Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(10)

Delta Between Two Patch Sets: Lib/test/test_socket.py

Issue 27744: Add AF_ALG (Linux Kernel crypto) to socket module
Left Patch Set: Created 3 years, 5 months ago
Right Patch Set: Created 3 years, 5 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
LEFTRIGHT
1 import unittest 1 import unittest
2 from test import support 2 from test import support
3 3
4 import errno 4 import errno
5 import io 5 import io
6 import itertools 6 import itertools
7 import socket 7 import socket
8 import select 8 import select
9 import tempfile 9 import tempfile
10 import time 10 import time
(...skipping 5312 matching lines...) Expand 10 before | Expand all | Expand 10 after
5323 """ 5323 """
5324 Test the sendfile() implementation of socket.sendfile(). 5324 Test the sendfile() implementation of socket.sendfile().
5325 """ 5325 """
5326 def meth_from_sock(self, sock): 5326 def meth_from_sock(self, sock):
5327 return getattr(sock, "_sendfile_use_sendfile") 5327 return getattr(sock, "_sendfile_use_sendfile")
5328 5328
5329 @unittest.skipUnless(hasattr(socket, "AF_ALG"), 'AF_ALG required') 5329 @unittest.skipUnless(hasattr(socket, "AF_ALG"), 'AF_ALG required')
5330 class LinuxKernelCryptoAPI(unittest.TestCase): 5330 class LinuxKernelCryptoAPI(unittest.TestCase):
5331 # tests for AF_ALG 5331 # tests for AF_ALG
5332 def create_alg(self, typ, name): 5332 def create_alg(self, typ, name):
5333 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0) 5333 sock = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET, 0)
haypo 2016/08/29 00:11:35 Is it worth it to set proto explicitly to 0? It's
christian.heimes 2016/08/29 08:10:37 It doesn't hurt either. I can change it if you ins
5334 sock.bind((typ, name)) 5334 sock.bind((typ, name))
5335 return sock 5335 return sock
5336 5336
5337 def test_sha256(self): 5337 def test_sha256(self):
5338 expected = b"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20 015ad" 5338 expected = b"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20 015ad"
5339 with self.create_alg('hash', 'sha256') as algo: 5339 with self.create_alg('hash', 'sha256') as algo:
5340 op, _ = algo.accept() 5340 op, _ = algo.accept()
5341 with op: 5341 with op:
5342 op.sendall(b"abc") 5342 op.sendall(b"abc")
5343 self.assertEqual(hexlify(op.recv(512)), expected) 5343 self.assertEqual(hexlify(op.recv(512)), expected)
Martin Panter 2016/09/04 16:01:03 Python 3.5 has a bytes.hex() method. Perhaps you c
christian.heimes 2016/09/04 16:58:44 Nice, I still have to write polyglot code and wasn
5344 5344
5345 op, _ = algo.accept() 5345 op, _ = algo.accept()
5346 with op: 5346 with op:
5347 op.send(b'a', socket.MSG_MORE) 5347 op.send(b'a', socket.MSG_MORE)
5348 op.send(b'b', socket.MSG_MORE) 5348 op.send(b'b', socket.MSG_MORE)
5349 op.send(b'c', socket.MSG_MORE) 5349 op.send(b'c', socket.MSG_MORE)
5350 op.send(b'') 5350 op.send(b'')
5351 self.assertEqual(hexlify(op.recv(512)), expected) 5351 self.assertEqual(hexlify(op.recv(512)), expected)
5352 5352
5353 def test_hmac_sha1(self): 5353 def test_hmac_sha1(self):
5354 expected = b"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79" 5354 expected = b"effcdf6ae5eb2fa2d27416d5f184df9c259a7c79"
5355 with self.create_alg('hash', 'hmac(sha1)') as algo: 5355 with self.create_alg('hash', 'hmac(sha1)') as algo:
5356 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, b"Jefe") 5356 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, b"Jefe")
5357 op, _ = algo.accept() 5357 op, _ = algo.accept()
5358 with op: 5358 with op:
5359 op.sendall(b"what do ya want for nothing?") 5359 op.sendall(b"what do ya want for nothing?")
