Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(18)

Side by Side Diff: Lib/test/test_socket.py

Issue 27744: Add AF_ALG (Linux Kernel crypto) to socket module
Patch Set: Created 3 years, 5 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 import unittest 1 import unittest
2 from test import support 2 from test import support
3 3
4 import errno 4 import errno
5 import io 5 import io
6 import itertools 6 import itertools
7 import socket 7 import socket
8 import select 8 import select
9 import tempfile 9 import tempfile
10 import time 10 import time
11 import traceback 11 import traceback
12 import queue 12 import queue
13 import sys 13 import sys
14 import os 14 import os
15 import array 15 import array
16 import contextlib 16 import contextlib
17 from weakref import proxy 17 from weakref import proxy
18 import signal 18 import signal
19 import math 19 import math
20 import pickle 20 import pickle
21 import struct 21 import struct
22 import random 22 import random
23 import string 23 import string
24 from binascii import hexlify, unhexlify
24 try: 25 try:
25 import multiprocessing 26 import multiprocessing
26 except ImportError: 27 except ImportError:
27 multiprocessing = False 28 multiprocessing = False
28 try: 29 try:
29 import fcntl 30 import fcntl
30 except ImportError: 31 except ImportError:
31 fcntl = None 32 fcntl = None
32 33
33 HOST = support.HOST 34 HOST = support.HOST
(...skipping 5284 matching lines...) Expand 10 before | Expand all | Expand 10 after
5318 @unittest.skipUnless(thread, 'Threading required for this test.') 5319 @unittest.skipUnless(thread, 'Threading required for this test.')
5319 @unittest.skipUnless(hasattr(os, "sendfile"), 5320 @unittest.skipUnless(hasattr(os, "sendfile"),
5320 'os.sendfile() required for this test.') 5321 'os.sendfile() required for this test.')
5321 class SendfileUsingSendfileTest(SendfileUsingSendTest): 5322 class SendfileUsingSendfileTest(SendfileUsingSendTest):
5322 """ 5323 """
5323 Test the sendfile() implementation of socket.sendfile(). 5324 Test the sendfile() implementation of socket.sendfile().
5324 """ 5325 """
5325 def meth_from_sock(self, sock): 5326 def meth_from_sock(self, sock):
5326 return getattr(sock, "_sendfile_use_sendfile") 5327 return getattr(sock, "_sendfile_use_sendfile")
5327 5328
5329 @unittest.skipUnless(hasattr(socket, "AF_ALG"), 'AF_ALG required')
5330 class LinuxKernelCryptoAPI(unittest.TestCase):
5331 # tests for AF_ALG
5332 def create_alg(self, typ, name):
5333 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0)
5334 sock.bind((typ, name))
5335 return sock
5336
5337 def test_sha256(self):
5338 expected = b"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20 015ad"
5339 with self.create_alg('hash', 'sha256') as algo:
5340 op, _ = algo.accept()
5341 with op:
5342 op.sendall(b"abc")
5343 self.assertEqual(hexlify(op.recv(512)), expected)
Martin Panter 2016/09/04 16:01:03 Python 3.5 has a bytes.hex() method. Perhaps you c
christian.heimes 2016/09/04 16:58:44 Nice, I still have to write polyglot code and wasn
5344
5345 op, _ = algo.accept()
5346 with op:
5347 op.send(b'a', socket.MSG_MORE)
5348 op.send(b'b', socket.MSG_MORE)
5349 op.send(b'c', socket.MSG_MORE)
5350 op.send(b'')
5351 self.assertEqual(hexlify(op.recv(512)), expected)
5352
5353 def test_hmac_sha1(self):
5354 expected = b"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79"
5355 with self.create_alg('hash', 'hmac(sha1)') as algo:
5356 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, b"Jefe")
5357 op, _ = algo.accept()
5358 with op:
5359 op.sendall(b"what do ya want for nothing?")
