from cryptography.hazmat.backends import default_backend
-__all__ = [ "aesgcm_enc", "aesgcm_dec" ]
+__all__ = [ "ENCRYPT", "DECRYPT"
+ , "AES_GCM_context"
+ , "hdr_make", "hdr_read", "hdr_write"
+ , "I2N_HDR_SIZE" ]
###############################################################################
## constants
buf = bytearray (I2N_HDR_SIZE)
bufv = memoryview (buf)
- print(">>>", hdr)
try:
struct.pack_into (FMT_I2N_HDR, bufv, 0,
I2N_HDR_MAGIC,
self.ctx = aesgcm_context_create (kind, key, aad, iv)
- def encrypt_chunk (self, cnk):
+ def process_chunk (self, cnk):
if self.ctx is None:
return False, "no valid encryption context"
return True, self.ctx.update (cnk)
import binascii
import os
import pylibscrypt
+import pytest
import unittest
import deltatar.crypto as crypto
+import cryptography
+
def b(s):
return s.encode("UTF-8")
key = os.urandom (CRYPTO_KEY_SIZE)
enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
+
def test_crypto_aes_gcm_enc_tag_retrieve (self):
NaCl = os.urandom (CRYPTO_NACL_SIZE)
key = os.urandom (CRYPTO_KEY_SIZE)
enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
- ok, ct = enc.encrypt_chunk (TEST_PLAINTEXT)
+ ok, ct = enc.process_chunk (TEST_PLAINTEXT)
if ok is False or ct is None:
raise "error encrypting chunk [%s]" % TEST_PLAINTEXT
ok, ct, tag = enc.done ()
if not tag:
raise "no tag received upon completing the encryption"
+
def test_crypto_aes_gcm_enc_tag_size (self):
NaCl = os.urandom (CRYPTO_NACL_SIZE)
key = os.urandom (CRYPTO_KEY_SIZE)
enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
- ok, ct = enc.encrypt_chunk (TEST_PLAINTEXT)
+ ok, ct = enc.process_chunk (TEST_PLAINTEXT)
if ok is False or ct is None:
raise "error encrypting chunk [%s]" % TEST_PLAINTEXT
ok, ct, tag = enc.done ()
raise "no tag received upon completing the encryption"
assert len (tag) == CRYPTO_TAG_SIZE
+
def test_crypto_aes_gcm_enc_chunk_size (self):
NaCl = os.urandom (CRYPTO_NACL_SIZE)
key = os.urandom (CRYPTO_KEY_SIZE)
enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
- ok, ct = enc.encrypt_chunk (TEST_PLAINTEXT)
+ ok, ct = enc.process_chunk (TEST_PLAINTEXT)
if ok is False or ct is None:
raise "error encrypting chunk [%s]" % TEST_PLAINTEXT
assert len (ct) == len (TEST_PLAINTEXT)
raise "no tag received upon completing the encryption"
assert len (ct) == 0
+
+ def test_crypto_aes_gcm_dec_simple (self):
+ NaCl = os.urandom (CRYPTO_NACL_SIZE)
+ key = os.urandom (CRYPTO_KEY_SIZE)
+ enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
+ iv = enc.iv
+ dec = crypto.AES_GCM_context (crypto.DECRYPT, key, TEST_AES_GCM_AAD, iv = iv)
+ ok, ct = enc.process_chunk (TEST_PLAINTEXT)
+ ok, _, tag = enc.done ()
+ ok, pt = dec.process_chunk (ct)
+ ok, _, _ = dec.done (tag)
+ assert pt == TEST_PLAINTEXT
+
+
+ def test_crypto_aes_gcm_dec_bad_tag (self):
+ NaCl = os.urandom (CRYPTO_NACL_SIZE)
+ key = os.urandom (CRYPTO_KEY_SIZE)
+ enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
+ iv = enc.iv
+ dec = crypto.AES_GCM_context (crypto.DECRYPT, key, TEST_AES_GCM_AAD, iv = iv)
+ ok, ct = enc.process_chunk (TEST_PLAINTEXT)
+ ok, _, tag = enc.done ()
+ ok, pt = dec.process_chunk (ct)
+ with pytest.raises (cryptography.exceptions.InvalidTag):
+ tag = tag[1:] + b"X"
+ ok, _, _ = dec.done (tag)
+
+
+ def test_crypto_fmt_hdr_make (self):
+ meta = faux_hdr()
+ ok, hdr = crypto.hdr_make (meta)
+ assert ok
+ assert len (hdr) == crypto.I2N_HDR_SIZE
+
+
+ def test_crypto_fmt_hdr_read (self):
+ meta = faux_hdr()
+ ok, hdr = crypto.hdr_make (meta)
+ assert ok
+ ok, mmeta = crypto.hdr_read (hdr)
+ assert ok
+ for k in meta:
+ if meta [k] != mmeta [k]:
+ raise "header mismatch after reading: expected %r, got %r" \
+ % (meta [k], mmeta [k])
+
+
git://developer.intra2net.com / python-delta-tar / commitdiff