Python: Port cryptodome tests to crypto

I don't know if this is really a smart test-setup... I feel a bit stupid when doing this xD
2026-04-30 11:15:13 +02:00 · 2021-03-02 10:06:06 +01:00
parent f8254381f3
commit bf6f5074c2
6 changed files with 28 additions and 30 deletions
--- a/python/ql/test/experimental/library-tests/frameworks/crypto/test_aes.py
+++ b/python/ql/test/experimental/library-tests/frameworks/crypto/test_aes.py
@@ -21,14 +21,14 @@ padding = b"\0"*padding_len
 cipher = AES.new(key, AES.MODE_CBC, iv=iv)
 # using separate .encrypt calls on individual lines does not work
 whole_plantext = secret_message + padding
-encrypted = cipher.encrypt(whole_plantext)
+encrypted = cipher.encrypt(whole_plantext) # $ CryptographicOperation CryptographicOperationAlgorithm=AES CryptographicOperationInput=whole_plantext

 print("encrypted={}".format(encrypted))

 print()

 cipher = AES.new(key, AES.MODE_CBC, iv=iv)
-decrypted = cipher.decrypt(encrypted)
+decrypted = cipher.decrypt(encrypted) # $ CryptographicOperation CryptographicOperationAlgorithm=AES CryptographicOperationInput=encrypted

 decrypted = decrypted[:-padding_len]

--- a/python/ql/test/experimental/library-tests/frameworks/crypto/test_md5.py
+++ b/python/ql/test/experimental/library-tests/frameworks/crypto/test_md5.py
@@ -1,10 +1,10 @@
 from Crypto.Hash import MD5

-hasher = MD5.new(b"secret message") # $ MISSING: CryptographicOperation CryptographicOperationInput=b"secret message" CryptographicOperationAlgorithm=MD5
+hasher = MD5.new(b"secret message") # $ CryptographicOperation CryptographicOperationInput=b"secret message" CryptographicOperationAlgorithm=MD5
 print(hasher.hexdigest())


-hasher = MD5.new() # $ MISSING: CryptographicOperation CryptographicOperationAlgorithm=MD5
-hasher.update(b"secret") # $ MISSING: CryptographicOperation CryptographicOperationInput=b"secret" CryptographicOperationAlgorithm=MD5
-hasher.update(b" message") # $ MISSING: CryptographicOperation CryptographicOperationInput=b" message" CryptographicOperationAlgorithm=MD5
+hasher = MD5.new() # $ CryptographicOperation CryptographicOperationAlgorithm=MD5
+hasher.update(b"secret") # $ CryptographicOperation CryptographicOperationInput=b"secret" CryptographicOperationAlgorithm=MD5
+hasher.update(b" message") # $ CryptographicOperation CryptographicOperationInput=b" message" CryptographicOperationAlgorithm=MD5
 print(hasher.hexdigest())
--- a/python/ql/test/experimental/library-tests/frameworks/crypto/test_rc4.py
+++ b/python/ql/test/experimental/library-tests/frameworks/crypto/test_rc4.py
@@ -17,14 +17,14 @@ print("encrypt/decrypt")
 secret_message = b"secret message"

 cipher = ARC4.new(key)
-encrypted = cipher.encrypt(secret_message)
+encrypted = cipher.encrypt(secret_message) # $ CryptographicOperation CryptographicOperationAlgorithm=ARC4 CryptographicOperationInput=secret_message

 print("encrypted={}".format(encrypted))

 print()

 cipher = ARC4.new(key)
-decrypted = cipher.decrypt(encrypted)
+decrypted = cipher.decrypt(encrypted) # $ CryptographicOperation CryptographicOperationAlgorithm=ARC4 CryptographicOperationInput=encrypted

 print("decrypted={}".format(decrypted))
 assert decrypted == secret_message
--- a/python/ql/test/library-tests/frameworks/crypto/test_dsa.py
+++ b/python/ql/test/library-tests/frameworks/crypto/test_dsa.py
@@ -20,8 +20,8 @@ message = b"message"

 signer = DSS.new(private_key, mode='fips-186-3')

-hasher = SHA256.new(message)
-signature = signer.sign(hasher)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+signature = signer.sign(hasher) # $ CryptographicOperation CryptographicOperationInput=hasher # MISSING: CryptographicOperationAlgorithm=DSA

 print("signature={}".format(signature))

