74
74
self.mode = getattr(self.module, "MODE_" + mode)
75
75
self.iv = _extract(params, 'iv', None)
76
76
if self.iv is not None: self.iv = b(self.iv)
78
# Only relevant for OPENPGP mode
79
self.encrypted_iv = _extract(params, 'encrypted_iv', None)
80
if self.encrypted_iv is not None:
81
self.encrypted_iv = b(self.encrypted_iv)
106
111
return self.module.new(a2b_hex(self.key), self.mode, **params)
108
113
# Block cipher with iv
109
return self.module.new(a2b_hex(self.key), self.mode, a2b_hex(self.iv), **params)
114
if do_decryption and self.mode == self.module.MODE_OPENPGP:
115
# In PGP mode, the IV to feed for decryption is the *encrypted* one
116
return self.module.new(a2b_hex(self.key), self.mode, a2b_hex(self.encrypted_iv), **params)
118
return self.module.new(a2b_hex(self.key), self.mode, a2b_hex(self.iv), **params)
111
120
def runTest(self):
112
121
plaintext = a2b_hex(self.plaintext)
113
122
ciphertext = a2b_hex(self.ciphertext)
115
124
ct1 = b2a_hex(self._new().encrypt(plaintext))
116
pt1 = b2a_hex(self._new().decrypt(ciphertext))
125
pt1 = b2a_hex(self._new(1).decrypt(ciphertext))
117
126
ct2 = b2a_hex(self._new().encrypt(plaintext))
118
pt2 = b2a_hex(self._new().decrypt(ciphertext))
127
pt2 = b2a_hex(self._new(1).decrypt(ciphertext))
129
if hasattr(self.module, "MODE_OPENPGP") and self.mode == self.module.MODE_OPENPGP:
130
# In PGP mode, data returned by the first encrypt()
131
# is prefixed with the encrypted IV.
132
# Here we check it and then remove it from the ciphertexts.
133
eilen = len(self.encrypted_iv)
134
self.assertEqual(self.encrypted_iv, ct1[:eilen])
135
self.assertEqual(self.encrypted_iv, ct2[:eilen])
120
139
self.assertEqual(self.ciphertext, ct1) # encrypt
121
140
self.assertEqual(self.ciphertext, ct2) # encrypt (second time)
204
223
"""Regression test: m.new(key, m.MODE_CFB, segment_size=N) should require segment_size to be a multiple of 8 bits"""
205
224
for i in range(1, 8):
206
225
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key), self.module.MODE_CFB, segment_size=i)
207
self.module.new(a2b_hex(self.key), self.module.MODE_CFB, segment_size=8) # should succeed
226
self.module.new(a2b_hex(self.key), self.module.MODE_CFB, "\0"*self.module.block_size, segment_size=8) # should succeed
209
228
class RoundtripTest(unittest.TestCase):
210
229
def __init__(self, module, params):
220
239
return """%s .decrypt() output of .encrypt() should not be garbled""" % (self.module_name,)
222
241
def runTest(self):
223
for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_PGP, self.module.MODE_OFB):
242
for mode in (self.module.MODE_ECB, self.module.MODE_CBC, self.module.MODE_CFB, self.module.MODE_OFB, self.module.MODE_OPENPGP):
224
243
encryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
225
decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
226
244
ciphertext = encryption_cipher.encrypt(self.plaintext)
246
if mode != self.module.MODE_OPENPGP:
247
decryption_cipher = self.module.new(a2b_hex(self.key), mode, self.iv)
249
eiv = ciphertext[:self.module.block_size+2]
250
ciphertext = ciphertext[self.module.block_size+2:]
251
decryption_cipher = self.module.new(a2b_hex(self.key), mode, eiv)
227
252
decrypted_plaintext = decryption_cipher.decrypt(ciphertext)
228
253
self.assertEqual(self.plaintext, decrypted_plaintext)
255
class PGPTest(unittest.TestCase):
256
def __init__(self, module, params):
257
unittest.TestCase.__init__(self)
259
self.key = b(params['key'])
261
def shortDescription(self):
262
return "MODE_PGP was implemented incorrectly and insecurely. It's completely banished now."
265
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key),
266
self.module.MODE_PGP)
268
class IVLengthTest(unittest.TestCase):
269
def __init__(self, module, params):
270
unittest.TestCase.__init__(self)
272
self.key = b(params['key'])
274
def shortDescription(self):
275
return "Check that all modes except MODE_ECB and MODE_CTR require an IV of the proper length"
278
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key),
279
self.module.MODE_CBC, "")
280
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key),
281
self.module.MODE_CFB, "")
282
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key),
283
self.module.MODE_OFB, "")
284
self.assertRaises(ValueError, self.module.new, a2b_hex(self.key),
285
self.module.MODE_OPENPGP, "")
286
self.module.new(a2b_hex(self.key), self.module.MODE_ECB, "")
287
self.module.new(a2b_hex(self.key), self.module.MODE_CTR, "", counter=self._dummy_counter)
289
def _dummy_counter(self):
290
return "\0" * self.module.block_size
230
292
def make_block_tests(module, module_name, test_data):
232
294
extra_tests_added = 0