From d1f0201fd80659395a8444efe11ba24473c212e5 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 1 Nov 2013 14:12:35 -0700 Subject: Document how this returns bytes --- docs/hazmat/primitives/symmetric-encryption.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 5852dc21..a0e76506 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -63,6 +63,11 @@ where the encrypter and decrypter both use the same key. :param bytes data: The data you wish to pass into the context. :return bytes: Returns the data that was encrypted or decrypted. + When the ``BlockCipher`` was constructed in a mode turns it into a + stream cipher, this will return bytes immediately, however in other + modes it will return blocks in chunks, whose size is determined by the + cipher's block size. + .. method:: finalize() :return bytes: Returns the remainder of the data. @@ -162,7 +167,8 @@ Modes block size of less than 128-bits. CTR (Counter) is a mode of operation for block ciphers. It is considered - cryptographically strong. + cryptographically strong. It transforms a block cipher into a stream + cipher. :param bytes nonce: Should be random bytes. It is critical to never reuse a ``nonce`` with a given key. Any reuse of a nonce -- cgit v1.2.3 From fc09a7cb78591ad0bf5ee0116c85dcee6d47502c Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 1 Nov 2013 14:43:02 -0700 Subject: For example --- docs/hazmat/primitives/symmetric-encryption.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index a0e76506..f68979a3 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -64,9 +64,10 @@ where the encrypter and decrypter both use the same key. :return bytes: Returns the data that was encrypted or decrypted. When the ``BlockCipher`` was constructed in a mode turns it into a - stream cipher, this will return bytes immediately, however in other - modes it will return blocks in chunks, whose size is determined by the - cipher's block size. + stream cipher (e.g. + :class:`cryptography.hazmat.primitives.block.modes.CTR`), this will + return bytes immediately, however in other modes it will return blocks + in chunks, whose size is determined by the cipher's block size. .. method:: finalize() -- cgit v1.2.3 From bf2de7458aebbc6bc855e9f145cf9a40ceec033e Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 1 Nov 2013 14:48:19 -0700 Subject: better english --- docs/hazmat/primitives/symmetric-encryption.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index f68979a3..b8b1c839 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -66,8 +66,8 @@ where the encrypter and decrypter both use the same key. When the ``BlockCipher`` was constructed in a mode turns it into a stream cipher (e.g. :class:`cryptography.hazmat.primitives.block.modes.CTR`), this will - return bytes immediately, however in other modes it will return blocks - in chunks, whose size is determined by the cipher's block size. + return bytes immediately, however in other modes it will return chunks, + whose size is determined by the cipher's block size. .. method:: finalize() -- cgit v1.2.3 From b0897d82b5dabc2defe5f8fb7306997729106ffa Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 1 Nov 2013 15:46:52 -0700 Subject: ARC4 vectors from RFC 6229 reformatted for NIST loader --- .../vectors/ciphers/ARC4/rfc-6229-128.txt | 128 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-192.txt | 128 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-256.txt | 128 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-40.txt | 111 ++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-56.txt | 128 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-64.txt | 128 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-80.txt | 128 +++++++++++++++++++++ 7 files changed, 879 insertions(+) create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt new file mode 100644 index 00000000..7d1fa5e6 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 128-bit key +COUNT = 0 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9ac7cc9a609d1ef7b2932899cde41b97 + + +COUNT = 1 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5248c4959014126a6e8a84f11d1a9e1c + + +COUNT = 2 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 065902e4b620f6cc36c8589f66432f2b + + +COUNT = 3 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d39d566bc6bce3010768151549f3873f + + +COUNT = 4 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b6d1e6c4a5e4771cad79538df295fb11 + + +COUNT = 5 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c68c1d5c559a974123df1dbc52a43b89 + + +COUNT = 6 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c5ecf88de897fd57fed301701b82a259 + + +COUNT = 7 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = eccbe13de1fcc91c11a0b26c0bc8fa4d + + +COUNT = 8 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e7a72574f8782ae26aabcf9ebcd66065 + + +COUNT = 9 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bdf0324e6083dcc6d3cedd3ca8c53c16 + + +COUNT = 10 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b40110c4190b5622a96116b0017ed297 + + +COUNT = 11 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ffa0b514647ec04f6306b892ae661181 + + +COUNT = 12 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d03d1bc03cd33d70dff9fa5d71963ebd + + +COUNT = 13 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8a44126411eaa78bd51e8d87a8879bf5 + + +COUNT = 14 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = fabeb76028ade2d0e48722e46c4615a3 + + +COUNT = 15 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c05d88abd50357f935a63c59ee537623 + + +COUNT = 16 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ff38265c1642c1abe8d3c2fe5e572bf8 + + +COUNT = 17 +KEY = 0102030405060708090a0b0c0d0e0f10 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = a36a4c301ae8ac13610ccbc12256cacc diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt new file mode 100644 index 00000000..dfea674d --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 192-bit key +COUNT = 0 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0595e57fe5f0bb3c706edac8a4b2db11 + + +COUNT = 1 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = dfde31344a1af769c74f070aee9e2326 + + +COUNT = 2 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b06b9b1e195d13d8f4a7995c4553ac05 + + +COUNT = 3 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6bd2378ec341c9a42f37ba79f88a32ff + + +COUNT = 4 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e70bce1df7645adb5d2c4130215c3522 + + +COUNT = 5 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9a5730c7fcb4c9af51ffda89c7f1ad22 + + +COUNT = 6 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0485055fd4f6f0d963ef5ab9a5476982 + + +COUNT = 7 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 591fc66bcda10e452b03d4551f6b62ac + + +COUNT = 8 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 2753cc83988afa3e1688a1d3b42c9a02 + + +COUNT = 9 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 93610d523d1d3f0062b3c2a3bbc7c7f0 + + +COUNT = 10 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 96c248610aadedfeaf8978c03de8205a + + +COUNT = 11 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0e317b3d1c73b9e9a4688f296d133a19 + + +COUNT = 12 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bdf0e6c3cca5b5b9d533b69c56ada120 + + +COUNT = 13 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 88a218b6e2ece1e6246d44c759d19b10 + + +COUNT = 14 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6866397e95c140534f94263421006e40 + + +COUNT = 15 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 32cb0a1e9542c6b3b8b398abc3b0f1d5 + + +COUNT = 16 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 29a0b8aed54a132324c62e423f54b4c8 + + +COUNT = 17 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3cb0f3b5020a98b82af9fe154484a168 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt new file mode 100644 index 00000000..52346fbc --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 256-bit key +COUNT = 0 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = eaa6bd25880bf93d3f5d1e4ca2611d91 + + +COUNT = 1 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = cfa45c9f7e714b54bdfa80027cb14380 + + +COUNT = 2 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 114ae344ded71b35f2e60febad727fd8 + + +COUNT = 3 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 02e1e7056b0f623900496422943e97b6 + + +COUNT = 4 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 91cb93c787964e10d9527d999c6f936b + + +COUNT = 5 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 49b18b42f8e8367cbeb5ef104ba1c7cd + + +COUNT = 6 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 87084b3ba700bade955610672745b374 + + +COUNT = 7 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e7a7b9e9ec540d5ff43bdb12792d1b35 + + +COUNT = 8 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c799b596738f6b018c76c74b1759bd90 + + +COUNT = 9 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 7fec5bfd9f9b89ce6548309092d7e958 + + +COUNT = 10 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 40f250b26d1f096a4afd4c340a588815 + + +COUNT = 11 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3e34135c79db010200767651cf263073 + + +COUNT = 12 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f656abccf88dd827027b2ce917d464ec + + +COUNT = 13 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 18b62503bfbc077fbabb98f20d98ab34 + + +COUNT = 14 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8aed95ee5b0dcbfbef4eb21d3a3f52f9 + + +COUNT = 15 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 625a1ab00ee39a5327346bddb01a9c18 + + +COUNT = 16 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = a13a7c79c7e119b5ab0296ab28c300b9 + + +COUNT = 17 +KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f3e4c0a2e02d1d01f7f0a74618af2b48 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt new file mode 100644 index 00000000..fe5584cd --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt @@ -0,0 +1,111 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 40-bit key +COUNT = 0 +KEY = 0102030405 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b2396305f03dc027ccc3524a0a1118a8 + +COUNT = 1 +KEY = 0102030405 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6982944f18fc82d589c403a47a0d0919 + +COUNT = 2 +KEY = 0102030405 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 28cb1132c96ce286421dcaadb8b69eae + +COUNT = 3 +KEY = 0102030405 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1cfcf62b03eddb641d77dfcf7f8d8c93 + +COUNT = 4 +KEY = 0102030405 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 42b7d0cdd918a8a33dd51781c81f4041 + +COUNT = 5 +KEY = 0102030405 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6459844432a7da923cfb3eb4980661f6 + +COUNT = 6 +KEY = 0102030405 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ec10327bde2beefd18f9277680457e22 + +COUNT = 7 +KEY = 0102030405 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = eb62638d4f0ba1fe9fca20e05bf8ff2b + +COUNT = 8 +KEY = 0102030405 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 45129048e6a0ed0b56b490338f078da5 + +COUNT = 9 +KEY = 0102030405 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 30abbcc7c20b01609f23ee2d5f6bb7df + +COUNT = 10 +KEY = 0102030405 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3294f744d8f9790507e70f62e5bbceea + +COUNT = 11 +KEY = 0102030405 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d8729db41882259bee4f825325f5a130 + +COUNT = 12 +KEY = 0102030405 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1eb14a0c13b3bf47fa2a0ba93ad45b8b + +COUNT = 13 +KEY = 0102030405 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = cc582f8ba9f265e2b1be9112e975d2d7 + +COUNT = 14 +KEY = 0102030405 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f2e30f9bd102ecbf75aaade9bc35c43c + +COUNT = 15 +KEY = 0102030405 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ec0e11c479dc329dc8da7968fe965681 + +COUNT = 16 +KEY = 0102030405 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 068326a2118416d21f9d04b2cd1ca050 + +COUNT = 17 +KEY = 0102030405 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ff25b58995996707e51fbdf08b34d875 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt new file mode 100644 index 00000000..8b1b3c41 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 56-bit key +COUNT = 0 +KEY = 01020304050607 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 293f02d47f37c9b633f2af5285feb46b + + +COUNT = 1 +KEY = 01020304050607 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e620f1390d19bd84e2e0fd752031afc1 + + +COUNT = 2 +KEY = 01020304050607 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 914f02531c9218810df60f67e338154c + + +COUNT = 3 +KEY = 01020304050607 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d0fdb583073ce85ab83917740ec011d5 + + +COUNT = 4 +KEY = 01020304050607 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 75f81411e871cffa70b90c74c592e454 + + +COUNT = 5 +KEY = 01020304050607 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0bb87202938dad609e87a5a1b079e5e4 + + +COUNT = 6 +KEY = 01020304050607 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c2911246b612e7e7b903dfeda1dad866 + + +COUNT = 7 +KEY = 01020304050607 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 32828f91502b6291368de8081de36fc2 + + +COUNT = 8 +KEY = 01020304050607 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f3b9a7e3b297bf9ad804512f9063eff1 + + +COUNT = 9 +KEY = 01020304050607 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8ecb67a9ba1f55a5a067e2b026a3676f + + +COUNT = 10 +KEY = 01020304050607 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d2aa902bd42d0d7cfd340cd45810529f + + +COUNT = 11 +KEY = 01020304050607 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 78b272c96e42eab4c60bd914e39d06e3 + + +COUNT = 12 +KEY = 01020304050607 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f4332fd31a079396ee3cee3f2a4ff049 + + +COUNT = 13 +KEY = 01020304050607 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 05459781d41fda7f30c1be7e1246c623 + + +COUNT = 14 +KEY = 01020304050607 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = adfd3868b8e51485d5e610017e3dd609 + + +COUNT = 15 +KEY = 01020304050607 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ad26581c0c5be45f4cea01db2f3805d5 + + +COUNT = 16 +KEY = 01020304050607 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f3172ceffc3b3d997c85ccd5af1a950c + + +COUNT = 17 +KEY = 01020304050607 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e74b0b9731227fd37c0ec08a47ddd8b8 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt new file mode 100644 index 00000000..b3a9fdb0 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 64-bit key +COUNT = 0 +KEY = 0102030405060708 +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 97ab8a1bf0afb96132f2f67258da15a8 + + +COUNT = 1 +KEY = 0102030405060708 +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8263efdb45c4a18684ef87e6b19e5b09 + + +COUNT = 2 +KEY = 0102030405060708 +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9636ebc9841926f4f7d1f362bddf6e18 + + +COUNT = 3 +KEY = 0102030405060708 +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d0a990ff2c05fef5b90373c9ff4b870a + + +COUNT = 4 +KEY = 0102030405060708 +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 73239f1db7f41d80b643c0c52518ec63 + + +COUNT = 5 +KEY = 0102030405060708 +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 163b319923a6bdb4527c626126703c0f + + +COUNT = 6 +KEY = 0102030405060708 +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 49d6c8af0f97144a87df21d91472f966 + + +COUNT = 7 +KEY = 0102030405060708 +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 44173a103b6616c5d5ad1cee40c863d0 + + +COUNT = 8 +KEY = 0102030405060708 +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 273c9c4b27f322e4e716ef53a47de7a4 + + +COUNT = 9 +KEY = 0102030405060708 +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c6d0e7b226259fa9023490b26167ad1d + + +COUNT = 10 +KEY = 0102030405060708 +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1fe8986713f07c3d9ae1c163ff8cf9d3 + + +COUNT = 11 +KEY = 0102030405060708 +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8369e1a965610be887fbd0c79162aafb + + +COUNT = 12 +KEY = 0102030405060708 +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0a0127abb44484b9fbef5abcae1b579f + + +COUNT = 13 +KEY = 0102030405060708 +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c2cdadc6402e8ee866e1f37bdb47e42c + + +COUNT = 14 +KEY = 0102030405060708 +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 26b51ea37df8e1d6f76fc3b66a7429b3 + + +COUNT = 15 +KEY = 0102030405060708 +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bc7683205d4f443dc1f29dda3315c87b + + +COUNT = 16 +KEY = 0102030405060708 +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d5fa5a3469d29aaaf83d23589db8c85b + + +COUNT = 17 +KEY = 0102030405060708 +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3fb46e2c8f0f068edce8cdcd7dfc5862 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt new file mode 100644 index 00000000..d5e51ec9 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt @@ -0,0 +1,128 @@ +# Vectors from RFC 6229. Reformatted to work with the NIST loader +[ENCRYPT] + +# 80-bit key +COUNT = 0 +KEY = 0102030405060708090a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ede3b04643e586cc907dc21851709902 + + +COUNT = 1 +KEY = 0102030405060708090a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 03516ba78f413beb223aa5d4d2df6711 + + +COUNT = 2 +KEY = 0102030405060708090a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3cfd6cb58ee0fdde640176ad0000044d + + +COUNT = 3 +KEY = 0102030405060708090a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 48532b21fb6079c9114c0ffd9c04a1ad + + +COUNT = 4 +KEY = 0102030405060708090a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3e8cea98017109979084b1ef92f99d86 + + +COUNT = 5 +KEY = 0102030405060708090a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e20fb49bdb337ee48b8d8dc0f4afeffe + + +COUNT = 6 +KEY = 0102030405060708090a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5c2521eacd7966f15e056544bea0d315 + + +COUNT = 7 +KEY = 0102030405060708090a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e067a7031931a246a6c3875d2f678acb + + +COUNT = 8 +KEY = 0102030405060708090a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = a64f70af88ae56b6f87581c0e23e6b08 + + +COUNT = 9 +KEY = 0102030405060708090a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f449031de312814ec6f319291f4a0516 + + +COUNT = 10 +KEY = 0102030405060708090a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bdae85924b3cb1d0a2e33a30c6d79599 + + +COUNT = 11 +KEY = 0102030405060708090a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8a0feddbac865a09bcd127fb562ed60a + + +COUNT = 12 +KEY = 0102030405060708090a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b55a0a5b51a12a8be34899c3e047511a + + +COUNT = 13 +KEY = 0102030405060708090a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d9a09cea3ce75fe39698070317a71339 + + +COUNT = 14 +KEY = 0102030405060708090a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 552225ed1177f44584ac8cfa6c4eb5fc + + +COUNT = 15 +KEY = 0102030405060708090a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 7e82cbabfc95381b080998442129c2f8 + + +COUNT = 16 +KEY = 0102030405060708090a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1f135ed14ce60a91369d2322bef25e3c + + +COUNT = 17 +KEY = 0102030405060708090a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 08b6be45124a43e2eb77953f84dc8553 -- cgit v1.2.3 From f6d71bae5c508b11e44ffc96740eb2f4c394df00 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 1 Nov 2013 16:04:21 -0700 Subject: add key 2 tests from rfc 6229 --- .../vectors/ciphers/ARC4/rfc-6229-128.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-192.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-256.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-40.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-56.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-64.txt | 126 +++++++++++++++++++++ .../vectors/ciphers/ARC4/rfc-6229-80.txt | 126 +++++++++++++++++++++ 7 files changed, 882 insertions(+) diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt index 7d1fa5e6..0902491b 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-128.txt @@ -126,3 +126,129 @@ KEY = 0102030405060708090a0b0c0d0e0f10 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = a36a4c301ae8ac13610ccbc12256cacc + +# key 2 +COUNT = 18 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 720c94b63edf44e131d950ca211a5a30 + + +COUNT = 19 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c366fdeacf9ca80436be7c358424d20b + + +COUNT = 20 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b3394a40aabf75cba42282ef25a0059f + + +COUNT = 21 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 4847d81da4942dbc249defc48c922b9f + + +COUNT = 22 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 08128c469f275342adda202b2b58da95 + + +COUNT = 23 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 970dacef40ad98723bac5d6955b81761 + + +COUNT = 24 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3cb89993b07b0ced93de13d2a11013ac + + +COUNT = 25 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ef2d676f1545c2c13dc680a02f4adbfe + + +COUNT = 26 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b60595514f24bc9fe522a6cad7393644 + + +COUNT = 27 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b515a8c5011754f59003058bdb81514e + + +COUNT = 28 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3c70047e8cbc038e3b9820db601da495 + + +COUNT = 29 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1175da6ee756de46a53e2b075660b770 + + +COUNT = 30 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 00a542bba02111cc2c65b38ebdba587e + + +COUNT = 31 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5865fdbb5b48064104e830b380f2aede + + +COUNT = 32 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 34b21ad2ad44e999db2d7f0863f0d9b6 + + +COUNT = 33 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 84a9218fc36e8a5f2ccfbeae53a27d25 + + +COUNT = 34 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = a2221a11b833ccb498a59540f0545f4a + + +COUNT = 35 +KEY = ebb46227c6cc8b37641910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5bbeb4787d59e5373fdbea6c6f75c29b diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt index dfea674d..f2fbaafe 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-192.txt @@ -126,3 +126,129 @@ KEY = 0102030405060708090a0b0c0d0e0f101112131415161718 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = 3cb0f3b5020a98b82af9fe154484a168 + +# key 2 +COUNT = 18 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 54b64e6b5a20b5e2ec84593dc7989da7 + + +COUNT = 19 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c135eee237a85465ff97dc03924f45ce + + +COUNT = 20 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = cfcc922fb4a14ab45d6175aabbf2d201 + + +COUNT = 21 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 837b87e2a446ad0ef798acd02b94124f + + +COUNT = 22 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 17a6dbd664926a0636b3f4c37a4f4694 + + +COUNT = 23 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 4a5f9f26aeeed4d4a25f632d305233d9 + + +COUNT = 24 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 80a3d01ef00c8e9a4209c17f4eeb358c + + +COUNT = 25 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d15e7d5ffaaabc0207bf200a117793a2 + + +COUNT = 26 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 349682bf588eaa52d0aa1560346aeafa + + +COUNT = 27 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f5854cdb76c889e3ad63354e5f7275e3 + + +COUNT = 28 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 532c7ceccb39df3236318405a4b1279c + + +COUNT = 29 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = baefe6d9ceb651842260e0d1e05e3b90 + + +COUNT = 30 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e82d8c6db54e3c633f581c952ba04207 + + +COUNT = 31 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 4b16e50abd381bd70900a9cd9a62cb23 + + +COUNT = 32 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3682ee33bd148bd9f58656cd8f30d9fb + + +COUNT = 33 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1e5a0b8475045d9b20b2628624edfd9e + + +COUNT = 34 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 63edd684fb826282fe528f9c0e9237bc + + +COUNT = 35 +KEY = c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e4dd2e98d6960fae0b43545456743391 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt index 52346fbc..35bf7863 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-256.txt @@ -126,3 +126,129 @@ KEY = 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = f3e4c0a2e02d1d01f7f0a74618af2b48 + +# key 2 +COUNT = 18 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = dd5bcb0018e922d494759d7c395d02d3 + + +COUNT = 19 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c8446f8f77abf737685353eb89a1c9eb + + +COUNT = 20 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = af3e30f9c095045938151575c3fb9098 + + +COUNT = 21 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f8cb6274db99b80b1d2012a98ed48f0e + + +COUNT = 22 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 25c3005a1cb85de076259839ab7198ab + + +COUNT = 23 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9dcbc183e8cb994b727b75be3180769c + + +COUNT = 24 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = a1d3078dfa9169503ed9d4491dee4eb2 + + +COUNT = 25 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8514a5495858096f596e4bcd66b10665 + + +COUNT = 26 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5f40d59ec1b03b33738efa60b2255d31 + + +COUNT = 27 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3477c7f764a41baceff90bf14f92b7cc + + +COUNT = 28 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ac4e95368d99b9eb78b8da8f81ffa795 + + +COUNT = 29 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8c3c13f8c2388bb73f38576e65b7c446 + + +COUNT = 30 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 13c4b9c1dfb66579eddd8a280b9f7316 + + +COUNT = 31 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ddd27820550126698efaadc64b64f66e + + +COUNT = 32 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f08f2e66d28ed143f3a237cf9de73559 + + +COUNT = 33 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9ea36c525531b880ba124334f57b0b70 + + +COUNT = 34 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d5a39e3dfcc50280bac4a6b5aa0dca7d + + +COUNT = 35 +KEY = 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 370b1c1fe655916d97fd0d47ca1d72b8 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt index fe5584cd..5fe7d019 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-40.txt @@ -109,3 +109,129 @@ KEY = 0102030405 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = ff25b58995996707e51fbdf08b34d875 + +# key 2 +COUNT = 18 +KEY = 833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 80ad97bdc973df8a2e879e92a497efda + + +COUNT = 19 +KEY = 833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 20f060c2f2e5126501d3d4fea10d5fc0 + + +COUNT = 20 +KEY = 833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = faa148e99046181fec6b2085f3b20ed9 + + +COUNT = 21 +KEY = 833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f0daf5bab3d596839857846f73fbfe5a + + +COUNT = 22 +KEY = 833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1c7e2fc4639232fe297584b296996bc8 + + +COUNT = 23 +KEY = 833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3db9b249406cc8edffac55ccd322ba12 + + +COUNT = 24 +KEY = 833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e4f9f7e0066154bbd125b745569bc897 + + +COUNT = 25 +KEY = 833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 75d5ef262b44c41a9cf63ae14568e1b9 + + +COUNT = 26 +KEY = 833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6da453dbf81e82334a3d8866cb50a1e3 + + +COUNT = 27 +KEY = 833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 7828d074119cab5c22b294d7a9bfa0bb + + +COUNT = 28 +KEY = 833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = adb89cea9a15fbe617295bd04b8ca05c + + +COUNT = 29 +KEY = 833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6251d87fd4aaae9a7e4ad5c217d3f300 + + +COUNT = 30 +KEY = 833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e7119bd6dd9b22afe8f89585432881e2 + + +COUNT = 31 +KEY = 833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 785b60fd7ec4e9fcb6545f350d660fab + + +COUNT = 32 +KEY = 833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = afecc037fdb7b0838eb3d70bcd268382 + + +COUNT = 33 +KEY = 833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = dbc1a7b49d57358cc9fa6d61d73b7cf0 + + +COUNT = 34 +KEY = 833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6349d126a37afcba89794f9804914fdc + + +COUNT = 35 +KEY = 833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bf42c3018c2f7c66bfde524975768115 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt index 8b1b3c41..78bdfd40 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-56.txt @@ -126,3 +126,129 @@ KEY = 01020304050607 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = e74b0b9731227fd37c0ec08a47ddd8b8 + +# key 2 +COUNT = 18 +KEY = 1910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bc9222dbd3274d8fc66d14ccbda6690b + + +COUNT = 19 +KEY = 1910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 7ae627410c9a2be693df5bb7485a63e3 + + +COUNT = 20 +KEY = 1910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3f0931aa03defb300f060103826f2a64 + + +COUNT = 21 +KEY = 1910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = beaa9ec8d59bb68129f3027c96361181 + + +COUNT = 22 +KEY = 1910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 74e04db46d28648d7dee8a0064b06cfe + + +COUNT = 23 +KEY = 1910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 9b5e81c62fe023c55be42f87bbf932b8 + + +COUNT = 24 +KEY = 1910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ce178fc1826efecbc182f57999a46140 + + +COUNT = 25 +KEY = 1910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8bdf55cd55061c06dba6be11de4a578a + + +COUNT = 26 +KEY = 1910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 626f5f4dce652501f3087d39c92cc349 + + +COUNT = 27 +KEY = 1910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 42daac6a8f9ab9a7fd137c6037825682 + + +COUNT = 28 +KEY = 1910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = cc03fdb79192a207312f53f5d4dc33d9 + + +COUNT = 29 +KEY = 1910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f70f14122a1c98a3155d28b8a0a8a41d + + +COUNT = 30 +KEY = 1910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 2a3a307ab2708a9c00fe0b42f9c2d6a1 + + +COUNT = 31 +KEY = 1910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 862617627d2261eab0b1246597ca0ae9 + + +COUNT = 32 +KEY = 1910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 55f877ce4f2e1ddbbf8e13e2cde0fdc8 + + +COUNT = 33 +KEY = 1910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 1b1556cb935f173337705fbb5d501fc1 + + +COUNT = 34 +KEY = 1910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ecd0e96602be7f8d5092816cccf2c2e9 + + +COUNT = 35 +KEY = 1910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 027881fab4993a1c262024a94fff3f61 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt index b3a9fdb0..dca652ef 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-64.txt @@ -126,3 +126,129 @@ KEY = 0102030405060708 OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = 3fb46e2c8f0f068edce8cdcd7dfc5862 + +# key 2 +COUNT = 18 +KEY = 641910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bbf609de9413172d07660cb680716926 + + +COUNT = 19 +KEY = 641910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 46101a6dab43115d6c522b4fe93604a9 + + +COUNT = 20 +KEY = 641910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = cbe1fff21c96f3eef61e8fe0542cbdf0 + + +COUNT = 21 +KEY = 641910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 347938bffa4009c512cfb4034b0dd1a7 + + +COUNT = 22 +KEY = 641910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 7867a786d00a7147904d76ddf1e520e3 + + +COUNT = 23 +KEY = 641910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8d3e9e1caefcccb3fbf8d18f64120b32 + + +COUNT = 24 +KEY = 641910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 942337f8fd76f0fae8c52d7954810672 + + +COUNT = 25 +KEY = 641910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b8548c10f51667f6e60e182fa19b30f7 + + +COUNT = 26 +KEY = 641910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 0211c7c6190c9efd1237c34c8f2e06c4 + + +COUNT = 27 +KEY = 641910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bda64f65276d2aacb8f90212203a808e + + +COUNT = 28 +KEY = 641910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bd3820f732ffb53ec193e79d33e27c73 + + +COUNT = 29 +KEY = 641910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = d0168616861907d482e36cdac8cf5749 + + +COUNT = 30 +KEY = 641910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 97b0f0f224b2d2317114808fb03af7a0 + + +COUNT = 31 +KEY = 641910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = e59616e469787939a063ceea9af956d1 + + +COUNT = 32 +KEY = 641910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = c47e0dc1660919c11101208f9e69aa1f + + +COUNT = 33 +KEY = 641910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5ae4f12896b8379a2aad89b5b553d6b0 + + +COUNT = 34 +KEY = 641910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 6b6b098d0c293bc2993d80bf0518b6d9 + + +COUNT = 35 +KEY = 641910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8170cc3ccd92a698621b939dd38fe7b9 diff --git a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt index d5e51ec9..18a9efe4 100644 --- a/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt +++ b/tests/hazmat/primitives/vectors/ciphers/ARC4/rfc-6229-80.txt @@ -126,3 +126,129 @@ KEY = 0102030405060708090a OFFSET = 4096 PLAINTEXT = 00000000000000000000000000000000 CIPHERTEXT = 08b6be45124a43e2eb77953f84dc8553 + +# key 2 +COUNT = 18 +KEY = 8b37641910833222772a +OFFSET = 0 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = ab65c26eddb287600db2fda10d1e605c + + +COUNT = 19 +KEY = 8b37641910833222772a +OFFSET = 16 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bb759010c29658f2c72d93a2d16d2930 + + +COUNT = 20 +KEY = 8b37641910833222772a +OFFSET = 240 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = b901e8036ed1c383cd3c4c4dd0a6ab05 + + +COUNT = 21 +KEY = 8b37641910833222772a +OFFSET = 256 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3d25ce4922924c55f064943353d78a6c + + +COUNT = 22 +KEY = 8b37641910833222772a +OFFSET = 496 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 12c1aa44bbf87e75e611f69b2c38f49b + + +COUNT = 23 +KEY = 8b37641910833222772a +OFFSET = 512 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 28f2b3434b65c09877470044c6ea170d + + +COUNT = 24 +KEY = 8b37641910833222772a +OFFSET = 752 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = bd9ef822de5288196134cf8af7839304 + + +COUNT = 25 +KEY = 8b37641910833222772a +OFFSET = 768 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 67559c23f052158470a296f725735a32 + + +COUNT = 26 +KEY = 8b37641910833222772a +OFFSET = 1008 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 8bab26fbc2c12b0f13e2ab185eabf241 + + +COUNT = 27 +KEY = 8b37641910833222772a +OFFSET = 1024 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 31185a6d696f0cfa9b42808b38e132a2 + + +COUNT = 28 +KEY = 8b37641910833222772a +OFFSET = 1520 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 564d3dae183c5234c8af1e51061c44b5 + + +COUNT = 29 +KEY = 8b37641910833222772a +OFFSET = 1536 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 3c0778a7b5f72d3c23a3135c7d67b9f4 + + +COUNT = 30 +KEY = 8b37641910833222772a +OFFSET = 2032 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = f34369890fcf16fb517dcaae4463b2dd + + +COUNT = 31 +KEY = 8b37641910833222772a +OFFSET = 2048 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 02f31c81e8200731b899b028e791bfa7 + + +COUNT = 32 +KEY = 8b37641910833222772a +OFFSET = 3056 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 72da646283228c14300853701795616f + + +COUNT = 33 +KEY = 8b37641910833222772a +OFFSET = 3072 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 4e0a8c6f7934a788e2265e81d6d0c8f4 + + +COUNT = 34 +KEY = 8b37641910833222772a +OFFSET = 4080 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 438dd5eafea0111b6f36b4b938da2a68 + + +COUNT = 35 +KEY = 8b37641910833222772a +OFFSET = 4096 +PLAINTEXT = 00000000000000000000000000000000 +CIPHERTEXT = 5f6bfc73815874d97100f086979357d8 -- cgit v1.2.3 From f1a3fc03dc7cecc7658620f342dfd7cf6bb98ba0 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 2 Nov 2013 14:03:34 -0700 Subject: Document and implement the public API for when the backend doesn't support the requested algorithm --- cryptography/exceptions.py | 15 +++++++++++++++ cryptography/hazmat/bindings/openssl/backend.py | 10 +++++++--- docs/exceptions.rst | 9 +++++++++ docs/hazmat/primitives/symmetric-encryption.rst | 9 +++++++++ docs/index.rst | 1 + tests/hazmat/primitives/test_block.py | 11 +++++++++++ 6 files changed, 52 insertions(+), 3 deletions(-) create mode 100644 cryptography/exceptions.py create mode 100644 docs/exceptions.rst diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py new file mode 100644 index 00000000..1821ceb7 --- /dev/null +++ b/cryptography/exceptions.py @@ -0,0 +1,15 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +class NoSuchAlgorithm(Exception): + pass diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index fc73dd39..ce8c6a55 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -18,6 +18,7 @@ import sys import cffi +from cryptography.exceptions import NoSuchAlgorithm from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.block.ciphers import ( AES, Blowfish, Camellia, CAST5, TripleDES, @@ -128,9 +129,12 @@ class _CipherContext(object): ctx = self._backend.ffi.gc(ctx, self._backend.lib.EVP_CIPHER_CTX_free) registry = self._backend.ciphers._cipher_registry - evp_cipher = registry[type(cipher), type(mode)]( - self._backend, cipher, mode - ) + try: + adapter = registry[type(cipher), type(mode)] + except KeyError: + raise NoSuchAlgorithm + + evp_cipher = adapter(self._backend, cipher, mode) assert evp_cipher != self._backend.ffi.NULL if isinstance(mode, interfaces.ModeWithInitializationVector): iv_nonce = mode.initialization_vector diff --git a/docs/exceptions.rst b/docs/exceptions.rst new file mode 100644 index 00000000..b391e620 --- /dev/null +++ b/docs/exceptions.rst @@ -0,0 +1,9 @@ +Exceptions +========== + +.. currentmodule:: cryptography.exceptions + +.. class:: NoSuchAlgorithm + + This is raised when a backend doesn't support the requested algorithm (or + combination of algorithms). diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index b8b1c839..48bad928 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -42,12 +42,21 @@ where the encrypter and decrypter both use the same key. :class:`~cryptography.hazmat.primitives.interfaces.CipherContext` provider. + If the backend doesn't support the requested combination of ``cipher`` + and ``mode`` a :class:`cryptography.exceptions.NoSuchAlgorithm` will + be raised. + .. method:: decryptor() :return: A decrypting :class:`~cryptography.hazmat.primitives.interfaces.CipherContext` provider. + If the backend doesn't support the requested combination of ``cipher`` + and ``mode`` a :class:`cryptography.exceptions.NoSuchAlgorithm` will + be raised. + + .. currentmodule:: cryptography.hazmat.primitives.interfaces .. class:: CipherContext diff --git a/docs/index.rst b/docs/index.rst index 4fd5d3be..eb30b5dd 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -31,6 +31,7 @@ Contents :maxdepth: 2 architecture + exceptions contributing security community diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index e0ed6697..2c0be1b5 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -17,6 +17,7 @@ import binascii import pytest +from cryptography.exceptions import NoSuchAlgorithm from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes @@ -84,3 +85,13 @@ class TestBlockCipherContext(object): assert len(pt) == 80 assert pt == b"a" * 80 decryptor.finalize() + + def test_nonexistant_cipher(self, backend): + cipher = BlockCipher( + object(), object(), backend + ) + with pytest.raises(NoSuchAlgorithm): + cipher.encryptor() + + with pytest.raises(NoSuchAlgorithm): + cipher.decryptor() -- cgit v1.2.3 From 738ac5a8e986dbba472232711be7fae804a01576 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 2 Nov 2013 14:10:38 -0700 Subject: pep8 --- cryptography/exceptions.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py index 1821ceb7..f0a7baf2 100644 --- a/cryptography/exceptions.py +++ b/cryptography/exceptions.py @@ -11,5 +11,6 @@ # See the License for the specific language governing permissions and # limitations under the License. + class NoSuchAlgorithm(Exception): pass -- cgit v1.2.3 From 3949f1171084c2e1cfe43f638857ea0e0f8f246d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 2 Nov 2013 16:57:10 -0700 Subject: Changed excpetion name based on feedback from dreid --- cryptography/exceptions.py | 2 +- cryptography/hazmat/bindings/openssl/backend.py | 4 ++-- docs/exceptions.rst | 2 +- docs/hazmat/primitives/symmetric-encryption.rst | 8 ++++---- tests/hazmat/primitives/test_block.py | 6 +++--- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py index f0a7baf2..391bed82 100644 --- a/cryptography/exceptions.py +++ b/cryptography/exceptions.py @@ -12,5 +12,5 @@ # limitations under the License. -class NoSuchAlgorithm(Exception): +class UnsupportedAlgorithm(Exception): pass diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index ce8c6a55..32adfed9 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -18,7 +18,7 @@ import sys import cffi -from cryptography.exceptions import NoSuchAlgorithm +from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.block.ciphers import ( AES, Blowfish, Camellia, CAST5, TripleDES, @@ -132,7 +132,7 @@ class _CipherContext(object): try: adapter = registry[type(cipher), type(mode)] except KeyError: - raise NoSuchAlgorithm + raise UnsupportedAlgorithm evp_cipher = adapter(self._backend, cipher, mode) assert evp_cipher != self._backend.ffi.NULL diff --git a/docs/exceptions.rst b/docs/exceptions.rst index b391e620..6ac11b3c 100644 --- a/docs/exceptions.rst +++ b/docs/exceptions.rst @@ -3,7 +3,7 @@ Exceptions .. currentmodule:: cryptography.exceptions -.. class:: NoSuchAlgorithm +.. class:: UnsupportedAlgorithm This is raised when a backend doesn't support the requested algorithm (or combination of algorithms). diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 48bad928..c1c8d247 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -43,8 +43,8 @@ where the encrypter and decrypter both use the same key. provider. If the backend doesn't support the requested combination of ``cipher`` - and ``mode`` a :class:`cryptography.exceptions.NoSuchAlgorithm` will - be raised. + and ``mode`` an :class:`cryptography.exceptions.UnsupportedAlgorithm` + will be raised. .. method:: decryptor() @@ -53,8 +53,8 @@ where the encrypter and decrypter both use the same key. provider. If the backend doesn't support the requested combination of ``cipher`` - and ``mode`` a :class:`cryptography.exceptions.NoSuchAlgorithm` will - be raised. + and ``mode`` an :class:`cryptography.exceptions.UnsupportedAlgorithm` + will be raised. .. currentmodule:: cryptography.hazmat.primitives.interfaces diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index 2c0be1b5..dd9c54c9 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -17,7 +17,7 @@ import binascii import pytest -from cryptography.exceptions import NoSuchAlgorithm +from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes @@ -90,8 +90,8 @@ class TestBlockCipherContext(object): cipher = BlockCipher( object(), object(), backend ) - with pytest.raises(NoSuchAlgorithm): + with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() - with pytest.raises(NoSuchAlgorithm): + with pytest.raises(UnsupportedAlgorithm): cipher.decryptor() -- cgit v1.2.3 From 0857c3f03e2784cac9e2a35f5579e9c4c8dc824a Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 11:29:15 -0800 Subject: Replaced an assertion in the OpenSSL backend with a proper exception --- cryptography/hazmat/bindings/openssl/backend.py | 4 +++- tests/hazmat/bindings/test_openssl.py | 22 +++++++++++++++++++--- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 32adfed9..b610caa2 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -135,7 +135,9 @@ class _CipherContext(object): raise UnsupportedAlgorithm evp_cipher = adapter(self._backend, cipher, mode) - assert evp_cipher != self._backend.ffi.NULL + if evp_cipher == self._backend.ffi.NULL: + raise UnsupportedAlgorithm + if isinstance(mode, interfaces.ModeWithInitializationVector): iv_nonce = mode.initialization_vector elif isinstance(mode, interfaces.ModeWithNonce): diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 9ce882e4..fcd54ddd 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -11,11 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. +import binascii + import pytest -from cryptography.hazmat.bindings.openssl.backend import backend -from cryptography.hazmat.primitives.block.ciphers import AES -from cryptography.hazmat.primitives.block.modes import CBC +from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.hazmat.bindings.openssl.backend import backend, Backend +from cryptography.hazmat.primitives.block import BlockCipher +from cryptography.hazmat.primitives.block.ciphers import AES, TripleDES +from cryptography.hazmat.primitives.block.modes import CBC, ECB class TestOpenSSL(object): @@ -39,3 +43,15 @@ class TestOpenSSL(object): def test_register_duplicate_cipher_adapter(self): with pytest.raises(ValueError): backend.ciphers.register_cipher_adapter(AES, CBC, None) + + def test_nonexistant_cipher(self): + b = Backend() + # TODO: this test assumes that 3DES-ECB doesn't exist + b.ciphers.register_cipher_adapter( + TripleDES, ECB, lambda backend, cipher, mode: backend.ffi.NULL + ) + cipher = BlockCipher( + TripleDES(binascii.unhexlify(b"0" * 16)), ECB(), backend=b + ) + with pytest.raises(UnsupportedAlgorithm): + cipher.encryptor() -- cgit v1.2.3 From 8c9dcb38167938068fe7b662dc403dd03a8a7ef8 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 13:10:57 -0800 Subject: Began writing a glossary --- docs/glossary.rst | 29 +++++++++++++++++++++++++++++ docs/index.rst | 1 + 2 files changed, 30 insertions(+) create mode 100644 docs/glossary.rst diff --git a/docs/glossary.rst b/docs/glossary.rst new file mode 100644 index 00000000..b80b4b2b --- /dev/null +++ b/docs/glossary.rst @@ -0,0 +1,29 @@ +Glossary +======== + +.. glossary:: + + plaintext + User-readable data you care about. + + ciphertext + The encoded data, it's not user readable. Potential attackers are able + to see this. + + encryption + The process of converting plaintext to ciphertext. + + decryption + The process of converting ciphertext to plaintext. + + key + Secret data is encoded with a function using this key. Sometimes + multiple keys are used. + + symmetric cryptography + Cryptographic operations where encryption and decryption use the same + key. + + asymmetric cryptography + Cryptographic operations where encryption and decryption use different + keys. There are seperate encryption and decryption keys. diff --git a/docs/index.rst b/docs/index.rst index eb30b5dd..1b88e24e 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -32,6 +32,7 @@ Contents architecture exceptions + glossary contributing security community -- cgit v1.2.3 From a0516bf23ceb6c02dbc56aa8c39b8df0cf01119e Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 13:20:41 -0800 Subject: Get real scary --- docs/glossary.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/glossary.rst b/docs/glossary.rst index b80b4b2b..e4fc8283 100644 --- a/docs/glossary.rst +++ b/docs/glossary.rst @@ -18,7 +18,8 @@ Glossary key Secret data is encoded with a function using this key. Sometimes - multiple keys are used. + multiple keys are used. These **must** be kept secret, if a key is + exposed to an attacker, any data encrypted with it will be exposed. symmetric cryptography Cryptographic operations where encryption and decryption use the same -- cgit v1.2.3 From 5151d8dc047b1e97f6262b0495471aaa8e41db71 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 14:58:37 -0800 Subject: Document the way we strive to interact with otehrs --- docs/community.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/community.rst b/docs/community.rst index 552318da..bf1cd1c7 100644 --- a/docs/community.rst +++ b/docs/community.rst @@ -9,7 +9,12 @@ You can find ``cryptography`` all over the web: * `Documentation`_ * IRC: ``#cryptography-dev`` on ``irc.freenode.net`` +Wherever we interact, we strive to follow the `Python Community Code of +Conduct`_. + + .. _`Mailing list`: https://mail.python.org/mailman/listinfo/cryptography-dev .. _`Source code`: https://github.com/pyca/cryptography .. _`Issue tracker`: https://github.com/pyca/cryptography/issues .. _`Documentation`: https://cryptography.io/ +.. _`Python Community Code of Conduct`: http://www.python.org/psf/codeofconduct/ -- cgit v1.2.3 From 7e262a6d730f45d40645323c8462b4c480fe7319 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 19:35:44 -0800 Subject: typo fix --- tests/hazmat/bindings/test_openssl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index fcd54ddd..af9be353 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -44,7 +44,7 @@ class TestOpenSSL(object): with pytest.raises(ValueError): backend.ciphers.register_cipher_adapter(AES, CBC, None) - def test_nonexistant_cipher(self): + def test_nonexistent_cipher(self): b = Backend() # TODO: this test assumes that 3DES-ECB doesn't exist b.ciphers.register_cipher_adapter( -- cgit v1.2.3 From 58ecc8d434078e21deaa2a18312b06d876956b56 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 3 Nov 2013 21:21:00 -0800 Subject: Refer to the RFC in the HMAC docs --- docs/hazmat/primitives/hmac.