5360 self.assertEqual(hexlify(op.recv(512)), expected)
5361
5362 def test_aes_cbc(self):
5363 key = unhexlify('06a9214036b8a15b512e03d534120006')
Martin Panter 2016/09/04 16:01:03 Use bytes.fromhex(); it saves an import :)
5364 iv = unhexlify('3dafba429d9eb430b422da802c9fac41')
5365 msg = b"Single block msg"
5366 ciphertext = unhexlify('e353779c1079aeb82708942dbe77181a')
5367 msglen = len(msg)
5368 with self.create_alg('skcipher', 'cbc(aes)') as algo:
5369 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key)
5370 op, _ = algo.accept()
5371 with op:
5372 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv,
5373 flags=socket.MSG_MORE)
5374 op.sendall(msg)
5375 self.assertEqual(op.recv(msglen), ciphertext)
5376
5377 op, _ = algo.accept()
5378 with op:
5379 op.sendmsg_afalg([ciphertext],
5380 op=socket.ALG_OP_DECRYPT, iv=iv)
5381 self.assertEqual(op.recv(msglen), msg)
5382
5383 # long message
5384 multiplier = 1024
5385 longmsg = [msg] * multiplier
5386 op, _ = algo.accept()
5387 with op:
5388 op.sendmsg_afalg(longmsg,
5389 op=socket.ALG_OP_ENCRYPT, iv=iv)
5390 enc = op.recv(msglen * multiplier)
5391 self.assertEqual(len(enc), msglen * multiplier)
5392 self.assertTrue(enc[:msglen], ciphertext)
5393
5394 op, _ = algo.accept()
5395 with op:
5396 op.sendmsg_afalg([enc],
5397 op=socket.ALG_OP_DECRYPT, iv=iv)
5398 dec = op.recv(msglen * multiplier)
5399 self.assertEqual(len(dec), msglen * multiplier)
5400 self.assertEqual(dec, msg * multiplier)
5401
5402 @support.requires_linux_version(3, 19)
5403 def test_aead_aes_gcm(self):
5404 key = unhexlify('c939cc13397c1d37de6ae0e1cb7c423c')
5405 iv = unhexlify('b3d8cc017cbb89b39e0f67e2')
5406 plain = unhexlify('c3b3c41f113a31b73d9a5cd432103069')
5407 assoc = unhexlify('24825602bd12a984e0092d3e448eda5f')
5408 expected_ct = unhexlify('93fe7d9e9bfd10348a5606e5cafa7354')
5409 expected_tag = unhexlify('0032a1dc85f1c9786925a2e71d8272dd')
5410
5411 taglen = len(expected_tag)
5412 assoclen = len(assoc)
5413
5414 with self.create_alg('aead', 'gcm(aes)') as algo:
5415 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key)
5416 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_AEAD_AUTHSIZE,
5417 None, taglen)
5418
5419 # send assoc, plain and tag buffer in separate steps
5420 op, _ = algo.accept()
5421 with op:
5422 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv,
5423 assoclen=assoclen, flags=socket.MSG_MORE)
5424 op.sendall(assoc, socket.MSG_MORE)
5425 op.sendall(plain, socket.MSG_MORE)
5426 op.sendall(b'\x00' * taglen)
5427 res = op.recv(assoclen + len(plain) + taglen)
5428 self.assertEqual(expected_ct, res[assoclen:-taglen])
5429 self.assertEqual(expected_tag, res[-taglen:])
5430
5431 # now with msg
5432 op, _ = algo.accept()
5433 with op:
5434 msg = assoc + plain + b'\x00' * taglen
5435 op.sendmsg_afalg([msg], op=socket.ALG_OP_ENCRYPT, iv=iv,
5436 assoclen=assoclen)
5437 res = op.recv(assoclen + len(plain) + taglen)
5438 self.assertEqual(expected_ct, res[assoclen:-taglen])
5439 self.assertEqual(expected_tag, res[-taglen:])
5440
5441 # create anc data manually
5442 pack_uint32 = struct.Struct('I').pack
5443 op, _ = algo.accept()
5444 with op:
5445 msg = assoc + plain + b'\x00' * taglen
5446 op.sendmsg(
5447 [msg],
5448 ([socket.SOL_ALG, socket.ALG_SET_OP, pack_uint32(socket.ALG_ OP_ENCRYPT)],
5449 [socket.SOL_ALG, socket.ALG_SET_IV, pack_uint32(len(iv)) + iv],
5450 [socket.SOL_ALG, socket.ALG_SET_AEAD_ASSOCLEN, pack_uint32( assoclen)],
5451 )
5452 )
5453 res = op.recv(len(msg))
5454 self.assertEqual(expected_ct, res[assoclen:-taglen])
5455 self.assertEqual(expected_tag, res[-taglen:])
5456
5457 # decrypt and verify
5458 op, _ = algo.accept()
5459 with op:
5460 msg = assoc + expected_ct + expected_tag
5461 op.sendmsg_afalg([msg], op=socket.ALG_OP_DECRYPT, iv=iv,
5462 assoclen=assoclen)
5463 res = op.recv(len(msg))
5464 self.assertEqual(plain, res[assoclen:-taglen])
5465
5466 def test_drbg_pr_sha256(self):
5467 # deterministic random bit generator, prediction resistance, sha256
