Upgrade cryptography from 2.5 to 3.3
Source code is from https://github.com/pyca/cryptography/tree/3.3.x
Run setup.py locally and rename _openssl.so/_padding.so
Bug: 205265538
Test: None
Change-Id: If031739ef5830ba2fb177add74515e4660e2906e
diff --git a/tests/wycheproof/test_rsa.py b/tests/wycheproof/test_rsa.py
index 3d35f42..926bb44 100644
--- a/tests/wycheproof/test_rsa.py
+++ b/tests/wycheproof/test_rsa.py
@@ -20,6 +20,13 @@
"SHA-256": hashes.SHA256(),
"SHA-384": hashes.SHA384(),
"SHA-512": hashes.SHA512(),
+ # Not supported by OpenSSL for RSA signing
+ "SHA-512/224": None,
+ "SHA-512/256": None,
+ "SHA3-224": hashes.SHA3_224(),
+ "SHA3-256": hashes.SHA3_256(),
+ "SHA3-384": hashes.SHA3_384(),
+ "SHA3-512": hashes.SHA3_512(),
}
@@ -28,39 +35,34 @@
return True
if wycheproof.acceptable:
- if (
- backend._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER and
- wycheproof.has_flag("MissingNull")
- ):
- return False
- return True
+ return not wycheproof.has_flag("MissingNull")
return False
@pytest.mark.requires_backend_interface(interface=RSABackend)
-@pytest.mark.supported(
- only_if=lambda backend: (
- # TODO: this also skips on LibreSSL, which is ok for now, since these
- # don't pass on Libre, but we'll need to fix this when LibreSSL 2.8 is
- # released.
- not backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102
- ),
- skip_message=(
- "Many of these tests fail on OpenSSL < 1.0.2 and since upstream isn't"
- " maintaining it, they'll never be fixed."
- ),
-)
@pytest.mark.wycheproof_tests(
"rsa_signature_test.json",
"rsa_signature_2048_sha224_test.json",
"rsa_signature_2048_sha256_test.json",
+ "rsa_signature_2048_sha384_test.json",
"rsa_signature_2048_sha512_test.json",
+ "rsa_signature_2048_sha512_224_test.json",
+ "rsa_signature_2048_sha512_256_test.json",
+ "rsa_signature_2048_sha3_224_test.json",
+ "rsa_signature_2048_sha3_256_test.json",
+ "rsa_signature_2048_sha3_384_test.json",
+ "rsa_signature_2048_sha3_512_test.json",
"rsa_signature_3072_sha256_test.json",
"rsa_signature_3072_sha384_test.json",
"rsa_signature_3072_sha512_test.json",
+ "rsa_signature_3072_sha512_256_test.json",
+ "rsa_signature_3072_sha3_256_test.json",
+ "rsa_signature_3072_sha3_384_test.json",
+ "rsa_signature_3072_sha3_512_test.json",
"rsa_signature_4096_sha384_test.json",
"rsa_signature_4096_sha512_test.json",
+ "rsa_signature_4096_sha512_256_test.json",
)
def test_rsa_pkcs1v15_signature(backend, wycheproof):
key = serialization.load_der_public_key(
@@ -68,6 +70,11 @@
)
digest = _DIGESTS[wycheproof.testgroup["sha"]]
+ if digest is None or not backend.hash_supported(digest):
+ pytest.skip(
+ "Hash {} not supported".format(wycheproof.testgroup["sha"])
+ )
+
if should_verify(backend, wycheproof):
key.verify(
binascii.unhexlify(wycheproof.testcase["sig"]),
@@ -85,11 +92,30 @@
)
+@pytest.mark.wycheproof_tests("rsa_sig_gen_misc_test.json")
+def test_rsa_pkcs1v15_signature_generation(backend, wycheproof):
+ key = serialization.load_pem_private_key(
+ wycheproof.testgroup["privateKeyPem"].encode(),
+ password=None,
+ backend=backend,
+ )
+ digest = _DIGESTS[wycheproof.testgroup["sha"]]
+
+ sig = key.sign(
+ binascii.unhexlify(wycheproof.testcase["msg"]),
+ padding.PKCS1v15(),
+ digest,
+ )
+ assert sig == binascii.unhexlify(wycheproof.testcase["sig"])
+
+
@pytest.mark.requires_backend_interface(interface=RSABackend)
@pytest.mark.wycheproof_tests(
"rsa_pss_2048_sha1_mgf1_20_test.json",
"rsa_pss_2048_sha256_mgf1_0_test.json",
"rsa_pss_2048_sha256_mgf1_32_test.json",
+ "rsa_pss_2048_sha512_256_mgf1_28_test.json",