@@ -29,13 +29,13 @@ print()

 verifier = DSS.new(public_key, mode='fips-186-3')

-hasher = SHA256.new(message)
-verifier.verify(hasher, signature)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature # MISSING: CryptographicOperationAlgorithm=DSA
 print("Signature verified (as expected)")

 try:
-    hasher = SHA256.new(b"other message")
-    verifier.verify(hasher, signature)
+    hasher = SHA256.new(b"other message") # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=b"other message"
+    verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature # MISSING: CryptographicOperationAlgorithm=DSA
    raise Exception("Signature verified (unexpected)")
 except ValueError:
    print("Signature mismatch (as expected)")
--- a/python/ql/test/library-tests/frameworks/crypto/test_ec.py
+++ b/python/ql/test/library-tests/frameworks/crypto/test_ec.py
@@ -17,8 +17,8 @@ message = b"message"

 signer = DSS.new(private_key, mode='fips-186-3')

-hasher = SHA256.new(message)
-signature = signer.sign(hasher)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+signature = signer.sign(hasher) # $ CryptographicOperation CryptographicOperationInput=hasher # MISSING: CryptographicOperationAlgorithm=ECDSA

 print("signature={}".format(signature))

@@ -26,13 +26,13 @@ print()

 verifier = DSS.new(public_key, mode='fips-186-3')

-hasher = SHA256.new(message)
-verifier.verify(hasher, signature)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature
 print("Signature verified (as expected)")

 try:
-    hasher = SHA256.new(b"other message")
-    verifier.verify(hasher, signature)
+    hasher = SHA256.new(b"other message") # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=b"other message"
+    verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature # MISSING: CryptographicOperationAlgorithm=ECDSA
    raise Exception("Signature verified (unexpected)")
 except ValueError:
    print("Signature mismatch (as expected)")
--- a/python/ql/test/library-tests/frameworks/crypto/test_rsa.py
+++ b/python/ql/test/library-tests/frameworks/crypto/test_rsa.py
@@ -23,7 +23,7 @@ secret_message = b"secret message"

 encrypt_cipher = PKCS1_OAEP.new(public_key)

-encrypted = encrypt_cipher.encrypt(secret_message)
+encrypted = encrypt_cipher.encrypt(secret_message) # $ CryptographicOperation CryptographicOperationInput=secret_message # MISSING: CryptographicOperationAlgorithm=RSA-OAEP?

 print("encrypted={}".format(encrypted))

@@ -31,9 +31,7 @@ print()

 decrypt_cipher = PKCS1_OAEP.new(private_key)

-decrypted = decrypt_cipher.decrypt(
-    encrypted,
-)
+decrypted = decrypt_cipher.decrypt(encrypted) # $ CryptographicOperation CryptographicOperationInput=encrypted # MISSING: CryptographicOperationAlgorithm=RSA-OAEP?

 print("decrypted={}".format(decrypted))
 assert decrypted == secret_message
@@ -51,8 +49,8 @@ message = b"message"

 signer = pss.new(private_key)

-hasher = SHA256.new(message)
-signature = signer.sign(hasher)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+signature = signer.sign(hasher) # $ CryptographicOperation CryptographicOperationInput=hasher # MISSING: CryptographicOperationAlgorithm=RSA-PSS?

 print("signature={}".format(signature))

@@ -60,14 +58,14 @@ print()

 verifier = pss.new(public_key)

-hasher = SHA256.new(message)
-verifier.verify(hasher, signature)
+hasher = SHA256.new(message) # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=message
+verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature # MISSING: CryptographicOperationAlgorithm=RSA-PSS?
 print("Signature verified (as expected)")

 try:
    verifier = pss.new(public_key)
-    hasher = SHA256.new(b"other message")
-    verifier.verify(hasher, signature)
+    hasher = SHA256.new(b"other message") # $ CryptographicOperation CryptographicOperationAlgorithm=SHA256 CryptographicOperationInput=b"other message"
+    verifier.verify(hasher, signature) # $ CryptographicOperation CryptographicOperationInput=hasher CryptographicOperationInput=signature # MISSING: CryptographicOperationAlgorithm=RSA-PSS?
    raise Exception("Signature verified (unexpected)")
 except ValueError:
    print("Signature mismatch (as expected)")