From 1dff7f93bd1660dfe2981fc056c2c04892110951 Mon Sep 17 00:00:00 2001 From: heartsucker Date: Thu, 16 May 2019 14:31:32 +0200 Subject: [PATCH] added regression tests for aes --- src/allmydata/test/test_crypto.py | 143 ++++++++++++++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 src/allmydata/test/test_crypto.py diff --git a/src/allmydata/test/test_crypto.py b/src/allmydata/test/test_crypto.py new file mode 100644 index 000000000..794d67656 --- /dev/null +++ b/src/allmydata/test/test_crypto.py @@ -0,0 +1,143 @@ +import six +import unittest + +from binascii import a2b_hex, b2a_hex + +from allmydata.crypto.aes import AES + + +class TestRegression(unittest.TestCase): + ''' + These tests are regression tests to ensure that the upgrade from `pycryptopp` to `cryptography` + doesn't break anything. They check that data encrypted with old keys can be decrypted with new + keys. + ''' + + KEY = b'My\x9c\xc0f\xd3\x03\x9a1\x8f\xbd\x17W_\x1f2' + IV = b'\x96\x1c\xa0\xbcUj\x89\xc1\x85J\x1f\xeb=\x17\x04\xca' + + def test_old_start_up_test(self): + """ + This was the old startup test run at import time in `pycryptopp.cipher.aes`. + """ + enc0 = b"dc95c078a2408989ad48a21492842087530f8afbc74536b9a963b4f1c4cb738b" + cryptor = AES(key=b"\x00" * 32) + ct = cryptor.process(b"\x00" * 32) + self.failUnlessEqual(enc0, b2a_hex(ct)) + + cryptor = AES(key=b"\x00" * 32) + ct1 = cryptor.process(b"\x00" * 15) + ct2 = cryptor.process(b"\x00" * 17) + self.failUnlessEqual(enc0, b2a_hex(ct1+ct2)) + + enc0 = b"66e94bd4ef8a2c3b884cfa59ca342b2e" + cryptor = AES(key=b"\x00" * 16) + ct = cryptor.process(b"\x00" * 16) + self.failUnlessEqual(enc0, b2a_hex(ct)) + + cryptor = AES(key=b"\x00" * 16) + ct1 = cryptor.process(b"\x00" * 8) + ct2 = cryptor.process(b"\x00" * 8) + self.failUnlessEqual(enc0, b2a_hex(ct1+ct2)) + + def _test_from_Niels_AES(keysize, result): + def fake_ecb_using_ctr(k, p): + return AES(key=k, iv=p).process(b'\x00' * 16) + + E = fake_ecb_using_ctr + b = 16 + k = keysize + S = '\x00' * (k+b) + + for i in range(1000): + K = S[-k:] + P = S[-k-b:-k] + S += E(K, E(K, P)) + + self.failUnlessEqual(S[-b:], a2b_hex(result)) + + _test_from_Niels_AES(16, b'bd883f01035e58f42f9d812f2dacbcd8') + _test_from_Niels_AES(32, b'c84b0f3a2c76dd9871900b07f09bdd3e') + + def test_aes_no_iv_process_short_input(self): + ''' + The old code used the following patterns with AES ciphers. + + import os + from pycryptopp.cipher.aes import AES + key = = os.urandom(16) + ciphertext = AES(key).process(plaintext) + + This test verifies that using the new AES wrapper generates the same output. + ''' + plaintext = b'test' + expected_ciphertext = b'\x7fEK\\' + + aes = AES(self.KEY) + ciphertext = aes.process(plaintext) + + self.failUnlessEqual(ciphertext, expected_ciphertext) + + def test_aes_no_iv_process_long_input(self): + ''' + The old code used the following patterns with AES ciphers. + + import os + from pycryptopp.cipher.aes import AES + key = = os.urandom(16) + ciphertext = AES(key).process(plaintext) + + This test verifies that using the new AES wrapper generates the same output. + ''' + plaintext = b'hi' * 32 + expected_ciphertext = ( + b'cIPAY%o:\xce\xfex\x8e@^.\x90\xb1\x80a\xff\xd8^\xac\x8d\xa7/\x1d\xe6\x92\xa1\x04\x92' + b'\x1f\xa1|\xd2$E\xb5\xe7\x9d\xae\xd1\x1f)\xe4\xc7\x83\xb8\xd5|dHhU\xc8\x9a\xb1\x10\xed' + b'\xd1\xe7|\xd1') + + aes = AES(self.KEY) + ciphertext = aes.process(plaintext) + + self.failUnlessEqual(ciphertext, expected_ciphertext) + + def test_aes_with_iv_process_short_input(self): + ''' + The old code used the following patterns with AES ciphers. + + import os + from pycryptopp.cipher.aes import AES + key = = os.urandom(16) + ciphertext = AES(key).process(plaintext) + + This test verifies that using the new AES wrapper generates the same output. + ''' + plaintext = b'test' + expected_ciphertext = b'\x82\x0e\rt' + + aes = AES(self.KEY, iv=self.IV) + ciphertext = aes.process(plaintext) + + self.failUnlessEqual(ciphertext, expected_ciphertext) + + def test_aes_with_iv_process_long_input(self): + ''' + The old code used the following patterns with AES ciphers. + + import os + from pycryptopp.cipher.aes import AES + key = = os.urandom(16) + ciphertext = AES(key).process(plaintext) + + This test verifies that using the new AES wrapper generates the same output. + ''' + plaintext = b'hi' * 32 + expected_ciphertext = ( + b'\x9e\x02\x16i}WL\xbf\x83\xac\xb4K\xf7\xa0\xdf\xa3\xba!3\x15\xd3(L\xb7\xb3\x91\xbcb' + b'\x97a\xdc\x100?\xf5L\x9f\xd9\xeeO\x98\xda\xf5g\x93\xa7q\xe1\xb1~\xf8\x1b\xe8[\\s' + b'\x144$\x86\xeaC^f') + + + aes = AES(self.KEY, iv=self.IV) + ciphertext = aes.process(plaintext) + + self.failUnlessEqual(ciphertext, expected_ciphertext)