diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | M2Crypto/EVP.py | 6 | ||||
| -rw-r--r-- | SWIG/_evp.i | 3 | ||||
| -rw-r--r-- | tests/test_evp.py | 25 |
4 files changed, 34 insertions, 4 deletions
@@ -23,7 +23,9 @@ - ftpslib now works with Python 2.6, by Theodore A. Roth - httpslib.ProxyHTTPSConnection needs to cast port into integer, by John M. Schanck -- Added support for RSASSA-PSS signing and verifying, by Koniosis +- Added support for RSASSA-PSS signing and verifying, by Chris Collis +- Added support for disabling padding when using RSA encryption, + by Chris Collis - Reverted a change done in 0.17 to m2urllib2 which changed urls to include host when it should stay as it was - SMIME.text_crlf and text_crlf_bio were always raising TypeError; fixed diff --git a/M2Crypto/EVP.py b/M2Crypto/EVP.py index 5c7f558..cb92380 100644 --- a/M2Crypto/EVP.py +++ b/M2Crypto/EVP.py @@ -102,7 +102,7 @@ class Cipher: m2_cipher_ctx_free = m2.cipher_ctx_free - def __init__(self, alg, key, iv, op, key_as_bytes=0, d='md5', salt='12345678', i=1): + def __init__(self, alg, key, iv, op, key_as_bytes=0, d='md5', salt='12345678', i=1, padding=1): cipher = getattr(m2, alg, None) if cipher is None: raise ValueError, ('unknown cipher', alg) @@ -114,6 +114,7 @@ class Cipher: key = m2.bytes_to_key(self.cipher, kmd(), key, salt, iv, i) self.ctx=m2.cipher_ctx_new() m2.cipher_init(self.ctx, self.cipher, key, iv, op) + self.set_padding(padding) del key def __del__(self): @@ -126,6 +127,9 @@ class Cipher: def final(self): return m2.cipher_final(self.ctx) + def set_padding(self, padding=1): + return m2.cipher_set_padding(self.ctx, padding) + class PKey: """ diff --git a/SWIG/_evp.i b/SWIG/_evp.i index ac2a241..d05b44b 100644 --- a/SWIG/_evp.i +++ b/SWIG/_evp.i @@ -127,6 +127,9 @@ extern const EVP_CIPHER *EVP_aes_256_cfb(void); %rename(aes_256_ofb) EVP_aes_256_ofb; extern const EVP_CIPHER *EVP_aes_256_ofb(void); +%rename(cipher_set_padding) EVP_CIPHER_CTX_set_padding; +extern int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int); + %rename(pkey_new) EVP_PKEY_new; extern EVP_PKEY *EVP_PKEY_new(void); %rename(pkey_free) EVP_PKEY_free; diff --git a/tests/test_evp.py b/tests/test_evp.py index e0e5759..c173dae 100644 --- a/tests/test_evp.py +++ b/tests/test_evp.py @@ -240,7 +240,7 @@ class CipherTestCase(unittest.TestCase): raise self.assertRaises(ValueError, self.try_algo, 'nosuchalgo4567') - + def test_AES(self): enc = 1 dec = 0 @@ -270,7 +270,8 @@ class CipherTestCase(unittest.TestCase): 'CT': 'd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684', }, ] - + + # Test with padding for test in tests: # encrypt k=EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), iv=unhexlify(test['IV']), op=enc) @@ -292,6 +293,26 @@ class CipherTestCase(unittest.TestCase): cbuf.close() self.assertEqual(plaintext, test['PT']) + # Test without padding + for test in tests: + # encrypt + k=EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), iv=unhexlify(test['IV']), op=enc, padding=False) + pbuf=cStringIO.StringIO(test['PT']) + cbuf=cStringIO.StringIO() + ciphertext = hexlify(self.cipher_filter(k, pbuf, cbuf)) + pbuf.close() + cbuf.close() + self.assertEqual(ciphertext, test['CT']) + + # decrypt + j=EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), iv=unhexlify(test['IV']), op=dec, padding=False) + pbuf=cStringIO.StringIO() + cbuf=cStringIO.StringIO(unhexlify(test['CT'])) + plaintext=self.cipher_filter(j, cbuf, pbuf) + pbuf.close() + cbuf.close() + self.assertEqual(plaintext, test['PT']) + def test_raises(self): def _cipherFilter(cipher, inf, outf): |