diff options
author | Alex Stapleton <alexs@prol.etari.at> | 2014-03-26 20:26:49 +0000 |
---|---|---|
committer | Alex Stapleton <alexs@prol.etari.at> | 2014-03-27 12:53:55 +0000 |
commit | 4c1401a3745af97fcd398ff5b7f0dcb94f5292a0 (patch) | |
tree | 5e9a953a04398bea99b95e07044eb917c28f56b3 | |
parent | f33ccfcc8e611359a65235d72423fc9c62b438da (diff) | |
download | cryptography-4c1401a3745af97fcd398ff5b7f0dcb94f5292a0.tar.gz cryptography-4c1401a3745af97fcd398ff5b7f0dcb94f5292a0.tar.bz2 cryptography-4c1401a3745af97fcd398ff5b7f0dcb94f5292a0.zip |
Update tests and raise sites
19 files changed, 165 insertions, 100 deletions
diff --git a/cryptography/hazmat/backends/commoncrypto/backend.py b/cryptography/hazmat/backends/commoncrypto/backend.py index f45c91da..4faca73e 100644 --- a/cryptography/hazmat/backends/commoncrypto/backend.py +++ b/cryptography/hazmat/backends/commoncrypto/backend.py @@ -17,7 +17,7 @@ from collections import namedtuple from cryptography import utils from cryptography.exceptions import ( - InternalError, InvalidTag, UnsupportedAlgorithm + InternalError, InvalidTag, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import ( CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend @@ -276,7 +276,8 @@ class _CipherContext(object): raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend".format( - cipher.name, mode.name if mode else mode) + cipher.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) ctx = self._backend._ffi.new("CCCryptorRef *") @@ -349,7 +350,8 @@ class _GCMCipherContext(object): raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend".format( - cipher.name, mode.name if mode else mode) + cipher.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) ctx = self._backend._ffi.new("CCCryptorRef *") @@ -422,7 +424,8 @@ class _HashContext(object): except KeyError: raise UnsupportedAlgorithm( "{0} is not a supported hash on this backend".format( - algorithm.name) + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) ctx = self._backend._ffi.new(methods.ctx) res = methods.hash_init(ctx) @@ -465,7 +468,8 @@ class _HMACContext(object): except KeyError: raise UnsupportedAlgorithm( "{0} is not a supported HMAC hash on this backend".format( - algorithm.name) + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) self._backend._lib.CCHmacInit(ctx, alg, key, len(key)) diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 35769ac1..2a1ec439 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -14,7 +14,7 @@ from __future__ import absolute_import, division, print_function from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend ) @@ -49,7 +49,9 @@ class MultiBackend(object): except UnsupportedAlgorithm: pass raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." + "cipher {0} in {1} mode is not supported by this backend".format( + algorithm.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) def create_symmetric_decryption_ctx(self, algorithm, mode): @@ -59,7 +61,9 @@ class MultiBackend(object): except UnsupportedAlgorithm: pass raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." + "cipher {0} in {1} mode is not supported by this backend".format( + algorithm.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) def hash_supported(self, algorithm): @@ -75,7 +79,9 @@ class MultiBackend(object): except UnsupportedAlgorithm: pass raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." + "{0} is not a supported hash on this backend".format( + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) def hmac_supported(self, algorithm): @@ -91,7 +97,9 @@ class MultiBackend(object): except UnsupportedAlgorithm: pass raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." + "{0} is not a supported hash on this backend".format( + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) def pbkdf2_hmac_supported(self, algorithm): @@ -110,28 +118,24 @@ class MultiBackend(object): except UnsupportedAlgorithm: pass raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." + "{0} is not a supported hash on this backend".format( + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) def generate_rsa_private_key(self, public_exponent, key_size): for b in self._filtered_backends(RSABackend): return b.generate_rsa_private_key(public_exponent, key_size) - raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." - ) + raise