Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 0322962e143798fa5228f4505eeb606cdf773b87 / . / tests / utils.py
blob: af7f766cc08d7ee19db92ae3572975615e4322cb [file] [log] [blame]
Alex Gaynor5951f462014-11-16 09:08:42 -0800[diff] [blame]1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
Alex Gaynorf312a5c2013-08-10 15:23:38 -0400[diff] [blame]4
Alex Gaynorc37feed2014-03-08 08:32:56 -0800[diff] [blame]5from __future__ import absolute_import, division, print_function
6
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]7import binascii
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]8import collections
Alex Gaynor2e85a922018-07-16 11:18:33 -0400[diff] [blame]9import json
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]10import math
Alex Gaynor2e85a922018-07-16 11:18:33 -0400[diff] [blame]11import os
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]12import re
Alex Stapleton707b0082014-04-20 22:24:41 +0100[diff] [blame]13from contextlib import contextmanager
Paul Kehrer90450f32014-03-19 12:37:17 -0400[diff] [blame]14
Alex Stapletona39a3192014-03-14 20:03:12 +0000[diff] [blame]15import pytest
16
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]17import six
Alex Gaynor2b3f9422013-12-24 21:55:24 -0800[diff] [blame]18
Alex Gaynor7a489db2014-03-22 15:09:34 -0700[diff] [blame]19from cryptography.exceptions import UnsupportedAlgorithm
Alex Gaynor07c4dcc2014-04-05 11:22:07 -0700[diff] [blame]20
Alex Stapletona39a3192014-03-14 20:03:12 +0000[diff] [blame]21import cryptography_vectors
Matthew Iversen68e77c72014-03-13 08:54:43 +1100[diff] [blame]22
Alex Gaynor2b3f9422013-12-24 21:55:24 -0800[diff] [blame]23
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]24HashVector = collections.namedtuple("HashVector", ["message", "digest"])
25KeyedHashVector = collections.namedtuple(
26 "KeyedHashVector", ["message", "digest", "key"]
27)
28
29
Alex Gaynore6055fb2017-06-03 22:02:50 -0400[diff] [blame]30def check_backend_support(backend, item):
Paul Kehrer03229622018-09-06 22:56:46 -0500[diff] [blame^]31 for mark in item.node.iter_markers("supported"):
32 if not mark.kwargs["only_if"](backend):
33 pytest.skip("{0} ({1})".format(
34 mark.kwargs["skip_message"], backend
35 ))
Paul Kehrer5a8fdf82013-12-26 20:13:45 -0600[diff] [blame]36
37
Alex Gaynor7a489db2014-03-22 15:09:34 -0700[diff] [blame]38@contextmanager
Alex Stapleton5e4c8c32014-03-27 16:38:00 +0000[diff] [blame]39def raises_unsupported_algorithm(reason):
Alex Gaynor7a489db2014-03-22 15:09:34 -0700[diff] [blame]40 with pytest.raises(UnsupportedAlgorithm) as exc_info:
Alex Stapleton112963e2014-03-26 17:39:29 +0000[diff] [blame]41 yield exc_info
Alex Stapleton5e4c8c32014-03-27 16:38:00 +0000[diff] [blame]42
Alex Stapleton85a791f2014-03-27 16:55:41 +0000[diff] [blame]43 assert exc_info.value._reason is reason
Alex Gaynor7a489db2014-03-22 15:09:34 -0700[diff] [blame]44
45
Paul Kehrerfdae0702014-11-27 07:50:46 -1000[diff] [blame]46def load_vectors_from_file(filename, loader, mode="r"):
47 with cryptography_vectors.open_vector_file(filename, mode) as vector_file:
Alex Stapletona39a3192014-03-14 20:03:12 +0000[diff] [blame]48 return loader(vector_file)
Paul Kehrerf7f6a9f2013-11-11 20:43:52 -0600[diff] [blame]49
50
Alex Gaynord3ce7032013-11-11 14:46:20 -0800[diff] [blame]51def load_nist_vectors(vector_data):
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]52 test_data = None
53 data = []
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]54
55 for line in vector_data:
56 line = line.strip()
57
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]58 # Blank lines, comments, and section headers are ignored
Alex Gaynore0a879f2015-02-15 20:54:34 -0800[diff] [blame]59 if not line or line.startswith("#") or (line.startswith("[") and
60 line.endswith("]")):
Alex Gaynor521c42d2013-11-11 14:25:59 -0800[diff] [blame]61 continue
62
Paul Kehrera43b6692013-11-12 15:35:49 -0600[diff] [blame]63 if line.strip() == "FAIL":
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]64 test_data["fail"] = True
Paul Kehrera43b6692013-11-12 15:35:49 -0600[diff] [blame]65 continue
66
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]67 # Build our data using a simple Key = Value format
Paul Kehrera43b6692013-11-12 15:35:49 -0600[diff] [blame]68 name, value = [c.strip() for c in line.split("=")]
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]69
Paul Kehrer1050ddf2014-01-27 21:04:03 -0600[diff] [blame]70 # Some tests (PBKDF2) contain \0, which should be interpreted as a
71 # null character rather than literal.