+ "rsa_pss_2048_sha512_256_mgf1_32_test.json",
"rsa_pss_3072_sha256_mgf1_32_test.json",
"rsa_pss_4096_sha256_mgf1_32_test.json",
"rsa_pss_4096_sha512_mgf1_32_test.json",
@@ -102,15 +128,23 @@
digest = _DIGESTS[wycheproof.testgroup["sha"]]
mgf_digest = _DIGESTS[wycheproof.testgroup["mgfSha"]]
+ if digest is None or mgf_digest is None:
+ pytest.skip(
+ "PSS with digest={} and MGF digest={} not supported".format(
+ wycheproof.testgroup["sha"],
+ wycheproof.testgroup["mgfSha"],
+ )
+ )
+
if wycheproof.valid or wycheproof.acceptable:
key.verify(
binascii.unhexlify(wycheproof.testcase["sig"]),
binascii.unhexlify(wycheproof.testcase["msg"]),
padding.PSS(
mgf=padding.MGF1(mgf_digest),
- salt_length=wycheproof.testgroup["sLen"]
+ salt_length=wycheproof.testgroup["sLen"],
),
- digest
+ digest,
)
else:
with pytest.raises(InvalidSignature):
@@ -119,7 +153,88 @@
binascii.unhexlify(wycheproof.testcase["msg"]),
padding.PSS(
mgf=padding.MGF1(mgf_digest),
- salt_length=wycheproof.testgroup["sLen"]
+ salt_length=wycheproof.testgroup["sLen"],
),
- digest
+ digest,
+ )
+
+
+@pytest.mark.requires_backend_interface(interface=RSABackend)
+@pytest.mark.wycheproof_tests(
+ "rsa_oaep_2048_sha1_mgf1sha1_test.json",
+ "rsa_oaep_2048_sha224_mgf1sha1_test.json",
+ "rsa_oaep_2048_sha224_mgf1sha224_test.json",
+ "rsa_oaep_2048_sha256_mgf1sha1_test.json",
+ "rsa_oaep_2048_sha256_mgf1sha256_test.json",
+ "rsa_oaep_2048_sha384_mgf1sha1_test.json",
+ "rsa_oaep_2048_sha384_mgf1sha384_test.json",
+ "rsa_oaep_2048_sha512_mgf1sha1_test.json",
+ "rsa_oaep_2048_sha512_mgf1sha512_test.json",
+ "rsa_oaep_3072_sha256_mgf1sha1_test.json",
+ "rsa_oaep_3072_sha256_mgf1sha256_test.json",
+ "rsa_oaep_3072_sha512_mgf1sha1_test.json",
+ "rsa_oaep_3072_sha512_mgf1sha512_test.json",
+ "rsa_oaep_4096_sha256_mgf1sha1_test.json",
+ "rsa_oaep_4096_sha256_mgf1sha256_test.json",
+ "rsa_oaep_4096_sha512_mgf1sha1_test.json",
+ "rsa_oaep_4096_sha512_mgf1sha512_test.json",
+ "rsa_oaep_misc_test.json",
+)
+def test_rsa_oaep_encryption(backend, wycheproof):
+ key = serialization.load_pem_private_key(
+ wycheproof.testgroup["privateKeyPem"].encode("ascii"),
+ password=None,
+ backend=backend,
+ )
+ digest = _DIGESTS[wycheproof.testgroup["sha"]]
+ mgf_digest = _DIGESTS[wycheproof.testgroup["mgfSha"]]
+
+ padding_algo = padding.OAEP(
+ mgf=padding.MGF1(algorithm=mgf_digest),
+ algorithm=digest,
+ label=binascii.unhexlify(wycheproof.testcase["label"]),
+ )
+
+ if not backend.rsa_padding_supported(padding_algo):
+ pytest.skip(
+ "OAEP with digest={} and MGF digest={} not supported".format(
+ wycheproof.testgroup["sha"],
+ wycheproof.testgroup["mgfSha"],
+ )
+ )
+
+ if wycheproof.valid or wycheproof.acceptable:
+ pt = key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]), padding_algo
+ )
+ assert pt == binascii.unhexlify(wycheproof.testcase["msg"])
+ else:
+ with pytest.raises(ValueError):
+ key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]), padding_algo
+ )
+
+
+@pytest.mark.wycheproof_tests(
+ "rsa_pkcs1_2048_test.json",
+ "rsa_pkcs1_3072_test.json",
+ "rsa_pkcs1_4096_test.json",
+)
+def test_rsa_pkcs1_encryption(backend, wycheproof):
+ key = serialization.load_pem_private_key(
+ wycheproof.testgroup["privateKeyPem"].encode("ascii"),
+ password=None,
+ backend=backend,
+ )
+
+ if wycheproof.valid:
+ pt = key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]), padding.PKCS1v15()
+ )
+ assert pt == binascii.unhexlify(wycheproof.testcase["msg"])
+ else:
+ with pytest.raises(ValueError):
+ key.decrypt(
+ binascii.unhexlify(wycheproof.testcase["ct"]),
+ padding.PKCS1v15(),
)