mirror of https://github.com/nucypher/pyUmbral.git
80 lines
2.2 KiB
Python
80 lines
2.2 KiB
Python
"""
|
|
Copyright (C) 2018 NuCypher
|
|
|
|
This file is part of pyUmbral.
|
|
|
|
pyUmbral is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
pyUmbral is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with pyUmbral. If not, see <https://www.gnu.org/licenses/>.
|
|
"""
|
|
|
|
import pytest
|
|
import os
|
|
|
|
from umbral.dem import UmbralDEM, DEM_KEYSIZE, DEM_NONCE_SIZE
|
|
from cryptography.exceptions import InvalidTag
|
|
|
|
|
|
def test_encrypt_decrypt():
|
|
key = os.urandom(32)
|
|
|
|
dem = UmbralDEM(key)
|
|
|
|
plaintext = b'peace at dawn'
|
|
|
|
ciphertext0 = dem.encrypt(plaintext)
|
|
ciphertext1 = dem.encrypt(plaintext)
|
|
|
|
assert ciphertext0 != plaintext
|
|
assert ciphertext1 != plaintext
|
|
|
|
# Ciphertext should be different even with same plaintext.
|
|
assert ciphertext0 != ciphertext1
|
|
|
|
# Nonce should be different
|
|
assert ciphertext0[:DEM_NONCE_SIZE] != ciphertext1[:DEM_NONCE_SIZE]
|
|
|
|
cleartext0 = dem.decrypt(ciphertext0)
|
|
cleartext1 = dem.decrypt(ciphertext1)
|
|
|
|
assert cleartext0 == plaintext
|
|
assert cleartext1 == plaintext
|
|
|
|
|
|
def test_encrypt_decrypt_associated_data():
|
|
key = os.urandom(32)
|
|
aad = b'secret code 1234'
|
|
|
|
dem = UmbralDEM(key)
|
|
|
|
plaintext = b'peace at dawn'
|
|
|
|
ciphertext0 = dem.encrypt(plaintext, authenticated_data=aad)
|
|
ciphertext1 = dem.encrypt(plaintext, authenticated_data=aad)
|
|
|
|
assert ciphertext0 != plaintext
|
|
assert ciphertext1 != plaintext
|
|
|
|
assert ciphertext0 != ciphertext1
|
|
|
|
assert ciphertext0[:DEM_NONCE_SIZE] != ciphertext1[:DEM_NONCE_SIZE]
|
|
|
|
cleartext0 = dem.decrypt(ciphertext0, authenticated_data=aad)
|
|
cleartext1 = dem.decrypt(ciphertext1, authenticated_data=aad)
|
|
|
|
assert cleartext0 == plaintext
|
|
assert cleartext1 == plaintext
|
|
|
|
# Attempt decryption with invalid associated data
|
|
with pytest.raises(InvalidTag):
|
|
cleartext2 = dem.decrypt(ciphertext0, authenticated_data=b'wrong data')
|