72 value = value.replace("\\0", "\0")
73
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]74 # COUNT is a special token that indicates a new block of data
75 if name.upper() == "COUNT":
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]76 test_data = {}
77 data.append(test_data)
78 continue
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]79 # For all other tokens we simply want the name, value stored in
80 # the dictionary
81 else:
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]82 test_data[name.lower()] = value.encode("ascii")
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]83
Paul Kehrer749ac5b2013-11-18 18:12:41 -0600[diff] [blame]84 return data
Donald Stufft9e1a48b2013-08-09 00:32:30 -0400[diff] [blame]85
86
Paul Kehrer1951bf62013-09-15 12:05:43 -0500[diff] [blame]87def load_cryptrec_vectors(vector_data):
Paul Kehrere5805982013-09-27 11:26:01 -0500[diff] [blame]88 cryptrec_list = []
Paul Kehrer1951bf62013-09-15 12:05:43 -0500[diff] [blame]89
90 for line in vector_data:
91 line = line.strip()
92
93 # Blank lines and comments are ignored
94 if not line or line.startswith("#"):
95 continue
96
97 if line.startswith("K"):
Paul Kehrere5805982013-09-27 11:26:01 -0500[diff] [blame]98 key = line.split(" : ")[1].replace(" ", "").encode("ascii")
Paul Kehrer1951bf62013-09-15 12:05:43 -0500[diff] [blame]99 elif line.startswith("P"):
Paul Kehrere5805982013-09-27 11:26:01 -0500[diff] [blame]100 pt = line.split(" : ")[1].replace(" ", "").encode("ascii")
Paul Kehrer1951bf62013-09-15 12:05:43 -0500[diff] [blame]101 elif line.startswith("C"):
Paul Kehrere5805982013-09-27 11:26:01 -0500[diff] [blame]102 ct = line.split(" : ")[1].replace(" ", "").encode("ascii")
103 # after a C is found the K+P+C tuple is complete
104 # there are many P+C pairs for each K
Alex Gaynor1fe70b12013-10-16 11:59:17 -0700[diff] [blame]105 cryptrec_list.append({
106 "key": key,
107 "plaintext": pt,
108 "ciphertext": ct
109 })
Donald Stufft3359d7e2013-10-19 19:33:06 -0400[diff] [blame]110 else:
111 raise ValueError("Invalid line in file '{}'".format(line))
Paul Kehrer1951bf62013-09-15 12:05:43 -0500[diff] [blame]112 return cryptrec_list
113
114
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]115def load_hash_vectors(vector_data):
116 vectors = []
Paul Kehrer1bb8b712013-10-27 17:00:14 -0500[diff] [blame]117 key = None
118 msg = None
119 md = None
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]120
121 for line in vector_data:
122 line = line.strip()
123
Paul Kehrer87cd0db2013-10-18 18:01:26 -0500[diff] [blame]124 if not line or line.startswith("#") or line.startswith("["):
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]125 continue
126
127 if line.startswith("Len"):
128 length = int(line.split(" = ")[1])
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]129 elif line.startswith("Key"):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]130 # HMAC vectors contain a key attribute. Hash vectors do not.
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]131 key = line.split(" = ")[1].encode("ascii")
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]132 elif line.startswith("Msg"):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]133 # In the NIST vectors they have chosen to represent an empty
134 # string as hex 00, which is of course not actually an empty
135 # string. So we parse the provided length and catch this edge case.
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]136 msg = line.split(" = ")[1].encode("ascii") if length > 0 else b""
137 elif line.startswith("MD"):
138 md = line.split(" = ")[1]
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]139 # after MD is found the Msg+MD (+ potential key) tuple is complete
Paul Kehrer00dd5092013-10-23 09:41:49 -0500[diff] [blame]140 if key is not None:
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]141 vectors.append(KeyedHashVector(msg, md, key))
Paul Kehrer1bb8b712013-10-27 17:00:14 -0500[diff] [blame]142 key = None
143 msg = None
144 md = None
Paul Kehrer00dd5092013-10-23 09:41:49 -0500[diff] [blame]145 else:
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]146 vectors.append(HashVector(msg, md))
Paul Kehrer1bb8b712013-10-27 17:00:14 -0500[diff] [blame]147 msg = None
148 md = None
Paul Kehrer69e06522013-10-18 17:28:39 -0500[diff] [blame]149 else:
150 raise ValueError("Unknown line in hash vector")
151 return vectors
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]152
153
154def load_pkcs1_vectors(vector_data):
155 """