UnsupportedAlgorithm("RSA is not supported by the backend") def create_rsa_signature_ctx(self, private_key, padding, algorithm): for b in self._filtered_backends(RSABackend): return b.create_rsa_signature_ctx(private_key, padding, algorithm) - raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." - ) + raise UnsupportedAlgorithm("RSA is not supported by the backend") def create_rsa_verification_ctx(self, public_key, signature, padding, algorithm): for b in self._filtered_backends(RSABackend): return b.create_rsa_verification_ctx(public_key, signature, padding, algorithm) - raise UnsupportedAlgorithm( - "None of the constituents backends support this algorithm." - ) + raise UnsupportedAlgorithm("RSA is not supported by the backend") diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index eb5f0e12..753717d4 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -22,7 +22,7 @@ import six from cryptography import utils from cryptography.exceptions import ( AlreadyFinalized, InternalError, InvalidSignature, InvalidTag, - UnsupportedAlgorithm + UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import ( CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend @@ -222,7 +222,8 @@ class Backend(object): if not isinstance(algorithm, hashes.SHA1): raise UnsupportedAlgorithm( "This version of OpenSSL only supports PBKDF2HMAC with " - "SHA1" + "SHA1", + _Reasons.UNSUPPORTED_HASH ) res = self._lib.PKCS5_PBKDF2_HMAC_SHA1( key_material, @@ -267,14 +268,17 @@ class Backend(object): def _bn_to_int(self, bn): if six.PY3: # Python 3 has constant time from_bytes, so use that. + bn_num_bytes = (self._lib.BN_num_bits(bn) + 7) // 8 bin_ptr = self._ffi.new("unsigned char[]", bn_num_bytes) bin_len = self._lib.BN_bn2bin(bn, bin_ptr) assert bin_len > 0 assert bin_ptr != self._ffi.NULL return int.from_bytes(self._ffi.buffer(bin_ptr)[:bin_len], "big") + else: # Under Python 2 the best we can do is hex() + hex_cdata = self._lib.BN_bn2hex(bn) assert hex_cdata != self._ffi.NULL hex_str = self._ffi.string(hex_cdata) @@ -291,10 +295,12 @@ class Backend(object): if six.PY3: # Python 3 has constant time to_bytes, so use that. + binary = num.to_bytes(int(num.bit_length() / 8.0 + 1), "big") bn_ptr = self._lib.BN_bin2bn(binary, len(binary), self._ffi.NULL) assert bn_ptr != self._ffi.NULL return bn_ptr + else: # Under Python 2 the best we can do is hex() @@ -450,7 +456,8 @@ class _CipherContext(object): raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend".format( - cipher.name, mode.name if mode else mode) + cipher.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) evp_cipher = adapter(self._backend, cipher, mode) @@ -458,7 +465,8 @@ class _CipherContext(object): raise UnsupportedAlgorithm( "cipher {0} in {1} mode is not supported " "by this backend".format( - cipher.name, mode.name if mode else mode) + cipher.name, mode.name if mode else mode), + _Reasons.UNSUPPORTED_CIPHER ) if isinstance(mode, interfaces.ModeWithInitializationVector): @@ -598,7 +606,8 @@ class _HashContext(object): if evp_md == self._backend._ffi.NULL: raise UnsupportedAlgorithm( "{0} is not a supported hash on this backend".format( - algorithm.name) + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) res = self._backend._lib.EVP_DigestInit_ex(ctx, evp_md, self._backend._ffi.NULL) @@ -648,7 +657,8 @@ class _HMACContext(object): if evp_md == self._backend._ffi.NULL: raise UnsupportedAlgorithm( "{0} is not a supported hash on this backend".format( - algorithm.name) + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) res = self._backend._lib.Cryptography_HMAC_Init_ex( ctx, key, len(key), evp_md, self._backend._ffi.NULL @@ -734,7 +744,8 @@ class _RSASignatureContext(object): if not self._backend.mgf1_hash_supported(padding._mgf._algorithm): raise UnsupportedAlgorithm( "When OpenSSL is older than 1.0.1 then only SHA1 is " - "supported with MGF1." + "supported with MGF1.", + _Reasons.UNSUPPORTED_HASH ) if self._backend._lib.Cryptography_HAS_PKEY_CTX: @@ -744,7 +755,8 @@ class _RSASignatureContext(object): self._finalize_method = self._finalize_pss else: raise UnsupportedAlgorithm( - "{0} is not supported by this backend".format(padding.name) + "{0} is not supported by this backend".format(padding.name), + _Reasons.UNSUPPORTED_PADDING ) self._padding = padding @@ -918,7 +930,8 @@ class _RSAVerificationContext(object): if not self._backend.mgf1_hash_supported(padding._mgf._algorithm): raise UnsupportedAlgorithm( "When OpenSSL is older than 1.0.1 then only SHA1 is " - "supported with MGF1." + "supported with MGF1.", + _Reasons.UNSUPPORTED_HASH ) if self._backend._lib.Cryptography_HAS_PKEY_CTX: @@ -928,8 +941,8 @@ class _RSAVerificationContext(object): self._verify_method = self._verify_pss else: raise UnsupportedAlgorithm( - "OpenSSL backend doesn't support {0} for padding. Only PSS " - "(recommended) and PKCS1v15 are supported." + "{0} is not supported by this backend".format(padding.name), + _Reasons.UNSUPPORTED_PADDING ) self._padding = padding diff --git a/cryptography/hazmat/primitives/asymmetric/rsa.py b/cryptography/hazmat/primitives/asymmetric/rsa.py index 6fe6a265..94cc4645 100644 --- a/cryptography/hazmat/primitives/asymmetric/rsa.py +++ b/cryptography/hazmat/primitives/asymmetric/rsa.py @@ -16,7 +16,7 @@ from __future__ import absolute_import, division, print_function import six from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import RSABackend from cryptography.hazmat.primitives import interfaces @@ -45,7 +45,9 @@ class RSAPublicKey(object): def verifier(self, signature, padding, algorithm, backend): if not isinstance(backend, RSABackend): raise UnsupportedAlgorithm( - "Backend object does not implement RSABackend") + "Backend object does not implement RSABackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) return backend.create_rsa_verification_ctx(self, signature, padding, algorithm) @@ -136,14 +138,18 @@ class RSAPrivateKey(object): def generate(cls, public_exponent, key_size, backend): if not isinstance(backend, RSABackend): raise UnsupportedAlgorithm( - "Backend object does not implement RSABackend") + "Backend object does not implement RSABackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) return backend.generate_rsa_private_key(public_exponent, key_size) def signer(self, padding, algorithm, backend): if not isinstance(backend, RSABackend): raise UnsupportedAlgorithm( - "Backend object does not implement RSABackend") + "Backend object does not implement RSABackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) return backend.create_rsa_signature_ctx(self, padding, algorithm) diff --git a/cryptography/hazmat/primitives/ciphers/base.py b/cryptography/hazmat/primitives/ciphers/base.py index f6c964d3..2274e945 100644 --- a/cryptography/hazmat/primitives/ciphers/base.py +++ b/cryptography/hazmat/primitives/ciphers/base.py @@ -15,7 +15,8 @@ from __future__ import absolute_import, division, print_function from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, AlreadyUpdated, NotYetFinalized, UnsupportedAlgorithm + AlreadyFinalized, AlreadyUpdated, NotYetFinalized, UnsupportedAlgorithm, + _Reasons ) from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives import interfaces @@ -25,7 +26,9 @@ class Cipher(object): def __init__(self, algorithm, mode, backend): if not isinstance(backend, CipherBackend): raise UnsupportedAlgorithm( - "Backend object does not implement CipherBackend") + "Backend object does not implement CipherBackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) if not isinstance(algorithm, interfaces.CipherAlgorithm): raise TypeError("Expected interface of interfaces.CipherAlgorithm") diff --git a/cryptography/hazmat/primitives/hashes.py b/cryptography/hazmat/primitives/hashes.py index d110c822..35b677b0 100644 --- a/cryptography/hazmat/primitives/hashes.py +++ b/cryptography/hazmat/primitives/hashes.py @@ -16,7 +16,9 @@ from __future__ import absolute_import, division, print_function import six from cryptography import utils -from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm +from cryptography.exceptions import ( + AlreadyFinalized, UnsupportedAlgorithm, _Reasons +) from cryptography.hazmat.backends.interfaces import HashBackend from cryptography.hazmat.primitives import interfaces @@ -26,7 +28,9 @@ class Hash(object): def __init__(self, algorithm, backend, ctx=None): if not isinstance(backend, HashBackend): raise UnsupportedAlgorithm( - "Backend object does not implement HashBackend") + "Backend object does not implement HashBackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) if not isinstance(algorithm, interfaces.HashAlgorithm): raise TypeError("Expected