Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 2120a8e090ff8974d727f76aae5f2f9eac56656c / . / tests / hazmat / primitives / utils.py
blob: 8705cdc42975c916c39da112b03af759d72d16a2 [file] [log] [blame]
Alex Gaynor5951f462014-11-16 09:08:42 -0800[diff] [blame]1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
Alex Gaynorc37feed2014-03-08 08:32:56 -0800[diff] [blame]4
5from __future__ import absolute_import, division, print_function
6
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]7import binascii
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]8import itertools
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]9import os
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]10
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]11import pytest
12
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]13from cryptography.exceptions import (
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]14 AlreadyFinalized, AlreadyUpdated, InvalidSignature, InvalidTag,
15 NotYetFinalized
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]16)
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]17from cryptography.hazmat.primitives import hashes, hmac
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]18from cryptography.hazmat.primitives.asymmetric import rsa
Paul Kehrer21dde562013-11-06 12:22:09 +0800[diff] [blame]19from cryptography.hazmat.primitives.ciphers import Cipher
Ayrxac1a0792014-05-07 17:02:21 +0800[diff] [blame]20from cryptography.hazmat.primitives.kdf.hkdf import HKDF, HKDFExpand
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]21from cryptography.hazmat.primitives.kdf.kbkdf import (
22 CounterLocation, KBKDFHMAC, Mode
23)
Paul Kehrerafc1ccd2014-03-19 11:49:32 -0400[diff] [blame]24from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]25
Paul Kehrerf7f6a9f2013-11-11 20:43:52 -0600[diff] [blame]26from ...utils import load_vectors_from_file
27
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]28
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]29def _load_all_params(path, file_names, param_loader):
30 all_params = []
31 for file_name in file_names:
32 all_params.extend(
33 load_vectors_from_file(os.path.join(path, file_name), param_loader)
34 )
35 return all_params
36
Alex Gaynor4eec0bb2013-12-13 09:12:19 -0800[diff] [blame]37
Alex Gaynor016eed12013-10-16 14:16:04 -0700[diff] [blame]38def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]39 mode_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]40 all_params = _load_all_params(path, file_names, param_loader)
41
42 @pytest.mark.parametrize("params", all_params)
43 def test_encryption(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]44 encrypt_test(backend, cipher_factory, mode_factory, params)
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]45
Alex Gaynorbd458ae2013-10-16 11:59:30 -0700[diff] [blame]46 return test_encryption
47
48
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]49def encrypt_test(backend, cipher_factory, mode_factory, params):
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]50 plaintext = params["plaintext"]
51 ciphertext = params["ciphertext"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]52 cipher = Cipher(
53 cipher_factory(**params),
54 mode_factory(**params),
55 backend=backend
56 )
57 encryptor = cipher.encryptor()
58 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
59 actual_ciphertext += encryptor.finalize()
60 assert actual_ciphertext == binascii.unhexlify(ciphertext)
61 decryptor = cipher.decryptor()
62 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
63 actual_plaintext += decryptor.finalize()
64 assert actual_plaintext == binascii.unhexlify(plaintext)
65
66
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]67def generate_aead_test(param_loader, path, file_names, cipher_factory,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]68 mode_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]69 all_params = _load_all_params(path, file_names, param_loader)
70
71 @pytest.mark.parametrize("params", all_params)
72 def test_aead(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]73 aead_test(backend, cipher_factory, mode_factory, params)
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]74
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]75 return test_aead
76
77
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]78def aead_test(backend, cipher_factory, mode_factory, params):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]79 if params.get("pt") is not None:
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]80 plaintext = params["pt"]
81 ciphertext = params["ct"]
82 aad = params["aad"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]83 if params.get("fail") is True:
84 cipher = Cipher(
85 cipher_factory(binascii.unhexlify(params["key"])),
86 mode_factory(binascii.unhexlify(params["iv"]),