156 Loads data out of RSA PKCS #1 vector files.
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]157 """
158 private_key_vector = None
159 public_key_vector = None
160 attr = None
161 key = None
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]162 example_vector = None
163 examples = []
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]164 vectors = []
165 for line in vector_data:
Paul Kehrer7774a032014-02-17 22:56:55 -0600[diff] [blame]166 if (
167 line.startswith("# PSS Example") or
Paul Kehrer3fe91502014-03-29 12:08:39 -0500[diff] [blame]168 line.startswith("# OAEP Example") or
169 line.startswith("# PKCS#1 v1.5")
Paul Kehrer7774a032014-02-17 22:56:55 -0600[diff] [blame]170 ):
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]171 if example_vector:
172 for key, value in six.iteritems(example_vector):
Paul Kehrer26811802014-02-19 16:32:11 -0600[diff] [blame]173 hex_str = "".join(value).replace(" ", "").encode("ascii")
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]174 example_vector[key] = hex_str
175 examples.append(example_vector)
176
177 attr = None
178 example_vector = collections.defaultdict(list)
179
Paul Kehrer3fe91502014-03-29 12:08:39 -0500[diff] [blame]180 if line.startswith("# Message"):
Paul Kehrer7d9c3062014-02-18 08:27:39 -0600[diff] [blame]181 attr = "message"
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]182 continue
183 elif line.startswith("# Salt"):
184 attr = "salt"
185 continue
Paul Kehrer3fe91502014-03-29 12:08:39 -0500[diff] [blame]186 elif line.startswith("# Seed"):
187 attr = "seed"
188 continue
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]189 elif line.startswith("# Signature"):
190 attr = "signature"
191 continue
Paul Kehrer3fe91502014-03-29 12:08:39 -0500[diff] [blame]192 elif line.startswith("# Encryption"):
193 attr = "encryption"
194 continue
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]195 elif (
196 example_vector and
197 line.startswith("# =============================================")
198 ):
199 for key, value in six.iteritems(example_vector):
Paul Kehrer26811802014-02-19 16:32:11 -0600[diff] [blame]200 hex_str = "".join(value).replace(" ", "").encode("ascii")
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]201 example_vector[key] = hex_str
202 examples.append(example_vector)
203 example_vector = None
204 attr = None
205 elif example_vector and line.startswith("#"):
206 continue
207 else:
208 if attr is not None and example_vector is not None:
209 example_vector[attr].append(line.strip())
210 continue
211
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]212 if (
213 line.startswith("# Example") or
214 line.startswith("# =============================================")
215 ):
216 if key:
217 assert private_key_vector
218 assert public_key_vector
219
220 for key, value in six.iteritems(public_key_vector):
221 hex_str = "".join(value).replace(" ", "")
222 public_key_vector[key] = int(hex_str, 16)
223
224 for key, value in six.iteritems(private_key_vector):
225 hex_str = "".join(value).replace(" ", "")
226 private_key_vector[key] = int(hex_str, 16)
227
Paul Kehrerefca2802014-02-17 20:55:13 -0600[diff] [blame]228 private_key_vector["examples"] = examples
229 examples = []
230
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]231 assert (
232 private_key_vector['public_exponent'] ==
233 public_key_vector['public_exponent']
234 )
235
236 assert (
237 private_key_vector['modulus'] ==
238 public_key_vector['modulus']
239 )
240
241 vectors.append(
242 (private_key_vector, public_key_vector)
243 )
244
245 public_key_vector = collections.defaultdict(list)
246 private_key_vector = collections.defaultdict(list)
247 key = None
248 attr = None
249
250 if private_key_vector is None or public_key_vector is None:
Alex Gaynora87daea2017-10-11 21:36:30 -0400[diff] [blame]251 # Random garbage to defeat CPython's peephole optimizer so that
252 # coverage records correctly: https://bugs.python.org/issue2506
253 1 + 1
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]254 continue
255
256 if line.startswith("# Private key"):
257 key = private_key_vector
258 elif line.startswith("# Public key"):
259 key = public_key_vector
260 elif line.startswith("# Modulus:"):
261 attr = "modulus"
262 elif line.startswith("# Public exponent:"):
263 attr = "public_exponent"
264 elif line.startswith("# Exponent:"):
265 if key is public_key_vector:
266 attr = "public_exponent"
267 else:
268 assert key is private_key_vector
269 attr = "private_exponent"
270 elif line.startswith("# Prime 1:"):
271 attr = "p"
272 elif line.startswith("# Prime 2:"):
