PNG  IHDRX cHRMz&u0`:pQ<bKGD pHYsodtIME MeqIDATxw]Wug^Qd˶ 6`!N:!@xI~)%7%@Bh&`lnjVF29gΨ4E$|>cɚ{gk= %,a KX%,a KX%,a KX%,a KX%,a KX%,a KX%, b` ǟzeאfp]<!SJmɤY޲ڿ,%c ~ع9VH.!Ͳz&QynֺTkRR.BLHi٪:l;@(!MԴ=žI,:o&N'Kù\vRmJ雵֫AWic H@" !: Cé||]k-Ha oݜ:y F())u]aG7*JV@J415p=sZH!=!DRʯvɱh~V\}v/GKY$n]"X"}t@ xS76^[bw4dsce)2dU0 CkMa-U5tvLƀ~mlMwfGE/-]7XAƟ`׮g ewxwC4\[~7@O-Q( a*XGƒ{ ՟}$_y3tĐƤatgvێi|K=uVyrŲlLӪuܿzwk$m87k( `múcE)"@rK( z4$D; 2kW=Xb$V[Ru819קR~qloѱDyįݎ*mxw]y5e4K@ЃI0A D@"BDk_)N\8͜9dz"fK0zɿvM /.:2O{ Nb=M=7>??Zuo32 DLD@D| &+֎C #B8ַ`bOb $D#ͮҪtx]%`ES`Ru[=¾!@Od37LJ0!OIR4m]GZRJu$‡c=%~s@6SKy?CeIh:[vR@Lh | (BhAMy=݃  G"'wzn޺~8ԽSh ~T*A:xR[ܹ?X[uKL_=fDȊ؂p0}7=D$Ekq!/t.*2ʼnDbŞ}DijYaȲ(""6HA;:LzxQ‘(SQQ}*PL*fc\s `/d'QXW, e`#kPGZuŞuO{{wm[&NBTiiI0bukcA9<4@SӊH*؎4U/'2U5.(9JuDfrޱtycU%j(:RUbArLֺN)udA':uGQN"-"Is.*+k@ `Ojs@yU/ H:l;@yyTn}_yw!VkRJ4P)~y#)r,D =ě"Q]ci'%HI4ZL0"MJy 8A{ aN<8D"1#IJi >XjX֔#@>-{vN!8tRݻ^)N_╗FJEk]CT՟ YP:_|H1@ CBk]yKYp|og?*dGvzنzӴzjֺNkC~AbZƷ`.H)=!QͷVTT(| u78y֮}|[8-Vjp%2JPk[}ԉaH8Wpqhwr:vWª<}l77_~{s۴V+RCģ%WRZ\AqHifɤL36: #F:p]Bq/z{0CU6ݳEv_^k7'>sq*+kH%a`0ԣisqにtү04gVgW΂iJiS'3w.w}l6MC2uԯ|>JF5`fV5m`Y**Db1FKNttu]4ccsQNnex/87+}xaUW9y>ͯ骵G{䩓Գ3+vU}~jJ.NFRD7<aJDB1#ҳgSb,+CS?/ VG J?|?,2#M9}B)MiE+G`-wo߫V`fio(}S^4e~V4bHOYb"b#E)dda:'?}׮4繏`{7Z"uny-?ǹ;0MKx{:_pÚmFמ:F " .LFQLG)Q8qN q¯¯3wOvxDb\. BKD9_NN &L:4D{mm o^tֽ:q!ƥ}K+<"m78N< ywsard5+Š²z~mnG)=}lYݧNj'QJS{S :UYS-952?&O-:W}(!6Mk4+>A>j+i|<<|;ر^߉=HE|V#F)Emm#}/"y GII웻Jі94+v뾧xu~5C95~ūH>c@덉pʃ1/4-A2G%7>m;–Y,cyyaln" ?ƻ!ʪ<{~h~i y.zZB̃/,雋SiC/JFMmBH&&FAbϓO^tubbb_hZ{_QZ-sύodFgO(6]TJA˯#`۶ɟ( %$&+V'~hiYy>922 Wp74Zkq+Ovn錄c>8~GqܲcWꂎz@"1A.}T)uiW4="jJ2W7mU/N0gcqܗOO}?9/wìXžΏ0 >֩(V^Rh32!Hj5`;O28؇2#ݕf3 ?sJd8NJ@7O0 b־?lldщ̡&|9C.8RTWwxWy46ah嘦mh٤&l zCy!PY?: CJyв]dm4ǜҐR޻RլhX{FƯanшQI@x' ao(kUUuxW_Ñ줮[w8 FRJ(8˼)_mQ _!RJhm=!cVmm ?sFOnll6Qk}alY}; "baӌ~M0w,Ggw2W:G/k2%R,_=u`WU R.9T"v,<\Ik޽/2110Ӿxc0gyC&Ny޽JҢrV6N ``یeA16"J³+Rj*;BϜkZPJaÍ<Jyw:NP8/D$ 011z֊Ⱳ3ι֘k1V_"h!JPIΣ'ɜ* aEAd:ݺ>y<}Lp&PlRfTb1]o .2EW\ͮ]38؋rTJsǏP@芎sF\> P^+dYJLbJ C-xϐn> ι$nj,;Ǖa FU *择|h ~izť3ᤓ`K'-f tL7JK+vf2)V'-sFuB4i+m+@My=O҈0"|Yxoj,3]:cо3 $#uŘ%Y"y죯LebqtҢVzq¼X)~>4L׶m~[1_k?kxֺQ`\ |ٛY4Ѯr!)N9{56(iNq}O()Em]=F&u?$HypWUeB\k]JɩSع9 Zqg4ZĊo oMcjZBU]B\TUd34ݝ~:7ڶSUsB0Z3srx 7`:5xcx !qZA!;%͚7&P H<WL!džOb5kF)xor^aujƍ7 Ǡ8/p^(L>ὴ-B,{ۇWzֺ^k]3\EE@7>lYBȝR.oHnXO/}sB|.i@ɥDB4tcm,@ӣgdtJ!lH$_vN166L__'Z)y&kH;:,Y7=J 9cG) V\hjiE;gya~%ks_nC~Er er)muuMg2;֫R)Md) ,¶ 2-wr#F7<-BBn~_(o=KO㭇[Xv eN_SMgSҐ BS헃D%g_N:/pe -wkG*9yYSZS.9cREL !k}<4_Xs#FmҶ:7R$i,fi!~' # !6/S6y@kZkZcX)%5V4P]VGYq%H1!;e1MV<!ϐHO021Dp= HMs~~a)ަu7G^];git!Frl]H/L$=AeUvZE4P\.,xi {-~p?2b#amXAHq)MWǾI_r`S Hz&|{ +ʖ_= (YS(_g0a03M`I&'9vl?MM+m~}*xT۲(fY*V4x@29s{DaY"toGNTO+xCAO~4Ϳ;p`Ѫ:>Ҵ7K 3}+0 387x\)a"/E>qpWB=1 ¨"MP(\xp߫́A3+J] n[ʼnӼaTbZUWb={~2ooKױӰp(CS\S筐R*JغV&&"FA}J>G֐p1ٸbk7 ŘH$JoN <8s^yk_[;gy-;߉DV{c B yce% aJhDȶ 2IdйIB/^n0tNtџdcKj4϶v~- CBcgqx9= PJ) dMsjpYB] GD4RDWX +h{y`,3ꊕ$`zj*N^TP4L:Iz9~6s) Ga:?y*J~?OrMwP\](21sZUD ?ܟQ5Q%ggW6QdO+\@ ̪X'GxN @'4=ˋ+*VwN ne_|(/BDfj5(Dq<*tNt1х!MV.C0 32b#?n0pzj#!38}޴o1KovCJ`8ŗ_"]] rDUy޲@ Ȗ-;xџ'^Y`zEd?0„ DAL18IS]VGq\4o !swV7ˣι%4FѮ~}6)OgS[~Q vcYbL!wG3 7띸*E Pql8=jT\꘿I(z<[6OrR8ºC~ډ]=rNl[g|v TMTղb-o}OrP^Q]<98S¤!k)G(Vkwyqyr޽Nv`N/e p/~NAOk \I:G6]4+K;j$R:Mi #*[AȚT,ʰ,;N{HZTGMoּy) ]%dHء9Պ䠬|<45,\=[bƟ8QXeB3- &dҩ^{>/86bXmZ]]yޚN[(WAHL$YAgDKp=5GHjU&99v簪C0vygln*P)9^͞}lMuiH!̍#DoRBn9l@ xA/_v=ȺT{7Yt2N"4!YN`ae >Q<XMydEB`VU}u]嫇.%e^ánE87Mu\t`cP=AD/G)sI"@MP;)]%fH9'FNsj1pVhY&9=0pfuJ&gޤx+k:!r˭wkl03׼Ku C &ѓYt{.O.zҏ z}/tf_wEp2gvX)GN#I ݭ߽v/ .& и(ZF{e"=V!{zW`, ]+LGz"(UJp|j( #V4, 8B 0 9OkRrlɱl94)'VH9=9W|>PS['G(*I1==C<5"Pg+x'K5EMd؞Af8lG ?D FtoB[je?{k3zQ vZ;%Ɠ,]E>KZ+T/ EJxOZ1i #T<@ I}q9/t'zi(EMqw`mYkU6;[t4DPeckeM;H}_g pMww}k6#H㶏+b8雡Sxp)&C $@'b,fPߑt$RbJ'vznuS ~8='72_`{q纶|Q)Xk}cPz9p7O:'|G~8wx(a 0QCko|0ASD>Ip=4Q, d|F8RcU"/KM opKle M3#i0c%<7׿p&pZq[TR"BpqauIp$ 8~Ĩ!8Սx\ւdT>>Z40ks7 z2IQ}ItԀ<-%S⍤};zIb$I 5K}Q͙D8UguWE$Jh )cu4N tZl+[]M4k8֦Zeq֮M7uIqG 1==tLtR,ƜSrHYt&QP윯Lg' I,3@P'}'R˪e/%-Auv·ñ\> vDJzlӾNv5:|K/Jb6KI9)Zh*ZAi`?S {aiVDԲuy5W7pWeQJk֤#5&V<̺@/GH?