Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(21)

Delta Between Two Patch Sets: Lib/test/test_socket.py

Issue 27744: Add AF_ALG (Linux Kernel crypto) to socket module
Left Patch Set: Created 3 years, 6 months ago
Right Patch Set: Created 3 years, 5 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
LEFTRIGHT
1 import unittest 1 import unittest
2 from test import support 2 from test import support
3 3
4 import errno 4 import errno
5 import io 5 import io
6 import itertools 6 import itertools
7 import socket 7 import socket
8 import select 8 import select
9 import tempfile 9 import tempfile
10 import time 10 import time
(...skipping 5320 matching lines...) Expand 10 before | Expand all | Expand 10 after
5331 # tests for AF_ALG 5331 # tests for AF_ALG
5332 def create_alg(self, typ, name): 5332 def create_alg(self, typ, name):
5333 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0) 5333 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0)
5334 sock.bind((typ, name)) 5334 sock.bind((typ, name))
5335 return sock 5335 return sock
5336 5336
5337 def test_sha256(self): 5337 def test_sha256(self):
5338 expected = b"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20 015ad" 5338 expected = b"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20 015ad"
5339 with self.create_alg('hash', 'sha256') as algo: 5339 with self.create_alg('hash', 'sha256') as algo:
5340 op, _ = algo.accept() 5340 op, _ = algo.accept()
5341 try: 5341 with op:
5342 op.send(b"abc") 5342 op.sendall(b"abc")
haypo 2016/08/17 13:20:25 You may use sendall() to be consistent with the te
5343 self.assertEqual(hexlify(op.recv(512)), expected) 5343 self.assertEqual(hexlify(op.recv(512)), expected)
Martin Panter 2016/09/04 16:01:03 Python 3.5 has a bytes.hex() method. Perhaps you c
christian.heimes 2016/09/04 16:58:44 Nice, I still have to write polyglot code and wasn
5344 finally:
5345 op.close()
haypo 2016/08/17 13:20:25 Use "with op:"
5346 5344
5347 op, _ = algo.accept() 5345 op, _ = algo.accept()
5348 try: 5346 with op:
5349 op.send(b'a', socket.MSG_MORE) 5347 op.send(b'a', socket.MSG_MORE)
5350 op.send(b'b', socket.MSG_MORE) 5348 op.send(b'b', socket.MSG_MORE)
5351 op.send(b'c', socket.MSG_MORE) 5349 op.send(b'c', socket.MSG_MORE)
5352 op.send(b'') 5350 op.send(b'')
5353 self.assertEqual(hexlify(op.recv(512)), expected) 5351 self.assertEqual(hexlify(op.recv(512)), expected)
5354 finally:
5355 op.close()
5356 5352
5357 def test_hmac_sha1(self): 5353 def test_hmac_sha1(self):
5358 expected = b"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79" 5354 expected = b"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79"
5359 with self.create_alg('hash', 'hmac(sha1)') as algo: 5355 with self.create_alg('hash', 'hmac(sha1)') as algo:
5360 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, b"Jefe") 5356 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, b"Jefe")
5361 op, _ = algo.accept() 5357 op, _ = algo.accept()
5362 try: 5358 with op:
5363 op.sendall(b"what do ya want for nothing?") 5359 op.sendall(b"what do ya want for nothing?")