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/hazmat/primitives/hmac.rst b/docs/hazmat/primitives/hmac.rst index 301d72d5..bd1a4934 100644 --- a/docs/hazmat/primitives/hmac.rst +++ b/docs/hazmat/primitives/hmac.rst @@ -23,6 +23,8 @@ message. equal in length to the ``digest_size`` of the hash function chosen. You must keep the ``key`` secret. + This is an implementation of :rfc:`2104`. + .. doctest:: >>> from cryptography.hazmat.primitives import hashes, hmac -- cgit v1.2.3 From f986fe062be59a34707db7b15eda130ce16366db Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 09:50:21 -0800 Subject: This is now the default theme on RTD --- docs/conf.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index 8e0fc7be..7f4c24b3 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -253,6 +253,3 @@ texinfo_documents = [ # Example configuration for intersphinx: refer to the Python standard library. intersphinx_mapping = {'http://docs.python.org/': None} - -# Enable the new ReadTheDocs theme -RTD_NEW_THEME = True -- cgit v1.2.3 From b477cf287fcd4082594cb2d38623a9beaa822c7b Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 10:17:42 -0800 Subject: Moved the cffi attributes on the OpenSSL backend to be class attributes, so they're shared between all isntances --- cryptography/hazmat/bindings/openssl/backend.py | 36 ++++++++++++++++--------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 32adfed9..7367818a 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -55,17 +55,31 @@ class Backend(object): "x509v3", ] + ffi = None + lib = None + def __init__(self): - self.ffi = cffi.FFI() + self._ensure_ffi_initialized() + + self.ciphers = Ciphers(self) + self.hashes = Hashes(self) + self.hmacs = HMACs(self) + + @classmethod + def _ensure_ffi_initialized(cls): + if cls.ffi is not None and cls.lib is not None: + return + + ffi = cffi.FFI() includes = [] functions = [] macros = [] - for name in self._modules: + for name in cls._modules: module_name = "cryptography.hazmat.bindings.openssl." + name __import__(module_name) module = sys.modules[module_name] - self.ffi.cdef(module.TYPES) + ffi.cdef(module.TYPES) macros.append(module.MACROS) functions.append(module.FUNCTIONS) @@ -75,9 +89,9 @@ class Backend(object): # so we can set interdependent types in different files and still # have them all defined before we parse the funcs & macros for func in functions: - self.ffi.cdef(func) + ffi.cdef(func) for macro in macros: - self.ffi.cdef(macro) + ffi.cdef(macro) # We include functions here so that if we got any of their definitions # wrong, the underlying C compiler will explode. In C you are allowed @@ -87,17 +101,15 @@ class Backend(object): # is legal, but the following will fail to compile: # int foo(int); # int foo(short); - self.lib = self.ffi.verify( + lib = ffi.verify( source="\n".join(includes + functions), libraries=["crypto", "ssl"], ) - self.lib.OpenSSL_add_all_algorithms() - self.lib.SSL_load_error_strings() - - self.ciphers = Ciphers(self) - self.hashes = Hashes(self) - self.hmacs = HMACs(self) + cls.ffi = ffi + cls.lib = lib + cls.lib.OpenSSL_add_all_algorithms() + cls.lib.SSL_load_error_strings() def openssl_version_text(self): """ -- cgit v1.2.3 From 61570d03318c9daa7f8c2700fb0bc869119fd685 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 10:30:28 -0800 Subject: pep8 fix --- docs/conf.py | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/conf.py b/docs/conf.py index 7f4c24b3..69be32e9 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -252,4 +252,3 @@ texinfo_documents = [ # Example configuration for intersphinx: refer to the Python standard library. intersphinx_mapping = {'http://docs.python.org/': None} - -- cgit v1.2.3 From 3e252c601592245590e015558a4c082f11ea40cd Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 10:32:21 -0800 Subject: coverage --- tests/hazmat/bindings/test_openssl.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 9ce882e4..d47ae919 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -13,7 +13,7 @@ import pytest -from cryptography.hazmat.bindings.openssl.backend import backend +from cryptography.hazmat.bindings.openssl.backend import backend, Backend from cryptography.hazmat.primitives.block.ciphers import AES from cryptography.hazmat.primitives.block.modes import CBC @@ -39,3 +39,6 @@ class TestOpenSSL(object): def test_register_duplicate_cipher_adapter(self): with pytest.raises(ValueError): backend.ciphers.register_cipher_adapter(AES, CBC, None) + + def test_instantiates(self): + Backend() -- cgit v1.2.3 From b2fc8ac5a367dbedc8d3bbd57dd16deb67b08d01 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 14:02:04 -0800 Subject: Rewrite this test to be good --- tests/hazmat/bindings/test_openssl.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index d47ae919..fb01c10a 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -40,5 +40,7 @@ class TestOpenSSL(object): with pytest.raises(ValueError): backend.ciphers.register_cipher_adapter(AES, CBC, None) - def test_instantiates(self): - Backend() + def test_instances_share_ffi(self): + b = Backend() + assert b.ffi is backend.ffi + assert b.lib is backend.lib -- cgit v1.2.3 From 85be46d74706a46b6407685610066506d23a49e8 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 19:23:17 -0800 Subject: Replace assumption with some fakes --- tests/hazmat/bindings/test_openssl.py | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 3523fa4e..4e8dfa58 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -11,15 +11,21 @@ # See the License for the specific language governing permissions and # limitations under the License. -import binascii - import pytest from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.bindings.openssl.backend import backend, Backend from cryptography.hazmat.primitives.block import BlockCipher -from cryptography.hazmat.primitives.block.ciphers import AES, TripleDES -from cryptography.hazmat.primitives.block.modes import CBC, ECB +from cryptography.hazmat.primitives.block.ciphers import AES +from cryptography.hazmat.primitives.block.modes import CBC + + +class FakeMode(object): + pass + + +class FakeCipher(object): + pass class TestOpenSSL(object): @@ -51,12 +57,11 @@ class TestOpenSSL(object): def test_nonexistent_cipher(self): b = Backend() - # TODO: this test assumes that 3DES-ECB doesn't exist b.ciphers.register_cipher_adapter( - TripleDES, ECB, lambda backend, cipher, mode: backend.ffi.NULL + FakeCipher, FakeMode, lambda backend, cipher, mode: backend.ffi.NULL ) cipher = BlockCipher( - TripleDES(binascii.unhexlify(b"0" * 16)), ECB(), backend=b + FakeCipher(), FakeMode(), backend=b, ) with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() -- cgit v1.2.3 From 86f98a051c9298020ac1d6cdb06ceb513699c7fa Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 4 Nov 2013 19:30:20 -0800 Subject: 79 cols --- tests/hazmat/bindings/test_openssl.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 4e8dfa58..f283a7dd 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -58,7 +58,9 @@ class TestOpenSSL(object): def test_nonexistent_cipher(self): b = Backend() b.ciphers.register_cipher_adapter( - FakeCipher, FakeMode, lambda backend, cipher, mode: backend.ffi.NULL + FakeCipher, + FakeMode, + lambda backend, cipher, mode: backend.ffi.NULL ) cipher = BlockCipher( FakeCipher(), FakeMode(), backend=b, -- cgit v1.2.3 From 8e5d79746c59cace79b68b4b47a298a3b85e31f9 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 13:15:18 -0800 Subject: First crack at building w/ openssl 0.9.8 on travis. --- .travis.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.travis.yml b/.travis.yml index cf6ecefa..136ddb65 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,11 +11,23 @@ env: - TOX_ENV=py32 CC=clang - TOX_ENV=py33 CC=clang - TOX_ENV=pypy CC=clang + - TOX_ENV=py26 OPENSSL=0.9.8 + - TOX_ENV=py27 OPENSSL=0.9.8 + - TOX_ENV=py32 OPENSSL=0.9.8 + - TOX_ENV=py33 OPENSSL=0.9.8 + - TOX_ENV=pypy OPENSSL=0.9.8 + - TOX_ENV=py26 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py27 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py32 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py33 CC=clang OPENSSL=0.9.8 + - TOX_ENV=pypy CC=clang OPENSSL=0.9.8 - TOX_ENV=docs - TOX_ENV=pep8 - TOX_ENV=py3pep8 install: + - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu lucid main\" || true" + - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y update && sudo apt-get -y install libssl-dev/lucid || true" - "[[ ${TOX_ENV} == pypy ]] && sudo add-apt-repository -y ppa:pypy/ppa || true" - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y update && sudo apt-get -y install pypy || true" # This is required because we need to get rid of the Travis installed PyPy -- cgit v1.2.3 From 940f25a1e1a5365f7af48b4f3f266e2155640806 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 13:44:39 -0800 Subject: Extra yes and check for expected openssl version. --- .travis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 136ddb65..547d2b58 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,7 +27,7 @@ env: install: - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu lucid main\" || true" - - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y update && sudo apt-get -y install libssl-dev/lucid || true" + - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y update && sudo apt-get -y --force-yes install libssl-dev/lucid || true" - "[[ ${TOX_ENV} == pypy ]] && sudo add-apt-repository -y ppa:pypy/ppa || true" - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y update && sudo apt-get -y install pypy || true" # This is required because we need to get rid of the Travis installed PyPy @@ -36,6 +36,7 @@ install: - pip install tox script: + - "[[ ${OPENSSL} != "" ]] && openssl version | grep ${OPENSSL}" - tox -e $TOX_ENV notifications: -- cgit v1.2.3 From d43116e8d1fb8a22a25fa67a5983c421b84dcb8c Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 13:46:03 -0800 Subject: String correctly. --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 547d2b58..3cb27a9b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -36,7 +36,9 @@ install: - pip install tox script: - - "[[ ${OPENSSL} != "" ]] && openssl version | grep ${OPENSSL}" + # Make sure that if we installed an OPENSSL version then we got that + # version installed. + - "[[ ${OPENSSL} != \"\" ]] && openssl version | grep ${OPENSSL}" - tox -e $TOX_ENV notifications: -- cgit v1.2.3 From 745c5ecbaa4fdeacba75e17d5e8baf7915762f22 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 14:04:28 -0800 Subject: This check didn't work correctly because libssl-dev doesn't install the userland tools. --- .travis.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 3cb27a9b..38da4624 100644 --- a/.travis.yml +++ b/.travis.yml @@ -36,9 +36,6 @@ install: - pip install tox script: - # Make sure that if we installed an OPENSSL version then we got that - # version installed. - - "[[ ${OPENSSL} != \"\" ]] && openssl version | grep ${OPENSSL}" - tox -e $TOX_ENV notifications: -- cgit v1.2.3 From e4fd1726b49a439fcffbaea99950784d1d1a020e Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 14:19:17 -0800 Subject: Allow failures. --- .travis.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.travis.yml b/.travis.yml index 38da4624..97f11e3d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,19 @@ env: - TOX_ENV=pep8 - TOX_ENV=py3pep8 +matrix: + allow_failures: + - TOX_ENV=py26 OPENSSL=0.9.8 + - TOX_ENV=py27 OPENSSL=0.9.8 + - TOX_ENV=py32 OPENSSL=0.9.8 + - TOX_ENV=py33 OPENSSL=0.9.8 + - TOX_ENV=pypy OPENSSL=0.9.8 + - TOX_ENV=py26 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py27 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py32 CC=clang OPENSSL=0.9.8 + - TOX_ENV=py33 CC=clang OPENSSL=0.9.8 + - TOX_ENV=pypy CC=clang OPENSSL=0.9.8 + install: - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu lucid main\" || true" - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y update && sudo apt-get -y --force-yes install libssl-dev/lucid || true" -- cgit v1.2.3 From 9d60716d7b716d313549f8e255001603d1b64986 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 5 Nov 2013 14:30:36 -0800 Subject: Fix allow failures and only update once. --- .travis.yml | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/.travis.yml b/.travis.yml index 97f11e3d..a7b13e7f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -27,22 +27,23 @@ env: matrix: allow_failures: - - TOX_ENV=py26 OPENSSL=0.9.8 - - TOX_ENV=py27 OPENSSL=0.9.8 - - TOX_ENV=py32 OPENSSL=0.9.8 - - TOX_ENV=py33 OPENSSL=0.9.8 - - TOX_ENV=pypy OPENSSL=0.9.8 - - TOX_ENV=py26 CC=clang OPENSSL=0.9.8 - - TOX_ENV=py27 CC=clang OPENSSL=0.9.8 - - TOX_ENV=py32 CC=clang OPENSSL=0.9.8 - - TOX_ENV=py33 CC=clang OPENSSL=0.9.8 - - TOX_ENV=pypy CC=clang OPENSSL=0.9.8 + - env: TOX_ENV=py26 OPENSSL=0.9.8 + - env: TOX_ENV=py27 OPENSSL=0.9.8 + - env: TOX_ENV=py32 OPENSSL=0.9.8 + - env: TOX_ENV=py33 OPENSSL=0.9.8 + - env: TOX_ENV=pypy OPENSSL=0.9.8 + - env: TOX_ENV=py26 CC=clang OPENSSL=0.9.8 + - env: TOX_ENV=py27 CC=clang OPENSSL=0.9.8 + - env: TOX_ENV=py32 CC=clang OPENSSL=0.9.8 + - env: TOX_ENV=py33 CC=clang OPENSSL=0.9.8 + - env: TOX_ENV=pypy CC=clang OPENSSL=0.9.8 install: - - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu lucid main\" || true" - - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y update && sudo apt-get -y --force-yes install libssl-dev/lucid || true" - - "[[ ${TOX_ENV} == pypy ]] && sudo add-apt-repository -y ppa:pypy/ppa || true" - - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y update && sudo apt-get -y install pypy || true" + - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" + - sudo add-apt-repository -y ppa:pypy/ppa + - sudo apt-get -y update || true + - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y --force-yes install libssl-dev/lucid || true" + - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y install pypy || true" # This is required because we need to get rid of the Travis installed PyPy # or it'll take precedence over the PPA installed one. - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin || true" -- cgit v1.2.3 From 9d1c2ea124dd258df616279f860e74821871033a Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 15:30:44 -0800 Subject: Initial stab at fixing the first broken function --- cryptography/hazmat/bindings/openssl/asn1.py | 3 +++ cryptography/hazmat/bindings/openssl/backend.py | 4 +++- cryptography/hazmat/bindings/openssl/bignum.py | 3 +++ cryptography/hazmat/bindings/openssl/bio.py | 3 +++ cryptography/hazmat/bindings/openssl/conf.py | 3 +++ cryptography/hazmat/bindings/openssl/crypto.py | 3 +++ cryptography/hazmat/bindings/openssl/dh.py | 3 +++ cryptography/hazmat/bindings/openssl/dsa.py | 3 +++ cryptography/hazmat/bindings/openssl/engine.py | 3 +++ cryptography/hazmat/bindings/openssl/err.py | 3 +++ cryptography/hazmat/bindings/openssl/evp.py | 3 +++ cryptography/hazmat/bindings/openssl/hmac.py | 15 ++++++++++++++- cryptography/hazmat/bindings/openssl/nid.py | 9 +++++++-- cryptography/hazmat/bindings/openssl/opensslv.py | 3 +++ cryptography/hazmat/bindings/openssl/pem.py | 6 +++++- cryptography/hazmat/bindings/openssl/pkcs12.py | 3 +++ cryptography/hazmat/bindings/openssl/pkcs7.py | 3 +++ cryptography/hazmat/bindings/openssl/rand.py | 3 +++ cryptography/hazmat/bindings/openssl/rsa.py | 3 +++ cryptography/hazmat/bindings/openssl/ssl.py | 3 +++ cryptography/hazmat/bindings/openssl/x509.py | 3 +++ cryptography/hazmat/bindings/openssl/x509name.py | 3 +++ cryptography/hazmat/bindings/openssl/x509v3.py | 3 +++ 23 files changed, 86 insertions(+), 5 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/asn1.py b/cryptography/hazmat/bindings/openssl/asn1.py index 5bd72e9a..719a523c 100644 --- a/cryptography/hazmat/bindings/openssl/asn1.py +++ b/cryptography/hazmat/bindings/openssl/asn1.py @@ -119,3 +119,6 @@ long ASN1_INTEGER_get(ASN1_INTEGER *); BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *, BIGNUM *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index ea1073b9..0f3268ac 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -74,6 +74,7 @@ class Backend(object): includes = [] functions = [] macros = [] + customizations = [] for name in cls._modules: module_name = "cryptography.hazmat.bindings.openssl." + name __import__(module_name) @@ -84,6 +85,7 @@ class Backend(object): macros.append(module.MACROS) functions.append(module.FUNCTIONS) includes.append(module.INCLUDES) + customizations.append(module.CUSTOMIZATIONS) # loop over the functions & macros after declaring all the types # so we can set interdependent types in different files and still @@ -102,7 +104,7 @@ class Backend(object): # int foo(int); # int foo(short); lib = ffi.verify( - source="\n".join(includes + functions), + source="\n".join(includes + functions + customizations), libraries=["crypto", "ssl"], ) diff --git a/cryptography/hazmat/bindings/openssl/bignum.py b/cryptography/hazmat/bindings/openssl/bignum.py index 72d467c3..fcfadff1 100644 --- a/cryptography/hazmat/bindings/openssl/bignum.py +++ b/cryptography/hazmat/bindings/openssl/bignum.py @@ -32,3 +32,6 @@ int BN_hex2bn(BIGNUM **, const char *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/bio.py b/cryptography/hazmat/bindings/openssl/bio.py index 88be788f..c23dd0d8 100644 --- a/cryptography/hazmat/bindings/openssl/bio.py +++ b/cryptography/hazmat/bindings/openssl/bio.py @@ -168,3 +168,6 @@ long BIO_set_buffer_read_data(BIO *, void *, long); #define BIO_TYPE_BASE64 ... #define BIO_TYPE_FILTER ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/conf.py b/cryptography/hazmat/bindings/openssl/conf.py index 85c7a210..4846252c 100644 --- a/cryptography/hazmat/bindings/openssl/conf.py +++ b/cryptography/hazmat/bindings/openssl/conf.py @@ -24,3 +24,6 @@ FUNCTIONS = """ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/crypto.py b/cryptography/hazmat/bindings/openssl/crypto.py index 501fb5a1..773d9b14 100644 --- a/cryptography/hazmat/bindings/openssl/crypto.py +++ b/cryptography/hazmat/bindings/openssl/crypto.py @@ -35,3 +35,6 @@ void CRYPTO_malloc_debug_init(); #define CRYPTO_MEM_CHECK_ENABLE ... #define CRYPTO_MEM_CHECK_DISABLE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dh.py b/cryptography/hazmat/bindings/openssl/dh.py index ac130054..b8fbf368 100644 --- a/cryptography/hazmat/bindings/openssl/dh.py +++ b/cryptography/hazmat/bindings/openssl/dh.py @@ -26,3 +26,6 @@ void DH_free(DH *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dsa.py b/cryptography/hazmat/bindings/openssl/dsa.py index 2fa67b87..e6c369a6 100644 --- a/cryptography/hazmat/bindings/openssl/dsa.py +++ b/cryptography/hazmat/bindings/openssl/dsa.py @@ -28,3 +28,6 @@ void DSA_free(DSA *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/engine.py b/cryptography/hazmat/bindings/openssl/engine.py index b3ec3125..b76befce 100644 --- a/cryptography/hazmat/bindings/openssl/engine.py +++ b/cryptography/hazmat/bindings/openssl/engine.py @@ -50,3 +50,6 @@ MACROS = """ #define ENGINE_METHOD_ALL ... #define ENGINE_METHOD_NONE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py index 39ae315c..6a36dee0 100644 --- a/cryptography/hazmat/bindings/openssl/err.py +++ b/cryptography/hazmat/bindings/openssl/err.py @@ -57,3 +57,6 @@ int ERR_GET_FUNC(unsigned long); int ERR_GET_REASON(unsigned long); int ERR_FATAL_ERROR(unsigned long); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/bindings/openssl/evp.py index 4d0fb7fc..1a912496 100644 --- a/cryptography/hazmat/bindings/openssl/evp.py +++ b/cryptography/hazmat/bindings/openssl/evp.py @@ -95,3 +95,6 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *, DSA *); int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index e97ac35e..3aeb1733 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -22,7 +22,8 @@ typedef struct { ...; } HMAC_CTX; FUNCTIONS = """ void HMAC_CTX_init(HMAC_CTX *); void HMAC_CTX_cleanup(HMAC_CTX *); -int HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); + +int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); int HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); int HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); @@ -30,3 +31,15 @@ int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); MACROS = """ """ + +CUSTOMIZATIONS = """ +int Cryptography_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, + const EVP_MD *md, ENGINE *impl) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Init_ex(ctx, key, key_len, md, impl); +#else + HMAC_Init_ex(ctx, key, key_len, md, impl); + return 1; +#endif +} +""" diff --git a/cryptography/hazmat/bindings/openssl/nid.py b/cryptography/hazmat/bindings/openssl/nid.py index 0f5b0003..9816dde4 100644 --- a/cryptography/hazmat/bindings/openssl/nid.py +++ b/cryptography/hazmat/bindings/openssl/nid.py @@ -39,6 +39,11 @@ static const int NID_crl_reason; static const int NID_pbe_WithSHA1And3_Key_TripleDES_CBC; """ -FUNCTIONS = "" +FUNCTIONS = """ +""" + +MACROS = """ +""" -MACROS = "" +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/opensslv.py b/cryptography/hazmat/bindings/openssl/opensslv.py index d1a1b3e6..d463776c 100644 --- a/cryptography/hazmat/bindings/openssl/opensslv.py +++ b/cryptography/hazmat/bindings/openssl/opensslv.py @@ -24,3 +24,6 @@ FUNCTIONS = """ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pem.py b/cryptography/hazmat/bindings/openssl/pem.py index 8c8f736d..00f0dc36 100644 --- a/cryptography/hazmat/bindings/openssl/pem.py +++ b/cryptography/hazmat/bindings/openssl/pem.py @@ -41,4 +41,8 @@ PKCS7 *PEM_read_bio_PKCS7(BIO *, PKCS7 **, pem_password_cb *, void *); DH *PEM_read_bio_DHparams(BIO *, DH **, pem_password_cb *, void *); """ -MACROS = "" +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs12.py b/cryptography/hazmat/bindings/openssl/pkcs12.py index 5c002b93..d91d100f 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs12.py +++ b/cryptography/hazmat/bindings/openssl/pkcs12.py @@ -32,3 +32,6 @@ int PKCS12_parse(PKCS12 *, const char *, EVP_PKEY **, X509 **, PKCS12 *PKCS12_create(char *, char *, EVP_PKEY *, X509 *, struct stack_st_X509 *, int, int, int, int, int); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs7.py b/cryptography/hazmat/bindings/openssl/pkcs7.py index 752bfa00..60ea3c52 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs7.py +++ b/cryptography/hazmat/bindings/openssl/pkcs7.py @@ -32,3 +32,6 @@ int PKCS7_type_is_enveloped(PKCS7 *); int PKCS7_type_is_signedAndEnveloped(PKCS7 *); int PKCS7_type_is_data(PKCS7 *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rand.py b/cryptography/hazmat/bindings/openssl/rand.py index e4f6be23..848ee05a 100644 --- a/cryptography/hazmat/bindings/openssl/rand.py +++ b/cryptography/hazmat/bindings/openssl/rand.py @@ -35,3 +35,6 @@ int RAND_pseudo_bytes(unsigned char *, int); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rsa.py b/cryptography/hazmat/bindings/openssl/rsa.py index c8bf1cc0..21ed5d67 100644 --- a/cryptography/hazmat/bindings/openssl/rsa.py +++ b/cryptography/hazmat/bindings/openssl/rsa.py @@ -29,3 +29,6 @@ int RSA_check_key(const RSA *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index 8aca86e4..58a64f0b 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -24,3 +24,6 @@ void SSL_load_error_strings(); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509.py b/cryptography/hazmat/bindings/openssl/x509.py index 9a51a6d0..b2ee672e 100644 --- a/cryptography/hazmat/bindings/openssl/x509.py +++ b/cryptography/hazmat/bindings/openssl/x509.py @@ -185,3 +185,6 @@ X509_REVOKED *sk_X509_REVOKED_value(struct x509_revoked_st *, int); int X509_CRL_set_lastUpdate(X509_CRL *, const ASN1_TIME *); int X509_CRL_set_nextUpdate(X509_CRL *, const ASN1_TIME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509name.py b/cryptography/hazmat/bindings/openssl/x509name.py index bd7abe2d..896f0ae4 100644 --- a/cryptography/hazmat/bindings/openssl/x509name.py +++ b/cryptography/hazmat/bindings/openssl/x509name.py @@ -46,3 +46,6 @@ int sk_X509_NAME_push(struct stack_st_X509_NAME *, X509_NAME *); X509_NAME *sk_X509_NAME_value(struct stack_st_X509_NAME *, int); void sk_X509_NAME_free(struct stack_st_X509_NAME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509v3.py b/cryptography/hazmat/bindings/openssl/x509v3.py index 413bde5f..bc26236c 100644 --- a/cryptography/hazmat/bindings/openssl/x509v3.py +++ b/cryptography/hazmat/bindings/openssl/x509v3.py @@ -92,3 +92,6 @@ GENERAL_NAME *sk_GENERAL_NAME_value(struct stack_st_GENERAL_NAME *, int); const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *); const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int); """ + +CUSTOMIZATIONS = """ +""" -- cgit v1.2.3 From 44ca536328e0c50263aaec57c89e4ab3dae3b2b3 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 15:31:58 -0800 Subject: Fix --- cryptography/hazmat/bindings/openssl/backend.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 0f3268ac..d844f3fc 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -317,8 +317,9 @@ class HMACs(object): evp_md = self._backend.lib.EVP_get_digestbyname( hash_cls.name.encode('ascii')) assert evp_md != self._backend.ffi.NULL - res = self._backend.lib.HMAC_Init_ex(ctx, key, len(key), evp_md, - self._backend.ffi.NULL) + res = self._backend.lib.Cryptography_HMAC_Init_ex( + ctx, key, len(key), evp_md, self._backend.ffi.NULL + ) assert res != 0 return ctx -- cgit v1.2.3 From 922c3f9a0b9f6ae529c8d12d5fe2fea042a12a03 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 15:37:09 -0800 Subject: Fixed compatibility for hmac --- cryptography/hazmat/bindings/openssl/backend.py | 2 +- cryptography/hazmat/bindings/openssl/hmac.py | 25 +++++++++++++++++++++++-- 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index d844f3fc..e70adca5 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -324,7 +324,7 @@ class HMACs(object): return ctx def update_ctx(self, ctx, data): - res = self._backend.lib.HMAC_Update(ctx, data, len(data)) + res = self._backend.lib.Cryptography_HMAC_Update(ctx, data, len(data)) assert res != 0 def finalize_ctx(self, ctx, digest_size): diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index 3aeb1733..d5a5b7b1 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -24,8 +24,8 @@ void HMAC_CTX_init(HMAC_CTX *); void HMAC_CTX_cleanup(HMAC_CTX *); int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); -int HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); -int HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); +int Cryptography_HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); +int Cryptography_HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); """ @@ -42,4 +42,25 @@ int Cryptography_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, return 1; #endif } + +int Cryptography_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, + size_t data_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Update(ctx, data, data_len); +#else + HMAC_Update(ctx, data, data_len); + return 1; +#endif +} + +int Cryptography_HMAC_Final(HMAC_CTX *ctx, unsigned char *digest, + unsigned int *digest_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Final(ctx, digest, digest_len); +#else + HMAC_Final(ctx, digest, digest_len); + return 1; +#endif +} + """ -- cgit v1.2.3 From 0eb019b10a82aaa7118064ba0d02ca51a002974a Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 15:37:38 -0800 Subject: Belongs to last commit --- cryptography/hazmat/bindings/openssl/backend.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index e70adca5..897697e6 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -330,7 +330,7 @@ class HMACs(object): def finalize_ctx(self, ctx, digest_size): buf = self._backend.ffi.new("unsigned char[]", digest_size) buflen = self._backend.ffi.new("unsigned int *", digest_size) - res = self._backend.lib.HMAC_Final(ctx, buf, buflen) + res = self._backend.lib.Cryptography_HMAC_Final(ctx, buf, buflen) assert res != 0 self._backend.lib.HMAC_CTX_cleanup(ctx) return self._backend.ffi.buffer(buf)[:digest_size] -- cgit v1.2.3 From b822c27265b28b1e228abd3c1a8830b2d165ed71 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 15:41:27 -0800 Subject: Handle GCM not beign around --- cryptography/hazmat/bindings/openssl/evp.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/bindings/openssl/evp.py index 1a912496..da54f89d 100644 --- a/cryptography/hazmat/bindings/openssl/evp.py +++ b/cryptography/hazmat/bindings/openssl/evp.py @@ -29,9 +29,9 @@ typedef struct evp_pkey_st { } EVP_PKEY; static const int EVP_PKEY_RSA; static const int EVP_PKEY_DSA; -static const int EVP_CTRL_GCM_SET_IVLEN; -static const int EVP_CTRL_GCM_GET_TAG; -static const int EVP_CTRL_GCM_SET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_IVLEN; +static const int Cryptography_EVP_CTRL_GCM_GET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_TAG; """ FUNCTIONS = """ @@ -97,4 +97,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); """ CUSTOMIZATIONS = """ +#ifdef EVP_CTRL_GCM_SET_TAG +const int Cryptography_EVP_CTRL_GCM_GET_TAG = EVP_CTRL_GCM_GET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = EVP_CTRL_GCM_SET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_GCM_SET_IVLEN; +#else +const int Cryptography_EVP_CTRL_GCM_GET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = -1; +#endif """ -- cgit v1.2.3 From 0b1e66358e368e5176b26a0af0b673cfca3a1e0e Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 16:10:27 -0800 Subject: flake8 --- cryptography/hazmat/bindings/openssl/hmac.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index d5a5b7b1..8202f80c 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -23,7 +23,8 @@ FUNCTIONS = """ void HMAC_CTX_init(HMAC_CTX *); void HMAC_CTX_cleanup(HMAC_CTX *); -int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); +int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, + ENGINE *); int Cryptography_HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); int Cryptography_HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); -- cgit v1.2.3 From dc043b1e15f8ed07c47baeecfb9ef04dea989fe7 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 16:18:45 -0800 Subject: Fixed --- cryptography/hazmat/bindings/openssl/backend.py | 2 +- cryptography/hazmat/bindings/openssl/hmac.py | 25 ++++++++++++++++++++++++- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 897697e6..69ffde16 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -340,7 +340,7 @@ class HMACs(object): self._backend.lib.HMAC_CTX_init(copied_ctx) copied_ctx = self._backend.ffi.gc(copied_ctx, self._backend.lib.HMAC_CTX_cleanup) - res = self._backend.lib.HMAC_CTX_copy(copied_ctx, ctx) + res = self._backend.lib.Cryptography_HMAC_CTX_copy(copied_ctx, ctx) assert res != 0 return copied_ctx diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index 8202f80c..10e67141 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -27,7 +27,7 @@ int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); int Cryptography_HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); int Cryptography_HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); -int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); +int Cryptography_HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); """ MACROS = """ @@ -64,4 +64,27 @@ int Cryptography_HMAC_Final(HMAC_CTX *ctx, unsigned char *digest, #endif } +int Cryptography_HMAC_CTX_copy(HMAC_CTX *dst_ctx, HMAC_CTX *src_ctx) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_CTX_copy(dst_ctx, src_ctx); +#else + HMAC_CTX_init(dst_ctx); + if (!EVP_MD_CTX_copy_ex(&dst_ctx->i_ctx, &src_ctx->i_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->o_ctx, &src_ctx->o_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->md_ctx, &src_ctx->md_ctx)) { + goto err; + } + memcpy(dst_ctx->key, src_ctx->key, HMAC_MAX_MD_CBLOCK); + dst_ctx->key_length = src_ctx->key_length; + dst_ctx->md = src_ctx->md; + return 1; + + err: + return 0; +#endif +} """ -- cgit v1.2.3 From 088b4bdc56da323506220ca3b33af433bfc3f854 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 16:27:27 -0800 Subject: Added coveralls back --- .travis.