273 attr = "q"
Paul Kehrer09328bb2014-02-12 23:57:27 -0600[diff] [blame]274 elif line.startswith("# Prime exponent 1:"):
275 attr = "dmp1"
276 elif line.startswith("# Prime exponent 2:"):
277 attr = "dmq1"
278 elif line.startswith("# Coefficient:"):
279 attr = "iqmp"
Alex Stapleton58f27ac2014-02-02 19:30:03 +0000[diff] [blame]280 elif line.startswith("#"):
281 attr = None
282 else:
283 if key is not None and attr is not None:
284 key[attr].append(line.strip())
285 return vectors
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]286
287
288def load_rsa_nist_vectors(vector_data):
289 test_data = None
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]290 p = None
Paul Kehrerafc25182014-03-18 07:51:56 -0400[diff] [blame]291 salt_length = None
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]292 data = []
293
294 for line in vector_data:
295 line = line.strip()
296
297 # Blank lines and section headers are ignored
298 if not line or line.startswith("["):
299 continue
300
301 if line.startswith("# Salt len:"):
302 salt_length = int(line.split(":")[1].strip())
303 continue
304 elif line.startswith("#"):
305 continue
306
307 # Build our data using a simple Key = Value format
308 name, value = [c.strip() for c in line.split("=")]
309
310 if name == "n":
311 n = int(value, 16)
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]312 elif name == "e" and p is None:
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]313 e = int(value, 16)
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]314 elif name == "p":
315 p = int(value, 16)
316 elif name == "q":
317 q = int(value, 16)
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]318 elif name == "SHAAlg":
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]319 if p is None:
320 test_data = {
321 "modulus": n,
322 "public_exponent": e,
323 "salt_length": salt_length,
Paul Kehrere66f69a2014-03-18 07:57:26 -0400[diff] [blame]324 "algorithm": value,
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]325 "fail": False
326 }
327 else:
328 test_data = {
329 "modulus": n,
330 "p": p,
331 "q": q,
Paul Kehrere66f69a2014-03-18 07:57:26 -0400[diff] [blame]332 "algorithm": value
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]333 }
Paul Kehrerafc25182014-03-18 07:51:56 -0400[diff] [blame]334 if salt_length is not None:
335 test_data["salt_length"] = salt_length
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]336 data.append(test_data)
Paul Kehrer62707f12014-03-18 07:19:14 -0400[diff] [blame]337 elif name == "e" and p is not None:
338 test_data["public_exponent"] = int(value, 16)
339 elif name == "d":
340 test_data["private_exponent"] = int(value, 16)
341 elif name == "Result":
342 test_data["fail"] = value.startswith("F")
Paul Kehrer2f2a2062014-03-10 23:30:28 -0400[diff] [blame]343 # For all other tokens we simply want the name, value stored in
344 # the dictionary
345 else:
346 test_data[name.lower()] = value.encode("ascii")
347
348 return data
Mohammed Attia987cc702014-03-12 16:07:21 +0200[diff] [blame]349
350
351def load_fips_dsa_key_pair_vectors(vector_data):
352 """
353 Loads data out of the FIPS DSA KeyPair vector files.
354 """
355 vectors = []
Mohammed Attia987cc702014-03-12 16:07:21 +0200[diff] [blame]356 for line in vector_data:
357 line = line.strip()
358
Paul Kehrer47a66f12018-03-18 10:12:14 -0400[diff] [blame]359 if not line or line.startswith("#") or line.startswith("[mod"):
Mohammed Attia987cc702014-03-12 16:07:21 +0200[diff] [blame]360 continue
Alex Gaynor0fe7db62015-06-27 17:20:59 -0400[diff] [blame]361
Paul Kehrer47a66f12018-03-18 10:12:14 -0400[diff] [blame]362 if line.startswith("P"):
363 vectors.append({'p': int(line.split("=")[1], 16)})
364 elif line.startswith("Q"):
365 vectors[-1]['q'] = int(line.split("=")[1], 16)
366 elif line.startswith("G"):
367 vectors[-1]['g'] = int(line.split("=")[1], 16)
368 elif line.startswith("X") and 'x' not in vectors[-1]:
369 vectors[-1]['x'] = int(line.split("=")[1], 16)
370 elif line.startswith("X") and 'x' in vectors[-1]:
371 vectors.append({'p': vectors[-1]['p'],
372 'q': vectors[-1]['q'],
373 'g': vectors[-1]['g'],
374 'x': int(line.split("=")[1], 16)
375 })
376 elif line.startswith("Y"):
377 vectors[-1]['y'] = int(line.split("=")[1], 16)
Mohammed Attia987cc702014-03-12 16:07:21 +0200[diff] [blame]378
379 return vectors
Alex Stapletoncf048602014-04-12 12:48:59 +0100[diff] [blame]380
381
Mohammed Attia3c9e1582014-04-22 14:24:44 +0200[diff] [blame]382def load_fips_dsa_sig_vectors(vector_data):
Mohammed Attia0fb5d852014-04-21 10:31:15 +0200[diff] [blame]383 """
