diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-03-08 11:09:49 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-03-08 11:09:49 -0400 |
| commit | bf2a9d9545f39ad0dd9b9c9c4aa2f7f2b5669f0f (patch) | |
| tree | 083cc465c6fabdb61ff69aadc33b31e8617f2136 /tests/hazmat/backends | |
| parent | dee5c25d35c53885698bca42015c9f7bbfb27baa (diff) | |
| parent | 78c2f2d2c0a40d20edcaf37c33e91224af3ecbb6 (diff) | |
| download | cryptography-bf2a9d9545f39ad0dd9b9c9c4aa2f7f2b5669f0f.tar.gz cryptography-bf2a9d9545f39ad0dd9b9c9c4aa2f7f2b5669f0f.tar.bz2 cryptography-bf2a9d9545f39ad0dd9b9c9c4aa2f7f2b5669f0f.zip | |
Merge branch 'master' into idea-bespoke-vectors
* master: (246 commits)
Fixed python3 incompatibility
Removed dependency on setuptools for version check
don't need to move these definitions
conditional NIDs for 0.9.8e
x509 changes for 0.9.8e support
more changes for 0.9.8e support, this time in the ssl.h headers
macro switches in evp for 0.9.8e
bind some error constants conditionally for 0.9.8e support
BIO macro switch for 0.9.8e support
move some nids
conditionally bind AES_wrap/unwrap for 0.9.8e support
Add GPG key fingerprint for lvh
change comparison to be easier to read
ridiculous workaround time
whoops
Missing imports
Convert stuff
Add binding for DSA_new
Fix drop in coverage levels by removing branches
Added check to turn of CC backend for OS X version < 10.8
...
Conflicts:
docs/development/test-vectors.rst
Diffstat (limited to 'tests/hazmat/backends')
| -rw-r--r-- | tests/hazmat/backends/test_commoncrypto.py | 4 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 46 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 56 |
3 files changed, 56 insertions, 50 deletions
diff --git a/tests/hazmat/backends/test_commoncrypto.py b/tests/hazmat/backends/test_commoncrypto.py index 7cc0f72f..7feb0c72 100644 --- a/tests/hazmat/backends/test_commoncrypto.py +++ b/tests/hazmat/backends/test_commoncrypto.py @@ -14,7 +14,7 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm, InternalError +from cryptography.exceptions import UnsupportedCipher, InternalError from cryptography.hazmat.bindings.commoncrypto.binding import Binding from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers.algorithms import AES @@ -61,5 +61,5 @@ class TestCommonCrypto(object): cipher = Cipher( DummyCipher(), GCM(b"fake_iv_here"), backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index ce77ce2f..87ef0446 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -14,12 +14,15 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import ( + UnsupportedAlgorithm, UnsupportedCipher, UnsupportedHash +) from cryptography.hazmat.backends.interfaces import ( CipherBackend, HashBackend, HMACBackend, PBKDF2HMACBackend, RSABackend ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import hashes, hmac +from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes @@ -33,11 +36,11 @@ class DummyCipherBackend(object): def create_symmetric_encryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm + raise UnsupportedCipher def create_symmetric_decryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm + raise UnsupportedCipher @utils.register_interface(HashBackend) @@ -50,7 +53,7 @@ class DummyHashBackend(object): def create_hash_ctx(self, algorithm): if not self.hash_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(HMACBackend) @@ -63,7 +66,7 @@ class DummyHMACBackend(object): def create_hmac_ctx(self, key, algorithm): if not self.hmac_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(PBKDF2HMACBackend) @@ -77,7 +80,7 @@ class DummyPBKDF2HMACBackend(object): def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, key_material): if not self.pbkdf2_hmac_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(RSABackend) @@ -85,6 +88,13 @@ class DummyRSABackend(object): def generate_rsa_private_key(self, public_exponent, private_key): pass + def create_rsa_signature_ctx(self, private_key, padding, algorithm): + pass + + def create_rsa_verification_ctx(self, public_key, signature, padding, + algorithm): + pass + class