5360 self.assertEqual(hexlify(op.recv(512)), expected) 5360 self.assertEqual(hexlify(op.recv(512)), expected)
5361 5361
5362 def test_aes_cbc(self): 5362 def test_aes_cbc(self):
5363 key = unhexlify('06a9214036b8a15b512e03d534120006') 5363 key = unhexlify('06a9214036b8a15b512e03d534120006')
Martin Panter 2016/09/04 16:01:03 Use bytes.fromhex(); it saves an import :)
5364 iv = unhexlify('3dafba429d9eb430b422da802c9fac41') 5364 iv = unhexlify('3dafba429d9eb430b422da802c9fac41')
5365 msg = b"Single block msg" 5365 msg = b"Single block msg"
5366 ciphertext = unhexlify('e353779c1079aeb82708942dbe77181a') 5366 ciphertext = unhexlify('e353779c1079aeb82708942dbe77181a')
5367 msglen = len(msg) 5367 msglen = len(msg)
5368 with self.create_alg('skcipher', 'cbc(aes)') as algo: 5368 with self.create_alg('skcipher', 'cbc(aes)') as algo:
5369 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key) 5369 algo.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, key)
5370 op, _ = algo.accept() 5370 op, _ = algo.accept()
5371 with op: 5371 with op:
5372 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv, 5372 op.sendmsg_afalg(op=socket.ALG_OP_ENCRYPT, iv=iv,
5373 flags=socket.MSG_MORE) 5373 flags=socket.MSG_MORE)
5374 op.sendall(msg) 5374 op.sendall(msg)
5375 self.assertEqual(op.recv(msglen), ciphertext) 5375 self.assertEqual(op.recv(msglen), ciphertext)
5376
5376 op, _ = algo.accept() 5377 op, _ = algo.accept()
5377 with op: 5378 with op:
5378 op.sendmsg_afalg([ciphertext], 5379 op.sendmsg_afalg([ciphertext],
5379 op=socket.ALG_OP_DECRYPT, iv=iv) 5380 op=socket.ALG_OP_DECRYPT, iv=iv)
5380 self.assertEqual(op.recv(msglen), msg) 5381 self.assertEqual(op.recv(msglen), msg)
5381 5382
5383 # long message
5382 multiplier = 1024 5384 multiplier = 1024
5383 longmsg = [msg] * multiplier 5385 longmsg = [msg] * multiplier
5384 op, _ = algo.accept() 5386 op, _ = algo.accept()
5385 with op: 5387 with op:
5386 op.sendmsg_afalg(longmsg, 5388 op.sendmsg_afalg(longmsg,
5387 op=socket.ALG_OP_ENCRYPT, iv=iv) 5389 op=socket.ALG_OP_ENCRYPT, iv=iv)
5388 enc = op.recv(msglen * multiplier) 5390 enc = op.recv(msglen * multiplier)
5389 self.assertEqual(len(enc), msglen * multiplier) 5391 self.assertEqual(len(enc), msglen * multiplier)
5390 self.assertTrue(enc[:msglen], ciphertext) 5392 self.assertTrue(enc[:msglen], ciphertext)
5391 5393
5392 op, _ = algo.accept() 5394 op, _ = algo.accept()
5393 with op: 5395 with op:
5394 op.sendmsg_afalg([enc], 5396 op.sendmsg_afalg([enc],
5395 op=socket.ALG_OP_DECRYPT, iv=iv) 5397 op=socket.ALG_OP_DECRYPT, iv=iv)
5396 dec = op.recv(msglen * multiplier) 5398 dec = op.recv(msglen * multiplier)
5397 self.assertEqual(len(dec), msglen * multiplier) 5399 self.assertEqual(len(dec), msglen * multiplier)
5398 self.assertEqual(dec, msg * multiplier) 5400 self.assertEqual(dec, msg * multiplier)
5399 5401
5402 @support.requires_linux_version(3, 19)
5400 def test_aead_aes_gcm(self): 5403 def test_aead_aes_gcm(self):