384 Loads data out of the FIPS DSA SigVer vector files.
385 """
386 vectors = []
387 sha_regex = re.compile(
388 r"\[mod = L=...., N=..., SHA-(?P<sha>1|224|256|384|512)\]"
389 )
Mohammed Attia3c9e1582014-04-22 14:24:44 +0200[diff] [blame]390
Mohammed Attia0fb5d852014-04-21 10:31:15 +0200[diff] [blame]391 for line in vector_data:
392 line = line.strip()
393
394 if not line or line.startswith("#"):
395 continue
396
397 sha_match = sha_regex.match(line)
398 if sha_match:
399 digest_algorithm = "SHA-{0}".format(sha_match.group("sha"))
400
Paul Kehrer47a66f12018-03-18 10:12:14 -0400[diff] [blame]401 if line.startswith("[mod"):
Mohammed Attia0fb5d852014-04-21 10:31:15 +0200[diff] [blame]402 continue
403
404 name, value = [c.strip() for c in line.split("=")]
405
406 if name == "P":
407 vectors.append({'p': int(value, 16),
408 'digest_algorithm': digest_algorithm})
409 elif name == "Q":
410 vectors[-1]['q'] = int(value, 16)
411 elif name == "G":
412 vectors[-1]['g'] = int(value, 16)
413 elif name == "Msg" and 'msg' not in vectors[-1]:
414 hexmsg = value.strip().encode("ascii")
415 vectors[-1]['msg'] = binascii.unhexlify(hexmsg)
416 elif name == "Msg" and 'msg' in vectors[-1]:
417 hexmsg = value.strip().encode("ascii")
418 vectors.append({'p': vectors[-1]['p'],
419 'q': vectors[-1]['q'],
420 'g': vectors[-1]['g'],
421 'digest_algorithm':
422 vectors[-1]['digest_algorithm'],
423 'msg': binascii.unhexlify(hexmsg)})
424 elif name == "X":
425 vectors[-1]['x'] = int(value, 16)
426 elif name == "Y":
427 vectors[-1]['y'] = int(value, 16)
428 elif name == "R":
429 vectors[-1]['r'] = int(value, 16)
430 elif name == "S":
431 vectors[-1]['s'] = int(value, 16)
432 elif name == "Result":
433 vectors[-1]['result'] = value.split("(")[0].strip()
434
435 return vectors
436
437
Alex Stapleton44fe82d2014-04-19 09:44:26 +0100[diff] [blame]438# http://tools.ietf.org/html/rfc4492#appendix-A
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]439_ECDSA_CURVE_NAMES = {
440 "P-192": "secp192r1",
441 "P-224": "secp224r1",
Alex Stapleton39e300f2014-04-18 22:44:02 +0100[diff] [blame]442 "P-256": "secp256r1",
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]443 "P-384": "secp384r1",
444 "P-521": "secp521r1",
Alex Stapleton39e300f2014-04-18 22:44:02 +0100[diff] [blame]445
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]446 "K-163": "sect163k1",
447 "K-233": "sect233k1",
Alex Stapletonf6a1cf62015-05-03 12:16:19 +0100[diff] [blame]448 "K-256": "secp256k1",
Alex Stapleton39e300f2014-04-18 22:44:02 +0100[diff] [blame]449 "K-283": "sect283k1",
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]450 "K-409": "sect409k1",
451 "K-571": "sect571k1",
Alex Stapleton39e300f2014-04-18 22:44:02 +0100[diff] [blame]452
Alex Stapleton44fe82d2014-04-19 09:44:26 +0100[diff] [blame]453 "B-163": "sect163r2",
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]454 "B-233": "sect233r1",
455 "B-283": "sect283r1",
456 "B-409": "sect409r1",
457 "B-571": "sect571r1",
458}
459
460
Alex Stapletoncf048602014-04-12 12:48:59 +0100[diff] [blame]461def load_fips_ecdsa_key_pair_vectors(vector_data):
462 """
463 Loads data out of the FIPS ECDSA KeyPair vector files.
464 """
465 vectors = []
466 key_data = None
Alex Stapletoncf048602014-04-12 12:48:59 +0100[diff] [blame]467 for line in vector_data:
468 line = line.strip()
469
470 if not line or line.startswith("#"):
471 continue
472
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]473 if line[1:-1] in _ECDSA_CURVE_NAMES:
474 curve_name = _ECDSA_CURVE_NAMES[line[1:-1]]
Alex Stapletoncf048602014-04-12 12:48:59 +0100[diff] [blame]475
476 elif line.startswith("d = "):
477 if key_data is not None:
478 vectors.append(key_data)
479
480 key_data = {
481 "curve": curve_name,
482 "d": int(line.split("=")[1], 16)
483 }
484
485 elif key_data is not None:
486 if line.startswith("Qx = "):
487 key_data["x"] = int(line.split("=")[1], 16)
488 elif line.startswith("Qy = "):
489 key_data["y"] = int(line.split("=")[1], 16)
490
Paul Kehrerb60b8dd2015-08-01 19:47:22 +0100[diff] [blame]491 assert key_data is not None
492 vectors.append(key_data)
Alex Stapletoncf048602014-04-12 12:48:59 +0100[diff] [blame]493
494 return vectors
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]495
496
497def load_fips_ecdsa_signing_vectors(vector_data):
498 """
