add FIPS 186-2/3 signature verification tests for RSA PKCSv15 and PSS
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 67b5b2e..ae0b453 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -27,7 +27,7 @@
from cryptography.hazmat.primitives import hashes, interfaces
from cryptography.hazmat.primitives.asymmetric import padding, rsa
-from .utils import generate_rsa_pss_test
+from .utils import generate_rsa_signature_test
from ...utils import (
load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file
)
@@ -754,14 +754,16 @@
)
@pytest.mark.rsa
class TestRSAPSSMGF1VerificationSHA1(object):
- test_rsa_pss_mgf1_sha1 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha1 = generate_rsa_signature_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA1()
+ hashes.SHA1(),
+ padding.PSS
)
@@ -771,14 +773,16 @@
)
@pytest.mark.rsa
class TestRSAPSSMGF1VerificationSHA224(object):
- test_rsa_pss_mgf1_sha224 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha224 = generate_rsa_signature_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA224()
+ hashes.SHA224(),
+ padding.PSS
)
@@ -788,14 +792,16 @@
)
@pytest.mark.rsa
class TestRSAPSSMGF1VerificationSHA256(object):
- test_rsa_pss_mgf1_sha256 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha256 = generate_rsa_signature_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA256()
+ hashes.SHA256(),
+ padding.PSS
)
@@ -805,14 +811,16 @@
)
@pytest.mark.rsa
class TestRSAPSSMGF1VerificationSHA384(object):
- test_rsa_pss_mgf1_sha384 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha384 = generate_rsa_signature_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA384()
+ hashes.SHA384(),
+ padding.PSS
)
@@ -822,14 +830,101 @@
)
@pytest.mark.rsa
class TestRSAPSSMGF1VerificationSHA512(object):
- test_rsa_pss_mgf1_sha512 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha512 = generate_rsa_signature_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA512()
+ hashes.SHA512(),
+ padding.PSS
+ )
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
+ skip_message="Does not support SHA1",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA1Verification(object):
+ test_rsa_pkcs1v15_verify_sha1 = generate_rsa_signature_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA1(),
+ padding.PKCS1v15
+ )
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
+ skip_message="Does not support SHA224",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA224Verification(object):
+ test_rsa_pkcs1v15_verify_sha224 = generate_rsa_signature_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA224(),
+ padding.PKCS1v15
+ )
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
+ skip_message="Does not support SHA256",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA256Verification(object):
+ test_rsa_pkcs1v15_verify_sha256 = generate_rsa_signature_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA256(),
+ padding.PKCS1v15
+ )
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
+ skip_message="Does not support SHA384",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA384Verification(object):
+ test_rsa_pkcs1v15_verify_sha384 = generate_rsa_signature_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA384(),
+ padding.PKCS1v15
+ )
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA512Verification(object):
+ test_rsa_pkcs1v15_verify_sha512 = generate_rsa_signature_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA512(),
+ padding.PKCS1v15
)
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index a29ef70..5db9a19 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -20,7 +20,8 @@
import pytest
from cryptography.exceptions import (
- AlreadyFinalized, AlreadyUpdated, InvalidTag, NotYetFinalized
+ AlreadyFinalized, AlreadyUpdated, InvalidSignature, InvalidTag,
+ NotYetFinalized
)
from cryptography.hazmat.primitives import hashes, hmac
from cryptography.hazmat.primitives.asymmetric import padding, rsa
@@ -374,33 +375,42 @@
return test_hkdf
-def generate_rsa_pss_test(param_loader, path, file_names, hash_alg):
+def generate_rsa_signature_test(param_loader, path, file_names, hash_alg,
+ pad_cls):
all_params = _load_all_params(path, file_names, param_loader)
all_params = [i for i in all_params
if i["algorithm"] == hash_alg.name.upper()]
@pytest.mark.parametrize("params", all_params)
- def test_rsa_pss(self, backend, params):
- rsa_pss_test(backend, params, hash_alg)
+ def test_rsa_signature(self, backend, params):
+ rsa_signature_test(backend, params, hash_alg, pad_cls)
- return test_rsa_pss
+ return test_rsa_signature
-def rsa_pss_test(backend, params, hash_alg):
+def rsa_signature_test(backend, params, hash_alg, pad_cls):
public_key = rsa.RSAPublicKey(
public_exponent=params["public_exponent"],
modulus=params["modulus"]
)
- verifier = public_key.verifier(
- binascii.unhexlify(params["s"]),
- padding.PSS(
+ if pad_cls is padding.PKCS1v15:
+ pad = padding.PKCS1v15()
+ else:
+ pad = padding.PSS(
mgf=padding.MGF1(
algorithm=hash_alg,
salt_length=params["salt_length"]
)
- ),
+ )
+ verifier = public_key.verifier(
+ binascii.unhexlify(params["s"]),
+ pad,
hash_alg,
backend
)
verifier.update(binascii.unhexlify(params["msg"]))
- verifier.verify()
+ if params["fail"]:
+ with pytest.raises(InvalidSignature):
+ verifier.verify()
+ else:
+ verifier.verify()