^τZL|IJNvI:'P=Ϛt"¨=cud S Q.Ki0 !cJy;LJR;G{BJy޺[^8fK6)=yʊ+(k|&xQ2`L?Ȓ2@Mf 0C`6-%pKpm')c$׻K5[J*U[/#hH!6acB JA _|uMvDyk y)6OPYjœ50VT K}cǻP[ $:]4MEA.y)|B)cf-A?(e|lɉ#P9V)[9t.EiQPDѠ3ϴ;E:+Օ t ȥ~|_N2,ZJLt4! %ա]u {+=p.GhNcŞQI?Nd'yeh n7zi1DB)1S | S#ًZs2|Ɛy$F SxeX{7Vl.Src3E℃Q>b6G ўYCmtկ~=K0f(=LrAS GN'ɹ9<\!a`)֕y[uՍ[09` 9 +57ts6}b4{oqd+J5fa/,97J#6yν99mRWxJyѡyu_TJc`~W>l^q#Ts#2"nD1%fS)FU w{ܯ R{ ˎ󅃏џDsZSQS;LV;7 Od1&1n$ N /.q3~eNɪ]E#oM~}v֯FڦwyZ=<<>Xo稯lfMFV6p02|*=tV!c~]fa5Y^Q_WN|Vs 0ҘދU97OI'N2'8N֭fgg-}V%y]U4 峧p*91#9U kCac_AFңĪy뚇Y_AiuYyTTYЗ-(!JFLt›17uTozc. S;7A&&<ԋ5y;Ro+:' *eYJkWR[@F %SHWP 72k4 qLd'J "zB6{AC0ƁA6U.'F3:Ȅ(9ΜL;D]m8ڥ9}dU "v!;*13Rg^fJyShyy5auA?ɩGHRjo^]׽S)Fm\toy 4WQS@mE#%5ʈfFYDX ~D5Ϡ9tE9So_aU4?Ѽm%&c{n>.KW1Tlb}:j uGi(JgcYj0qn+>) %\!4{LaJso d||u//P_y7iRJ߬nHOy) l+@$($VFIQ9%EeKʈU. ia&FY̒mZ=)+qqoQn >L!qCiDB;Y<%} OgBxB!ØuG)WG9y(Ą{_yesuZmZZey'Wg#C~1Cev@0D $a@˲(.._GimA:uyw֬%;@!JkQVM_Ow:P.s\)ot- ˹"`B,e CRtaEUP<0'}r3[>?G8xU~Nqu;Wm8\RIkբ^5@k+5(By'L&'gBJ3ݶ!/㮻w҅ yqPWUg<e"Qy*167΃sJ\oz]T*UQ<\FԎ`HaNmڜ6DysCask8wP8y9``GJ9lF\G g's Nn͵MLN֪u$| /|7=]O)6s !ĴAKh]q_ap $HH'\1jB^s\|- W1:=6lJBqjY^LsPk""`]w)󭃈,(HC ?䔨Y$Sʣ{4Z+0NvQkhol6C.婧/u]FwiVjZka&%6\F*Ny#8O,22+|Db~d ~Çwc N:FuuCe&oZ(l;@ee-+Wn`44AMK➝2BRՈt7g*1gph9N) *"TF*R(#'88pm=}X]u[i7bEc|\~EMn}P瘊J)K.0i1M6=7'_\kaZ(Th{K*GJyytw"IO-PWJk)..axӝ47"89Cc7ĐBiZx 7m!fy|ϿF9CbȩV 9V-՛^pV̌ɄS#Bv4-@]Vxt-Z, &ֺ*diؠ2^VXbs֔Ìl.jQ]Y[47gj=幽ex)A0ip׳ W2[ᎇhuE^~q흙L} #-b۸oFJ_QP3r6jr+"nfzRJTUqoaۍ /$d8Mx'ݓ= OՃ| )$2mcM*cЙj}f };n YG w0Ia!1Q.oYfr]DyISaP}"dIӗթO67jqR ҊƐƈaɤGG|h;t]䗖oSv|iZqX)oalv;۩meEJ\!8=$4QU4Xo&VEĊ YS^E#d,yX_> ۘ-e\ "Wa6uLĜZi`aD9.% w~mB(02G[6y.773a7 /=o7D)$Z 66 $bY^\CuP. (x'"J60׿Y:Oi;F{w佩b+\Yi`TDWa~|VH)8q/=9!g߆2Y)?ND)%?Ǐ`k/sn:;O299yB=a[Ng 3˲N}vLNy;*?x?~L&=xyӴ~}q{qE*IQ^^ͧvü{Huu=R|>JyUlZV, B~/YF!Y\u_ݼF{_C)LD]m {H 0ihhadd nUkf3oٺCvE\)QJi+֥@tDJkB$1!Đr0XQ|q?d2) Ӣ_}qv-< FŊ߫%roppVBwü~JidY4:}L6M7f٬F "?71<2#?Jyy4뷢<_a7_=Q E=S1И/9{+93֮E{ǂw{))?maÆm(uLE#lïZ  ~d];+]h j?!|$F}*"4(v'8s<ŏUkm7^7no1w2ؗ}TrͿEk>p'8OB7d7R(A 9.*Mi^ͳ; eeUwS+C)uO@ =Sy]` }l8^ZzRXj[^iUɺ$tj))<sbDJfg=Pk_{xaKo1:-uyG0M ԃ\0Lvuy'ȱc2Ji AdyVgVh!{]/&}}ċJ#%d !+87<;qN޼Nفl|1N:8ya  8}k¾+-$4FiZYÔXk*I&'@iI99)HSh4+2G:tGhS^繿 Kتm0 вDk}֚+QT4;sC}rՅE,8CX-e~>G&'9xpW,%Fh,Ry56Y–hW-(v_,? ; qrBk4-V7HQ;ˇ^Gv1JVV%,ik;D_W!))+BoS4QsTM;gt+ndS-~:11Sgv!0qRVh!"Ȋ(̦Yl.]PQWgٳE'`%W1{ndΗBk|Ž7ʒR~,lnoa&:ü$ 3<a[CBݮwt"o\ePJ=Hz"_c^Z.#ˆ*x z̝grY]tdkP*:97YľXyBkD4N.C_[;F9`8& !AMO c `@BA& Ost\-\NX+Xp < !bj3C&QL+*&kAQ=04}cC!9~820G'PC9xa!w&bo_1 Sw"ܱ V )Yl3+ס2KoXOx]"`^WOy :3GO0g;%Yv㐫(R/r (s } u B &FeYZh0y> =2<Ϟc/ -u= c&׭,.0"g"7 6T!vl#sc>{u/Oh Bᾈ)۴74]x7 gMӒ"d]U)}" v4co[ ɡs 5Gg=XR14?5A}D "b{0$L .\4y{_fe:kVS\\O]c^W52LSBDM! C3Dhr̦RtArx4&agaN3Cf<Ԉp4~ B'"1@.b_/xQ} _߃҉/gٓ2Qkqp0շpZ2fԫYz< 4L.Cyυι1t@鎫Fe sYfsF}^ V}N<_`p)alٶ "(XEAVZ<)2},:Ir*#m_YӼ R%a||EƼIJ,,+f"96r/}0jE/)s)cjW#w'Sʯ5<66lj$a~3Kʛy 2:cZ:Yh))+a߭K::N,Q F'qB]={.]h85C9cr=}*rk?vwV렵ٸW Rs%}rNAkDv|uFLBkWY YkX מ|)1!$#3%y?pF<@<Rr0}: }\J [5FRxY<9"SQdE(Q*Qʻ)q1E0B_O24[U'],lOb ]~WjHޏTQ5Syu wq)xnw8~)c 쫬gٲߠ H% k5dƝk> kEj,0% b"vi2Wس_CuK)K{n|>t{P1򨾜j>'kEkƗBg*H%'_aY6Bn!TL&ɌOb{c`'d^{t\i^[uɐ[}q0lM˕G:‚4kb祔c^:?bpg… +37stH:0}en6x˟%/<]BL&* 5&fK9Mq)/iyqtA%kUe[ڛKN]Ě^,"`/ s[EQQm?|XJ߅92m]G.E΃ח U*Cn.j_)Tѧj̿30ڇ!A0=͜ar I3$C^-9#|pk!)?7.x9 @OO;WƝZBFU keZ75F6Tc6"ZȚs2y/1 ʵ:u4xa`C>6Rb/Yм)^=+~uRd`/|_8xbB0?Ft||Z\##|K 0>>zxv8۴吅q 8ĥ)"6>~\8:qM}#͚'ĉ#p\׶ l#bA?)|g g9|8jP(cr,BwV (WliVxxᡁ@0Okn;ɥh$_ckCgriv}>=wGzβ KkBɛ[˪ !J)h&k2%07δt}!d<9;I&0wV/ v 0<H}L&8ob%Hi|޶o&h1L|u֦y~󛱢8fٲUsւ)0oiFx2}X[zVYr_;N(w]_4B@OanC?gĦx>мgx>ΛToZoOMp>40>V Oy V9iq!4 LN,ˢu{jsz]|"R޻&'ƚ{53ўFu(<٪9:΋]B;)B>1::8;~)Yt|0(pw2N%&X,URBK)3\zz&}ax4;ǟ(tLNg{N|Ǽ\G#C9g$^\}p?556]/RP.90 k,U8/u776s ʪ_01چ|\N 0VV*3H鴃J7iI!wG_^ypl}r*jɤSR 5QN@ iZ#1ٰy;_\3\BQQ x:WJv츟ٯ$"@6 S#qe딇(/P( Dy~TOϻ<4:-+F`0||;Xl-"uw$Цi󼕝mKʩorz"mϺ$F:~E'ҐvD\y?Rr8_He@ e~O,T.(ފR*cY^m|cVR[8 JҡSm!ΆԨb)RHG{?MpqrmN>߶Y)\p,d#xۆWY*,l6]v0h15M˙MS8+EdI='LBJIH7_9{Caз*Lq,dt >+~ّeʏ?xԕ4bBAŚjﵫ!'\Ը$WNvKO}ӽmSşذqsOy?\[,d@'73'j%kOe`1.g2"e =YIzS2|zŐƄa\U,dP;jhhhaxǶ?КZ՚.q SE+XrbOu%\GتX(H,N^~]JyEZQKceTQ]VGYqnah;y$cQahT&QPZ*iZ8UQQM.qo/T\7X"u?Mttl2Xq(IoW{R^ ux*SYJ! 4S.Jy~ BROS[V|žKNɛP(L6V^|cR7i7nZW1Fd@ Ara{詑|(T*dN]Ko?s=@ |_EvF]׍kR)eBJc" MUUbY6`~V޴dJKß&~'d3i WWWWWW

