Merge pull request #739 from skeuomorf/dsa-backend

DSA backend
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-04-05 08:55:09 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-04-05 08:55:09 -0500
commit: 6abaf40a591bbae5e2eeebb8a29e6558aeae047c (patch)
tree: 5e2a7de8ca3c3f32da66773fcf24a45555e57cd7 /tests/hazmat/backends
parent: 509343e400942e78f5c1d0d5f380002939b24266 (diff)
parent: 29474ac7dab3f5c8b664463ed28ec83b7b77250b (diff)
download: cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.tar.gz
cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.tar.bz2
cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.zip
2 files changed, 56 insertions, 2 deletions
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index f0be72b2..f46009d4 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -18,7 +18,8 @@ from cryptography.exceptions import (
     UnsupportedAlgorithm, _Reasons
 )
 from cryptography.hazmat.backends.interfaces import (
-    CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend
+    CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
+    RSABackend
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import hashes, hmac
@@ -98,6 +99,15 @@ class DummyRSABackend(object):
         pass
 
 
+@utils.register_interface(DSABackend)
+class DummyDSABackend(object):
+    def generate_dsa_parameters(self, key_size):
+        pass
+
+    def generate_dsa_private_key(self, parameters):
+        pass
+
+
 class TestMultiBackend(object):
     def test_ciphers(self):
         backend = MultiBackend([
@@ -193,3 +203,24 @@ class TestMultiBackend(object):
         ):
             backend.create_rsa_verification_ctx(
                 "public_key", "sig", padding.PKCS1v15(), hashes.MD5())
+
+    def test_dsa(self):
+        backend = MultiBackend([
+            DummyDSABackend()
+        ])
+
+        backend.generate_dsa_parameters(key_size=1024)
+
+        parameters = object()
+        backend.generate_dsa_private_key(parameters)
+
+        backend = MultiBackend([])
+        with raises_unsupported_algorithm(
+            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
+        ):
+            backend.generate_dsa_parameters(key_size=1024)
+
+        with raises_unsupported_algorithm(
+            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
+        ):
+            backend.generate_dsa_private_key(parameters)
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 016da0fc..6ab16627 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -21,13 +21,15 @@ from cryptography.exceptions import (
 )
 from cryptography.hazmat.backends.openssl.backend import Backend, backend
 from cryptography.hazmat.primitives import hashes, interfaces
-from cryptography.hazmat.primitives.asymmetric import padding, rsa
+from cryptography.hazmat.primitives.asymmetric import dsa, padding, rsa
 from cryptography.hazmat.primitives.ciphers import Cipher
 from cryptography.hazmat.primitives.ciphers.algorithms import AES
 from cryptography.hazmat.primitives.ciphers.modes import CBC
 
 from ...utils import raises_unsupported_algorithm
 
+from cryptography.utils import bit_length
+
 
 @utils.register_interface(interfaces.Mode)
 class DummyMode(object):
@@ -192,6 +194,27 @@ class TestOpenSSL(object):
         res = backend._lib.ENGINE_free(e)
         assert res == 1
 
+    @pytest.mark.skipif(
+        backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000000f,
+        reason="Requires an older OpenSSL. Must be < 1.0.0"
+    )
+    def test_large_key_size_on_old_openssl(self):
+        with pytest.raises(ValueError):
+            dsa.DSAParameters.generate(2048, backend=backend)
+
+        with pytest.raises(ValueError):
+            dsa.DSAParameters.generate(3072, backend=backend)
+
+    @pytest.mark.skipif(
+        backend._lib.OPENSSL_VERSION_NUMBER < 0x1000000f,
+        reason="Requires a newer OpenSSL. Must be >= 1.0.0"
+    )
+    def test_large_key_size_on_new_openssl(self):
+        parameters = dsa.DSAParameters.generate(2048, backend)
+        assert bit_length(parameters.p) == 2048
+        parameters = dsa.DSAParameters.generate(3072, backend)
+        assert bit_length(parameters.p) == 3072
+
 
 class TestOpenSSLRandomEngine(object):
     def teardown_method(self, method):
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-04-05 08:55:09 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-04-05 08:55:09 -0500
commit	6abaf40a591bbae5e2eeebb8a29e6558aeae047c (patch)
tree	5e2a7de8ca3c3f32da66773fcf24a45555e57cd7 /tests/hazmat/backends
parent	509343e400942e78f5c1d0d5f380002939b24266 (diff)
parent	29474ac7dab3f5c8b664463ed28ec83b7b77250b (diff)
download	cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.tar.gz cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.tar.bz2 cryptography-6abaf40a591bbae5e2eeebb8a29e6558aeae047c.zip