instance of interfaces.HashAlgorithm.") diff --git a/cryptography/hazmat/primitives/hmac.py b/cryptography/hazmat/primitives/hmac.py index 3dfabef3..afbb2f75 100644 --- a/cryptography/hazmat/primitives/hmac.py +++ b/cryptography/hazmat/primitives/hmac.py @@ -17,7 +17,7 @@ import six from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm + AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time, interfaces @@ -28,7 +28,9 @@ class HMAC(object): def __init__(self, key, algorithm, backend, ctx=None): if not isinstance(backend, HMACBackend): raise UnsupportedAlgorithm( - "Backend object does not implement HMACBackend") + "Backend object does not implement HMACBackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) if not isinstance(algorithm, interfaces.HashAlgorithm): raise TypeError("Expected instance of interfaces.HashAlgorithm.") diff --git a/cryptography/hazmat/primitives/kdf/hkdf.py b/cryptography/hazmat/primitives/kdf/hkdf.py index 2a733b93..03500aaa 100644 --- a/cryptography/hazmat/primitives/kdf/hkdf.py +++ b/cryptography/hazmat/primitives/kdf/hkdf.py @@ -17,7 +17,7 @@ import six from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidKey, UnsupportedAlgorithm + AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time, hmac, interfaces @@ -28,7 +28,9 @@ class HKDF(object): def __init__(self, algorithm, length, salt, info, backend): if not isinstance(backend, HMACBackend): raise UnsupportedAlgorithm( - "Backend object does not implement HMACBackend") + "Backend object does not implement HMACBackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) self._algorithm = algorithm diff --git a/cryptography/hazmat/primitives/kdf/pbkdf2.py b/cryptography/hazmat/primitives/kdf/pbkdf2.py index ab1e3687..bec35bb2 100644 --- a/cryptography/hazmat/primitives/kdf/pbkdf2.py +++ b/cryptography/hazmat/primitives/kdf/pbkdf2.py @@ -17,7 +17,7 @@ import six from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidKey, UnsupportedAlgorithm + AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import PBKDF2HMACBackend from cryptography.hazmat.primitives import constant_time, interfaces @@ -28,12 +28,15 @@ class PBKDF2HMAC(object): def __init__(self, algorithm, length, salt, iterations, backend): if not isinstance(backend, PBKDF2HMACBackend): raise UnsupportedAlgorithm( - "Backend object does not implement PBKDF2HMACBackend") + "Backend object does not implement PBKDF2HMACBackend", + _Reasons.BACKEND_MISSING_INTERFACE + ) if not backend.pbkdf2_hmac_supported(algorithm): raise UnsupportedAlgorithm( "{0} is not supported for PBKDF2 by this backend".format( - algorithm.name) + algorithm.name), + _Reasons.UNSUPPORTED_HASH ) self._used = False self._algorithm = algorithm diff --git a/tests/hazmat/backends/test_commoncrypto.py b/tests/hazmat/backends/test_commoncrypto.py index dc6c8c5b..40a9f4a1 100644 --- a/tests/hazmat/backends/test_commoncrypto.py +++ b/tests/hazmat/backends/test_commoncrypto.py @@ -16,13 +16,17 @@ from __future__ import absolute_import, division, print_function import pytest from cryptography import utils -from cryptography.exceptions import InternalError, UnsupportedAlgorithm +from cryptography.exceptions import ( + InternalError, _Reasons +) from cryptography.hazmat.bindings.commoncrypto.binding import Binding from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.base import Cipher from cryptography.hazmat.primitives.ciphers.modes import CBC, GCM +from ...utils import raises_unsupported_algorithm + @utils.register_interface(interfaces.CipherAlgorithm) class DummyCipher(object): @@ -63,5 +67,5 @@ class TestCommonCrypto(object): cipher = Cipher( DummyCipher(), GCM(b"fake_iv_here"), backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.encryptor() diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 7ab9e446..b7bcaf69 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -16,7 +16,9 @@ from __future__ import absolute_import, division, print_function import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import ( + UnsupportedAlgorithm, _Reasons +) from cryptography.hazmat.backends.interfaces import ( CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend ) @@ -25,6 +27,8 @@ from cryptography.hazmat.primitives import hashes, hmac from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from ...utils import