Alex Gaynor8f1b8e82014-06-29 20:43:29 -0700[diff] [blame]87 binascii.unhexlify(params["tag"]),
88 len(binascii.unhexlify(params["tag"]))),
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]89 backend
90 )
91 decryptor = cipher.decryptor()
92 decryptor.authenticate_additional_data(binascii.unhexlify(aad))
93 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
94 with pytest.raises(InvalidTag):
95 decryptor.finalize()
96 else:
97 cipher = Cipher(
98 cipher_factory(binascii.unhexlify(params["key"])),
99 mode_factory(binascii.unhexlify(params["iv"]), None),
100 backend
101 )
102 encryptor = cipher.encryptor()
103 encryptor.authenticate_additional_data(binascii.unhexlify(aad))
104 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
105 actual_ciphertext += encryptor.finalize()
Alex Gaynor8f1b8e82014-06-29 20:43:29 -0700[diff] [blame]106 tag_len = len(binascii.unhexlify(params["tag"]))
107 assert binascii.hexlify(encryptor.tag[:tag_len]) == params["tag"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]108 cipher = Cipher(
109 cipher_factory(binascii.unhexlify(params["key"])),
110 mode_factory(binascii.unhexlify(params["iv"]),
Alex Gaynor8f1b8e82014-06-29 20:43:29 -0700[diff] [blame]111 binascii.unhexlify(params["tag"]),
112 min_tag_length=tag_len),
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]113 backend
114 )
115 decryptor = cipher.decryptor()
116 decryptor.authenticate_additional_data(binascii.unhexlify(aad))
117 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
118 actual_plaintext += decryptor.finalize()
119 assert actual_plaintext == binascii.unhexlify(plaintext)
120
121
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]122def generate_stream_encryption_test(param_loader, path, file_names,
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]123 cipher_factory):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]124 all_params = _load_all_params(path, file_names, param_loader)
125
126 @pytest.mark.parametrize("params", all_params)
127 def test_stream_encryption(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]128 stream_encryption_test(backend, cipher_factory, params)
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]129 return test_stream_encryption
130
131
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]132def stream_encryption_test(backend, cipher_factory, params):
Paul Kehrera620b7d2013-12-20 22:59:02 -0600[diff] [blame]133 plaintext = params["plaintext"]
134 ciphertext = params["ciphertext"]
135 offset = params["offset"]
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]136 cipher = Cipher(cipher_factory(**params), None, backend=backend)
137 encryptor = cipher.encryptor()
138 # throw away offset bytes
139 encryptor.update(b"\x00" * int(offset))
140 actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
141 actual_ciphertext += encryptor.finalize()
142 assert actual_ciphertext == binascii.unhexlify(ciphertext)
143 decryptor = cipher.decryptor()
144 decryptor.update(b"\x00" * int(offset))
145 actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
146 actual_plaintext += decryptor.finalize()
147 assert actual_plaintext == binascii.unhexlify(plaintext)
148
149
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]150def generate_hash_test(param_loader, path, file_names, hash_cls):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]151 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer4da28c32013-11-07 07:50:17 +0800[diff] [blame]152
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]153 @pytest.mark.parametrize("params", all_params)
154 def test_hash(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]155 hash_test(backend, hash_cls, params)
Paul Kehrerbde6fb52013-10-18 18:08:49 -0500[diff] [blame]156 return test_hash
157
158
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]159def hash_test(backend, algorithm, params):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]160 msg, md = params
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]161 m = hashes.Hash(algorithm, backend=backend)
162 m.update(binascii.unhexlify(msg))
163 expected_md = md.replace(" ", "").lower().encode("ascii")
164 assert m.finalize() == binascii.unhexlify(expected_md)
165
166
Paul Kehrerb078d8e2013-12-27 16:33:14 -0600[diff] [blame]167def generate_base_hash_test(algorithm, digest_size, block_size):
168 def test_base_hash(self, backend):
169 base_hash_test(backend, algorithm, digest_size, block_size)
170 return test_base_hash
171
172
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]173def base_hash_test(backend, algorithm, digest_size, block_size):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]174 m = hashes.Hash(algorithm, backend=backend)
175 assert m.algorithm.digest_size == digest_size
176 assert m.algorithm.block_size == block_size
177 m_copy = m.copy()
178 assert m != m_copy
179 assert m._ctx != m_copy._ctx
180
181 m.update(b"abc")
