From 13f108f926a84eec9c0598164f25cedaece567e3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 9 Sep 2013 21:41:03 -0500 Subject: Add ECB class + docs + tests * Slightly refactors test_nist to allow fetching of data that has no IV * Does not modify create_block_cipher_context (next commit) --- tests/primitives/test_nist.py | 47 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) (limited to 'tests') diff --git a/tests/primitives/test_nist.py b/tests/primitives/test_nist.py index 8bef118e..3dc8277a 100644 --- a/tests/primitives/test_nist.py +++ b/tests/primitives/test_nist.py @@ -86,3 +86,50 @@ class TestAES_CBC(object): actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext)) actual_ciphertext += cipher.finalize() assert binascii.hexlify(actual_ciphertext) == ciphertext + + +class TestAES_ECB(object): + @parameterize_encrypt_test( + "AES", "KAT", + ("key", "plaintext", "ciphertext"), + [ + "ECBGFSbox128.rsp", + "ECBGFSbox192.rsp", + "ECBGFSbox256.rsp", + "ECBKeySbox128.rsp", + "ECBKeySbox192.rsp", + "ECBKeySbox256.rsp", + "ECBVarKey128.rsp", + "ECBVarKey192.rsp", + "ECBVarKey256.rsp", + "ECBVarTxt128.rsp", + "ECBVarTxt192.rsp", + "ECBVarTxt256.rsp", + ] + ) + def test_KAT(self, key, plaintext, ciphertext): + cipher = BlockCipher( + ciphers.AES(binascii.unhexlify(key)), + modes.ECB() + ) + actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext)) + actual_ciphertext += cipher.finalize() + assert binascii.hexlify(actual_ciphertext) == ciphertext + + @parameterize_encrypt_test( + "AES", "MMT", + ("key", "plaintext", "ciphertext"), + [ + "ECBMMT128.rsp", + "ECBMMT192.rsp", + "ECBMMT256.rsp", + ] + ) + def test_MMT(self, key, plaintext, ciphertext): + cipher = BlockCipher( + ciphers.AES(binascii.unhexlify(key)), + modes.ECB() + ) + actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext)) + actual_ciphertext += cipher.finalize() + assert binascii.hexlify(actual_ciphertext) == ciphertext -- cgit v1.2.3 From fe9b82d1526113f6f08e5de9b8d5e75ab1527bbd Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 9 Sep 2013 22:09:21 -0500 Subject: add ECB support to create_block_cipher_context * This is a basic refactor to support ECB and CBC mode in this method. We can use this as a starting point to discuss a better solution. --- tests/bindings/test_openssl.py | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'tests') diff --git a/tests/bindings/test_openssl.py b/tests/bindings/test_openssl.py index 1579f002..e4b73460 100644 --- a/tests/bindings/test_openssl.py +++ b/tests/bindings/test_openssl.py @@ -11,6 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +import pytest + from cryptography.bindings.openssl import api @@ -28,3 +30,7 @@ class TestOpenSSL(object): for every OpenSSL. """ assert api.openssl_version_text().startswith("OpenSSL") + + def test_get_iv_invalid_mode(self): + with pytest.raises(NotImplementedError): + api._get_iv(None) -- cgit v1.2.3 From 29cfa6989bfbc9545c2b40e9e3b316e89c0c14ca Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 10:01:50 -0500 Subject: add get_iv_or_nonce() methods to replace _get_iv() on api --- tests/bindings/test_openssl.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'tests') diff --git a/tests/bindings/test_openssl.py b/tests/bindings/test_openssl.py index e4b73460..c5927b76 100644 --- a/tests/bindings/test_openssl.py +++ b/tests/bindings/test_openssl.py @@ -11,8 +11,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -import pytest - from cryptography.bindings.openssl import api @@ -31,6 +29,5 @@ class TestOpenSSL(object): """ assert api.openssl_version_text().startswith("OpenSSL") - def test_get_iv_invalid_mode(self): - with pytest.raises(NotImplementedError): - api._get_iv(None) + def test_get_null_for_ecb(self): + assert api.get_null_for_ecb() == api._ffi.NULL -- cgit v1.2.3 From dc689293704e9181af452aaef495e4c417160e40 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 10:50:06 -0500 Subject: rename get_null_for_ecb to get_iv_for_ecb per alex's comments --- tests/bindings/test_openssl.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/bindings/test_openssl.py b/tests/bindings/test_openssl.py index c5927b76..f25236cc 100644 --- a/tests/bindings/test_openssl.py +++ b/tests/bindings/test_openssl.py @@ -29,5 +29,5 @@ class TestOpenSSL(object): """ assert api.openssl_version_text().startswith("OpenSSL") - def test_get_null_for_ecb(self): - assert api.get_null_for_ecb() == api._ffi.NULL + def test_get_iv_for_ecb(self): + assert api.get_iv_for_ecb() == api._ffi.NULL -- cgit v1.2.3 From 5266752c9e462ac988af3d222470a68b2950d2d6 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 15:41:37 -0500 Subject: modify modes to use abc so api can determine what attribute to call * Due to a circular dependency issue I had to put the abcs in cryptography.primitives.abc.block.modes * The ABCs look like they do because that is the form that is compatible with 2.x and 3.x --- tests/bindings/test_openssl.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/bindings/test_openssl.py b/tests/bindings/test_openssl.py index f25236cc..b23c4ccc 100644 --- a/tests/bindings/test_openssl.py +++ b/tests/bindings/test_openssl.py @@ -11,7 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -from cryptography.bindings.openssl import api +from cryptography.bindings.openssl.api import api class TestOpenSSL(object): @@ -28,6 +28,3 @@ class TestOpenSSL(object): for every OpenSSL. """ assert api.openssl_version_text().startswith("OpenSSL") - - def test_get_iv_for_ecb(self): - assert api.get_iv_for_ecb() == api._ffi.NULL -- cgit v1.2.3