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index a7b13e7f..38e82495 100644 --- a/.travis.yml +++ b/.travis.yml @@ -47,11 +47,14 @@ install: # This is required because we need to get rid of the Travis installed PyPy # or it'll take precedence over the PPA installed one. - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin || true" - - pip install tox + - pip install tox coveralls script: - tox -e $TOX_ENV +after_success: + - coveralls + notifications: irc: channels: -- cgit v1.2.3 From 45afb35c35f719af56ff951d24d17ea59399720d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 16:29:00 -0800 Subject: Put this back in the readme --- README.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index c9baddea..cf797733 100644 --- a/README.rst +++ b/README.rst @@ -2,7 +2,11 @@ Cryptography ============ .. image:: https://travis-ci.org/pyca/cryptography.png?branch=master - :target: https://travis-ci.org/pyca/cryptography + :target: https://travis-ci.org/pyca/cryptography + +.. image:: https://coveralls.io/repos/pyca/cryptography/badge.png?branch=master + :target: https://coveralls.io/r/pyca/cryptography?branch=master + ``cryptography`` is a package designed to expose cryptographic recipes and primitives to Python developers. -- cgit v1.2.3 From 3e81fb257ab22df0f5ae08a744b97a43a92c4eb1 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 16:29:19 -0800 Subject: DOn't fail tox on coverage --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index c0a9738f..dab22a6d 100644 --- a/tox.ini +++ b/tox.ini @@ -8,7 +8,7 @@ deps = pretend commands = coverage run --source=cryptography/,tests/ -m pytest - coverage report -m --fail-under 100 + coverage report -m [testenv:docs] deps = sphinx -- cgit v1.2.3 From 6130f67283592c5fee00e745163897d454b74a41 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 17:19:03 -0800 Subject: Removed allow_failures --- .travis.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/.travis.yml b/.travis.yml index 38e82495..8350ebca 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,19 +25,6 @@ env: - TOX_ENV=pep8 - TOX_ENV=py3pep8 -matrix: - allow_failures: - - env: TOX_ENV=py26 OPENSSL=0.9.8 - - env: TOX_ENV=py27 OPENSSL=0.9.8 - - env: TOX_ENV=py32 OPENSSL=0.9.8 - - env: TOX_ENV=py33 OPENSSL=0.9.8 - - env: TOX_ENV=pypy OPENSSL=0.9.8 - - env: TOX_ENV=py26 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py27 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py32 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py33 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=pypy CC=clang OPENSSL=0.9.8 - install: - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" - sudo add-apt-repository -y ppa:pypy/ppa -- cgit v1.2.3 From 2c2ef154bedb9ddd4d1278b2b24e8c81ad71ea2f Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 5 Nov 2013 18:19:39 -0800 Subject: kikc ci --- README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.rst b/README.rst index cf797733..def2e1fc 100644 --- a/README.rst +++ b/README.rst @@ -12,7 +12,7 @@ Cryptography primitives to Python developers. It is currently in early development and isn't recommended for general usage -yet. It targets Python 2.6-2.7, Python 3.2+, as well as PyPy. +yet. It targets Python 2.6-2.7, Python 3.2+, and PyPy. You can find more information in the `documentation`_. -- cgit v1.2.3 From 21dde56b48bf473932ce815860dd2ec99f2e2c75 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 6 Nov 2013 12:22:09 +0800 Subject: block cipher rename * block renamed to ciphers * ciphers renamed to algorithms * base moved into algorithms --- cryptography/hazmat/bindings/openssl/backend.py | 6 +- cryptography/hazmat/primitives/block/__init__.py | 21 --- cryptography/hazmat/primitives/block/base.py | 56 -------- cryptography/hazmat/primitives/block/ciphers.py | 118 --------------- cryptography/hazmat/primitives/block/modes.py | 56 -------- cryptography/hazmat/primitives/ciphers/__init__.py | 21 +++ .../hazmat/primitives/ciphers/algorithms.py | 160 +++++++++++++++++++++ cryptography/hazmat/primitives/ciphers/modes.py | 56 ++++++++ tests/hazmat/bindings/test_openssl.py | 8 +- tests/hazmat/primitives/test_3des.py | 14 +- tests/hazmat/primitives/test_aes.py | 14 +- tests/hazmat/primitives/test_block.py | 32 +++-- tests/hazmat/primitives/test_blowfish.py | 18 +-- tests/hazmat/primitives/test_camellia.py | 18 +-- tests/hazmat/primitives/test_cast5.py | 6 +- tests/hazmat/primitives/test_ciphers.py | 2 +- tests/hazmat/primitives/utils.py | 4 +- 17 files changed, 300 insertions(+), 310 deletions(-) delete mode 100644 cryptography/hazmat/primitives/block/__init__.py delete mode 100644 cryptography/hazmat/primitives/block/base.py delete mode 100644 cryptography/hazmat/primitives/block/ciphers.py delete mode 100644 cryptography/hazmat/primitives/block/modes.py create mode 100644 cryptography/hazmat/primitives/ciphers/__init__.py create mode 100644 cryptography/hazmat/primitives/ciphers/algorithms.py create mode 100644 cryptography/hazmat/primitives/ciphers/modes.py diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index ea1073b9..18388783 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -20,10 +20,12 @@ import cffi from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces -from cryptography.hazmat.primitives.block.ciphers import ( +from cryptography.hazmat.primitives.ciphers.algorithms import ( AES, Blowfish, Camellia, CAST5, TripleDES, ) -from cryptography.hazmat.primitives.block.modes import CBC, CTR, ECB, OFB, CFB +from cryptography.hazmat.primitives.ciphers.modes import ( + CBC, CTR, ECB, OFB, CFB +) class Backend(object): diff --git a/cryptography/hazmat/primitives/block/__init__.py b/cryptography/hazmat/primitives/block/__init__.py deleted file mode 100644 index 5b8942b6..00000000 --- a/cryptography/hazmat/primitives/block/__init__.py +++ /dev/null @@ -1,21 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -from cryptography.hazmat.primitives.block.base import BlockCipher - - -__all__ = [ - "BlockCipher", -] diff --git a/cryptography/hazmat/primitives/block/base.py b/cryptography/hazmat/primitives/block/base.py deleted file mode 100644 index ece3b32d..00000000 --- a/cryptography/hazmat/primitives/block/base.py +++ /dev/null @@ -1,56 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -from cryptography.hazmat.primitives import interfaces - - -class BlockCipher(object): - def __init__(self, cipher, mode, backend=None): - super(BlockCipher, self).__init__() - - if backend is None: - from cryptography.hazmat.bindings import ( - _default_backend as backend, - ) - - self.cipher = cipher - self.mode = mode - self._backend = backend - - def encryptor(self): - return _CipherContext( - self._backend.ciphers.create_encrypt_ctx(self.cipher, self.mode)) - - def decryptor(self): - return _CipherContext( - self._backend.ciphers.create_decrypt_ctx(self.cipher, self.mode)) - - -@interfaces.register(interfaces.CipherContext) -class _CipherContext(object): - def __init__(self, ctx): - self._ctx = ctx - - def update(self, data): - if self._ctx is None: - raise ValueError("Context was already finalized") - return self._ctx.update(data) - - def finalize(self): - if self._ctx is None: - raise ValueError("Context was already finalized") - data = self._ctx.finalize() - self._ctx = None - return data diff --git a/cryptography/hazmat/primitives/block/ciphers.py b/cryptography/hazmat/primitives/block/ciphers.py deleted file mode 100644 index 8046bd26..00000000 --- a/cryptography/hazmat/primitives/block/ciphers.py +++ /dev/null @@ -1,118 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - - -class AES(object): - name = "AES" - block_size = 128 - key_sizes = frozenset([128, 192, 256]) - - def __init__(self, key): - super(AES, self).__init__() - self.key = key - - # Verify that the key size matches the expected key size - if self.key_size not in self.key_sizes: - raise ValueError("Invalid key size ({0}) for {1}".format( - self.key_size, self.name - )) - - @property - def key_size(self): - return len(self.key) * 8 - - -class Camellia(object): - name = "camellia" - block_size = 128 - key_sizes = frozenset([128, 192, 256]) - - def __init__(self, key): - super(Camellia, self).__init__() - self.key = key - - # Verify that the key size matches the expected key size - if self.key_size not in self.key_sizes: - raise ValueError("Invalid key size ({0}) for {1}".format( - self.key_size, self.name - )) - - @property - def key_size(self): - return len(self.key) * 8 - - -class TripleDES(object): - name = "3DES" - block_size = 64 - key_sizes = frozenset([64, 128, 192]) - - def __init__(self, key): - super(TripleDES, self).__init__() - if len(key) == 8: - key += key + key - elif len(key) == 16: - key += key[:8] - self.key = key - - # Verify that the key size matches the expected key size - if self.key_size not in self.key_sizes: - raise ValueError("Invalid key size ({0}) for {1}".format( - self.key_size, self.name - )) - - @property - def key_size(self): - return len(self.key) * 8 - - -class Blowfish(object): - name = "Blowfish" - block_size = 64 - key_sizes = frozenset(range(32, 449, 8)) - - def __init__(self, key): - super(Blowfish, self).__init__() - self.key = key - - # Verify that the key size matches the expected key size - if self.key_size not in self.key_sizes: - raise ValueError("Invalid key size ({0}) for {1}".format( - self.key_size, self.name - )) - - @property - def key_size(self): - return len(self.key) * 8 - - -class CAST5(object): - name = "CAST5" - block_size = 64 - key_sizes = frozenset([40, 48, 56, 64, 72, 80, 88, 96, 104, 112, 120, 128]) - - def __init__(self, key): - super(CAST5, self).__init__() - self.key = key - - # Verify that the key size matches the expected key size - if self.key_size not in self.key_sizes: - raise ValueError("Invalid key size ({0}) for {1}".format( - self.key_size, self.name - )) - - @property - def key_size(self): - return len(self.key) * 8 diff --git a/cryptography/hazmat/primitives/block/modes.py b/cryptography/hazmat/primitives/block/modes.py deleted file mode 100644 index a60e8a34..00000000 --- a/cryptography/hazmat/primitives/block/modes.py +++ /dev/null @@ -1,56 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -from cryptography.hazmat.primitives import interfaces - - -@interfaces.register(interfaces.ModeWithInitializationVector) -class CBC(object): - name = "CBC" - - def __init__(self, initialization_vector): - super(CBC, self).__init__() - self.initialization_vector = initialization_vector - - -class ECB(object): - name = "ECB" - - -@interfaces.register(interfaces.ModeWithInitializationVector) -class OFB(object): - name = "OFB" - - def __init__(self, initialization_vector): - super(OFB, self).__init__() - self.initialization_vector = initialization_vector - - -@interfaces.register(interfaces.ModeWithInitializationVector) -class CFB(object): - name = "CFB" - - def __init__(self, initialization_vector): - super(CFB, self).__init__() - self.initialization_vector = initialization_vector - - -@interfaces.register(interfaces.ModeWithNonce) -class CTR(object): - name = "CTR" - - def __init__(self, nonce): - super(CTR, self).__init__() - self.nonce = nonce diff --git a/cryptography/hazmat/primitives/ciphers/__init__.py b/cryptography/hazmat/primitives/ciphers/__init__.py new file mode 100644 index 00000000..0e81de35 --- /dev/null +++ b/cryptography/hazmat/primitives/ciphers/__init__.py @@ -0,0 +1,21 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives.ciphers.algorithms import Cipher + + +__all__ = [ + "Cipher", +] diff --git a/cryptography/hazmat/primitives/ciphers/algorithms.py b/cryptography/hazmat/primitives/ciphers/algorithms.py new file mode 100644 index 00000000..0b11e466 --- /dev/null +++ b/cryptography/hazmat/primitives/ciphers/algorithms.py @@ -0,0 +1,160 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives import interfaces + + +class Cipher(object): + def __init__(self, cipher, mode, backend=None): + super(Cipher, self).__init__() + + if backend is None: + from cryptography.hazmat.bindings import ( + _default_backend as backend, + ) + + self.cipher = cipher + self.mode = mode + self._backend = backend + + def encryptor(self): + return _CipherContext( + self._backend.ciphers.create_encrypt_ctx(self.cipher, self.mode)) + + def decryptor(self): + return _CipherContext( + self._backend.ciphers.create_decrypt_ctx(self.cipher, self.mode)) + + +@interfaces.register(interfaces.CipherContext) +class _CipherContext(object): + def __init__(self, ctx): + self._ctx = ctx + + def update(self, data): + if self._ctx is None: + raise ValueError("Context was already finalized") + return self._ctx.update(data) + + def finalize(self): + if self._ctx is None: + raise ValueError("Context was already finalized") + data = self._ctx.finalize() + self._ctx = None + return data + + +class AES(object): + name = "AES" + block_size = 128 + key_sizes = frozenset([128, 192, 256]) + + def __init__(self, key): + super(AES, self).__init__() + self.key = key + + # Verify that the key size matches the expected key size + if self.key_size not in self.key_sizes: + raise ValueError("Invalid key size ({0}) for {1}".format( + self.key_size, self.name + )) + + @property + def key_size(self): + return len(self.key) * 8 + + +class Camellia(object): + name = "camellia" + block_size = 128 + key_sizes = frozenset([128, 192, 256]) + + def __init__(self, key): + super(Camellia, self).__init__() + self.key = key + + # Verify that the key size matches the expected key size + if self.key_size not in self.key_sizes: + raise ValueError("Invalid key size ({0}) for {1}".format( + self.key_size, self.name + )) + + @property + def key_size(self): + return len(self.key) * 8 + + +class TripleDES(object): + name = "3DES" + block_size = 64 + key_sizes = frozenset([64, 128, 192]) + + def __init__(self, key): + super(TripleDES, self).__init__() + if len(key) == 8: + key += key + key + elif len(key) == 16: + key += key[:8] + self.key = key + + # Verify that the key size matches the expected key size + if self.key_size not in self.key_sizes: + raise ValueError("Invalid key size ({0}) for {1}".format( + self.key_size, self.name + )) + + @property + def key_size(self): + return len(self.key) * 8 + + +class Blowfish(object): + name = "Blowfish" + block_size = 64 + key_sizes = frozenset(range(32, 449, 8)) + + def __init__(self, key): + super(Blowfish, self).__init__() + self.key = key + + # Verify that the key size matches the expected key size + if self.key_size not in self.key_sizes: + raise ValueError("Invalid key size ({0}) for {1}".format( + self.key_size, self.name + )) + + @property + def key_size(self): + return len(self.key) * 8 + + +class CAST5(object): + name = "CAST5" + block_size = 64 + key_sizes = frozenset([40, 48, 56, 64, 72, 80, 88, 96, 104, 112, 120, 128]) + + def __init__(self, key): + super(CAST5, self).__init__() + self.key = key + + # Verify that the key size matches the expected key size + if self.key_size not in self.key_sizes: + raise ValueError("Invalid key size ({0}) for {1}".format( + self.key_size, self.name + )) + + @property + def key_size(self): + return len(self.key) * 8 diff --git a/cryptography/hazmat/primitives/ciphers/modes.py b/cryptography/hazmat/primitives/ciphers/modes.py new file mode 100644 index 00000000..a60e8a34 --- /dev/null +++ b/cryptography/hazmat/primitives/ciphers/modes.py @@ -0,0 +1,56 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives import interfaces + + +@interfaces.register(interfaces.ModeWithInitializationVector) +class CBC(object): + name = "CBC" + + def __init__(self, initialization_vector): + super(CBC, self).__init__() + self.initialization_vector = initialization_vector + + +class ECB(object): + name = "ECB" + + +@interfaces.register(interfaces.ModeWithInitializationVector) +class OFB(object): + name = "OFB" + + def __init__(self, initialization_vector): + super(OFB, self).__init__() + self.initialization_vector = initialization_vector + + +@interfaces.register(interfaces.ModeWithInitializationVector) +class CFB(object): + name = "CFB" + + def __init__(self, initialization_vector): + super(CFB, self).__init__() + self.initialization_vector = initialization_vector + + +@interfaces.register(interfaces.ModeWithNonce) +class CTR(object): + name = "CTR" + + def __init__(self, nonce): + super(CTR, self).