Python Crypto.Cipher.AES.MODE_CCM Examples
The following are 30
code examples of Crypto.Cipher.AES.MODE_CCM().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
Crypto.Cipher.AES
, or try the search function
.
.
Example #1
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 8 votes |
|
def test_mac_len(self):
# Invalid MAC length
for mac_len in range(3, 17 + 1, 2):
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_CCM,
nonce=self.nonce_96, mac_len=mac_len)
# Valid MAC length
for mac_len in range(4, 16 + 1, 2):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
mac_len=mac_len)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), mac_len)
# Default MAC length
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), 16)
Example #2
| Source File: test_CCM.py From android_universal with MIT License | 8 votes |
|
def test_output_param_neg(self):
pt = b'5' * 16
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
ct = cipher.encrypt(pt)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16)
shorter_output = bytearray(15)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output)
Example #3
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 7 votes |
|
def test_loopback_128(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
pt = get_tag_random("plaintext", 16 * 100)
ct = cipher.encrypt(pt)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
pt2 = cipher.decrypt(ct)
self.assertEqual(pt, pt2)
Example #4
| Source File: test_CCM.py From android_universal with MIT License | 6 votes |
|
def test_invalid_decrypt_or_update_after_verify(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
ct = cipher.encrypt(self.data_128)
mac = cipher.digest()
for method_name in "decrypt", "update":
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.decrypt(ct)
cipher.verify(mac)
self.assertRaises(TypeError, getattr(cipher, method_name),
self.data_128)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.decrypt_and_verify(ct, mac)
self.assertRaises(TypeError, getattr(cipher, method_name),
self.data_128)
Example #5
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_invalid_decrypt_or_update_after_verify(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
ct = cipher.encrypt(self.data_128)
mac = cipher.digest()
for method_name in "decrypt", "update":
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.decrypt(ct)
cipher.verify(mac)
self.assertRaises(TypeError, getattr(cipher, method_name),
self.data_128)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.decrypt_and_verify(ct, mac)
self.assertRaises(TypeError, getattr(cipher, method_name),
self.data_128)
Example #6
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_output_param_neg(self):
pt = b'5' * 16
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
ct = cipher.encrypt(pt)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16)
shorter_output = bytearray(15)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output)
Example #7
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_valid_init_update_digest_verify(self):
# No plaintext, fixed authenticated data
for assoc_len in (None, len(self.data_128)):
for msg_len in (None, 0):
# Verify path INIT->UPDATE->DIGEST
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
mac = cipher.digest()
# Verify path INIT->UPDATE->VERIFY
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
cipher.verify(mac)
Example #8
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_valid_full_path(self):
# Fixed authenticated data, fixed plaintext
for assoc_len in (None, len(self.data_128)):
for msg_len in (None, len(self.data_128)):
# Verify path INIT->UPDATE->ENCRYPT->DIGEST
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
ct = cipher.encrypt(self.data_128)
mac = cipher.digest()
# Verify path INIT->UPDATE->DECRYPT->VERIFY
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
cipher.decrypt(ct)
cipher.verify(mac)
Example #9
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_valid_multiple_encrypt_or_decrypt(self):
# Only possible if msg_len is declared in advance
for method_name in "encrypt", "decrypt":
for auth_data in (None, b"333", self.data_128,
self.data_128 + b"3"):
if auth_data is None:
assoc_len = None
else:
assoc_len = len(auth_data)
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
msg_len=64,
assoc_len=assoc_len)
if auth_data is not None:
cipher.update(auth_data)
method = getattr(cipher, method_name)
method(self.data_128)
method(self.data_128)
method(self.data_128)
method(self.data_128)
Example #10
