Python: Align cryptodome tests

python/ql/test/experimental/library-tests/frameworks/crypto/README.md

@@ -0,0 +1,13 @@
+These tests are a copy of the tests in [../cryptodome](../cryptodome) with `Cryptodome` replaced by `Crypto`.
+
+You can run the following command to update the tests:
+
+```sh
+rm *.py && cp ../cryptodome/*.py . && sed -i -e 's/Cryptodome/Crypto/' *.py
+```
+
+The original [`pycrypto` PyPI package](https://pypi.org/project/pycrypto/) that provided the `Crypto` Python package has not been updated since 2013, so it is reasonable to assume that people will use the replacement [`pycryptodome` PyPI package](https://pypi.org/project/pycryptodome/) that has a (mostly) compatible API.
+
+The pycryptodome functionality is also available in the [`pycryptodomex` PyPI package](https://pypi.org/project/pycryptodomex/) which provides the `Cryptodome` Python package.
+
+To ensure our modeling actually covers _both_ ways of importing the same functionality, we have this convoluted test setup.

python/ql/test/experimental/library-tests/frameworks/crypto/test_aes.py

@@ -0,0 +1,36 @@
+# https://pycryptodome.readthedocs.io/en/latest/src/cipher/aes.html
+from Crypto.Cipher import AES
+
+import os
+
+key = os.urandom(256//8)
+iv = os.urandom(16)
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+
+print("encrypt/decrypt")
+
+secret_message = b"secret message"
+
+padding_len = 16 - (len(secret_message) % 16)
+padding = b"\0"*padding_len
+
+cipher = AES.new(key, AES.MODE_CBC, iv=iv)
+# using separate .encrypt calls on individual lines does not work
+whole_plantext = secret_message + padding
+encrypted = cipher.encrypt(whole_plantext)
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+cipher = AES.new(key, AES.MODE_CBC, iv=iv)
+decrypted = cipher.decrypt(encrypted)
+
+decrypted = decrypted[:-padding_len]
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message

python/ql/test/experimental/library-tests/frameworks/crypto/test_md5.py

@@ -0,0 +1,10 @@
+from Crypto.Hash import MD5
+
+hasher = MD5.new(b"secret message") # $ MISSING: CryptographicOperation CryptographicOperationInput=b"secret message" CryptographicOperationAlgorithm=MD5
+print(hasher.hexdigest())
+
+
+hasher = MD5.new() # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=MD5
+hasher.update(b"secret") # $ MISSING: CryptographicOperation CryptographicOperationInput=b"secret" CryptographicOperationAlgorithm=MD5
+hasher.update(b" message") # $ MISSING: CryptographicOperation CryptographicOperationInput=b" message" CryptographicOperationAlgorithm=MD5
+print(hasher.hexdigest())

python/ql/test/experimental/library-tests/frameworks/crypto/test_rc4.py

@@ -0,0 +1,30 @@
+# https://pycryptodome.readthedocs.io/en/latest/src/cipher/arc4.html
+from Crypto.Cipher import ARC4
+
+import os
+
+key = os.urandom(256//8)
+
+
+# ------------------------------------------------------------------------------
+# encrypt/decrypt
+# ------------------------------------------------------------------------------
+
+
+
+print("encrypt/decrypt")
+
+secret_message = b"secret message"
+
+cipher = ARC4.new(key)
+encrypted = cipher.encrypt(secret_message)
+
+print("encrypted={}".format(encrypted))
+
+print()
+
+cipher = ARC4.new(key)
+decrypted = cipher.decrypt(encrypted)
+
+print("decrypted={}".format(decrypted))
+assert decrypted == secret_message

python/ql/test/library-tests/frameworks/crypto/test_rsa.py

@@ -58,8 +58,8 @@ print("signature={}".format(signature))
 
 print()
 
-
 verifier = pss.new(public_key)
+
 hasher = SHA256.new(message)
 verifier.verify(hasher, signature)
 print("Signature verified (as expected)")