(self)
| 90 | self.assert_raises(IntegrityError, lambda: cs.decrypt(hdr_mac_iv_cdata_corrupted)) |
| 91 | |
| 92 | def test_AE(self): |
| 93 | # used in legacy-like layout (1 type byte, no aad) |
| 94 | key = b"X" * 32 |
| 95 | iv_int = 0 |
| 96 | data = b"foo" * 10 |
| 97 | header = b"\x23" + iv_int.to_bytes(12, "big") |
| 98 | tests = [ |
| 99 | # (ciphersuite class, exp_mac, exp_cdata) |
| 100 | ( |
| 101 | AES256_OCB, |
| 102 | "b6909c23c9aaebd9abbe1ff42097652d", |
| 103 | "877ce46d2f62dee54699cebc3ba41d9ab613f7c486778c1b3636664b1493", |
| 104 | ), |
| 105 | ( |
| 106 | CHACHA20_POLY1305, |
| 107 | "fd08594796e0706cde1e8b461e3e0555", |
| 108 | "a093e4b0387526f085d3c40cca84a35230a5c0dd766453b77ba38bcff775", |
| 109 | ), |
| 110 | ] |
| 111 | for cs_cls, exp_mac, exp_cdata in tests: |
| 112 | # print(repr(cs_cls)) |
| 113 | # encrypt/mac |
| 114 | cs = cs_cls(key, iv_int, header_len=len(header), aad_offset=1) |
| 115 | hdr_mac_iv_cdata = cs.encrypt(data, header=header) |
| 116 | hdr = hdr_mac_iv_cdata[0:1] |
| 117 | iv = hdr_mac_iv_cdata[1:13] |
| 118 | mac = hdr_mac_iv_cdata[13:29] |
| 119 | cdata = hdr_mac_iv_cdata[29:] |
| 120 | self.assert_equal(bin_to_hex(hdr), "23") |
| 121 | self.assert_equal(bin_to_hex(mac), exp_mac) |
| 122 | self.assert_equal(bin_to_hex(iv), "000000000000000000000000") |
| 123 | self.assert_equal(bin_to_hex(cdata), exp_cdata) |
| 124 | self.assert_equal(cs.next_iv(), 1) |
| 125 | # auth/decrypt |
| 126 | cs = cs_cls(key, iv_int, header_len=len(header), aad_offset=1) |
| 127 | pdata = cs.decrypt(hdr_mac_iv_cdata) |
| 128 | self.assert_equal(data, pdata) |
| 129 | self.assert_equal(cs.next_iv(), 1) |
| 130 | # auth-failure due to corruption (corrupted data) |
| 131 | cs = cs_cls(key, iv_int, header_len=len(header), aad_offset=1) |
| 132 | hdr_mac_iv_cdata_corrupted = hdr_mac_iv_cdata[:29] + b"\0" + hdr_mac_iv_cdata[30:] |
| 133 | self.assert_raises(IntegrityError, lambda: cs.decrypt(hdr_mac_iv_cdata_corrupted)) |
| 134 | |
| 135 | def test_AEAD(self): |
| 136 | # test with aad |
nothing calls this directly
no test coverage detected