182 copy = m.copy()
183 copy.update(b"123")
184 m.update(b"123")
185 assert copy.finalize() == m.finalize()
186
187
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]188def generate_long_string_hash_test(hash_factory, md):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]189 def test_long_string_hash(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]190 long_string_hash_test(backend, hash_factory, md)
Paul Kehrerc1794072013-10-18 21:42:57 -0500[diff] [blame]191 return test_long_string_hash
192
193
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]194def long_string_hash_test(backend, algorithm, md):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]195 m = hashes.Hash(algorithm, backend=backend)
196 m.update(b"a" * 1000000)
197 assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii"))
198
199
Paul Kehrerb078d8e2013-12-27 16:33:14 -0600[diff] [blame]200def generate_base_hmac_test(hash_cls):
201 def test_base_hmac(self, backend):
202 base_hmac_test(backend, hash_cls)
203 return test_base_hmac
204
205
206def base_hmac_test(backend, algorithm):
207 key = b"ab"
208 h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
209 h_copy = h.copy()
210 assert h != h_copy
211 assert h._ctx != h_copy._ctx
212
213
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]214def generate_hmac_test(param_loader, path, file_names, algorithm):
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]215 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]216
Alex Gaynore5c5eec2013-12-13 08:10:20 -0800[diff] [blame]217 @pytest.mark.parametrize("params", all_params)
218 def test_hmac(self, backend, params):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]219 hmac_test(backend, algorithm, params)
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]220 return test_hmac
221
222
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]223def hmac_test(backend, algorithm, params):
Alex Gaynor36e651c2014-01-27 10:08:35 -0800[diff] [blame]224 msg, md, key = params
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]225 h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
226 h.update(binascii.unhexlify(msg))
227 assert h.finalize() == binascii.unhexlify(md.encode("ascii"))
Paul Kehrer0317b042013-10-28 17:34:27 -0500[diff] [blame]228
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]229
Paul Kehrer1050ddf2014-01-27 21:04:03 -0600[diff] [blame]230def generate_pbkdf2_test(param_loader, path, file_names, algorithm):
231 all_params = _load_all_params(path, file_names, param_loader)
232
233 @pytest.mark.parametrize("params", all_params)
234 def test_pbkdf2(self, backend, params):
235 pbkdf2_test(backend, algorithm, params)
236 return test_pbkdf2
237
238
239def pbkdf2_test(backend, algorithm, params):
240 # Password and salt can contain \0, which should be loaded as a null char.
241 # The NIST loader loads them as literal strings so we replace with the
242 # proper value.
Paul Kehrer1277bc72014-01-28 17:09:59 -0600[diff] [blame]243 kdf = PBKDF2HMAC(
Paul Kehrer1050ddf2014-01-27 21:04:03 -0600[diff] [blame]244 algorithm,
245 int(params["length"]),
246 params["salt"],
247 int(params["iterations"]),
248 backend
249 )
250 derived_key = kdf.derive(params["password"])
251 assert binascii.hexlify(derived_key) == params["derived_key"]
252
253
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]254def generate_aead_exception_test(cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]255 def test_aead_exception(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]256 aead_exception_test(backend, cipher_factory, mode_factory)
Paul Kehrerce9c6112013-11-22 14:10:59 -0600[diff] [blame]257 return test_aead_exception
Paul Kehrer22e80cb2013-11-20 21:27:00 -0600[diff] [blame]258
259
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]260def aead_exception_test(backend, cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]261 cipher = Cipher(
262 cipher_factory(binascii.unhexlify(b"0" * 32)),
263 mode_factory(binascii.unhexlify(b"0" * 24)),
264 backend
265 )
266 encryptor = cipher.encryptor()
267 encryptor.update(b"a" * 16)
268 with pytest.raises(NotYetFinalized):
269 encryptor.tag
270 with pytest.raises(AlreadyUpdated):
271 encryptor.authenticate_additional_data(b"b" * 16)
272 encryptor.finalize()
273 with pytest.raises(AlreadyFinalized):
274 encryptor.authenticate_additional_data(b"b" * 16)
275 with pytest.raises(AlreadyFinalized):
276 encryptor.update(b"b" * 16)
277 with pytest.raises(AlreadyFinalized):
278 encryptor.finalize()
279 cipher = Cipher(
280 cipher_factory(binascii.unhexlify(b"0" * 32)),
281 mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16),
282 backend
283 )
284 decryptor = cipher.decryptor()
285 decryptor.update(b"a" * 16)
286 with pytest.raises(AttributeError):
287 decryptor.tag
Paul Kehrerb91221d2013-12-04 17:56:40 -0600[diff] [blame]288
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]289
