| Paul Kehrer | d1c73fd | 2018-07-17 19:33:05 +0800 | [diff] [blame] | 1 | # This file is dual licensed under the terms of the Apache License, Version |
| 2 | # 2.0, and the BSD License. See the LICENSE file in the root of this repository |
| 3 | # for complete details. |
| 4 | |
| 5 | from __future__ import absolute_import, division, print_function |
| 6 | |
| 7 | import binascii |
| 8 | |
| 9 | import pytest |
| 10 | |
| 11 | from cryptography.exceptions import InvalidSignature |
| 12 | from cryptography.hazmat.backends.interfaces import DSABackend |
| 13 | from cryptography.hazmat.primitives import hashes, serialization |
| 14 | |
| 15 | |
| 16 | _DIGESTS = { |
| 17 | "SHA-1": hashes.SHA1(), |
| 18 | "SHA-224": hashes.SHA224(), |
| 19 | "SHA-256": hashes.SHA256(), |
| 20 | } |
| 21 | |
| 22 | |
| 23 | @pytest.mark.requires_backend_interface(interface=DSABackend) |
| 24 | @pytest.mark.wycheproof_tests( |
| 25 | "dsa_test.json", |
| 26 | ) |
| 27 | def test_dsa_signature(backend, wycheproof): |
| 28 | key = serialization.load_der_public_key( |
| 29 | binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend |
| 30 | ) |
| 31 | digest = _DIGESTS[wycheproof.testgroup["sha"]] |
| 32 | |
| 33 | if ( |
| 34 | wycheproof.valid or ( |
| 35 | wycheproof.acceptable and not wycheproof.has_flag("NoLeadingZero") |
| 36 | ) |
| 37 | ): |
| 38 | key.verify( |
| 39 | binascii.unhexlify(wycheproof.testcase["sig"]), |
| 40 | binascii.unhexlify(wycheproof.testcase["msg"]), |
| 41 | digest, |
| 42 | ) |
| 43 | else: |
| 44 | with pytest.raises(InvalidSignature): |
| 45 | key.verify( |
| 46 | binascii.unhexlify(wycheproof.testcase["sig"]), |
| 47 | binascii.unhexlify(wycheproof.testcase["msg"]), |
| 48 | digest, |
| 49 | ) |