499 Loads data out of the FIPS ECDSA SigGen vector files.
500 """
501 vectors = []
502
503 curve_rx = re.compile(
504 r"\[(?P<curve>[PKB]-[0-9]{3}),SHA-(?P<sha>1|224|256|384|512)\]"
505 )
506
507 data = None
508 for line in vector_data:
509 line = line.strip()
510
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]511 curve_match = curve_rx.match(line)
512 if curve_match:
513 curve_name = _ECDSA_CURVE_NAMES[curve_match.group("curve")]
514 digest_name = "SHA-{0}".format(curve_match.group("sha"))
515
516 elif line.startswith("Msg = "):
517 if data is not None:
518 vectors.append(data)
519
520 hexmsg = line.split("=")[1].strip().encode("ascii")
521
522 data = {
523 "curve": curve_name,
524 "digest_algorithm": digest_name,
525 "message": binascii.unhexlify(hexmsg)
526 }
527
528 elif data is not None:
529 if line.startswith("Qx = "):
530 data["x"] = int(line.split("=")[1], 16)
531 elif line.startswith("Qy = "):
532 data["y"] = int(line.split("=")[1], 16)
533 elif line.startswith("R = "):
534 data["r"] = int(line.split("=")[1], 16)
535 elif line.startswith("S = "):
536 data["s"] = int(line.split("=")[1], 16)
537 elif line.startswith("d = "):
538 data["d"] = int(line.split("=")[1], 16)
Alex Stapleton6f729492014-04-19 09:01:25 +0100[diff] [blame]539 elif line.startswith("Result = "):
540 data["fail"] = line.split("=")[1].strip()[0] == "F"
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]541
Paul Kehrerb60b8dd2015-08-01 19:47:22 +0100[diff] [blame]542 assert data is not None
543 vectors.append(data)
Alex Stapletonc387cf72014-04-13 13:58:02 +0100[diff] [blame]544 return vectors
Alex Stapleton839c09d2014-08-10 12:18:02 +0100[diff] [blame]545
546
547def load_kasvs_dh_vectors(vector_data):
548 """
549 Loads data out of the KASVS key exchange vector data
550 """
551
552 result_rx = re.compile(r"([FP]) \(([0-9]+) -")
553
554 vectors = []
555 data = {
556 "fail_z": False,
557 "fail_agree": False
558 }
559
560 for line in vector_data:
561 line = line.strip()
562
563 if not line or line.startswith("#"):
564 continue
565
566 if line.startswith("P = "):
567 data["p"] = int(line.split("=")[1], 16)
568 elif line.startswith("Q = "):
569 data["q"] = int(line.split("=")[1], 16)
570 elif line.startswith("G = "):
571 data["g"] = int(line.split("=")[1], 16)
572 elif line.startswith("Z = "):
573 z_hex = line.split("=")[1].strip().encode("ascii")
574 data["z"] = binascii.unhexlify(z_hex)
575 elif line.startswith("XstatCAVS = "):
576 data["x1"] = int(line.split("=")[1], 16)
577 elif line.startswith("YstatCAVS = "):
578 data["y1"] = int(line.split("=")[1], 16)
579 elif line.startswith("XstatIUT = "):
580 data["x2"] = int(line.split("=")[1], 16)
581 elif line.startswith("YstatIUT = "):
582 data["y2"] = int(line.split("=")[1], 16)
583 elif line.startswith("Result = "):
584 result_str = line.split("=")[1].strip()
585 match = result_rx.match(result_str)
586
587 if match.group(1) == "F":
588 if int(match.group(2)) in (5, 10):
589 data["fail_z"] = True
590 else:
591 data["fail_agree"] = True
592
593 vectors.append(data)
594
595 data = {
596 "p": data["p"],
597 "q": data["q"],
598 "g": data["g"],
599 "fail_z": False,
600 "fail_agree": False
601 }
602
603 return vectors
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]604
605
606def load_kasvs_ecdh_vectors(vector_data):
607 """
608 Loads data out of the KASVS key exchange vector data
609 """
610
611 curve_name_map = {
612 "P-192": "secp192r1",
613 "P-224": "secp224r1",
614 "P-256": "secp256r1",
615 "P-384": "secp384r1",
616 "P-521": "secp521r1",
617 }
618
619 result_rx = re.compile(r"([FP]) \(([0-9]+) -")
620
621 tags = []
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]622 sets = {}
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]623 vectors = []
624
625 # find info in header
626 for line in vector_data:
627 line = line.strip()
628
629 if line.startswith("#"):
630 parm = line.split("Parameter set(s) supported:")
631 if len(parm) == 2:
632 names = parm[1].strip().split()
633 for n in names:
634 tags.append("[%s]" % n)
635 break
636
637 # Sets Metadata
638 tag = None
639 curve = None
640 for line in vector_data:
641 line = line.strip()
642
643 if not line or line.startswith("#"):
644 continue
645
646 if line in tags:
647 tag = line
648 curve = None
649 elif line.startswith("[Curve selected:"):
650 curve = curve_name_map[line.split(':')[1].strip()[:-1]]
651
652 if tag is not None and curve is not None:
653 sets[tag.strip("[]")] = curve
654 tag = None
655 if len(tags) == len(sets):
656 break
657
658 # Data
659 data = {
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]660 "CAVS": {},
661 "IUT": {},
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]662 }
