"""
Either key (+nacl) or password must be supplied, not both.
"""
- try:
+ with self.assertRaises (crypto.InvalidParameter): # neither key nor pw
encryptor = crypto.Encrypt (TEST_VERSION,
TEST_PARAMVERSION,
nacl=TEST_STATIC_NACL)
- except crypto.InvalidParameter: # neither key nor pw
- pass
password = str (os.urandom (42))
key = os.urandom (16) # scrypt sized
- try:
+ with self.assertRaises (crypto.InvalidParameter): # both key and pw
encryptor = crypto.Encrypt (TEST_VERSION,
TEST_PARAMVERSION,
password=password,
key=key,
nacl=TEST_STATIC_NACL)
- except crypto.InvalidParameter: # both key and pw
- pass
- try:
+ with self.assertRaises (crypto.InvalidParameter): # key, but salt missing
encryptor = crypto.Encrypt (TEST_VERSION,
TEST_PARAMVERSION,
key=key,
nacl=None)
- except crypto.InvalidParameter: # key, but salt missing
- pass
- try:
+ with self.assertRaises (crypto.InvalidParameter): # empty pw
encryptor = crypto.Encrypt (TEST_VERSION,
TEST_PARAMVERSION,
password=b"",
nacl=TEST_STATIC_NACL)
- except crypto.InvalidParameter: # empty pw
- pass
def test_crypto_aes_gcm_enc_header_size (self):
decryptor = crypto.Decrypt (password=password)
decryptor = crypto.Decrypt (key=key)
- try:
+ with self.assertRaises (crypto.InvalidParameter): # both password and key
decryptor = crypto.Decrypt (password=password, key=key)
- except crypto.InvalidParameter: # both password and key
- pass
- try:
+ with self.assertRaises (crypto.InvalidParameter): # neither password nor key
decryptor = crypto.Decrypt (password=None, key=None)
- except crypto.InvalidParameter: # neither password nor key
- pass
- try:
+ with self.assertRaises (crypto.InvalidParameter): # # empty password
decryptor = crypto.Decrypt (password="")
- except crypto.InvalidParameter: # empty password
- pass
def test_crypto_aes_gcm_dec_simple (self):
decryptor = crypto.Decrypt (password=password, fixedparts=fixed)
decryptor.next (header)
plaintext = decryptor.process (ciphertext)
- try:
+ with self.assertRaises (crypto.InvalidGCMTag):
_ = decryptor.done ()
- except crypto.InvalidGCMTag:
- pass
def test_crypto_aes_gcm_enc_multicnk (self):
pt += cnk
off += cnksiz
- try:
+ with self.assertRaises (crypto.InvalidGCMTag):
_ = decryptor.done ()
- except crypto.InvalidGCMTag:
- pass
def test_crypto_aes_gcm_dec_iv_reuse (self):
decr_pt_1 = dec (hdr_1, ct_1)
decr_pt_2 = dec (hdr_2, ct_2) # good header, different IV
- try:
+ with self.assertRaises (crypto.DuplicateIV): # bad header, reuse detected
decr_pt_2 = dec (hdr_2_mod, ct_2)
- except crypto.DuplicateIV: # bad header, reuse detected
- pass
class HeaderTest (CryptoLayerTest):
assert ok is True
assert hdr is not None
hdr += b"-junk"
- try:
+ with self.assertRaises (crypto.InvalidHeader):
_ = crypto.hdr_read (hdr)
- except crypto.InvalidHeader:
- pass
def test_crypto_fmt_hdr_read_leading_garbage (self):
assert ok is True
assert hdr is not None
hdr = b"junk-" + hdr
- try:
+ with self.assertRaises (crypto.InvalidHeader):
_ = crypto.hdr_read (hdr)
- except crypto.InvalidHeader:
- pass
def test_crypto_fmt_hdr_inner_garbage (self):
ok, hdr = crypto.hdr_make (meta)
assert ok
data = hdr[:len(hdr)//2] + b"junk-" + hdr[len(hdr)//2:]
- try:
+ with self.assertRaises (crypto.InvalidHeader):
_ = crypto.hdr_read (data)
- except crypto.InvalidHeader:
- pass