raises_unsupported_algorithm + @utils.register_interface(CipherBackend) class DummyCipherBackend(object): @@ -36,11 +40,11 @@ class DummyCipherBackend(object): def create_symmetric_encryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm(None) + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_CIPHER) def create_symmetric_decryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm(None) + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_CIPHER) @utils.register_interface(HashBackend) @@ -53,7 +57,7 @@ class DummyHashBackend(object): def create_hash_ctx(self, algorithm): if not self.hash_supported(algorithm): - raise UnsupportedAlgorithm(None) + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_HASH) @utils.register_interface(HMACBackend) @@ -66,7 +70,7 @@ class DummyHMACBackend(object): def create_hmac_ctx(self, key, algorithm): if not self.hmac_supported(algorithm): - raise UnsupportedAlgorithm(None) + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_HASH) @utils.register_interface(PBKDF2HMACBackend) @@ -80,7 +84,7 @@ class DummyPBKDF2HMACBackend(object): def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, key_material): if not self.pbkdf2_hmac_supported(algorithm): - raise UnsupportedAlgorithm(None) + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_HASH) @utils.register_interface(RSABackend) @@ -121,9 +125,9 @@ class TestMultiBackend(object): modes.CBC(b"\x00" * 16), backend=backend ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.encryptor() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.decryptor() def test_hashes(self): @@ -134,7 +138,7 @@ class TestMultiBackend(object): hashes.Hash(hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): hashes.Hash(hashes.SHA1(), backend=backend) def test_hmac(self): @@ -145,7 +149,7 @@ class TestMultiBackend(object): hmac.HMAC(b"", hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): hmac.HMAC(b"", hashes.SHA1(), backend=backend) def test_pbkdf2(self): @@ -156,7 +160,7 @@ class TestMultiBackend(object): backend.derive_pbkdf2_hmac(hashes.MD5(), 10, b"", 10, b"") - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): backend.derive_pbkdf2_hmac(hashes.SHA1(), 10, b"", 10, b"") def test_rsa(self): diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index fdc661f0..016da0fc 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -16,7 +16,9 @@ from __future__ import absolute_import, division, print_function import pytest from cryptography import utils -from cryptography.exceptions import InternalError, UnsupportedAlgorithm +from cryptography.exceptions import ( + InternalError, _Reasons +) from cryptography.hazmat.backends.openssl.backend import Backend, backend from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import padding, rsa @@ -24,6 +26,8 @@ from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC +from ...utils import raises_unsupported_algorithm + @utils.register_interface(interfaces.Mode) class DummyMode(object): @@ -76,7 +80,7 @@ class TestOpenSSL(object): cipher = Cipher( DummyCipher(), mode, backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.encryptor() def test_consume_errors(self): @@ -138,7 +142,7 @@ class TestOpenSSL(object): def test_derive_pbkdf2_raises_unsupported_on_old_openssl(self): if backend.pbkdf2_hmac_supported(hashes.SHA256()): pytest.skip("Requires an older OpenSSL") - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): backend.derive_pbkdf2_hmac(hashes.SHA256(), 10, b"", 1000, b"") @pytest.mark.skipif( @@ -151,7 +155,7 @@ class TestOpenSSL(object): key_size=512, backend=backend ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): private_key.signer( padding.PSS( mgf=padding.MGF1( @@ -163,7 +167,7 @@ class TestOpenSSL(object): backend ) public_key = private_key.public_key() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): public_key.verifier( b"sig", padding.PSS( diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index e9ea7fb0..68d6c849 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -18,7 +18,9 @@ import binascii import pytest from cryptography import utils -from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm +from cryptography.exceptions import ( + AlreadyFinalized, _Reasons +) from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers import ( Cipher, algorithms, modes @@ -27,6 +29,7 @@ from