decryptor returns CipherContext compliant interface --- tests/primitives/test_block.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py index 8e429085..5e147a79 100644 --- a/tests/primitives/test_block.py +++ b/tests/primitives/test_block.py @@ -17,6 +17,7 @@ import binascii import pytest +from cryptography.primitives import interfaces from cryptography.primitives.block import BlockCipher, ciphers, modes @@ -32,14 +33,14 @@ class TestBlockCipher(object): ciphers.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) - assert cipher.encryptor() is not None + assert isinstance(cipher.encryptor(), interfaces.CipherContext) def test_creates_decryptor(self): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) - assert cipher.decryptor() is not None + assert isinstance(cipher.decryptor(), interfaces.CipherContext) class TestBlockCipherContext(object): -- cgit v1.2.3