Add test cases for length checking and already finalized.

author: David Reid <dreid@dreid.org> 2014-01-28 10:58:37 -0800
committer: David Reid <dreid@dreid.org> 2014-02-03 10:05:27 -0800
commit: c4e7563ded0963097ce836cd701880b770f50ab9 (patch)
tree: 2c5ab70d7dcd2b84741555d3988d0dfd088e0b92
parent: 3ddf989934884a4ca02358332b6e81ebb6727fbf (diff)
download: cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.tar.gz
cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.tar.bz2
cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.zip
2 files changed, 110 insertions, 3 deletions
diff --git a/cryptography/hazmat/primitives/kdf/hkdf.py b/cryptography/hazmat/primitives/kdf/hkdf.py
index f2ea114b..c7999f10 100644
--- a/cryptography/hazmat/primitives/kdf/hkdf.py
+++ b/cryptography/hazmat/primitives/kdf/hkdf.py
@@ -13,12 +13,22 @@
 
 import six
 
+from cryptography import exceptions
 from cryptography.hazmat.primitives import hmac
 
 
 class HKDF(object):
     def __init__(self, algorithm, length, salt, info, backend):
         self._algorithm = algorithm
+
+        max_length = 255 * (algorithm.digest_size // 8)
+
+        if length > max_length:
+            raise ValueError(
+                "Can not derive keys larger than {0} octets.".format(
+                    max_length
+                ))
+
         self._length = length
 
         if salt is None:
@@ -32,12 +42,14 @@ class HKDF(object):
         self._info = info
         self._backend = backend
 
-    def extract(self, key_material):
+        self._used = False
+
+    def _extract(self, key_material):
         h = hmac.HMAC(self._salt, self._algorithm, backend=self._backend)
         h.update(key_material)
         return h.finalize()
 
-    def expand(self, key_material):
+    def _expand(self, key_material):
         output = [b'']
         counter = 1
 
@@ -52,4 +64,14 @@ class HKDF(object):
         return b"".join(output)[:self._length]
 
     def derive(self, key_material):
-        return self.expand(self.extract(key_material))
+        if self._used:
+            raise exceptions.AlreadyFinalized
+
+        self._used = True
+        return self._expand(self._extract(key_material))
+
+    def verify(self, key_material, expected_key):
+        if self._used:
+            raise exceptions.AlreadyFinalized
+
+        self._used = True
diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py
new file mode 100644
index 00000000..3d9dffda
--- /dev/null
+++ b/tests/hazmat/primitives/test_hkdf.py
@@ -0,0 +1,85 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import, division, print_function
+
+import pytest
+
+from cryptography import exceptions
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.kdf.hkdf import HKDF
+
+
+@pytest.mark.hash
+class TestHKDF(object):
+    def test_length_limit(self, backend):
+        big_length = 255 * (hashes.SHA256().digest_size // 8) + 1
+
+        with pytest.raises(ValueError):
+            HKDF(
+                hashes.SHA256(),
+                big_length,
+                salt=None,
+                info=None,
+                backend=backend
+            )
+
+    def test_already_finalized(self, backend):
+        hkdf = HKDF(
+            hashes.SHA256(),
+            16,
+            salt=None,
+            info=None,
+            backend=backend
+        )
+
+        hkdf.derive('\x01' * 16)
+
+        with pytest.raises(exceptions.AlreadyFinalized):
+            hkdf.derive('\x02' * 16)
+
+        hkdf = HKDF(
+            hashes.SHA256(),
+            16,
+            salt=None,
+            info=None,
+            backend=backend
+        )
+
+        hkdf.verify('\x01' * 16, 'gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u')
+
+        with pytest.raises(exceptions.AlreadyFinalized):
+            hkdf.verify('\x02' * 16, 'gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u')
+
+    def test_verify(self, backend):
+        hkdf = HKDF(
+            hashes.SHA256(),
+            16,
+            salt=None,
+            info=None,
+            backend=backend
+        )
+
+        hkdf.verify('\x01' * 16, 'gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u')
+
+    def test_verify_invalid(self, backend):
+        hkdf = HKDF(
+            hashes.SHA256(),
+            16,
+            salt=None,
+            info=None,
+            backend=backend
+        )
+
+        with pytest.raises(exceptions.InvalidKey):
+            hkdf.verify('\x02' * 16, 'gJ\xfb{\xb1Oi\xc5sMC\xb7\xe4@\xf7u')
author	David Reid <dreid@dreid.org>	2014-01-28 10:58:37 -0800
committer	David Reid <dreid@dreid.org>	2014-02-03 10:05:27 -0800
commit	c4e7563ded0963097ce836cd701880b770f50ab9 (patch)
tree	2c5ab70d7dcd2b84741555d3988d0dfd088e0b92
parent	3ddf989934884a4ca02358332b6e81ebb6727fbf (diff)
download	cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.tar.gz cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.tar.bz2 cryptography-c4e7563ded0963097ce836cd701880b770f50ab9.zip