__init__() + self.nonce = nonce diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index f283a7dd..f1493e8d 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -15,9 +15,9 @@ import pytest from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.bindings.openssl.backend import backend, Backend -from cryptography.hazmat.primitives.block import BlockCipher -from cryptography.hazmat.primitives.block.ciphers import AES -from cryptography.hazmat.primitives.block.modes import CBC +from cryptography.hazmat.primitives.ciphers import Cipher +from cryptography.hazmat.primitives.ciphers.algorithms import AES +from cryptography.hazmat.primitives.ciphers.modes import CBC class FakeMode(object): @@ -62,7 +62,7 @@ class TestOpenSSL(object): FakeMode, lambda backend, cipher, mode: backend.ffi.NULL ) - cipher = BlockCipher( + cipher = Cipher( FakeCipher(), FakeMode(), backend=b, ) with pytest.raises(UnsupportedAlgorithm): diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 6b3e0414..af6bdc04 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -20,7 +20,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -37,7 +37,7 @@ class TestTripleDES_CBC(object): "TCBCvarkey.rsp", "TCBCvartext.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -50,7 +50,7 @@ class TestTripleDES_CBC(object): "TCBCMMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -67,7 +67,7 @@ class TestTripleDES_OFB(object): "TOFBvartext.rsp", "TOFBinvperm.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -80,7 +80,7 @@ class TestTripleDES_OFB(object): "TOFBMMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -97,7 +97,7 @@ class TestTripleDES_CFB(object): "TCFB64varkey.rsp", "TCFB64vartext.rsp", ], - lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), lambda keys, iv: modes.CFB(binascii.unhexlify(iv)), ) @@ -110,7 +110,7 @@ class TestTripleDES_CFB(object): "TCFB64MMT3.rsp", ], lambda key1, key2, key3, iv: ( - ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) ), lambda key1, key2, key3, iv: modes.CFB(binascii.unhexlify(iv)), ) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 192da648..66471fac 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import ( @@ -45,7 +45,7 @@ class TestAES(object): "CBCMMT192.rsp", "CBCMMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), ) @@ -69,7 +69,7 @@ class TestAES(object): "ECBMMT192.rsp", "ECBMMT256.rsp", ], - lambda key: ciphers.AES(binascii.unhexlify(key)), + lambda key: algorithms.AES(binascii.unhexlify(key)), lambda key: modes.ECB(), ) @@ -93,7 +93,7 @@ class TestAES(object): "OFBMMT192.rsp", "OFBMMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), ) @@ -117,7 +117,7 @@ class TestAES(object): "CFB128MMT192.rsp", "CFB128MMT256.rsp", ], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), ) @@ -125,10 +125,10 @@ class TestAES(object): load_openssl_vectors_from_file, os.path.join("ciphers", "AES", "CTR"), ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"], - lambda key, iv: ciphers.AES(binascii.unhexlify(key)), + lambda key, iv: algorithms.AES(binascii.unhexlify(key)), lambda key, iv: modes.CTR(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.AES("\x00" * 16), modes.CTR("\x00" * 16) + algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16) ), skip_message="Does not support AES CTR", ) diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index dd9c54c9..28f34478 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -19,35 +19,37 @@ import pytest from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import interfaces -from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes +from cryptography.hazmat.primitives.ciphers import ( + Cipher, algorithms, modes +) -class TestBlockCipher(object): +class TestCipher(object): def test_instantiate_without_backend(self): - BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) def test_creates_encryptor(self): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) assert isinstance(cipher.encryptor(), interfaces.CipherContext) def test_creates_decryptor(self): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)) ) assert isinstance(cipher.decryptor(), interfaces.CipherContext) -class TestBlockCipherContext(object): +class TestCipherContext(object): def test_use_after_finalize(self, backend): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)), backend ) @@ -67,8 +69,8 @@ class TestBlockCipherContext(object): decryptor.finalize() def test_unaligned_block_encryption(self, backend): - cipher = BlockCipher( - ciphers.AES(binascii.unhexlify(b"0" * 32)), + cipher = Cipher( + algorithms.AES(binascii.unhexlify(b"0" * 32)), modes.ECB(), backend ) @@ -86,8 +88,8 @@ class TestBlockCipherContext(object): assert pt == b"a" * 80 decryptor.finalize() - def test_nonexistant_cipher(self, backend): - cipher = BlockCipher( + def test_nonexistent_cipher(self, backend): + cipher = Cipher( object(), object(), backend ) with pytest.raises(UnsupportedAlgorithm): diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index cd5e03a4..a7f13823 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -27,10 +27,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-ecb.txt"], - lambda key: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key: algorithms.Blowfish(binascii.unhexlify(key)), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.ECB() + algorithms.Blowfish("\x00" * 56), modes.ECB() ), skip_message="Does not support Blowfish ECB", ) @@ -39,10 +39,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-cbc.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) ), skip_message="Does not support Blowfish CBC", ) @@ -51,10 +51,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-ofb.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) ), skip_message="Does not support Blowfish OFB", ) @@ -63,10 +63,10 @@ class TestBlowfish(object): lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), os.path.join("ciphers", "Blowfish"), ["bf-cfb.txt"], - lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) + algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) ), skip_message="Does not support Blowfish CFB", ) diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index 605c18d5..e1be5d1d 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import ( @@ -33,10 +33,10 @@ class TestCamellia(object): "camellia-192-ecb.txt", "camellia-256-ecb.txt" ], - lambda key: ciphers.Camellia(binascii.unhexlify((key))), + lambda key: algorithms.Camellia(binascii.unhexlify((key))), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.ECB() + algorithms.Camellia("\x00" * 16), modes.ECB() ), skip_message="Does not support Camellia ECB", ) @@ -45,10 +45,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-cbc.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.CBC("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16) ), skip_message="Does not support Camellia CBC", ) @@ -57,10 +57,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-ofb.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.OFB("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16) ), skip_message="Does not support Camellia OFB", ) @@ -69,10 +69,10 @@ class TestCamellia(object): load_openssl_vectors_from_file, os.path.join("ciphers", "Camellia"), ["camellia-cfb.txt"], - lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), + lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.ciphers.supported( - ciphers.Camellia("\x00" * 16), modes.CFB("\x00" * 16) + algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16) ), skip_message="Does not support Camellia CFB", ) diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index bd861150..b2988437 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import binascii import os -from cryptography.hazmat.primitives.block import ciphers, modes +from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test from ...utils import load_nist_vectors_from_file @@ -29,10 +29,10 @@ class TestCAST5(object): [ "cast5-ecb.txt", ], - lambda key: ciphers.CAST5(binascii.unhexlify((key))), + lambda key: algorithms.CAST5(binascii.unhexlify((key))), lambda key: modes.ECB(), only_if=lambda backend: backend.ciphers.supported( - ciphers.CAST5("\x00" * 16), modes.ECB() + algorithms.CAST5("\x00" * 16), modes.ECB() ), skip_message="Does not support CAST5 ECB", ) diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index d3870a0b..dfafab3f 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -17,7 +17,7 @@ import binascii import pytest -from cryptography.hazmat.primitives.block.ciphers import ( +from cryptography.hazmat.primitives.ciphers.algorithms import ( AES, Camellia, TripleDES, Blowfish, CAST5 ) diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index b4a8a3e6..e6e97d1d 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -6,7 +6,7 @@ import pytest from cryptography.hazmat.bindings import _ALL_BACKENDS from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import hmac -from cryptography.hazmat.primitives.block import BlockCipher +from cryptography.hazmat.primitives.ciphers import Cipher def generate_encrypt_test(param_loader, path, file_names, cipher_factory, @@ -34,7 +34,7 @@ def encrypt_test(backend, cipher_factory, mode_factory, params, only_if, pytest.skip(skip_message) plaintext = params.pop("plaintext") ciphertext = params.pop("ciphertext") - cipher = BlockCipher( + cipher = Cipher( cipher_factory(**params), mode_factory(**params), backend -- cgit v1.2.3 From 4ec3f253a81a42e2804831c40f4ac28be4b56577 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 6 Nov 2013 15:20:23 +0800 Subject: rename cipher to algorithm within the Cipher object --- cryptography/hazmat/primitives/ciphers/algorithms.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/cryptography/hazmat/primitives/ciphers/algorithms.py b/cryptography/hazmat/primitives/ciphers/algorithms.py index 0b11e466..56dca216 100644 --- a/cryptography/hazmat/primitives/ciphers/algorithms.py +++ b/cryptography/hazmat/primitives/ciphers/algorithms.py @@ -17,7 +17,7 @@ from cryptography.hazmat.primitives import interfaces class Cipher(object): - def __init__(self, cipher, mode, backend=None): + def __init__(self, algorithm, mode, backend=None): super(Cipher, self).__init__() if backend is None: @@ -25,17 +25,19 @@ class Cipher(object): _default_backend as backend, ) - self.cipher = cipher + self.algorithm = algorithm self.mode = mode self._backend = backend def encryptor(self): return _CipherContext( - self._backend.ciphers.create_encrypt_ctx(self.cipher, self.mode)) + self._backend.ciphers.create_encrypt_ctx(self.algorithm, + self.mode)) def decryptor(self): return _CipherContext( - self._backend.ciphers.create_decrypt_ctx(self.cipher, self.mode)) + self._backend.ciphers.create_decrypt_ctx(self.algorithm, + self.mode)) @interfaces.register(interfaces.CipherContext) -- cgit v1.2.3 From 051099ee7ea64b902fc9821f139d0a955bfe8bc4 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 6 Nov 2013 15:53:40 +0800 Subject: update docs --- docs/hazmat/primitives/symmetric-encryption.rst | 27 ++++++++++++------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index c1c8d247..7d3b072d 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -4,7 +4,7 @@ Symmetric Encryption ==================== -.. currentmodule:: cryptography.hazmat.primitives.block +.. currentmodule:: cryptography.hazmat.primitives.ciphers .. testsetup:: @@ -16,24 +16,23 @@ Symmetric Encryption Symmetric encryption is a way to encrypt (hide the plaintext value) material where the encrypter and decrypter both use the same key. -.. class:: BlockCipher(cipher, mode) +.. class:: Cipher(algorithm, mode) - Block ciphers work by encrypting content in chunks, often 64- or 128-bits. - They combine an underlying algorithm (such as AES), with a mode (such as + Cipher objects combine an algorithm (such as AES) with a mode (such as CBC, CTR, or GCM). A simple example of encrypting (and then decrypting) content with AES is: .. doctest:: - >>> from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes - >>> cipher = BlockCipher(ciphers.AES(key), modes.CBC(iv)) + >>> from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes + >>> cipher = Cipher(algorithms.AES(key), modes.CBC(iv)) >>> encryptor = cipher.encryptor() >>> ct = encryptor.update(b"a secret message") + encryptor.finalize() >>> decryptor = cipher.decryptor() >>> decryptor.update(ct) + decryptor.finalize() 'a secret message' - :param cipher: One of the ciphers described below. + :param algorithms: One of the algorithms described below. :param mode: One of the modes described below. .. method:: encryptor() @@ -61,7 +60,7 @@ where the encrypter and decrypter both use the same key. .. class:: CipherContext - When calling ``encryptor()`` or ``decryptor()`` on a ``BlockCipher`` object + When calling ``encryptor()`` or ``decryptor()`` on a ``Cipher`` object you will receive a return object conforming to the ``CipherContext`` interface. You can then call ``update(data)`` with data until you have fed everything into the context. Once that is done call ``finalize()`` to @@ -72,9 +71,9 @@ where the encrypter and decrypter both use the same key. :param bytes data: The data you wish to pass into the context. :return bytes: Returns the data that was encrypted or decrypted. - When the ``BlockCipher`` was constructed in a mode turns it into a + When the ``Cipher`` was constructed in a mode that turns it into a stream cipher (e.g. - :class:`cryptography.hazmat.primitives.block.modes.CTR`), this will + :class:`cryptography.hazmat.primitives.ciphers.modes.CTR`), this will return bytes immediately, however in other modes it will return chunks, whose size is determined by the cipher's block size. @@ -82,10 +81,10 @@ where the encrypter and decrypter both use the same key. :return bytes: Returns the remainder of the data. -Ciphers -~~~~~~~ +Algorithms +~~~~~~~~~~ -.. currentmodule:: cryptography.hazmat.primitives.block.ciphers +.. currentmodule:: cryptography.hazmat.primitives.ciphers.algorithms .. class:: AES(key) @@ -153,7 +152,7 @@ Weak Ciphers Modes ~~~~~ -.. currentmodule:: cryptography.hazmat.primitives.block.modes +.. currentmodule:: cryptography.hazmat.primitives.ciphers.modes .. class:: CBC(initialization_vector) -- cgit v1.2.3 From dd0b51b92d9bafe6aaacc2565ace0c591a493965 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 6 Nov 2013 16:00:08 +0800 Subject: re-add base.py --- cryptography/hazmat/primitives/ciphers/__init__.py | 2 +- .../hazmat/primitives/ciphers/algorithms.py | 44 ---------------- cryptography/hazmat/primitives/ciphers/base.py | 58 ++++++++++++++++++++++ 3 files changed, 59 insertions(+), 45 deletions(-) create mode 100644 cryptography/hazmat/primitives/ciphers/base.py diff --git a/cryptography/hazmat/primitives/ciphers/__init__.py b/cryptography/hazmat/primitives/ciphers/__init__.py index 0e81de35..e5a8ca52 100644 --- a/cryptography/hazmat/primitives/ciphers/__init__.py +++ b/cryptography/hazmat/primitives/ciphers/__init__.py @@ -13,7 +13,7 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.primitives.ciphers.algorithms import Cipher +from cryptography.hazmat.primitives.ciphers.base import Cipher __all__ = [ diff --git a/cryptography/hazmat/primitives/ciphers/algorithms.py b/cryptography/hazmat/primitives/ciphers/algorithms.py index 56dca216..8046bd26 100644 --- a/cryptography/hazmat/primitives/ciphers/algorithms.py +++ b/cryptography/hazmat/primitives/ciphers/algorithms.py @@ -13,50 +13,6 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.primitives import interfaces - - -class Cipher(object): - def __init__(self, algorithm, mode, backend=None): - super(Cipher, self).__init__() - - if backend is None: - from cryptography.hazmat.bindings import ( - _default_backend as backend, - ) - - self.algorithm = algorithm - self.mode = mode - self._backend = backend - - def encryptor(self): - return _CipherContext( - self._backend.ciphers.create_encrypt_ctx(self.algorithm, - self.mode)) - - def decryptor(self): - return _CipherContext( - self._backend.ciphers.create_decrypt_ctx(self.algorithm, - self.mode)) - - -@interfaces.register(interfaces.CipherContext) -class _CipherContext(object): - def __init__(self, ctx): - self._ctx = ctx - - def update(self, data): - if self._ctx is None: - raise ValueError("Context was already finalized") - return self._ctx.update(data) - - def finalize(self): - if self._ctx is None: - raise ValueError("Context was already finalized") - data = self._ctx.finalize() - self._ctx = None - return data - class AES(object): name = "AES" diff --git a/cryptography/hazmat/primitives/ciphers/base.py b/cryptography/hazmat/primitives/ciphers/base.py new file mode 100644 index 00000000..1599308c --- /dev/null +++ b/cryptography/hazmat/primitives/ciphers/base.py @@ -0,0 +1,58 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives import interfaces + + +class Cipher(object): + def __init__(self, algorithm, mode, backend=None): + super(Cipher, self).