5468 with self.create_alg('rng', 'drbg_pr_sha256') as algo:
5469 extra_seed = os.urandom(32)
5470 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, extra_seed)
5471 op, _ = algo.accept()
5472 with op:
5473 rn = op.recv(32)
5474 self.assertEqual(len(rn), 32)
5475
5476 def test_sendmsg_afalg_args(self):
5477 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0)
5478 with self.assertRaises(TypeError):
5479 sock.sendmsg_afalg()
5480
5481 with self.assertRaises(TypeError):
5482 sock.sendmsg_afalg(op=None)
5483
5484 with self.assertRaises(TypeError):
5485 sock.sendmsg_afalg(1)
5486
5487 with self.assertRaises(TypeError):
5488 sock.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, assoclen=None)
5489
5490 with self.assertRaises(TypeError):
5491 sock.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, assoclen=-1)
5328 5492
5329 def test_main(): 5493 def test_main():
5330 tests = [GeneralModuleTests, BasicTCPTest, TCPCloserTest, TCPTimeoutTest, 5494 tests = [GeneralModuleTests, BasicTCPTest, TCPCloserTest, TCPTimeoutTest,
5331 TestExceptions, BufferIOTest, BasicTCPTest2, BasicUDPTest, UDPTimeo utTest ] 5495 TestExceptions, BufferIOTest, BasicTCPTest2, BasicUDPTest, UDPTimeo utTest ]
5332 5496
5333 tests.extend([ 5497 tests.extend([
5334 NonBlockingTCPTests, 5498 NonBlockingTCPTests,
5335 FileObjectClassTestCase, 5499 FileObjectClassTestCase,
5336 UnbufferedFileObjectClassTestCase, 5500 UnbufferedFileObjectClassTestCase,
5337 LineBufferedFileObjectClassTestCase, 5501 LineBufferedFileObjectClassTestCase,
5338 SmallBufferedFileObjectClassTestCase, 5502 SmallBufferedFileObjectClassTestCase,
5339 UnicodeReadFileObjectClassTestCase, 5503 UnicodeReadFileObjectClassTestCase,
5340 UnicodeWriteFileObjectClassTestCase, 5504 UnicodeWriteFileObjectClassTestCase,
5341 UnicodeReadWriteFileObjectClassTestCase, 5505 UnicodeReadWriteFileObjectClassTestCase,
5342 NetworkConnectionNoServer, 5506 NetworkConnectionNoServer,
5343 NetworkConnectionAttributesTest, 5507 NetworkConnectionAttributesTest,
5344 NetworkConnectionBehaviourTest, 5508 NetworkConnectionBehaviourTest,
5345 ContextManagersTest, 5509 ContextManagersTest,
5346 InheritanceTest, 5510 InheritanceTest,
5347 NonblockConstantTest 5511 NonblockConstantTest
5348 ]) 5512 ])
5349 tests.append(BasicSocketPairTest) 5513 tests.append(BasicSocketPairTest)
5350 tests.append(TestUnixDomain) 5514 tests.append(TestUnixDomain)
5351 tests.append(TestLinuxAbstractNamespace) 5515 tests.append(TestLinuxAbstractNamespace)
5352 tests.extend([TIPCTest, TIPCThreadableTest]) 5516 tests.extend([TIPCTest, TIPCThreadableTest])
5353 tests.extend([BasicCANTest, CANTest]) 5517 tests.extend([BasicCANTest, CANTest])
5354 tests.extend([BasicRDSTest, RDSTest]) 5518 tests.extend([BasicRDSTest, RDSTest])
5519 tests.append(LinuxKernelCryptoAPI)
5355 tests.extend([ 5520 tests.extend([
5356 CmsgMacroTests, 5521 CmsgMacroTests,
5357 SendmsgUDPTest, 5522 SendmsgUDPTest,
5358 RecvmsgUDPTest, 5523 RecvmsgUDPTest,
5359 RecvmsgIntoUDPTest, 5524 RecvmsgIntoUDPTest,
5360 SendmsgUDP6Test, 5525 SendmsgUDP6Test,
5361 RecvmsgUDP6Test, 5526 RecvmsgUDP6Test,
5362 RecvmsgRFC3542AncillaryUDP6Test, 5527 RecvmsgRFC3542AncillaryUDP6Test,
5363 RecvmsgIntoRFC3542AncillaryUDP6Test, 5528 RecvmsgIntoRFC3542AncillaryUDP6Test,
5364 RecvmsgIntoUDP6Test, 5529 RecvmsgIntoUDP6Test,
(...skipping 15 matching lines...) Expand all
5380 SendfileUsingSendTest, 5545 SendfileUsingSendTest,
5381 SendfileUsingSendfileTest, 5546 SendfileUsingSendfileTest,
5382 ]) 5547 ])
5383 5548
5384 thread_info = support.threading_setup() 5549 thread_info = support.threading_setup()
5385 support.run_unittest(*tests) 5550 support.run_unittest(*tests)
5386 support.threading_cleanup(*thread_info) 5551 support.threading_cleanup(*thread_info)
5387 5552
5388 if __name__ == "__main__": 5553 if __name__ == "__main__":
5389 test_main() 5554 test_main()
OLDNEW

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+