handle reading and formatting of tags

author Philipp Gesang <philipp.gesang@intra2net.com>

Tue, 28 Feb 2017 16:45:54 +0000 (17:45 +0100)

committer Thomas Jarosch <thomas.jarosch@intra2net.com>

Mon, 2 Apr 2018 11:34:08 +0000 (13:34 +0200)
author Philipp Gesang <philipp.gesang@intra2net.com>
Tue, 28 Feb 2017 16:45:54 +0000 (17:45 +0100)
committer Thomas Jarosch <thomas.jarosch@intra2net.com>
Mon, 2 Apr 2018 11:34:08 +0000 (13:34 +0200)
diff --git a/deltatar/crypto.py b/deltatar/crypto.py

index 18cc9ca..f4e678c 100755 (executable)
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -94,6 +94,7 @@ FMT_I2N_HDR   = ("<"     # host byte order
 # aes+gcm
 AES_GCM_IV_LEN   = 12
 AES_GCM_MAX_SIZE = (1 << 36) - (1 << 5) # 2^39 - 2^8 b ≅ 64 GB
+AES_GCM_FMT_TAG  = "<16s"
 
 # scrypt
 SCRYPT_dkLen     = 16
@@ -199,6 +200,15 @@ def hdr_fmt_pretty (h):
                    hex_spaced_of_bytes (struct.pack (FMT_UINT64_LE, h["ctsize"])))
 
 
+def tag_fmt (t):
+    return struct.pack (AES_GCM_FMT_TAG, t)
+
+def tag_read (data):
+    try:
+        tag, = struct.unpack (AES_GCM_FMT_TAG, data)
+    except Exception as exn:
+        return False, "error reading tag from [%r]: %s" % (data, str (exn))
+    return True, tag
 
 ###############################################################################
 ## {de,en}cryption
diff --git a/testing/test_crypto.py b/testing/test_crypto.py

index d71c383..8f54387 100644 (file)
--- a/testing/test_crypto.py
+++ b/testing/test_crypto.py
@@ -262,10 +262,10 @@ class ScryptTest (CryptoLayerTest):
     nacl      = binascii.unhexlify(b"0011223344556677"
                                    b"8899aabbccddeeff")
 
-    def test_scrypt_keygen (self):
-        nacl, k = crypto.scrypt_derive (TEST_PASSPHRASE, self.nacl)
-        assert len (k) == CRYPTO_KEY_SIZE
-        assert nacl == self.nacl
+#   def test_scrypt_keygen (self):
+#       nacl, k = crypto.scrypt_derive (TEST_PASSPHRASE, self.nacl)
+#       assert len (k) == CRYPTO_KEY_SIZE
+#       assert nacl == self.nacl
 
     ## excessively slow, so disabled
 #   def test_scrypt_keygen_salt_random (self):
@@ -327,3 +327,31 @@ class HeaderTest (CryptoLayerTest):
         assert ok is False
         assert msg.startswith ("error reading header from")
 
+class TagTest (CryptoLayerTest):
+
+    def test_crypto_tag_fmt (self):
+        key  = os.urandom (CRYPTO_KEY_SIZE)
+        enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
+        ok, _ = enc.process_chunk (TEST_PLAINTEXT)
+        assert ok
+        ok, _, tag = enc.done ()
+        assert ok
+        assert tag
+        tagged = crypto.tag_fmt (tag)
+        assert len (tagged) == CRYPTO_TAG_SIZE
+
+
+    def test_crypto_tag_read (self):
+        key  = os.urandom (CRYPTO_KEY_SIZE)
+        enc = crypto.AES_GCM_context (crypto.ENCRYPT, key, TEST_AES_GCM_AAD)
+        ok, _ = enc.process_chunk (TEST_PLAINTEXT)
+        assert ok
+        ok, _, tag = enc.done ()
+        assert ok
+        assert tag
+        tagged = crypto.tag_fmt (tag)
+        (ok, ttag) = crypto.tag_read (tagged)
+        assert ok
+        assert tag == ttag
+
+
author	Philipp Gesang <philipp.gesang@intra2net.com>
	Tue, 28 Feb 2017 16:45:54 +0000 (17:45 +0100)
committer	Thomas Jarosch <thomas.jarosch@intra2net.com>
	Mon, 2 Apr 2018 11:34:08 +0000 (13:34 +0200)
deltatar/crypto.py		patch \| blob \| blame \| history
testing/test_crypto.py		patch \| blob \| blame \| history