663 tag = None
664 for line in vector_data:
665 line = line.strip()
666
667 if not line or line.startswith("#"):
668 continue
669
670 if line.startswith("["):
671 tag = line.split()[0][1:]
672 elif line.startswith("COUNT = "):
Simo Sorce6e3b1552015-10-13 14:45:21 -0400[diff] [blame]673 data["COUNT"] = int(line.split("=")[1])
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]674 elif line.startswith("dsCAVS = "):
675 data["CAVS"]["d"] = int(line.split("=")[1], 16)
676 elif line.startswith("QsCAVSx = "):
677 data["CAVS"]["x"] = int(line.split("=")[1], 16)
678 elif line.startswith("QsCAVSy = "):
679 data["CAVS"]["y"] = int(line.split("=")[1], 16)
680 elif line.startswith("dsIUT = "):
681 data["IUT"]["d"] = int(line.split("=")[1], 16)
682 elif line.startswith("QsIUTx = "):
683 data["IUT"]["x"] = int(line.split("=")[1], 16)
684 elif line.startswith("QsIUTy = "):
685 data["IUT"]["y"] = int(line.split("=")[1], 16)
Simo Sorce83e563e2015-05-06 10:56:31 -0400[diff] [blame]686 elif line.startswith("OI = "):
687 data["OI"] = int(line.split("=")[1], 16)
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]688 elif line.startswith("Z = "):
689 data["Z"] = int(line.split("=")[1], 16)
Simo Sorce83e563e2015-05-06 10:56:31 -0400[diff] [blame]690 elif line.startswith("DKM = "):
691 data["DKM"] = int(line.split("=")[1], 16)
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]692 elif line.startswith("Result = "):
693 result_str = line.split("=")[1].strip()
694 match = result_rx.match(result_str)
695
696 if match.group(1) == "F":
697 data["fail"] = True
698 else:
699 data["fail"] = False
700 data["errno"] = int(match.group(2))
701
702 data["curve"] = sets[tag]
703
704 vectors.append(data)
705
706 data = {
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]707 "CAVS": {},
708 "IUT": {},
Simo Sorce917addb2015-04-29 19:41:26 -0400[diff] [blame]709 }
710
711 return vectors
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]712
713
714def load_x963_vectors(vector_data):
715 """
716 Loads data out of the X9.63 vector data
717 """
718
719 vectors = []
720
721 # Sets Metadata
722 hashname = None
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]723 vector = {}
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]724 for line in vector_data:
725 line = line.strip()
726
727 if line.startswith("[SHA"):
728 hashname = line[1:-1]
729 shared_secret_len = 0
730 shared_info_len = 0
731 key_data_len = 0
732 elif line.startswith("[shared secret length"):
733 shared_secret_len = int(line[1:-1].split("=")[1].strip())
734 elif line.startswith("[SharedInfo length"):
735 shared_info_len = int(line[1:-1].split("=")[1].strip())
736 elif line.startswith("[key data length"):
737 key_data_len = int(line[1:-1].split("=")[1].strip())
738 elif line.startswith("COUNT"):
739 count = int(line.split("=")[1].strip())
740 vector["hash"] = hashname
741 vector["count"] = count
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]742 vector["shared_secret_length"] = shared_secret_len
743 vector["sharedinfo_length"] = shared_info_len
744 vector["key_data_length"] = key_data_len
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]745 elif line.startswith("Z"):
746 vector["Z"] = line.split("=")[1].strip()
747 assert math.ceil(shared_secret_len / 8) * 2 == len(vector["Z"])
748 elif line.startswith("SharedInfo"):
749 if shared_info_len != 0:
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]750 vector["sharedinfo"] = line.split("=")[1].strip()
751 silen = len(vector["sharedinfo"])
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]752 assert math.ceil(shared_info_len / 8) * 2 == silen
753 elif line.startswith("key_data"):
754 vector["key_data"] = line.split("=")[1].strip()
755 assert math.ceil(key_data_len / 8) * 2 == len(vector["key_data"])
756 vectors.append(vector)
Alex Gaynorace036d2015-09-24 20:23:08 -0400[diff] [blame]757 vector = {}
Simo Sorce7600dee2015-09-22 21:56:20 -0400[diff] [blame]758
759 return vectors
Jaredcd258d52016-04-13 14:03:52 -0700[diff] [blame]760
761
762def load_nist_kbkdf_vectors(vector_data):
763 """
764 Load NIST SP 800-108 KDF Vectors
765 """
766 vectors = []
767 test_data = None
768 tag = {}
769
770 for line in vector_data:
771 line = line.strip()
772
773 if not line or line.startswith("#"):
774 continue
775
776 if line.startswith("[") and line.endswith("]"):
777 tag_data = line[1:-1]
778 name, value = [c.strip() for c in tag_data.split("=")]
779 if value.endswith('_BITS'):
780 value = int(value.split('_')[0])
781 tag.update({name.lower(): value})
782 continue
783
784 tag.update({name.lower(): value.lower()})
785 elif line.startswith("COUNT="):
786 test_data = dict()