F1l3 Manager

Current Directory: /opt/imunify360/venv/lib/python3.11/site-packages/Crypto/SelfTest/Cipher
/opt/imunify360/venv/lib/python3.11/site-packages/Crypto/SelfTest/Cipher/
Viewing File: /opt/imunify360/venv/lib/python3.11/site-packages/Crypto/SelfTest/Cipher/test_OCB.py
# =================================================================== # # Copyright (c) 2014, Legrandin <helderijs@gmail.com> # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in # the documentation and/or other materials provided with the # distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE # COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # =================================================================== import unittest from binascii import unhexlify from Crypto.Util.py3compat import b, tobytes, bchr from Crypto.Util.number import long_to_bytes from Crypto.SelfTest.loader import load_test_vectors from Crypto.SelfTest.st_common import list_test_cases from Crypto.Cipher import AES from Crypto.Hash import SHAKE128 def get_tag_random(tag, length): return SHAKE128.new(data=tobytes(tag)).read(length) class OcbTests(unittest.TestCase): key_128 = get_tag_random("key_128", 16) nonce_96 = get_tag_random("nonce_128", 12) data = get_tag_random("data", 128) def test_loopback_128(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) pt = get_tag_random("plaintext", 16 * 100) ct, mac = cipher.encrypt_and_digest(pt) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) pt2 = cipher.decrypt_and_verify(ct, mac) self.assertEqual(pt, pt2) def test_nonce(self): # Nonce is optional AES.new(self.key_128, AES.MODE_OCB) cipher = AES.new(self.key_128, AES.MODE_OCB, self.nonce_96) ct = cipher.encrypt(self.data) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(ct, cipher.encrypt(self.data)) def test_nonce_must_be_bytes(self): self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_OCB, nonce=u'test12345678') def test_nonce_length(self): # nonce cannot be empty self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=b("")) # nonce can be up to 15 bytes long for length in range(1, 16): AES.new(self.key_128, AES.MODE_OCB, nonce=self.data[:length]) self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.data) def test_block_size_128(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(cipher.block_size, AES.block_size) # By default, a 15 bytes long nonce is randomly generated nonce1 = AES.new(self.key_128, AES.MODE_OCB).nonce nonce2 = AES.new(self.key_128, AES.MODE_OCB).nonce self.assertEqual(len(nonce1), 15) self.assertNotEqual(nonce1, nonce2) def test_nonce_attribute(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertEqual(cipher.nonce, self.nonce_96) # By default, a 15 bytes long nonce is randomly generated nonce1 = AES.new(self.key_128, AES.MODE_OCB).nonce nonce2 = AES.new(self.key_128, AES.MODE_OCB).nonce self.assertEqual(len(nonce1), 15) self.assertNotEqual(nonce1, nonce2) def test_unknown_parameters(self): self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_OCB, self.nonce_96, 7) self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.nonce_96, unknown=7) # But some are only known by the base cipher # (e.g. use_aesni consumed by the AES module) AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96, use_aesni=False) def test_null_encryption_decryption(self): for func in "encrypt", "decrypt": cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) result = getattr(cipher, func)(b("")) self.assertEqual(result, b("")) def