File: attachments_test.py

package info (click to toggle)
mautrix-python 0.20.7-1
  • links: PTS, VCS
  • area: main
  • in suites: sid, trixie
  • size: 1,812 kB
  • sloc: python: 19,103; makefile: 16
file content (111 lines) | stat: -rw-r--r-- 2,769 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# Copyright © 2019 Damir Jelić <poljar@termina.org.uk> (under the Apache 2.0 license)
# Copyright (c) 2022 Tulir Asokan
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
import pytest
import unpaddedbase64

from mautrix.errors import DecryptionError

from .attachments import decrypt_attachment, encrypt_attachment, inplace_encrypt_attachment

try:
    from Crypto import Random
except ImportError:
    from Cryptodome import Random


def test_encrypt():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    plaintext = decrypt_attachment(cyphertext, keys.key.key, keys.hashes["sha256"], keys.iv)

    assert data == plaintext


def test_inplace_encrypt():
    orig_data = b"Test bytes"
    data = bytearray(orig_data)

    keys = inplace_encrypt_attachment(data)

    assert data != orig_data

    decrypt_attachment(data, keys.key.key, keys.hashes["sha256"], keys.iv, inplace=True)

    assert data == orig_data


def test_hash_verification():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    with pytest.raises(DecryptionError):
        decrypt_attachment(cyphertext, keys.key.key, "Fake hash", keys.iv)


def test_invalid_key():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    with pytest.raises(DecryptionError):
        decrypt_attachment(cyphertext, "Fake key", keys.hashes["sha256"], keys.iv)


def test_invalid_iv():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    with pytest.raises(DecryptionError):
        decrypt_attachment(cyphertext, keys.key.key, keys.hashes["sha256"], "Fake iv")


def test_short_key():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    with pytest.raises(DecryptionError):
        decrypt_attachment(
            cyphertext,
            unpaddedbase64.encode_base64(b"Fake key", urlsafe=True),
            keys["hashes"]["sha256"],
            keys["iv"],
        )


def test_short_iv():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    with pytest.raises(DecryptionError):
        decrypt_attachment(
            cyphertext,
            keys.key.key,
            keys.hashes["sha256"],
            unpaddedbase64.encode_base64(b"F" + b"\x00" * 8),
        )


def test_fake_key():
    data = b"Test bytes"

    cyphertext, keys = encrypt_attachment(data)

    fake_key = Random.new().read(32)

    plaintext = decrypt_attachment(
        cyphertext,
        unpaddedbase64.encode_base64(fake_key, urlsafe=True),
        keys["hashes"]["sha256"],
        keys["iv"],
    )
    assert plaintext != data