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]290def generate_aead_tag_exception_test(cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]291 def test_aead_tag_exception(self, backend):
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]292 aead_tag_exception_test(backend, cipher_factory, mode_factory)
Paul Kehrerb91221d2013-12-04 17:56:40 -0600[diff] [blame]293 return test_aead_tag_exception
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]294
295
Paul Kehrer783479c2013-12-26 21:08:45 -0600[diff] [blame]296def aead_tag_exception_test(backend, cipher_factory, mode_factory):
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]297 cipher = Cipher(
298 cipher_factory(binascii.unhexlify(b"0" * 32)),
299 mode_factory(binascii.unhexlify(b"0" * 24)),
300 backend
301 )
302 with pytest.raises(ValueError):
303 cipher.decryptor()
Alex Gaynor516b1ad2014-01-01 12:28:37 -0800[diff] [blame]304
Paul Kehrerf7b4ede2013-12-21 17:25:19 -0600[diff] [blame]305 with pytest.raises(ValueError):
Alex Gaynor516b1ad2014-01-01 12:28:37 -0800[diff] [blame]306 mode_factory(binascii.unhexlify(b"0" * 24), b"000")
307
Alex Gaynora9477592014-06-30 10:03:22 -0700[diff] [blame]308 with pytest.raises(ValueError):
309 mode_factory(binascii.unhexlify(b"0" * 24), b"000000", 2)
310
Paul Kehrerf7b4ede2013-12-21 17:25:19 -0600[diff] [blame]311 cipher = Cipher(
312 cipher_factory(binascii.unhexlify(b"0" * 32)),
Alex Gaynor21919e22013-12-13 08:56:32 -0800[diff] [blame]313 mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16),
314 backend
315 )
316 with pytest.raises(ValueError):
317 cipher.encryptor()
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]318
319
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]320def hkdf_derive_test(backend, algorithm, params):
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]321 hkdf = HKDF(
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]322 algorithm,
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]323 int(params["l"]),
324 salt=binascii.unhexlify(params["salt"]) or None,
325 info=binascii.unhexlify(params["info"]) or None,
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]326 backend=backend
327 )
328
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]329 okm = hkdf.derive(binascii.unhexlify(params["ikm"]))
330
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]331 assert okm == binascii.unhexlify(params["okm"])
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]332
333
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]334def hkdf_extract_test(backend, algorithm, params):
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]335 hkdf = HKDF(
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]336 algorithm,
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]337 int(params["l"]),
338 salt=binascii.unhexlify(params["salt"]) or None,
339 info=binascii.unhexlify(params["info"]) or None,
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]340 backend=backend
341 )
342
David Reid15fd6432014-01-30 15:28:09 -0800[diff] [blame]343 prk = hkdf._extract(binascii.unhexlify(params["ikm"]))
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]344
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]345 assert prk == binascii.unhexlify(params["prk"])
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]346
347
348def hkdf_expand_test(backend, algorithm, params):
Ayrxac1a0792014-05-07 17:02:21 +0800[diff] [blame]349 hkdf = HKDFExpand(
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]350 algorithm,
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]351 int(params["l"]),
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]352 info=binascii.unhexlify(params["info"]) or None,
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]353 backend=backend
354 )
355
Ayrx2d6cd442014-05-09 14:48:06 +0800[diff] [blame]356 okm = hkdf.derive(binascii.unhexlify(params["prk"]))
David Reid0d492db2014-01-27 17:05:49 -0800[diff] [blame]357
David Reid14367302014-01-27 16:33:31 -0800[diff] [blame]358 assert okm == binascii.unhexlify(params["okm"])
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]359
360
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]361def generate_hkdf_test(param_loader, path, file_names, algorithm):
362 all_params = _load_all_params(path, file_names, param_loader)
363
David Reid5443e9d2014-01-22 17:18:49 -0800[diff] [blame]364 all_tests = [hkdf_extract_test, hkdf_expand_test, hkdf_derive_test]
365
366 @pytest.mark.parametrize(
367 ("params", "hkdf_test"),
368 itertools.product(all_params, all_tests)
369 )
370 def test_hkdf(self, backend, params, hkdf_test):
David Reid66c9cd92014-01-20 16:05:53 -0800[diff] [blame]371 hkdf_test(backend, algorithm, params)
372
373 return test_hkdf
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]374
375
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]376def generate_kbkdf_counter_mode_test(param_loader, path, file_names):