test_either_encrypt_or_decrypt(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.encrypt(b("xyz")) self.assertRaises(TypeError, cipher.decrypt, b("xyz")) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt(b("xyz")) self.assertRaises(TypeError, cipher.encrypt, b("xyz")) def test_data_must_be_bytes(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.encrypt, u'test1234567890-*') cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.decrypt, u'test1234567890-*') def test_mac_len(self): # Invalid MAC length self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=7) self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=16+1) # Valid MAC length for mac_len in range(8, 16 + 1): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96, mac_len=mac_len) _, mac = cipher.encrypt_and_digest(self.data) self.assertEqual(len(mac), mac_len) # Default MAC length cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) _, mac = cipher.encrypt_and_digest(self.data) self.assertEqual(len(mac), 16) def test_invalid_mac(self): from Crypto.Util.strxor import strxor_c cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) ct, mac = cipher.encrypt_and_digest(self.data) invalid_mac = strxor_c(mac, 0x01) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) self.assertRaises(ValueError, cipher.decrypt_and_verify, ct, invalid_mac) def test_hex_mac(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) mac_hex = cipher.hexdigest() self.assertEqual(cipher.digest(), unhexlify(mac_hex)) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.hexverify(mac_hex) def test_message_chunks(self): # Validate that both associated data and plaintext/ciphertext # can be broken up in chunks of arbitrary length auth_data = get_tag_random("authenticated data", 127) plaintext = get_tag_random("plaintext", 127) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(auth_data) ciphertext, ref_mac = cipher.encrypt_and_digest(plaintext) def break_up(data, chunk_length): return [data[i:i+chunk_length] for i in range(0, len(data), chunk_length)] # Encryption for chunk_length in 1, 2, 3, 7, 10, 13, 16, 40, 80, 128: cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) for chunk in break_up(auth_data, chunk_length): cipher.update(chunk) pt2 = b("") for chunk in break_up(ciphertext, chunk_length): pt2 += cipher.decrypt(chunk) pt2 += cipher.decrypt() self.assertEqual(plaintext, pt2) cipher.verify(ref_mac) # Decryption for chunk_length in 1, 2, 3, 7, 10, 13, 16, 40, 80, 128: cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) for chunk in break_up(auth_data, chunk_length): cipher.update(chunk) ct2 = b("") for chunk in break_up(plaintext, chunk_length): ct2 += cipher.encrypt(chunk) ct2 += cipher.encrypt() self.assertEqual(ciphertext, ct2) self.assertEqual(cipher.digest(), ref_mac) def test_bytearray(self): # Encrypt key_ba = bytearray(self.key_128) nonce_ba = bytearray(self.nonce_96) header_ba = bytearray(self.data) data_ba = bytearray(self.data) cipher1 = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher1.update(self.data) ct = cipher1.encrypt(self.data) + cipher1.encrypt() tag = cipher1.digest() cipher2 = AES.new(key_ba, AES.MODE_OCB, nonce=nonce_ba) key_ba[:3] = b"\xFF\xFF\xFF" nonce_ba[:3] = b"\xFF\xFF\xFF" cipher2.update(header_ba) header_ba[:3] = b"\xFF\xFF\xFF" ct_test = cipher2.encrypt(data_ba) + cipher2.encrypt() data_ba[:3] = b"\xFF\xFF\xFF" tag_test = cipher2.digest() self.assertEqual(ct, ct_test) self.assertEqual(tag, tag_test) self.assertEqual(cipher1.nonce, cipher2.nonce) # Decrypt key_ba = bytearray(self.key_128) nonce_ba = bytearray(self.nonce_96) header_ba = bytearray(self.data) del data_ba cipher4 = AES.new(key_ba, AES.MODE_OCB, nonce=nonce_ba) key_ba[:3] = b"\xFF\xFF\xFF" nonce_ba[:3] = b"\xFF\xFF\xFF" cipher4.update(header_ba) header_ba[:3] = b"\xFF\xFF\xFF" pt_test = cipher4.decrypt_and_verify(bytearray(ct_test), bytearray(tag_test)) self.assertEqual(self.data, pt_test) def test_memoryview(self): # Encrypt key_mv = memoryview(bytearray(self.key_128)) nonce_mv = memoryview(bytearray(self.nonce_96)) header_mv = memoryview(bytearray(self.data)) data_mv = memoryview(bytearray(self.data)) cipher1 = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher1.update(self.data) ct = cipher1.encrypt(self.data) + cipher1.encrypt() tag = cipher1.digest() cipher2 = AES.new(key_mv, AES.MODE_OCB, nonce=nonce_mv) key_mv[:3] = b"\xFF\xFF\xFF" nonce_mv[:3] = b"\xFF\xFF\xFF" cipher2.update(header_mv) header_mv[:3] = b"\xFF\xFF\xFF" ct_test = cipher2.encrypt(data_mv) + cipher2.encrypt() data_mv[:3] = b"\xFF\xFF\xFF" tag_test = cipher2.digest() self.assertEqual(ct, ct_test) self.assertEqual(tag, tag_test) self.assertEqual(cipher1.nonce, cipher2.nonce) # Decrypt key_mv = memoryview(bytearray(self.key_128)) nonce_mv = memoryview(bytearray(self.nonce_96)) header_mv = memoryview(bytearray(self.data)) del data_mv cipher4 = AES.new(key_mv, AES.MODE_OCB, nonce=nonce_mv) key_mv[:3] = b"\xFF\xFF\xFF" nonce_mv[:3] = b"\xFF\xFF\xFF" cipher4.update(header_mv) header_mv[:3] = b"\xFF\xFF\xFF" pt_test = cipher4.decrypt_and_verify(memoryview(ct_test), memoryview(tag_test)) self.assertEqual(self.data, pt_test) class OcbFSMTests(unittest.TestCase): key_128 = get_tag_random("key_128", 16) nonce_96 = get_tag_random("nonce_128", 12) data = get_tag_random("data", 128) def test_valid_init_encrypt_decrypt_digest_verify(self): # No authenticated data, fixed plaintext # Verify path INIT->ENCRYPT->ENCRYPT(NONE)->DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) ct = cipher.encrypt(self.data) ct += cipher.encrypt() mac = cipher.digest() # Verify path INIT->DECRYPT->DECRYPT(NONCE)->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt(ct) cipher.decrypt() cipher.verify(mac) def test_invalid_init_encrypt_decrypt_digest_verify(self): # No authenticated data, fixed plaintext # Verify path INIT->ENCRYPT->DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) ct = cipher.encrypt(self.data) self.assertRaises(TypeError, cipher.digest) # Verify path INIT->DECRYPT->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt(ct) self.assertRaises(TypeError, cipher.verify) def test_valid_init_update_digest_verify(self): # No plaintext, fixed authenticated data # Verify path INIT->UPDATE->DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) mac = cipher.digest() # Verify path INIT->UPDATE->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) cipher.verify(mac) def test_valid_full_path(self): # Fixed authenticated data, fixed plaintext # Verify path INIT->UPDATE->ENCRYPT->ENCRYPT(NONE)->DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) ct = cipher.encrypt(self.data) ct += cipher.encrypt() mac = cipher.digest() # Verify path INIT->UPDATE->DECRYPT->DECRYPT(NONE)->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) cipher.decrypt(ct) cipher.decrypt() cipher.verify(mac) # Verify path INIT->UPDATE->ENCRYPT->ENCRYPT_AND_DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) ct1 = cipher.encrypt(self.data[:2]) ct2, mac = cipher.encrypt_and_digest(self.data[2:]) # Verify path INIT->UPDATE->DECRYPT->DECRYPT_AND_VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) cipher.decrypt(ct1) cipher.decrypt_and_verify(ct2, mac) def test_invalid_encrypt_after_final(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) cipher.encrypt(self.data) cipher.encrypt() self.assertRaises(TypeError, cipher.encrypt, self.data) def test_invalid_decrypt_after_final(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) cipher.decrypt(self.data) cipher.decrypt() self.assertRaises(TypeError, cipher.decrypt, self.data) def