Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 6af3c6ed6955030208ecfc09e02492de47c1fa10 / . / tests / hazmat / primitives / utils.py
blob: 54659aa942788255cb538c6557dd0f0ea786d84d [file] [log] [blame]
Alex Gaynorc37feed2014-03-08 08:32:56 -0800[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
10# implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14from __future__ import absolute_import, division, print_function
15
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]16import binascii
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]17import itertools
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]18import os
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]19
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]20import pytest
21
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]22from cryptography.exceptions import (
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]23 AlreadyFinalized, AlreadyUpdated, InvalidSignature, InvalidTag,
24 NotYetFinalized
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]25)
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]26from cryptography.hazmat.primitives import hashes, hmac
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]27from cryptography.hazmat.primitives.asymmetric import rsa
Paul Kehrer21dde562013-11-06 12:22:09 +0800[diff] [blame]28from cryptography.hazmat.primitives.ciphers import Cipher
Ayrxac1a0792014-05-07 17:02:21 +0800[diff] [blame]29from cryptography.hazmat.primitives.kdf.hkdf import HKDF, HKDFExpand
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]30from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]31from cryptography.hazmat.primitives.serialization import (
32 load_rsa_public_numbers
33)
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]34
Paul Kehrerf7f6a9f2013-11-11 20:43:52 -0600[diff] [blame]35from ...utils import load_vectors_from_file
36
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]37
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]38def _load_all_params(path, file_names, param_loader):
39 all_params = []
40 for file_name in file_names:
41 all_params.extend(
42 load_vectors_from_file(os.path.join(path, file_name), param_loader)
43 )
44 return all_params
45
Alex Gaynor4eec0bb2013-12-13 09:12:19 -0800[diff] [blame]46
Alex Gaynor016eed12013-10-16 14:16:04 -0700[diff] [blame]47def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]48 mode_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]49 all_params = _load_all_params(path, file_names, param_loader)
50
51 @pytest.mark.parametrize("params", all_params)
52 def test_encryption(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]53 encrypt_test(backend, cipher_factory, mode_factory, params)
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]54
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]55 return test_encryption
56
57
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]58def encrypt_test(backend, cipher_factory, mode_factory, params):
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]59 plaintext = params["plaintext"]
60 ciphertext = params["ciphertext"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]61 cipher = Cipher(
62 cipher_factory(**params),
63 mode_factory(**params),
64 backend=backend
65 )
66 encryptor = cipher.encryptor()
67 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
68 actual_ciphertext += encryptor.finalize()
69 assert actual_ciphertext == binascii.unhexlify(ciphertext)
70 decryptor = cipher.decryptor()
71 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
72 actual_plaintext += decryptor.finalize()
73 assert actual_plaintext == binascii.unhexlify(plaintext)
74
75
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]76def generate_aead_test(param_loader, path, file_names, cipher_factory,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]77 mode_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]78 all_params = _load_all_params(path, file_names, param_loader)
79
80 @pytest.mark.parametrize("params", all_params)
81 def test_aead(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]82 aead_test(backend, cipher_factory, mode_factory, params)
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]83
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]84 return test_aead
85
86
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]87def aead_test(backend, cipher_factory, mode_factory, params):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]88 if params.get("pt") is not None:
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]89 plaintext = params["pt"]
90 ciphertext = params["ct"]
91 aad = params["aad"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]92 if params.get("fail") is True:
93 cipher = Cipher(
94 cipher_factory(binascii.unhexlify(params["key"])),
95 mode_factory(binascii.unhexlify(params["iv"]),
96 binascii.unhexlify(params["tag"])),
97 backend
98 )
99 decryptor = cipher.decryptor()
100 decryptor.authenticate_additional_data(binascii.unhexlify(aad))
101 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
102 with pytest.raises(InvalidTag):
103 decryptor.finalize()
104 else:
105 cipher = Cipher(
106 cipher_factory(binascii.unhexlify(params["key"])),
107 mode_factory(binascii.unhexlify(params["iv"]), None),
108 backend
109 )
110 encryptor = cipher.encryptor()
111 encryptor.authenticate_additional_data(binascii.unhexlify(aad))
112 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
113 actual_ciphertext += encryptor.finalize()
114 tag_len = len(params["tag"])
115 assert binascii.hexlify(encryptor.tag)[:tag_len] == params["tag"]
116 cipher = Cipher(
117 cipher_factory(binascii.unhexlify(params["key"])),
118 mode_factory(binascii.unhexlify(params["iv"]),
119 binascii.unhexlify(params["tag"])),
120 backend
121 )
122 decryptor = cipher.decryptor()
123 decryptor.authenticate_additional_data(binascii.unhexlify(aad))
124 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
125 actual_plaintext += decryptor.finalize()