TestMultiBackend(object): def test_ciphers(self): @@ -111,9 +121,9 @@ class TestMultiBackend(object): modes.CBC(b"\x00" * 16), backend=backend ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.decryptor() def test_hashes(self): @@ -124,7 +134,7 @@ class TestMultiBackend(object): hashes.Hash(hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): hashes.Hash(hashes.SHA1(), backend=backend) def test_hmac(self): @@ -135,7 +145,7 @@ class TestMultiBackend(object): hmac.HMAC(b"", hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): hmac.HMAC(b"", hashes.SHA1(), backend=backend) def test_pbkdf2(self): @@ -146,7 +156,7 @@ class TestMultiBackend(object): backend.derive_pbkdf2_hmac(hashes.MD5(), 10, b"", 10, b"") - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): backend.derive_pbkdf2_hmac(hashes.SHA1(), 10, b"", 10, b"") def test_rsa(self): @@ -158,6 +168,20 @@ class TestMultiBackend(object): key_size=1024, public_exponent=65537 ) + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), + hashes.MD5()) + + backend.create_rsa_verification_ctx("public_key", "sig", + padding.PKCS1v15(), hashes.MD5()) + backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), + hashes.MD5()) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_verification_ctx( + "public_key", "sig", padding.PKCS1v15(), hashes.MD5()) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index b24808df..c6792185 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -14,7 +14,9 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm, InternalError +from cryptography.exceptions import ( + UnsupportedCipher, UnsupportedHash, InternalError +) from cryptography.hazmat.backends.openssl.backend import backend, Backend from cryptography.hazmat.primitives import interfaces, hashes from cryptography.hazmat.primitives.ciphers import Cipher @@ -68,49 +70,20 @@ class TestOpenSSL(object): cipher = Cipher( DummyCipher(), mode, backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() - def test_handle_unknown_error(self): - with pytest.raises(InternalError): - backend._handle_error_code(0) - - backend._lib.ERR_put_error(backend._lib.ERR_LIB_EVP, 0, 0, - b"test_openssl.py", -1) - with pytest.raises(InternalError): - backend._handle_error(None) - - backend._lib.ERR_put_error( - backend._lib.ERR_LIB_EVP, - backend._lib.EVP_F_EVP_ENCRYPTFINAL_EX, - 0, - b"test_openssl.py", - -1 - ) - with pytest.raises(InternalError): - backend._handle_error(None) - - backend._lib.ERR_put_error( - backend._lib.ERR_LIB_EVP, - backend._lib.EVP_F_EVP_DECRYPTFINAL_EX, - 0, - b"test_openssl.py", - -1 - ) - with pytest.raises(InternalError): - backend._handle_error(None) - - def test_handle_multiple_errors(self): + def test_consume_errors(self): for i in range(10): backend._lib.ERR_put_error(backend._lib.ERR_LIB_EVP, 0, 0, b"test_openssl.py", -1) assert backend._lib.ERR_peek_error() != 0 - with pytest.raises(InternalError): - backend._handle_error(None) + errors = backend._consume_errors() assert backend._lib.ERR_peek_error() == 0 + assert len(errors) == 10 def test_openssl_error_string(self): backend._lib.ERR_put_error( @@ -121,8 +94,8 @@ class TestOpenSSL(object): -1 ) - with pytest.raises(InternalError) as exc: - backend._handle_error(None) + errors = backend._consume_errors() + exc = backend._unknown_error(errors[0]) assert ( "digital envelope routines:" @@ -147,10 +120,19 @@ class TestOpenSSL(object): b"data not multiple of block length" ) + def test_unknown_error_in_cipher_finalize(self): + cipher = Cipher(AES(b"\0" * 16), CBC(b"\0" * 16), backend=backend) + enc = cipher.encryptor() + enc.update(b"\0") + backend._lib.ERR_put_error(0, 0, 1, + b"test_openssl.py", -1) + with pytest.raises(InternalError): + enc.finalize() + def test_derive_pbkdf2_raises_unsupported_on_old_openssl(self): if backend.pbkdf2_hmac_supported(hashes.SHA256()): pytest.skip("Requires an older OpenSSL") - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): backend.derive_pbkdf2_hmac(hashes.SHA256(), 10, b"", 1000, b"") # This test is not in the next class because to check if it's really |