377 all_params = _load_all_params(path, file_names, param_loader)
378
379 @pytest.mark.parametrize("params", all_params)
380 def test_kbkdf(self, backend, params):
381 kbkdf_counter_mode_test(backend, params)
382 return test_kbkdf
383
384
385def kbkdf_counter_mode_test(backend, params):
386 supported_algorithms = {
387 'hmac_sha1': hashes.SHA1,
388 'hmac_sha224': hashes.SHA224,
389 'hmac_sha256': hashes.SHA256,
390 'hmac_sha384': hashes.SHA384,
391 'hmac_sha512': hashes.SHA512,
392 }
393
Paul Kehrercb0fa2e2016-05-29 22:37:33 -0500[diff] [blame]394 supported_counter_locations = {
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]395 "before_fixed": CounterLocation.BeforeFixed,
396 "after_fixed": CounterLocation.AfterFixed,
397 }
398
399 algorithm = supported_algorithms.get(params.get('prf'))
400 if algorithm is None or not backend.hmac_supported(algorithm()):
Paul Kehrercb0fa2e2016-05-29 22:37:33 -0500[diff] [blame]401 pytest.skip("KBKDF does not support algorithm: {0}".format(
402 params.get('prf')
403 ))
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]404
Paul Kehrercb0fa2e2016-05-29 22:37:33 -0500[diff] [blame]405 ctr_loc = supported_counter_locations.get(params.get("ctrlocation"))
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]406 if ctr_loc is None or not isinstance(ctr_loc, CounterLocation):
Paul Kehrercb0fa2e2016-05-29 22:37:33 -0500[diff] [blame]407 pytest.skip("Does not support counter location: {0}".format(
408 params.get('ctrlocation')
Jared6d7fe002016-05-29 17:32:37 -0700[diff] [blame]409 ))
410
411 ctrkdf = KBKDFHMAC(
412 algorithm(),
413 Mode.CounterMode,
414 params['l'] // 8,
415 params['rlen'] // 8,
416 None,
417 ctr_loc,
418 None,
419 None,
420 binascii.unhexlify(params['fixedinputdata']),
421 backend=backend)
422
423 ko = ctrkdf.derive(binascii.unhexlify(params['ki']))
424 assert binascii.hexlify(ko) == params["ko"]
425
426
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]427def generate_rsa_verification_test(param_loader, path, file_names, hash_alg,
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]428 pad_factory):
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]429 all_params = _load_all_params(path, file_names, param_loader)
Paul Kehrer1cfdca22014-03-16 17:57:43 -0400[diff] [blame]430 all_params = [i for i in all_params
431 if i["algorithm"] == hash_alg.name.upper()]
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]432
433 @pytest.mark.parametrize("params", all_params)
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]434 def test_rsa_verification(self, backend, params):
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]435 rsa_verification_test(backend, params, hash_alg, pad_factory)
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]436
Paul Kehrerf29c3c52014-03-19 09:35:40 -0400[diff] [blame]437 return test_rsa_verification
Paul Kehrerb5936a72014-03-13 21:03:00 -0400[diff] [blame]438
439
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]440def rsa_verification_test(backend, params, hash_alg, pad_factory):
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame]441 public_numbers = rsa.RSAPublicNumbers(
442 e=params["public_exponent"],
443 n=params["modulus"]
Paul Kehrer762014e2014-03-16 17:47:22 -0400[diff] [blame]444 )
Paul Kehrer144a4152014-06-20 11:52:37 -0600[diff] [blame]445 public_key = public_numbers.public_key(backend)
Paul Kehrerc85f1792014-03-19 09:45:42 -0400[diff] [blame]446 pad = pad_factory(params, hash_alg)
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]447 verifier = public_key.verifier(
448 binascii.unhexlify(params["s"]),
449 pad,
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame]450 hash_alg
Paul Kehrer762014e2014-03-16 17:47:22 -0400[diff] [blame]451 )
452 verifier.update(binascii.unhexlify(params["msg"]))
Paul Kehrer49c8e212014-03-18 07:54:34 -0400[diff] [blame]453 if params["fail"]:
454 with pytest.raises(InvalidSignature):
455 verifier.verify()
456 else:
457 verifier.verify()
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]458
459
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame]460def _check_rsa_private_numbers(skey):
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]461 assert skey
Paul Kehrer6af3c6e2014-06-06 21:05:23 -0500[diff] [blame]462 pkey = skey.public_numbers
463 assert pkey
464 assert pkey.e
465 assert pkey.n
466 assert skey.d
467 assert skey.p * skey.q == pkey.n
Alex Stapleton458c09b2014-04-23 20:58:37 +0100[diff] [blame]468 assert skey.dmp1 == rsa.rsa_crt_dmp1(skey.d, skey.p)
469 assert skey.dmq1 == rsa.rsa_crt_dmq1(skey.d, skey.q)
470 assert skey.iqmp == rsa.rsa_crt_iqmp(skey.p, skey.q)
Paul Kehrer85c11062014-12-22 07:56:05 -0600[diff] [blame]471
472
473def _check_dsa_private_numbers(skey):
474 assert skey
475 pkey = skey.public_numbers
476 params = pkey.parameter_numbers
477 assert pow(params.g, skey.x, params.p) == pkey.y