126 assert actual_plaintext == binascii.unhexlify(plaintext)
127
128
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]129def generate_stream_encryption_test(param_loader, path, file_names,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]130 cipher_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]131 all_params = _load_all_params(path, file_names, param_loader)
132
133 @pytest.mark.parametrize("params", all_params)
134 def test_stream_encryption(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]135 stream_encryption_test(backend, cipher_factory, params)
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]136 return test_stream_encryption
137
138
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]139def stream_encryption_test(backend, cipher_factory, params):
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]140 plaintext = params["plaintext"]
141 ciphertext = params["ciphertext"]
142 offset = params["offset"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]143 cipher = Cipher(cipher_factory(**params), None, backend=backend)
144 encryptor = cipher.encryptor()
145 # throw away offset bytes
146 encryptor.update(b"\x00" * int(offset))
147 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
148 actual_ciphertext += encryptor.finalize()
149 assert actual_ciphertext == binascii.unhexlify(ciphertext)
150 decryptor = cipher.decryptor()
151 decryptor.update(b"\x00" * int(offset))
152 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
153 actual_plaintext += decryptor.finalize()
154 assert actual_plaintext == binascii.unhexlify(plaintext)
155
156
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]157def generate_hash_test(param_loader, path, file_names, hash_cls):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]158 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]159
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]160 @pytest.mark.parametrize("params", all_params)
161 def test_hash(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]162 hash_test(backend, hash_cls, params)
Paul Kehrerbde6fb52013-10-18 18:08:49 -0500[diff] [blame]163 return test_hash
164
165
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]166def hash_test(backend, algorithm, params):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]167 msg, md = params
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]168 m = hashes.Hash(algorithm, backend=backend)
169 m.update(binascii.unhexlify(msg))
170 expected_md = md.replace(" ", "").lower().encode("ascii")
171 assert m.finalize() == binascii.unhexlify(expected_md)
172
173
Paul Kehrerb078d8e2013-12-27 16:33:14 -0600[diff] [blame]174def generate_base_hash_test(algorithm, digest_size, block_size):
175 def test_base_hash(self, backend):
176 base_hash_test(backend, algorithm, digest_size, block_size)
177 return test_base_hash
178
179
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]180def base_hash_test(backend, algorithm, digest_size, block_size):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]181 m = hashes.Hash(algorithm, backend=backend)
182 assert m.algorithm.digest_size == digest_size
183 assert m.algorithm.block_size == block_size
184 m_copy = m.copy()
185 assert m != m_copy
186 assert m._ctx != m_copy._ctx
187
188 m.update(b"abc")
189 copy = m.copy()
190 copy.update(b"123")
191 m.update(b"123")
192 assert copy.finalize() == m.finalize()
193
194
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]195def generate_long_string_hash_test(hash_factory, md):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]196 def test_long_string_hash(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]197 long_string_hash_test(backend, hash_factory, md)
Paul Kehrerc1794072013-10-18 21:42:57 -0500[diff] [blame]198 return test_long_string_hash
199
200
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]201def long_string_hash_test(backend, algorithm, md):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]202 m = hashes.Hash(algorithm, backend=backend)
203 m.update(b"a" * 1000000)
204 assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii"))
205
206
Paul Kehrerb078d8e2013-12-27 16:33:14 -0600[diff] [blame]207def generate_base_hmac_test(hash_cls):
208 def test_base_hmac(self, backend):
209 base_hmac_test(backend, hash_cls)
210 return test_base_hmac
211
212
213def base_hmac_test(backend, algorithm):
214 key = b"ab"
215 h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
216 h_copy = h.copy()
217 assert h != h_copy
218 assert h._ctx != h_copy._ctx
219
220
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]221def generate_hmac_test(param_loader, path, file_names, algorithm):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]222 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]223
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]224 @pytest.mark.parametrize("params", all_params)
225 def test_hmac(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]226 hmac_test(backend, algorithm, params)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]227 return test_hmac
228
229
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]230def hmac_test(backend, algorithm, params):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]231 msg, md, key = params
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]232 h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
233 h.update(binascii.unhexlify(msg))
234 assert h.finalize() == binascii.unhexlify(md.encode("ascii"))
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]235
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]236
Paul Kehrer1050ddf2014-01-27 21:04:03 -0600[diff] [blame]237def generate_pbkdf2_test(param_loader, path, file_names, algorithm):
238 all_params = _load_all_params(path, file_names, param_loader)
239
240 @pytest.mark.parametrize("params", all_params)
241 def test_pbkdf2(self, backend, params):
242 pbkdf2_test(backend, algorithm, params)
243 return test_pbkdf2
244
245
246def pbkdf2_test(backend, algorithm, params):
247 # Password and salt can contain \0, which should be loaded as a null char.