5364 self.assertEqual(hexlify(op.recv(512)), expected) 5360 self.assertEqual(hexlify(op.recv(512)), expected)
5365 finally:
5366 op.close()
5367 5361
5368 def test_aes_cbc(self): 5362 def test_aes_cbc(self):
5369 key = unhexlify('06a9214036b8a15b512e03d534120006') 5363 key = unhexlify('06a9214036b8a15b512e03d534120006')
Martin Panter 2016/09/04 16:01:03 Use bytes.fromhex(); it saves an import :)
5370 iv = unhexlify('3dafba429d9eb430b422da802c9fac41') 5364 iv = unhexlify('3dafba429d9eb430b422da802c9fac41')
5371 msg = b"Single block msg" 5365 msg = b"Single block msg"
5372 ciphertext = unhexlify('e353779c1079aeb82708942dbe77181a') 5366 ciphertext = unhexlify('e353779c1079aeb82708942dbe77181a')
5367 msglen = len(msg)
5373 with self.create_alg('skcipher', 'cbc(aes)') as algo: 5368 with self.create_alg('skcipher', 'cbc(aes)') as algo:
5374 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key) 5369 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key)
5375 op, _ = algo.accept() 5370 op, _ = algo.accept()
5376 try: 5371 with op:
5377 op.algset(op=socket.ALG_OP_ENCRYPT, iv=iv) 5372 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv,
5373 flags=socket.MSG_MORE)
5378 op.sendall(msg) 5374 op.sendall(msg)
5379 self.assertEqual(op.recv(16), ciphertext) 5375 self.assertEqual(op.recv(msglen), ciphertext)
5380 finally: 5376
5381 op.close() 5377 op, _ = algo.accept()
5378 with op:
5379 op.sendmsg_afalg([ciphertext],
5380 op=socket.ALG_OP_DECRYPT, iv=iv)
5381 self.assertEqual(op.recv(msglen), msg)
5382
5383 # long message
5384 multiplier = 1024
5385 longmsg = [msg] * multiplier
5386 op, _ = algo.accept()
5387 with op:
5388 op.sendmsg_afalg(longmsg,
5389 op=socket.ALG_OP_ENCRYPT, iv=iv)
5390 enc = op.recv(msglen * multiplier)
5391 self.assertEqual(len(enc), msglen * multiplier)
5392 self.assertTrue(enc[:msglen], ciphertext)
5393
5394 op, _ = algo.accept()
5395 with op:
5396 op.sendmsg_afalg([enc],
5397 op=socket.ALG_OP_DECRYPT, iv=iv)
5398 dec = op.recv(msglen * multiplier)
5399 self.assertEqual(len(dec), msglen * multiplier)
5400 self.assertEqual(dec, msg * multiplier)
5401
5402 @support.requires_linux_version(3, 19)
5403 def test_aead_aes_gcm(self):
5404 key = unhexlify('c939cc13397c1d37de6ae0e1cb7c423c')
5405 iv = unhexlify('b3d8cc017cbb89b39e0f67e2')
5406 plain = unhexlify('c3b3c41f113a31b73d9a5cd432103069')
5407 assoc = unhexlify('24825602bd12a984e0092d3e448eda5f')
5408 expected_ct = unhexlify('93fe7d9e9bfd10348a5606e5cafa7354')
5409 expected_tag = unhexlify('0032a1dc85f1c9786925a2e71d8272dd')
5410
5411 taglen = len(expected_tag)
5412 assoclen = len(assoc)
5413
5414 with self.create_alg('aead', 'gcm(aes)') as algo:
5415 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key)
5416 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_AEAD_AUTHSIZE,
5417 None, taglen)
5418
5419 # send assoc, plain and tag buffer in separate steps
5420 op, _ = algo.accept()
5421 with op:
5422 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv,
5423 assoclen=assoclen, flags=socket.MSG_MORE)
5424 op.sendall(assoc, socket.MSG_MORE)
5425 op.sendall(plain, socket.MSG_MORE)
5426 op.sendall(b'\x00' * taglen)
5427 res = op.recv(assoclen + len(plain) + taglen)
5428 self.assertEqual(expected_ct, res[assoclen:-taglen])
5429 self.assertEqual(expected_tag, res[-taglen:])
5430
5431 # now with msg
5432 op, _ = algo.accept()
5433 with op:
5434 msg = assoc + plain + b'\x00' * taglen
5435 op.sendmsg_afalg([msg], op=socket.ALG_OP_ENCRYPT, iv=iv,
5436 assoclen=assoclen)
5437 res = op.recv(assoclen + len(plain) + taglen)
5438 self.assertEqual(expected_ct, res[assoclen:-taglen])
5439 self.assertEqual(expected_tag, res[-taglen:])
5440