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_encrypt(self, tv):
self._id = "Wycheproof Encrypt CCM Test #" + str(tv.id)
try:
cipher = AES.new(tv.key, AES.MODE_CCM, tv.iv, mac_len=tv.tag_size,
**self._extra_params)
except ValueError as e:
if len(tv.iv) not in range(7, 13 + 1, 2) and "Length of parameter 'nonce'" in str(e):
assert not tv.valid
return
if tv.tag_size not in range(4, 16 + 1, 2) and "Parameter 'mac_len'" in str(e):
assert not tv.valid
return
raise e
cipher.update(tv.aad)
ct, tag = cipher.encrypt_and_digest(tv.msg)
if tv.valid:
self.assertEqual(ct, tv.ct)
self.assertEqual(tag, tv.tag)
self.warn(tv)
Example #11
| Source File: test_CCM.py From FODI with GNU General Public License v3.0 | 6 votes |
|
def test_decrypt(self, tv):
self._id = "Wycheproof Decrypt CCM Test #" + str(tv.id)
try:
cipher = AES.new(tv.key, AES.MODE_CCM, tv.iv, mac_len=tv.tag_size,
**self._extra_params)
except ValueError as e:
if len(tv.iv) not in range(7, 13 + 1, 2) and "Length of parameter 'nonce'" in str(e):
assert not tv.valid
return
if tv.tag_size not in range(4, 16 + 1, 2) and "Parameter 'mac_len'" in str(e):
assert not tv.valid
return
raise e
cipher.update(tv.aad)
try:
pt = cipher.decrypt_and_verify(tv.ct, tv.tag)
except ValueError:
assert not tv.valid
else:
assert tv.valid
self.assertEqual(pt, tv.msg)
self.warn(tv)
Example #12
| Source File: test_CCM.py From android_universal with MIT License | 6 votes |
|
def test_mac_len(self):
# Invalid MAC length
for mac_len in range(3, 17 + 1, 2):
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_CCM,
nonce=self.nonce_96, mac_len=mac_len)
# Valid MAC length
for mac_len in range(4, 16 + 1, 2):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
mac_len=mac_len)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), mac_len)
# Default MAC length
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), 16)
Example #13
| Source File: test_CCM.py From android_universal with MIT License | 6 votes |
|
def test_valid_init_update_digest_verify(self):
# No plaintext, fixed authenticated data
for assoc_len in (None, len(self.data_128)):
for msg_len in (None, 0):
# Verify path INIT->UPDATE->DIGEST
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
mac = cipher.digest()
# Verify path INIT->UPDATE->VERIFY
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
cipher.verify(mac)
Example #14
| Source File: test_CCM.py From android_universal with MIT License | 6 votes |
|
def test_valid_full_path(self):
# Fixed authenticated data, fixed plaintext
for assoc_len in (None, len(self.data_128)):
for msg_len in (None, len(self.data_128)):
# Verify path INIT->UPDATE->ENCRYPT->DIGEST
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
ct = cipher.encrypt(self.data_128)
mac = cipher.digest()
# Verify path INIT->UPDATE->DECRYPT->VERIFY
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
assoc_len=assoc_len,
msg_len=msg_len)
cipher.update(self.data_128)
cipher.decrypt(ct)
cipher.verify(mac)
Example #15
| Source File: test_CCM.py From android_universal with MIT License | 6 votes |
|
def test_valid_multiple_encrypt_or_decrypt(self):
# Only possible if msg_len is declared in advance
for method_name in "encrypt", "decrypt":
for auth_data in (None, b"333", self.data_128,
self.data_128 + b"3"):
if auth_data is None:
assoc_len = None
else:
assoc_len = len(auth_data)
cipher = AES.new(self.key_128, AES.MODE_CCM,
nonce=self.nonce_96,
msg_len=64,
assoc_len=assoc_len)
if auth_data is not None:
cipher.update(auth_data)
method = getattr(cipher, method_name)
method(self.data_128)
method(self.data_128)
method(self.data_128)
method(self.data_128)
Example #16
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_valid_encrypt_and_digest_decrypt_and_verify(self):
# encrypt_and_digest
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.update(self.data_128)
ct, mac = cipher.encrypt_and_digest(self.data_128)
# decrypt_and_verify
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.update(self.data_128)
pt = cipher.decrypt_and_verify(ct, mac)
self.assertEqual(self.data_128, pt)
Example #17
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_valid_init_verify(self):
# Verify path INIT->VERIFY
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
mac = cipher.digest()
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.verify(mac)
Example #18
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_longer_assoc_data_than_declared(self):
# More than zero
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=0)
self.assertRaises(ValueError, cipher.update, b"1")