787 test_data.update(tag)
788 vectors.append(test_data)
789 elif line.startswith("L"):
790 name, value = [c.strip() for c in line.split("=")]
791 test_data[name.lower()] = int(value)
792 else:
793 name, value = [c.strip() for c in line.split("=")]
794 test_data[name.lower()] = value.encode("ascii")
795
796 return vectors
Paul Kehrera923b002017-06-20 01:12:35 -1000[diff] [blame]797
798
799def load_ed25519_vectors(vector_data):
800 data = []
801 for line in vector_data:
802 secret_key, public_key, message, signature, _ = line.split(':')
803 # In the vectors the first element is secret key + public key
804 secret_key = secret_key[0:64]
805 # In the vectors the signature section is signature + message
806 signature = signature[0:128]
807 data.append({
808 "secret_key": secret_key,
809 "public_key": public_key,
810 "message": message,
811 "signature": signature
812 })
813 return data
Paul Kehrer33a41e72017-06-21 01:39:20 -1000[diff] [blame]814
815
816def load_nist_ccm_vectors(vector_data):
817 test_data = None
818 section_data = None
819 global_data = {}
820 new_section = False
821 data = []
822
823 for line in vector_data:
824 line = line.strip()
825
826 # Blank lines and comments should be ignored
827 if not line or line.startswith("#"):
828 continue
829
830 # Some of the CCM vectors have global values for this. They are always
831 # at the top before the first section header (see: VADT, VNT, VPT)
832 if line.startswith(("Alen", "Plen", "Nlen", "Tlen")):
833 name, value = [c.strip() for c in line.split("=")]
834 global_data[name.lower()] = int(value)
835 continue
836
837 # section headers contain length data we might care about
838 if line.startswith("["):
839 new_section = True
840 section_data = {}
841 section = line[1:-1]
842 items = [c.strip() for c in section.split(",")]
843 for item in items:
844 name, value = [c.strip() for c in item.split("=")]
845 section_data[name.lower()] = int(value)
846 continue
847
848 name, value = [c.strip() for c in line.split("=")]
849
850 if name.lower() in ("key", "nonce") and new_section:
851 section_data[name.lower()] = value.encode("ascii")
852 continue
853
854 new_section = False
855
856 # Payload is sometimes special because these vectors are absurd. Each
857 # example may or may not have a payload. If it does not then the
858 # previous example's payload should be used. We accomplish this by
859 # writing it into the section_data. Because we update each example
860 # with the section data it will be overwritten if a new payload value
861 # is present. NIST should be ashamed of their vector creation.
862 if name.lower() == "payload":
863 section_data[name.lower()] = value.encode("ascii")
864
865 # Result is a special token telling us if the test should pass/fail.
866 # This is only present in the DVPT CCM tests
867 if name.lower() == "result":
868 if value.lower() == "pass":
869 test_data["fail"] = False
870 else:
871 test_data["fail"] = True
872 continue
873
874 # COUNT is a special token that indicates a new block of data
875 if name.lower() == "count":
876 test_data = {}
877 test_data.update(global_data)
878 test_data.update(section_data)
879 data.append(test_data)
880 continue
881 # For all other tokens we simply want the name, value stored in
882 # the dictionary
883 else:
884 test_data[name.lower()] = value.encode("ascii")
885
886 return data
Alex Gaynor2e85a922018-07-16 11:18:33 -0400[diff] [blame]887
888
889class WycheproofTest(object):
890 def __init__(self, testgroup, testcase):
891 self.testgroup = testgroup
892 self.testcase = testcase
893
894 def __repr__(self):
895 return "<WycheproofTest({!r}, {!r}, tcId={})>".format(
896 self.testgroup, self.testcase, self.testcase["tcId"],
897 )
898
899 @property
900 def valid(self):
901 return self.testcase["result"] == "valid"
902
903 @property
904 def acceptable(self):
905 return self.testcase["result"] == "acceptable"
906
Alex Gaynorfeb13452018-07-18 05:20:48 -0500[diff] [blame]907 @property
908 def invalid(self):
909 return self.testcase["result"] == "invalid"
910
Alex Gaynor2e85a922018-07-16 11:18:33 -0400[diff] [blame]911 def has_flag(self, flag):
912 return flag in self.testcase["flags"]
913
914
915def skip_if_wycheproof_none(wycheproof):
916 # This is factored into its own function so we can easily test both
917 # branches
918 if wycheproof is None:
919 pytest.skip("--wycheproof-root not provided")
920
921
922def load_wycheproof_tests(wycheproof, test_file):
923 path = os.path.join(wycheproof, "testvectors", test_file)
924 with open(path) as f:
925 data = json.load(f)
926 for group in data["testGroups"]:
927 cases = group.pop("tests")
928 for c in cases:
929 yield WycheproofTest(group, c)