5441 # create anc data manually
5442 pack_uint32 = struct.Struct('I').pack
5443 op, _ = algo.accept()
5444 with op:
5445 msg = assoc + plain + b'\x00' * taglen
5446 op.sendmsg(
5447 [msg],
5448 ([socket.SOL_ALG, socket.ALG_SET_OP, pack_uint32(socket.ALG_ OP_ENCRYPT)],
5449 [socket.SOL_ALG, socket.ALG_SET_IV, pack_uint32(len(iv)) + iv],
5450 [socket.SOL_ALG, socket.ALG_SET_AEAD_ASSOCLEN, pack_uint32( assoclen)],
5451 )
5452 )
5453 res = op.recv(len(msg))
5454 self.assertEqual(expected_ct, res[assoclen:-taglen])
5455 self.assertEqual(expected_tag, res[-taglen:])
5456
5457 # decrypt and verify
5458 op, _ = algo.accept()
5459 with op:
5460 msg = assoc + expected_ct + expected_tag
5461 op.sendmsg_afalg([msg], op=socket.ALG_OP_DECRYPT, iv=iv,
5462 assoclen=assoclen)
5463 res = op.recv(len(msg))
5464 self.assertEqual(plain, res[assoclen:-taglen])
5465
5466 def test_drbg_pr_sha256(self):
5467 # deterministic random bit generator, prediction resistance, sha256
5468 with self.create_alg('rng', 'drbg_pr_sha256') as algo:
5469 extra_seed = os.urandom(32)
5470 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, extra_seed)
5471 op, _ = algo.accept()
5472 with op:
5473 rn = op.recv(32)
5474 self.assertEqual(len(rn), 32)
5475
5476 def test_sendmsg_afalg_args(self):
5477 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0)
5478 with self.assertRaises(TypeError):
5479 sock.sendmsg_afalg()
5480
5481 with self.assertRaises(TypeError):
5482 sock.sendmsg_afalg(op=None)
5483
5484 with self.assertRaises(TypeError):
5485 sock.sendmsg_afalg(1)
5486
5487 with self.assertRaises(TypeError):
5488 sock.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, assoclen=None)
5489
5490 with self.assertRaises(TypeError):
5491 sock.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, assoclen=-1)
5382 5492
5383 def test_main(): 5493 def test_main():
5384 tests = [GeneralModuleTests, BasicTCPTest, TCPCloserTest, TCPTimeoutTest, 5494 tests = [GeneralModuleTests, BasicTCPTest, TCPCloserTest, TCPTimeoutTest,
5385 TestExceptions, BufferIOTest, BasicTCPTest2, BasicUDPTest, UDPTimeo utTest ] 5495 TestExceptions, BufferIOTest, BasicTCPTest2, BasicUDPTest, UDPTimeo utTest ]
5386 5496
5387 tests.extend([ 5497 tests.extend([
5388 NonBlockingTCPTests, 5498 NonBlockingTCPTests,
5389 FileObjectClassTestCase, 5499 FileObjectClassTestCase,
5390 UnbufferedFileObjectClassTestCase, 5500 UnbufferedFileObjectClassTestCase,
5391 LineBufferedFileObjectClassTestCase, 5501 LineBufferedFileObjectClassTestCase,
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
5429 RecvmsgSCMRightsStreamTest, 5539 RecvmsgSCMRightsStreamTest,
5430 RecvmsgIntoSCMRightsStreamTest, 5540 RecvmsgIntoSCMRightsStreamTest,
5431 # These are slow when setitimer() is not available 5541 # These are slow when setitimer() is not available
5432 InterruptedRecvTimeoutTest, 5542 InterruptedRecvTimeoutTest,
5433 InterruptedSendTimeoutTest, 5543 InterruptedSendTimeoutTest,
5434 TestSocketSharing, 5544 TestSocketSharing,
5435 SendfileUsingSendTest, 5545 SendfileUsingSendTest,
5436 SendfileUsingSendfileTest, 5546 SendfileUsingSendfileTest,
5437 ]) 5547 ])
5438 5548
5439 tests = [LinuxKernelCryptoAPI]
haypo 2016/08/17 13:20:25 Don't do that :-) (You skipped all other tests, no
5440 thread_info = support.threading_setup() 5549 thread_info = support.threading_setup()
5441 support.run_unittest(*tests) 5550 support.run_unittest(*tests)
5442 support.threading_cleanup(*thread_info) 5551 support.threading_cleanup(*thread_info)
5443 5552
5444 if __name__ == "__main__": 5553 if __name__ == "__main__":
5445 test_main() 5554 test_main()
LEFTRIGHT

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+