__init__() + + if backend is None: + from cryptography.hazmat.bindings import ( + _default_backend as backend, + ) + + self.algorithm = algorithm + self.mode = mode + self._backend = backend + + def encryptor(self): + return _CipherContext( + self._backend.ciphers.create_encrypt_ctx(self.algorithm, + self.mode)) + + def decryptor(self): + return _CipherContext( + self._backend.ciphers.create_decrypt_ctx(self.algorithm, + self.mode)) + + +@interfaces.register(interfaces.CipherContext) +class _CipherContext(object): + def __init__(self, ctx): + self._ctx = ctx + + def update(self, data): + if self._ctx is None: + raise ValueError("Context was already finalized") + return self._ctx.update(data) + + def finalize(self): + if self._ctx is None: + raise ValueError("Context was already finalized") + data = self._ctx.finalize() + self._ctx = None + return data -- cgit v1.2.3 From a05358d2d82c79124a4e2f13f73ea378c7ae7c71 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Wed, 6 Nov 2013 11:01:22 -0800 Subject: Refer to the sphinx site, rather than the docutils one, for a reST primer --- docs/contributing.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/contributing.rst b/docs/contributing.rst index e1475b88..3b301842 100644 --- a/docs/contributing.rst +++ b/docs/contributing.rst @@ -206,4 +206,4 @@ The HTML documentation index can now be found at ``docs/_build/html/index.html`` .. _`virtualenv`: https://pypi.python.org/pypi/virtualenv .. _`pip`: https://pypi.python.org/pypi/pip .. _`sphinx`: https://pypi.python.org/pypi/sphinx -.. _`reStructured Text`: http://docutils.sourceforge.net/rst.html +.. _`reStructured Text`: http://sphinx-doc.org/rest.html -- cgit v1.2.3 From 644eb4106b540e54d02ba018b879707cbb073e91 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 11:13:42 -0800 Subject: Don't silence any failures. --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8350ebca..39fbc971 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,12 +28,12 @@ env: install: - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" - sudo add-apt-repository -y ppa:pypy/ppa - - sudo apt-get -y update || true - - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y --force-yes install libssl-dev/lucid || true" - - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y install pypy || true" + - sudo apt-get -y update + - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y --force-yes install libssl-dev/lucid" + - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y install pypy" # This is required because we need to get rid of the Travis installed PyPy # or it'll take precedence over the PPA installed one. - - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin || true" + - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin" - pip install tox coveralls script: -- cgit v1.2.3 From 6b609bbeb0223dcaa5da5f758d096dd4af4f81b4 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 11:44:15 -0800 Subject: Use a script so you can write something resembling real code and reason about how it works. --- .travis.yml | 10 +--------- .travis/install.sh | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 9 deletions(-) create mode 100755 .travis/install.sh diff --git a/.travis.yml b/.travis.yml index 39fbc971..0a8771ef 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,15 +26,7 @@ env: - TOX_ENV=py3pep8 install: - - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" - - sudo add-apt-repository -y ppa:pypy/ppa - - sudo apt-get -y update - - "[[ ${OPENSSL} == \"0.9.8\" ]] && sudo apt-get -y --force-yes install libssl-dev/lucid" - - "[[ ${TOX_ENV} == pypy ]] && sudo apt-get -y install pypy" - # This is required because we need to get rid of the Travis installed PyPy - # or it'll take precedence over the PPA installed one. - - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin" - - pip install tox coveralls + - ./.travis/install.sh script: - tox -e $TOX_ENV diff --git a/.travis/install.sh b/.travis/install.sh new file mode 100755 index 00000000..94673084 --- /dev/null +++ b/.travis/install.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${OPENSSL}" == "0.9.8" ]]; then + sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ lucid main" +fi + +if [[ "${TOX_ENV}" == "pypy" ]]; then + sudo add-apt-repository -y ppa:pypy/ppa +fi + +sudo apt-get -y update + +if [[ "${OPENSSL}" == "0.9.8" ]]; then + sudo apt-get install -y --force-yes libssl-dev/lucid +fi + +if [[ "${TOX_ENV}" == "pypy"]]; then + sudo apt-get install -y pypy + + # This is required because we need to get rid of the Travis installed PyPy + # or it'll take precedence over the PPA installed one. + sudo rm -rf /usr/local/pypy/bin +fi + +pip install tox coverage -- cgit v1.2.3 From 2752924d087cb03001574692052096d520d1302e Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 13:13:53 -0800 Subject: Fix stupid shell syntax error. --- .travis/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis/install.sh b/.travis/install.sh index 94673084..9c6d34c3 100755 --- a/.travis/install.sh +++ b/.travis/install.sh @@ -17,7 +17,7 @@ if [[ "${OPENSSL}" == "0.9.8" ]]; then sudo apt-get install -y --force-yes libssl-dev/lucid fi -if [[ "${TOX_ENV}" == "pypy"]]; then +if [[ "${TOX_ENV}" == "pypy" ]]; then sudo apt-get install -y pypy # This is required because we need to get rid of the Travis installed PyPy -- cgit v1.2.3 From f0943938e7ded1e02dc3136772ec42b431c9d291 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 13:47:36 -0800 Subject: Get the package name right. --- .travis/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis/install.sh b/.travis/install.sh index 9c6d34c3..fdd71907 100755 --- a/.travis/install.sh +++ b/.travis/install.sh @@ -25,4 +25,4 @@ if [[ "${TOX_ENV}" == "pypy" ]]; then sudo rm -rf /usr/local/pypy/bin fi -pip install tox coverage +pip install tox coveralls -- cgit v1.2.3 From 2c0c91e6ed245d6363828458020e90ec0670ed24 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 15:00:19 -0800 Subject: Actually note the properties for cipher modes types on their ABCs. --- cryptography/hazmat/primitives/interfaces.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index ebf5e31e..d6a05c18 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -26,11 +26,19 @@ def register(iface): class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): - pass + @abc.abstractproperty + def iv(self): + """ + The value of the initialization vector for this mode. + """ class ModeWithNonce(six.with_metaclass(abc.ABCMeta)): - pass + @abc.abstractproperty + def nonce(self): + """ + The value of the nonce for this mode. + """ class CipherContext(six.with_metaclass(abc.ABCMeta)): -- cgit v1.2.3 From a0b59223025a54c800c7844568428992f876a711 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 6 Nov 2013 16:07:29 -0800 Subject: Proper name for the iv thing. --- cryptography/hazmat/primitives/interfaces.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index d6a05c18..d3962a2a 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -27,7 +27,7 @@ def register(iface): class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty - def iv(self): + def initialization_vector(self): """ The value of the initialization vector for this mode. """ -- cgit v1.2.3 From 30722b9a84ea38f70a22fbca13d8b3a6078af50a Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 7 Nov 2013 13:03:39 -0800 Subject: Add a new Mode interface to document mode.name and start on some prose docs for interfaces. --- cryptography/hazmat/primitives/ciphers/modes.py | 5 +++ cryptography/hazmat/primitives/interfaces.py | 8 ++++ docs/hazmat/primitives/index.rst | 1 + docs/hazmat/primitives/interfaces.rst | 59 +++++++++++++++++++++++++ docs/hazmat/primitives/symmetric-encryption.rst | 3 ++ 5 files changed, 76 insertions(+) create mode 100644 docs/hazmat/primitives/interfaces.rst diff --git a/cryptography/hazmat/primitives/ciphers/modes.py b/cryptography/hazmat/primitives/ciphers/modes.py index a60e8a34..e54872a6 100644 --- a/cryptography/hazmat/primitives/ciphers/modes.py +++ b/cryptography/hazmat/primitives/ciphers/modes.py @@ -16,6 +16,7 @@ from __future__ import absolute_import, division, print_function from cryptography.hazmat.primitives import interfaces +@interfaces.register(interfaces.Mode) @interfaces.register(interfaces.ModeWithInitializationVector) class CBC(object): name = "CBC" @@ -25,10 +26,12 @@ class CBC(object): self.initialization_vector = initialization_vector +@interfaces.register(interfaces.Mode) class ECB(object): name = "ECB" +@interfaces.register(interfaces.Mode) @interfaces.register(interfaces.ModeWithInitializationVector) class OFB(object): name = "OFB" @@ -38,6 +41,7 @@ class OFB(object): self.initialization_vector = initialization_vector +@interfaces.register(interfaces.Mode) @interfaces.register(interfaces.ModeWithInitializationVector) class CFB(object): name = "CFB" @@ -47,6 +51,7 @@ class CFB(object): self.initialization_vector = initialization_vector +@interfaces.register(interfaces.Mode) @interfaces.register(interfaces.ModeWithNonce) class CTR(object): name = "CTR" diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index d3962a2a..d4466e72 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -25,6 +25,14 @@ def register(iface): return register_decorator +class Mode(six.with_metaclass(abc.ABCMeta)): + @abc.abstractproperty + def name(self): + """ + A string naming this mode. (ex. ECB, CBC) + """ + + class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty def initialization_vector(self): diff --git a/docs/hazmat/primitives/index.rst b/docs/hazmat/primitives/index.rst index c81018ae..614c414a 100644 --- a/docs/hazmat/primitives/index.rst +++ b/docs/hazmat/primitives/index.rst @@ -10,3 +10,4 @@ Primitives hmac symmetric-encryption padding + interfaces diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst new file mode 100644 index 00000000..b5261581 --- /dev/null +++ b/docs/hazmat/primitives/interfaces.rst @@ -0,0 +1,59 @@ +.. hazmat:: + +Interfaces +========== + + +``cryptography`` uses `Abstract Base Classes`_ as interfaces to describe the +properties and methods of most primitive constructs. Backends may also use +this information to influence their operation. Interfaces should also be used +to document argument and return types. + +.. _`Abstract Base Classes`: http://www.python.org/dev/peps/pep-3119/ + + +Cipher Modes +~~~~~~~~~~~~ + +.. currentmodule:: cryptography.hazmat.primitives.interfaces + +Interfaces used by the symmetric cipher modes described in +:ref:`Symmetric Encryption Modes `. + +.. class:: Mode + + A named cipher mode. + + .. attribute:: name + + :type: str + + This should be the standard shorthand name for the mode, for example + Cipher-Block Chaining mode is "CBC". + + The name may be used by a backend to influence the operation of a + cipher in conjunction with the algorithm's name. + + +.. class:: ModeWithInitializationVector + + A cipher mode with an initialization vector. + + .. attribute:: initialization_vector + + :type: bytes + + Exact requirements of the initialization are described by the + documentation of individual modes. + + +.. class:: ModeWithNonce + + A cipher mode with a nonce. + + .. attribute:: nonce + + :type: bytes + + Exact requirements of the nonce are described by the documentation of + individual modes. diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 7d3b072d..4b37d396 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -149,6 +149,9 @@ Weak Ciphers :param bytes key: The secret key, 32-448 bits in length (in increments of 8). This must be kept secret. + +.. _symmetric-encryption-modes: + Modes ~~~~~ -- cgit v1.2.3 From bd18bcd915444a54648eccded360b68c26a23b99 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 7 Nov 2013 13:13:30 -0800 Subject: Single space. --- docs/hazmat/primitives/interfaces.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index b5261581..f37dbb5a 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -5,8 +5,8 @@ Interfaces ``cryptography`` uses `Abstract Base Classes`_ as interfaces to describe the -properties and methods of most primitive constructs. Backends may also use -this information to influence their operation. Interfaces should also be used +properties and methods of most primitive constructs. Backends may also use +this information to influence their operation. Interfaces should also be used to document argument and return types. .. _`Abstract Base Classes`: http://www.python.org/dev/peps/pep-3119/ -- cgit v1.2.3 From 9ed25e48afbd56f9f825ebbed9ef2c27c31c65e4 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 7 Nov 2013 13:15:27 -0800 Subject: Module documentation. --- docs/hazmat/primitives/interfaces.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index f37dbb5a..7068316e 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -9,7 +9,7 @@ properties and methods of most primitive constructs. Backends may also use this information to influence their operation. Interfaces should also be used to document argument and return types. -.. _`Abstract Base Classes`: http://www.python.org/dev/peps/pep-3119/ +.. _`Abstract Base Classes`: http://docs.python.org/3.2/library/abc.html Cipher Modes -- cgit v1.2.3 From 07e8a49658945d2082ef4f9a4dd9ea01e57b6e58 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 7 Nov 2013 13:16:50 -0800 Subject: Consistently use e.g. --- cryptography/hazmat/primitives/interfaces.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index d4466e72..da4fa209 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -29,7 +29,7 @@ class Mode(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty def name(self): """ - A string naming this mode. (ex. ECB, CBC) + A string naming this mode. (e.g. ECB, CBC) """ @@ -81,7 +81,7 @@ class HashAlgorithm(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty def name(self): """ - A string naming this algorithm. (ex. sha256, md5) + A string naming this algorithm. (e.g. sha256, md5) """ @abc.abstractproperty -- cgit v1.2.3 From f2f58738305b51e0fad98cf1fc6c5e490738066f Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 7 Nov 2013 13:17:02 -0800 Subject: Mention return types. --- cryptography/hazmat/primitives/interfaces.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index da4fa209..67dbe6fa 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -37,7 +37,7 @@ class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty def initialization_vector(self): """ - The value of the initialization vector for this mode. + The value of the initialization vector for this mode as bytes. """ @@ -45,7 +45,7 @@ class ModeWithNonce(six.with_metaclass(abc.ABCMeta)): @abc.abstractproperty def nonce(self): """ - The value of the nonce for this mode. + The value of the nonce for this mode as bytes. """ -- cgit v1.2.3 From 8ed651e717537ea69c987b78f6ef9f8d336bb734 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 7 Nov 2013 13:24:31 -0800 Subject: Be really explicit about what's good and bad --- docs/hazmat/primitives/symmetric-encryption.rst | 26 ++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 7d3b072d..1aeb2a56 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -163,9 +163,29 @@ Modes to be kept secret (they can be included in a transmitted message). Must be the same number of bytes as the - ``block_size`` of the cipher. Do not - reuse an ``initialization_vector`` with - a given ``key``. + ``block_size`` of the cipher. Each time + someting is encrypted a new + ``initialization_vector`` should be + generated. Do not reuse an + ``initialization_vector`` with + a given ``key``, and particularly do + not use a constant + ``initialization_vector``. + + A good construction looks like: + + .. code-block:: pycon + + >>> import os + >>> iv = os.urandom(16) + >>> mode = CBC(iv) + + While the following is bad and will leak information: + + .. code-block:: pycon + + >>> iv = "a" * 16 + >>> mode = CBC(iv) .. class:: CTR(nonce) -- cgit v1.2.3 From 9de452d02ed0be26a86526fed5695a3f1a3db3a3 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 7 Nov 2013 13:28:23 -0800 Subject: Typo --- docs/hazmat/primitives/symmetric-encryption.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 1aeb2a56..6fa71767 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -164,7 +164,7 @@ Modes in a transmitted message). Must be the same number of bytes as the ``block_size`` of the cipher. Each time - someting is encrypted a new + something is encrypted a new ``initialization_vector`` should be generated. Do not reuse an ``initialization_vector`` with -- cgit v1.2.3