# Too large
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=15)
self.assertRaises(ValueError, cipher.update, self.data_128)
Example #19
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_hex_mac(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
mac_hex = cipher.hexdigest()
self.assertEqual(cipher.digest(), unhexlify(mac_hex))
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.hexverify(mac_hex)
Example #20
| Source File: cryptutils.py From edl with MIT License | 5 votes |
|
def aes_ccm(self, key, nounce, tag_auth, data, decrypt=True):
cipher = AES.new(key, AES.MODE_CCM, nounce)
if decrypt:
plaintext = cipher.decrypt(data)
try:
cipher.verify(tag_auth)
return plaintext
except ValueError:
return None
else:
ciphertext = cipher.encrypt(data)
return ciphertext
Example #21
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_data_must_be_bytes(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.encrypt, u'test1234567890-*')
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.decrypt, u'test1234567890-*')
Example #22
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_either_encrypt_or_decrypt(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.encrypt(b"")
self.assertRaises(TypeError, cipher.decrypt, b"")
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.decrypt(b"")
self.assertRaises(TypeError, cipher.encrypt, b"")
Example #23
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_null_encryption_decryption(self):
for func in "encrypt", "decrypt":
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
result = getattr(cipher, func)(b"")
self.assertEqual(result, b"")
Example #24
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_unknown_parameters(self):
self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CCM,
self.nonce_96, 7)
self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CCM,
nonce=self.nonce_96, unknown=7)
# But some are only known by the base cipher
# (e.g. use_aesni consumed by the AES module)
AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
use_aesni=False)
Example #25
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_block_size(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertEqual(cipher.block_size, AES.block_size)
Example #26
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_nonce_length(self):
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_CCM,
nonce=b"")
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_CCM,
nonce=bchr(1) * 6)
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_CCM,
nonce=bchr(1) * 14)
for x in range(7, 13 + 1):
AES.new(self.key_128, AES.MODE_CCM, nonce=bchr(1) * x)
Example #27
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_nonce_must_be_bytes(self):
self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CCM,
nonce=u'test12345678')
Example #28
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_nonce(self):
# If not passed, the nonce is created randomly
cipher = AES.new(self.key_128, AES.MODE_CCM)
nonce1 = cipher.nonce
cipher = AES.new(self.key_128, AES.MODE_CCM)
nonce2 = cipher.nonce
self.assertEqual(len(nonce1), 11)
self.assertNotEqual(nonce1, nonce2)
cipher = AES.new(self.key_128, AES.MODE_CCM, self.nonce_96)
ct = cipher.encrypt(self.data_128)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
self.assertEquals(ct, cipher.encrypt(self.data_128))
Example #29
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_loopback_128(self):
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
pt = get_tag_random("plaintext", 16 * 100)
ct = cipher.encrypt(pt)
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
pt2 = cipher.decrypt(ct)
self.assertEqual(pt, pt2)
Example #30
| Source File: test_CCM.py From android_universal with MIT License | 5 votes |
|
def test_shorter_assoc_data_than_expected(self):
# With plaintext
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=17)
cipher.update(self.data_128)
self.assertRaises(ValueError, cipher.encrypt, self.data_128)
# With empty plaintext
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=17)
cipher.update(self.data_128)
self.assertRaises(ValueError, cipher.digest)
# With ciphertext
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=17)
cipher.update(self.data_128)
self.assertRaises(ValueError, cipher.decrypt, self.data_128)
# With empty ciphertext
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96)
cipher.update(self.data_128)
mac = cipher.digest()
cipher = AES.new(self.key_128, AES.MODE_CCM, nonce=self.nonce_96,
assoc_len=17)
cipher.update(self.data_128)
self.assertRaises(ValueError, cipher.verify, mac)