5401 key = unhexlify('c939cc13397c1d37de6ae0e1cb7c423c') 5404 key = unhexlify('c939cc13397c1d37de6ae0e1cb7c423c')
5402 iv = unhexlify('b3d8cc017cbb89b39e0f67e2') 5405 iv = unhexlify('b3d8cc017cbb89b39e0f67e2')
5403 plain = unhexlify('c3b3c41f113a31b73d9a5cd432103069') 5406 plain = unhexlify('c3b3c41f113a31b73d9a5cd432103069')
5404 assoc = unhexlify('24825602bd12a984e0092d3e448eda5f') 5407 assoc = unhexlify('24825602bd12a984e0092d3e448eda5f')
5405 expected_ct = unhexlify('93fe7d9e9bfd10348a5606e5cafa7354') 5408 expected_ct = unhexlify('93fe7d9e9bfd10348a5606e5cafa7354')
5406 expected_tag = unhexlify('0032a1dc85f1c9786925a2e71d8272dd') 5409 expected_tag = unhexlify('0032a1dc85f1c9786925a2e71d8272dd')
5407 5410
5408 taglen = len(expected_tag) 5411 taglen = len(expected_tag)
5409 assoclen = len(assoc) 5412 assoclen = len(assoc)
(...skipping 29 matching lines...) Expand all
5439 pack_uint32 = struct.Struct('I').pack 5442 pack_uint32 = struct.Struct('I').pack
5440 op, _ = algo.accept() 5443 op, _ = algo.accept()
5441 with op: 5444 with op:
5442 msg = assoc + plain + b'\x00' * taglen 5445 msg = assoc + plain + b'\x00' * taglen
5443 op.sendmsg( 5446 op.sendmsg(
5444 [msg], 5447 [msg],
5445 ([socket.SOL_ALG, socket.ALG_SET_OP, pack_uint32(socket.ALG_ OP_ENCRYPT)], 5448 ([socket.SOL_ALG, socket.ALG_SET_OP, pack_uint32(socket.ALG_ OP_ENCRYPT)],
5446 [socket.SOL_ALG, socket.ALG_SET_IV, pack_uint32(len(iv)) + iv], 5449 [socket.SOL_ALG, socket.ALG_SET_IV, pack_uint32(len(iv)) + iv],
5447 [socket.SOL_ALG, socket.ALG_SET_AEAD_ASSOCLEN, pack_uint32( assoclen)], 5450 [socket.SOL_ALG, socket.ALG_SET_AEAD_ASSOCLEN, pack_uint32( assoclen)],
5448 ) 5451 )
5449 ) 5452 )
christian.heimes 2016/08/29 08:10:37 This is the pure-Python implementation of sendmsg_
5450 res = op.recv(len(msg)) 5453 res = op.recv(len(msg))
5451 self.assertEqual(expected_ct, res[assoclen:-taglen]) 5454 self.assertEqual(expected_ct, res[assoclen:-taglen])
5452 self.assertEqual(expected_tag, res[-taglen:]) 5455 self.assertEqual(expected_tag, res[-taglen:])
5453 5456
5454 # decrypt and verify 5457 # decrypt and verify
5455 op, _ = algo.accept() 5458 op, _ = algo.accept()
5456 with op: 5459 with op:
5457 msg = assoc + expected_ct + expected_tag 5460 msg = assoc + expected_ct + expected_tag
5458 op.sendmsg_afalg([msg], op=socket.ALG_OP_DECRYPT, iv=iv, 5461 op.sendmsg_afalg([msg], op=socket.ALG_OP_DECRYPT, iv=iv,
5459 assoclen=assoclen) 5462 assoclen=assoclen)
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
5542 SendfileUsingSendTest, 5545 SendfileUsingSendTest,
5543 SendfileUsingSendfileTest, 5546 SendfileUsingSendfileTest,
5544 ]) 5547 ])
5545 5548
5546 thread_info = support.threading_setup() 5549 thread_info = support.threading_setup()
5547 support.run_unittest(*tests) 5550 support.run_unittest(*tests)
5548 support.threading_cleanup(*thread_info) 5551 support.threading_cleanup(*thread_info)
5549 5552
5550 if __name__ == "__main__": 5553 if __name__ == "__main__":
5551 test_main() 5554 test_main()
LEFTRIGHT

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+