248 # The NIST loader loads them as literal strings so we replace with the
249 # proper value.
Paul Kehrer1277bc72014-01-28 17:09:59 -0600[diff] [blame]250 kdf = PBKDF2HMAC(
Paul Kehrer1050ddf2014-01-27 21:04:03 -0600[diff] [blame]251 algorithm,
252 int(params["length"]),
253 params["salt"],
254 int(params["iterations"]),
255 backend
256 )
257 derived_key = kdf.derive(params["password"])
258 assert binascii.hexlify(derived_key) == params["derived_key"]
259
260
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]261def generate_aead_exception_test(cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]262 def test_aead_exception(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]263 aead_exception_test(backend, cipher_factory, mode_factory)
Paul Kehrerce9c6112013-11-22 14:10:59 -0600[diff] [blame]264 return test_aead_exception
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]265
266
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]267def aead_exception_test(backend, cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]268 cipher = Cipher(
269 cipher_factory(binascii.unhexlify(b"0" * 32)),
270 mode_factory(binascii.unhexlify(b"0" * 24)),
271 backend
272 )
273 encryptor = cipher.encryptor()
274 encryptor.update(b"a" * 16)
275 with pytest.raises(NotYetFinalized):
276 encryptor.tag
277 with pytest.raises(AlreadyUpdated):
278 encryptor.authenticate_additional_data(b"b" * 16)
279 encryptor.finalize()
280 with pytest.raises(AlreadyFinalized):
281 encryptor.authenticate_additional_data(b"b" * 16)
282 with pytest.raises(AlreadyFinalized):
283 encryptor.update(b"b" * 16)
284 with pytest.raises(AlreadyFinalized):
285 encryptor.finalize()
286 cipher = Cipher(
287 cipher_factory(binascii.unhexlify(b"0" * 32)),
288 mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16),
289 backend
290 )
291 decryptor = cipher.decryptor()
292 decryptor.update(b"a" * 16)
293 with pytest.raises(AttributeError):
294 decryptor.tag
Paul Kehrerb91221d2013-12-04 17:56:40 -0600[diff] [blame]295
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]296
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]297def generate_aead_tag_exception_test(cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]298 def test_aead_tag_exception(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]299 aead_tag_exception_test(backend, cipher_factory, mode_factory)
Paul Kehrerb91221d2013-12-04 17:56:40 -0600[diff] [blame]300 return test_aead_tag_exception
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]301
302
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]303def aead_tag_exception_test(backend, cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]304 cipher = Cipher(
305 cipher_factory(binascii.unhexlify(b"0" * 32)),
306 mode_factory(binascii.unhexlify(b"0" * 24)),
307 backend
308 )
309 with pytest.raises(ValueError):
310 cipher.decryptor()
Alex Gaynor516b1ad2014-01-01 12:28:37 -0800[diff] [blame]311
Paul Kehrerf7b4ede2013-12-21 17:25:19 -0600[diff] [blame]312 with pytest.raises(ValueError):
Alex Gaynor516b1ad2014-01-01 12:28:37 -0800[diff] [blame]313 mode_factory(binascii.unhexlify(b"0" * 24), b"000")
314
Paul Kehrerf7b4ede2013-12-21 17:25:19 -0600[diff] [blame]315 cipher = Cipher(
316 cipher_factory(binascii.unhexlify(b"0" * 32)),
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]317 mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16),
318 backend
319 )
320 with pytest.raises(ValueError):
321 cipher.encryptor()
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]322
323
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]324def hkdf_derive_test(backend, algorithm, params):
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]325 hkdf = HKDF(
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]326 algorithm,
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]327 int(params["l"]),
328 salt=binascii.unhexlify(params["salt"]) or None,
329 info=binascii.unhexlify(params["info"]) or None,
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]330 backend=backend
331 )
332
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]333 okm = hkdf.derive(binascii.unhexlify(params["ikm"]))
334
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]335 assert okm == binascii.unhexlify(params["okm"])
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]336
337
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]338def hkdf_extract_test(backend, algorithm, params):
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]339 hkdf = HKDF(
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]340 algorithm,
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]341 int(params["l"]),