test_valid_init_digest(self): # Verify path INIT->DIGEST cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.digest() def test_valid_init_verify(self): # Verify path INIT->VERIFY cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) mac = cipher.digest() cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.verify(mac) def test_valid_multiple_encrypt_or_decrypt(self): for method_name in "encrypt", "decrypt": for auth_data in (None, b("333"), self.data, self.data + b("3")): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) if auth_data is not None: cipher.update(auth_data) method = getattr(cipher, method_name) method(self.data) method(self.data) method(self.data) method(self.data) method() def test_valid_multiple_digest_or_verify(self): # Multiple calls to digest cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) first_mac = cipher.digest() for x in range(4): self.assertEqual(first_mac, cipher.digest()) # Multiple calls to verify cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) for x in range(5): cipher.verify(first_mac) def test_valid_encrypt_and_digest_decrypt_and_verify(self): # encrypt_and_digest cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) ct, mac = cipher.encrypt_and_digest(self.data) # decrypt_and_verify cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.update(self.data) pt = cipher.decrypt_and_verify(ct, mac) self.assertEqual(self.data, pt) def test_invalid_mixing_encrypt_decrypt(self): # Once per method, with or without assoc. data for method1_name, method2_name in (("encrypt", "decrypt"), ("decrypt", "encrypt")): for assoc_data_present in (True, False): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) if assoc_data_present: cipher.update(self.data) getattr(cipher, method1_name)(self.data) self.assertRaises(TypeError, getattr(cipher, method2_name), self.data) def test_invalid_encrypt_or_update_after_digest(self): for method_name in "encrypt", "update": cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.encrypt(self.data) cipher.encrypt() cipher.digest() self.assertRaises(TypeError, getattr(cipher, method_name), self.data) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.encrypt_and_digest(self.data) def test_invalid_decrypt_or_update_after_verify(self): cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) ct = cipher.encrypt(self.data) ct += cipher.encrypt() mac = cipher.digest() for method_name in "decrypt", "update": cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt(ct) cipher.decrypt() cipher.verify(mac) self.assertRaises(TypeError, getattr(cipher, method_name), self.data) cipher = AES.new(self.key_128, AES.MODE_OCB, nonce=self.nonce_96) cipher.decrypt_and_verify(ct, mac) self.assertRaises(TypeError, getattr(cipher, method_name), self.data) def algo_rfc7253(keylen, taglen, noncelen): """Implement the algorithm at page 18 of RFC 7253""" key = bchr(0) * (keylen // 8 - 1) + bchr(taglen) C = b"" for i in range(128): S = bchr(0) * i N = long_to_bytes(3 * i + 1, noncelen // 8) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 2, noncelen // 8) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 3, noncelen // 8) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt() + cipher.digest() N = long_to_bytes(385, noncelen // 8) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(C) return cipher.encrypt() + cipher.digest() class OcbRfc7253Test(unittest.TestCase): # Tuple with # - nonce # - authenticated data # - plaintext # - ciphertext and 16 byte MAC tag tv1_key = "000102030405060708090A0B0C0D0E0F" tv1 = ( ( "BBAA99887766554433221100", "", "", "785407BFFFC8AD9EDCC5520AC9111EE6" ), ( "BBAA99887766554433221101", "0001020304050607", "0001020304050607", "6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009" ), ( "BBAA99887766554433221102", "0001020304050607", "", "81017F8203F081277152FADE694A0A00" ), ( "BBAA99887766554433221103", "", "0001020304050607", "45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9" ), ( "BBAA99887766554433221104", "000102030405060708090A0B0C0D0E0F", "000102030405060708090A0B0C0D0E0F", "571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5" "701C1CCEC8FC3358" ), ( "BBAA99887766554433221105", "000102030405060708090A0B0C0D0E0F", "", "8CF761B6902EF764462AD86498CA6B97" ), ( "BBAA99887766554433221106", "", "000102030405060708090A0B0C0D0E0F", "5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436B" "DF06D8FA1ECA343D" ), ( "BBAA99887766554433221107", "000102030405060708090A0B0C0D0E0F1011121314151617", "000102030405060708090A0B0C0D0E0F1011121314151617", "1CA2207308C87C010756104D8840CE1952F09673A448A122" "C92C62241051F57356D7F3C90BB0E07F" ), ( "BBAA99887766554433221108", "000102030405060708090A0B0C0D0E0F1011121314151617", "", "6DC225A071FC1B9F7C69F93B0F1E10DE" ), ( "BBAA99887766554433221109", "", "000102030405060708090A0B0C0D0E0F1011121314151617", "221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3C" "E725F32494B9F914D85C0B1EB38357FF" ), ( "BBAA9988776655443322110A", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F", "BD6F6C496201C69296C11EFD138A467ABD3C707924B964DE" "AFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240" ), ( "BBAA9988776655443322110B", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F", "", "FE80690BEE8A485D11F32965BC9D2A32" ), ( "BBAA9988776655443322110C", "", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F", "2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF4" "6040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF" ), ( "BBAA9988776655443322110D", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "D5CA91748410C1751FF8A2F618255B68A0A12E093FF45460" "6E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483" "A7035490C5769E60" ), ( "BBAA9988776655443322110E", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "", "C5CD9D1850C141E358649994EE701B68" ), ( "BBAA9988776655443322110F", "", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15" "A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95" "A98CA5F3000B1479" ) ) # Tuple with # - key # - nonce # - authenticated data # - plaintext # - ciphertext and 12 byte MAC tag tv2 = ( "0F0E0D0C0B0A09080706050403020100", "BBAA9988776655443322110D", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627", "1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1" "A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FD" "AC4F02AA" ) # Tuple with # - key length # - MAC tag length # - Expected output tv3 = ( (128, 128, "67E944D23256C5E0B6C61FA22FDF1EA2"), (192, 128, "F673F2C3E7174AAE7BAE986CA9F29E17"), (256, 128, "D90EB8E9C977C88B79DD793D7FFA161C"), (128, 96, "77A3D8E73589158D25D01209"), (192, 96, "05D56EAD2752C86BE6932C5E"), (256, 96, "5458359AC23B0CBA9E6330DD"), (128, 64, "192C9B7BD90BA06A"), (192, 64, "0066BC6E0EF34E24"), (256, 64, "7D4EA5D445501CBE"), ) def test1(self): key = unhexlify(b(self.tv1_key)) for tv in self.tv1: nonce, aad, pt, ct = [unhexlify(b(x)) for x in tv] ct, mac_tag = ct[:-16], ct[-16:] cipher = AES.new(key, AES.MODE_OCB, nonce=nonce) cipher.update(aad) ct2 = cipher.encrypt(pt) + cipher.encrypt() self.assertEqual(ct, ct2) self.assertEqual(mac_tag, cipher.digest()) cipher = AES.new(key, AES.MODE_OCB, nonce=nonce) cipher.update(aad) pt2 = cipher.decrypt(ct) + cipher.decrypt() self.assertEqual(pt, pt2) cipher.verify(mac_tag) def test2(self): key, nonce, aad, pt, ct = [unhexlify(b(x)) for x in self.tv2] ct, mac_tag = ct[:-12], ct[-12:] cipher = AES.new(key, AES.MODE_OCB, nonce=nonce, mac_len=12) cipher.update(aad) ct2 = cipher.encrypt(pt) + cipher.encrypt() self.assertEqual(ct, ct2) self.assertEqual(mac_tag, cipher.digest()) cipher = AES.new(key, AES.MODE_OCB, nonce=nonce, mac_len=12) cipher.update(aad) pt2 = cipher.decrypt(ct) + cipher.decrypt() self.assertEqual(pt, pt2) cipher.verify(mac_tag) def test3(self): for keylen, taglen, result in self.tv3: result2 = algo_rfc7253(keylen, taglen, 96) self.assertEqual(unhexlify(b(result)), result2) class OcbDkgTest(unittest.TestCase): """Test vectors from https://gitlab.com/dkg/ocb-test-vectors""" def test_1_2(self): tvs = [] for fi in (1, 2): for nb in (104, 112, 120): tv_file = load_test_vectors(("Cipher", "AES"), "test-vector-%d-nonce%d.txt" % (fi, nb), "DKG tests, %d, %d bits" % (fi, nb), {}) if tv_file is None: break key = tv_file[0].k for tv in tv_file[1:]: tv.k = key tvs.append(tv) for tv in tvs: k, n, a, p, c = tv.k, tv.n, tv.a, tv.p, tv.c mac_len = len(c) - len(p) cipher = AES.new(k, AES.MODE_OCB, nonce=n, mac_len=mac_len) cipher.update(a) c_out, tag_out = cipher.encrypt_and_digest(p) self.assertEqual(c, c_out + tag_out) def test_3(self): def check(keylen, taglen, noncelen, exp): result = algo_rfc7253(keylen, taglen, noncelen) self.assertEqual(result, unhexlify(exp)) # test-vector-3-nonce104.txt check(128, 128, 104, "C47F5F0341E15326D4D1C46F47F05062") check(192, 128, 104, "95B9167A38EB80495DFC561A8486E109") check(256, 128, 104, "AFE1CDDB97028FD92F8FB3C8CFBA7D83") check(128, 96, 104, "F471B4983BA80946DF217A54") check(192, 96, 104, "5AE828BC51C24D85FA5CC7B2") check(256, 96, 104, "8C8335982E2B734616CAD14C") check(128, 64, 104, "B553F74B85FD1E5B") check(192, 64, 104, "3B49D20E513531F9") check(256, 64, 104, "ED6DA5B1216BF8BB") # test-vector-3-nonce112.txt check(128, 128, 112, "CA8AFCA031BAC3F480A583BD6C50A547") check(192, 128, 112, "D170C1DF356308079DA9A3F619147148") check(256, 128, 112, "57F94381F2F9231EFB04AECD323757C3") check(128, 96, 112, "3A618B2531ED39F260C750DC") check(192, 96, 112, "9071EB89FEDBADDA88FD286E") check(256, 96, 112, "FDF0EFB97F21A39AC4BAB5AC") check(128, 64, 112, "FAB2FF3A8DD82A13") check(192, 64, 112, "AC01D912BD0737D3") check(256, 64, 112, "9D1FD0B500EA4ECF") # test-vector-3-nonce120.txt check(128, 128, 120, "9E043A7140A25FB91F43BCC9DD7E0F46") check(192, 128, 120, "680000E53908323A7F396B955B8EC641") check(256, 128, 120, "8304B97FAACDA56E676602E1878A7E6F") check(128, 96, 120, "81F978AC9867E825D339847D") check(192, 96, 120, "EFCF2D60B24926ADA48CF5B1") check(256, 96, 120, "84961DC56E917B165E58C174") check(128, 64, 120, "227AEE6C9D905A61") check(192, 64, 120, "541DE691B9E1A2F9") check(256, 64, 120, "B0E761381C7129FC") def test_2_bugfix(self): nonce = unhexlify("EEDDCCBBAA9988776655443322110D") key = unhexlify("0F0E0D0C0B0A09080706050403020100") A = unhexlify("000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627") P = unhexlify("000102030405060708090A0B0C0D0E0F1011121314151617" "18191A1B1C1D1E1F2021222324252627") C = unhexlify("07E903BFC49552411ABC865F5ECE60F6FAD1F5A9F14D3070" "FA2F1308A563207FFE14C1EEA44B22059C7484319D8A2C53" "C236A7B3") mac_len = len(C) - len(P) # Prior to version 3.17, a nonce of maximum length (15 bytes) # was actually used as a 14 byte nonce. The last byte was erroneously # ignored. buggy_result = unhexlify("BA015C4E5AE54D76C890AE81BD40DC57" "03EDC30E8AC2A58BC5D8FA4D61C5BAE6" "C39BEAC435B2FD56A2A5085C1B135D77" "0C8264B7") cipher = AES.new(key, AES.MODE_OCB, nonce=nonce[:-1], mac_len=mac_len) cipher.update(A) C_out2, tag_out2 = cipher.encrypt_and_digest(P) self.assertEqual(buggy_result, C_out2 + tag_out2) def get_tests(config={}): tests = [] tests += list_test_cases(OcbTests) tests += list_test_cases(OcbFSMTests) tests += list_test_cases(OcbRfc7253Test) tests += list_test_cases(OcbDkgTest) return tests if __name__ == '__main__': def suite(): return unittest.TestSuite(get_tests()) unittest.main(defaultTest='suite')
webs 1.0 - Enhanced UI