cryptography.hazmat.primitives.ciphers import ( from .utils import ( generate_aead_exception_test, generate_aead_tag_exception_test ) +from ...utils import raises_unsupported_algorithm @utils.register_interface(interfaces.Mode) @@ -114,10 +117,10 @@ class TestCipherContext(object): cipher = Cipher( DummyCipher(), mode, backend ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.encryptor() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cipher.decryptor() def test_incorrectly_padded(self, backend): diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index 827b3b90..9f8123eb 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -17,13 +17,15 @@ import binascii import pytest -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import _Reasons from cryptography.hazmat.primitives import ciphers from cryptography.hazmat.primitives.ciphers.algorithms import ( AES, ARC4, Blowfish, CAST5, Camellia, IDEA, TripleDES ) from cryptography.hazmat.primitives.ciphers.modes import ECB +from ...utils import raises_unsupported_algorithm + class TestAES(object): @pytest.mark.parametrize(("key", "keysize"), [ @@ -128,5 +130,5 @@ class TestIDEA(object): def test_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): ciphers.Cipher(AES(b"AAAAAAAAAAAAAAAA"), ECB, pretend_backend) diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index ce8e92a3..ffd65bde 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -20,11 +20,14 @@ import pytest import six from cryptography import utils -from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm +from cryptography.exceptions import ( + AlreadyFinalized, _Reasons +) from cryptography.hazmat.backends.interfaces import HashBackend from cryptography.hazmat.primitives import hashes, interfaces from .utils import generate_base_hash_test +from ...utils import raises_unsupported_algorithm @utils.register_interface(interfaces.HashAlgorithm) @@ -70,7 +73,7 @@ class TestHashContext(object): h.finalize() def test_unsupported_hash(self, backend): - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): hashes.Hash(UnsupportedDummyHash(), backend) @@ -181,5 +184,5 @@ class TestMD5(object): def test_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): hashes.Hash(hashes.SHA1(), pretend_backend) diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py index b3d412c5..2e3c0c3d 100644 --- a/tests/hazmat/primitives/test_hkdf.py +++ b/tests/hazmat/primitives/test_hkdf.py @@ -18,11 +18,13 @@ import pytest import six from cryptography.exceptions import ( - AlreadyFinalized, InvalidKey, UnsupportedAlgorithm + AlreadyFinalized, InvalidKey, _Reasons ) from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.hkdf import HKDF +from ...utils import raises_unsupported_algorithm + @pytest.mark.hmac class TestHKDF(object): @@ -152,5 +154,5 @@ class TestHKDF(object): def test_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): HKDF(hashes.SHA256(), 16, None, None, pretend_backend) diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index cdf8909d..77dfb6be 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -21,12 +21,13 @@ import six from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm + AlreadyFinalized, InvalidSignature, _Reasons ) from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes, hmac, interfaces from .utils import generate_base_hmac_test +from ...utils import raises_unsupported_algorithm @utils.register_interface(interfaces.HashAlgorithm) @@ -106,12 +107,12 @@ class TestHMAC(object): h.verify(six.u('')) def test_unsupported_hash(self, backend): - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): hmac.HMAC(b"key", UnsupportedDummyHash(), backend) def test_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): hmac.HMAC(b"key", hashes.SHA1(), pretend_backend) diff --git a/tests/hazmat/primitives/test_pbkdf2hmac.py b/tests/hazmat/primitives/test_pbkdf2hmac.py index ebc5fbf5..62ca0921 100644 --- a/tests/hazmat/primitives/test_pbkdf2hmac.py +++ b/tests/hazmat/primitives/test_pbkdf2hmac.py @@ -18,12 +18,14 @@ import six from cryptography import utils from cryptography.exceptions import ( - AlreadyFinalized, InvalidKey, UnsupportedAlgorithm + AlreadyFinalized, InvalidKey, _Reasons ) from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC +from ...utils import raises_unsupported_algorithm + @utils.register_interface(interfaces.HashAlgorithm) class DummyHash(object): @@ -48,7 +50,7 @@ class TestPBKDF2HMAC(object): kdf.verify(b"password", key) def test_unsupported_algorithm(self): - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_HASH): PBKDF2HMAC(DummyHash(), 20, b"salt", 10, default_backend()) def test_invalid_key(self): @@ -72,5 +74,5 @@ class TestPBKDF2HMAC(object): def test_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, pretend_backend) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 2d3ce092..5d94e790 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -21,16 +21,15 @@ import os import pytest -from cryptography import utils -from cryptography.exceptions import ( - AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm -) +from cryptography import exceptions, utils +from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import padding, rsa from .utils import generate_rsa_verification_test from ...utils import ( - load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file + load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file, + raises_unsupported_algorithm ) @@ -398,7 +397,7 @@ class TestRSA(object): def test_rsa_generate_invalid_backend(): pretend_backend = object() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): rsa.RSAPrivateKey.generate(65537, 2048, pretend_backend) @@ -594,9 +593,9 @@ class TestRSASignature(object): signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) signer.update(b"sign me") signer.finalize() - with pytest.raises(AlreadyFinalized): + with pytest.raises(exceptions.AlreadyFinalized): signer.finalize() - with pytest.raises(AlreadyFinalized): + with pytest.raises(exceptions.AlreadyFinalized): signer.update(b"more data") def test_unsupported_padding(self, backend): @@ -605,7 +604,7 @@ class TestRSASignature(object): key_size=512, backend=backend ) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): private_key.signer(DummyPadding(), hashes.SHA1(), backend) def test_padding_incorrect_type(self, backend): @@ -621,7 +620,7 @@ class TestRSASignature(object): pretend_backend = object() private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): private_key.signer( padding.PKCS1v15(), hashes.SHA256, pretend_backend) @@ -678,7 +677,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"incorrect data") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() def test_invalid_pkcs1v15_signature_wrong_key(self, backend): @@ -703,7 +702,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"sign me") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() @pytest.mark.parametrize( @@ -759,7 +758,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"incorrect data") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() def test_invalid_pss_signature_wrong_key(self, backend): @@ -789,7 +788,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"sign me") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() def test_invalid_pss_signature_data_too_large_for_modulus(self, backend): @@ -819,7 +818,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"sign me") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() def test_use_after_finalize(self, backend): @@ -841,9 +840,9 @@ class TestRSAVerification(object): ) verifier.update(b"sign me") verifier.verify() - with pytest.raises(AlreadyFinalized): + with pytest.raises(exceptions.AlreadyFinalized): verifier.verify() - with pytest.raises(AlreadyFinalized): + with pytest.raises(exceptions.AlreadyFinalized): verifier.update(b"more data") def test_unsupported_padding(self, backend): @@ -853,7 +852,7 @@ class TestRSAVerification(object): backend=backend ) public_key = private_key.public_key() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): public_key.verifier(b"sig", DummyPadding(), hashes.SHA1(), backend) def test_padding_incorrect_type(self, backend): @@ -871,7 +870,7 @@ class TestRSAVerification(object): private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend) public_key = private_key.public_key() - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): public_key.verifier( b"foo", padding.PKCS1v15(), hashes.SHA256(), pretend_backend) @@ -939,7 +938,7 @@ class TestRSAVerification(object): backend ) verifier.update(b"sign me") - with pytest.raises(InvalidSignature): + with pytest.raises(exceptions.InvalidSignature): verifier.verify() |