342 salt=binascii.unhexlify(params["salt"]) or None,
343 info=binascii.unhexlify(params["info"]) or None,
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]344 backend=backend
345 )
346
David Reid15fd6432014-01-30 15:28:09 -0800[diff] [blame]347 prk = hkdf._extract(binascii.unhexlify(params["ikm"]))
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]348
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]349 assert prk == binascii.unhexlify(params["prk"])
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]350
351
352def hkdf_expand_test(backend, algorithm, params):
Ayrxac1a0792014-05-07 17:02:21 +0800[diff] [blame]353 hkdf = HKDFExpand(
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]354 algorithm,
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]355 int(params["l"]),
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]356 info=binascii.unhexlify(params["info"]) or None,
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]357 backend=backend
358 )
359
Ayrx2d6cd442014-05-09 14:48:06 +0800[diff] [blame]360 okm = hkdf.derive(binascii.unhexlify(params["prk"]))
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]361
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]362 assert okm == binascii.unhexlify(params["okm"])
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]363
364
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]365def generate_hkdf_test(param_loader, path, file_names, algorithm):
366 all_params = _load_all_params(path, file_names, param_loader)
367
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]368 all_tests = [hkdf_extract_test, hkdf_expand_test, hkdf_derive_test]
369
370 @pytest.mark.parametrize(
371 ("params", "hkdf_test"),
372 itertools.product(all_params, all_tests)
373 )
374 def test_hkdf(self, backend, params, hkdf_test):
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]375 hkdf_test(backend, algorithm, params)
376
377 return test_hkdf
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]378
379
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]380def generate_rsa_verification_test(param_loader, path, file_names, hash_alg,
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]381 pad_factory):
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]382 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer1cfdca22014-03-16 17:57:43 -0400[diff] [blame]383 all_params = [i for i in all_params
384 if i["algorithm"] == hash_alg.name.upper()]
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]385
386 @pytest.mark.parametrize("params", all_params)
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]387 def test_rsa_verification(self, backend, params):
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]388 rsa_verification_test(backend, params, hash_alg, pad_factory)
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]389
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]390 return test_rsa_verification
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]391
392
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]393def rsa_verification_test(backend, params, hash_alg, pad_factory):
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]394 public_numbers = rsa.RSAPublicNumbers(
395 e=params["public_exponent"],
396 n=params["modulus"]
Paul Kehrer762014e2014-03-16 17:47:22 -0400[diff] [blame]397 )
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]398 public_key = load_rsa_public_numbers(public_numbers, backend)
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]399 pad = pad_factory(params, hash_alg)
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]400 verifier = public_key.verifier(
401 binascii.unhexlify(params["s"]),
402 pad,
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]403 hash_alg
Paul Kehrer762014e2014-03-16 17:47:22 -0400[diff] [blame]404 )
405 verifier.update(binascii.unhexlify(params["msg"]))
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]406 if params["fail"]:
407 with pytest.raises(InvalidSignature):
408 verifier.verify()
409 else:
410 verifier.verify()
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]411
412
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]413def _check_rsa_private_numbers(skey):
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]414 assert skey
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame^]415 pkey = skey.public_numbers
416 assert pkey
417 assert pkey.e
418 assert pkey.n
419 assert skey.d
420 assert skey.p * skey.q == pkey.n
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]421 assert skey.dmp1 == rsa.rsa_crt_dmp1(skey.d, skey.p)
422 assert skey.dmq1 == rsa.rsa_crt_dmq1(skey.d, skey.q)
423 assert skey.iqmp == rsa.rsa_crt_iqmp(skey.p, skey.q)