mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2024-12-30 09:48:56 +00:00
added regression tests for aes
This commit is contained in:
parent
405f396f79
commit
1dff7f93bd
143
src/allmydata/test/test_crypto.py
Normal file
143
src/allmydata/test/test_crypto.py
Normal file
@ -0,0 +1,143 @@
|
||||
import six
|
||||
import unittest
|
||||
|
||||
from binascii import a2b_hex, b2a_hex
|
||||
|
||||
from allmydata.crypto.aes import AES
|
||||
|
||||
|
||||
class TestRegression(unittest.TestCase):
|
||||
'''
|
||||
These tests are regression tests to ensure that the upgrade from `pycryptopp` to `cryptography`
|
||||
doesn't break anything. They check that data encrypted with old keys can be decrypted with new
|
||||
keys.
|
||||
'''
|
||||
|
||||
KEY = b'My\x9c\xc0f\xd3\x03\x9a1\x8f\xbd\x17W_\x1f2'
|
||||
IV = b'\x96\x1c\xa0\xbcUj\x89\xc1\x85J\x1f\xeb=\x17\x04\xca'
|
||||
|
||||
def test_old_start_up_test(self):
|
||||
"""
|
||||
This was the old startup test run at import time in `pycryptopp.cipher.aes`.
|
||||
"""
|
||||
enc0 = b"dc95c078a2408989ad48a21492842087530f8afbc74536b9a963b4f1c4cb738b"
|
||||
cryptor = AES(key=b"\x00" * 32)
|
||||
ct = cryptor.process(b"\x00" * 32)
|
||||
self.failUnlessEqual(enc0, b2a_hex(ct))
|
||||
|
||||
cryptor = AES(key=b"\x00" * 32)
|
||||
ct1 = cryptor.process(b"\x00" * 15)
|
||||
ct2 = cryptor.process(b"\x00" * 17)
|
||||
self.failUnlessEqual(enc0, b2a_hex(ct1+ct2))
|
||||
|
||||
enc0 = b"66e94bd4ef8a2c3b884cfa59ca342b2e"
|
||||
cryptor = AES(key=b"\x00" * 16)
|
||||
ct = cryptor.process(b"\x00" * 16)
|
||||
self.failUnlessEqual(enc0, b2a_hex(ct))
|
||||
|
||||
cryptor = AES(key=b"\x00" * 16)
|
||||
ct1 = cryptor.process(b"\x00" * 8)
|
||||
ct2 = cryptor.process(b"\x00" * 8)
|
||||
self.failUnlessEqual(enc0, b2a_hex(ct1+ct2))
|
||||
|
||||
def _test_from_Niels_AES(keysize, result):
|
||||
def fake_ecb_using_ctr(k, p):
|
||||
return AES(key=k, iv=p).process(b'\x00' * 16)
|
||||
|
||||
E = fake_ecb_using_ctr
|
||||
b = 16
|
||||
k = keysize
|
||||
S = '\x00' * (k+b)
|
||||
|
||||
for i in range(1000):
|
||||
K = S[-k:]
|
||||
P = S[-k-b:-k]
|
||||
S += E(K, E(K, P))
|
||||
|
||||
self.failUnlessEqual(S[-b:], a2b_hex(result))
|
||||
|
||||
_test_from_Niels_AES(16, b'bd883f01035e58f42f9d812f2dacbcd8')
|
||||
_test_from_Niels_AES(32, b'c84b0f3a2c76dd9871900b07f09bdd3e')
|
||||
|
||||
def test_aes_no_iv_process_short_input(self):
|
||||
'''
|
||||
The old code used the following patterns with AES ciphers.
|
||||
|
||||
import os
|
||||
from pycryptopp.cipher.aes import AES
|
||||
key = = os.urandom(16)
|
||||
ciphertext = AES(key).process(plaintext)
|
||||
|
||||
This test verifies that using the new AES wrapper generates the same output.
|
||||
'''
|
||||
plaintext = b'test'
|
||||
expected_ciphertext = b'\x7fEK\\'
|
||||
|
||||
aes = AES(self.KEY)
|
||||
ciphertext = aes.process(plaintext)
|
||||
|
||||
self.failUnlessEqual(ciphertext, expected_ciphertext)
|
||||
|
||||
def test_aes_no_iv_process_long_input(self):
|
||||
'''
|
||||
The old code used the following patterns with AES ciphers.
|
||||
|
||||
import os
|
||||
from pycryptopp.cipher.aes import AES
|
||||
key = = os.urandom(16)
|
||||
ciphertext = AES(key).process(plaintext)
|
||||
|
||||
This test verifies that using the new AES wrapper generates the same output.
|
||||
'''
|
||||
plaintext = b'hi' * 32
|
||||
expected_ciphertext = (
|
||||
b'cIPAY%o:\xce\xfex\x8e@^.\x90\xb1\x80a\xff\xd8^\xac\x8d\xa7/\x1d\xe6\x92\xa1\x04\x92'
|
||||
b'\x1f\xa1|\xd2$E\xb5\xe7\x9d\xae\xd1\x1f)\xe4\xc7\x83\xb8\xd5|dHhU\xc8\x9a\xb1\x10\xed'
|
||||
b'\xd1\xe7|\xd1')
|
||||
|
||||
aes = AES(self.KEY)
|
||||
ciphertext = aes.process(plaintext)
|
||||
|
||||
self.failUnlessEqual(ciphertext, expected_ciphertext)
|
||||
|
||||
def test_aes_with_iv_process_short_input(self):
|
||||
'''
|
||||
The old code used the following patterns with AES ciphers.
|
||||
|
||||
import os
|
||||
from pycryptopp.cipher.aes import AES
|
||||
key = = os.urandom(16)
|
||||
ciphertext = AES(key).process(plaintext)
|
||||
|
||||
This test verifies that using the new AES wrapper generates the same output.
|
||||
'''
|
||||
plaintext = b'test'
|
||||
expected_ciphertext = b'\x82\x0e\rt'
|
||||
|
||||
aes = AES(self.KEY, iv=self.IV)
|
||||
ciphertext = aes.process(plaintext)
|
||||
|
||||
self.failUnlessEqual(ciphertext, expected_ciphertext)
|
||||
|
||||
def test_aes_with_iv_process_long_input(self):
|
||||
'''
|
||||
The old code used the following patterns with AES ciphers.
|
||||
|
||||
import os
|
||||
from pycryptopp.cipher.aes import AES
|
||||
key = = os.urandom(16)
|
||||
ciphertext = AES(key).process(plaintext)
|
||||
|
||||
This test verifies that using the new AES wrapper generates the same output.
|
||||
'''
|
||||
plaintext = b'hi' * 32
|
||||
expected_ciphertext = (
|
||||
b'\x9e\x02\x16i}WL\xbf\x83\xac\xb4K\xf7\xa0\xdf\xa3\xba!3\x15\xd3(L\xb7\xb3\x91\xbcb'
|
||||
b'\x97a\xdc\x100?\xf5L\x9f\xd9\xeeO\x98\xda\xf5g\x93\xa7q\xe1\xb1~\xf8\x1b\xe8[\\s'
|
||||
b'\x144$\x86\xeaC^f')
|
||||
|
||||
|
||||
aes = AES(self.KEY, iv=self.IV)
|
||||
ciphertext = aes.process(plaintext)
|
||||
|
||||
self.failUnlessEqual(ciphertext, expected_ciphertext)
|
Loading…
Reference in New Issue
Block a user