diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-01-12 21:18:21 -0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-01-13 00:18:21 -0500 |
| commit | dbcbffa06c9930a687010ca816596ca3f5cc78e9 (patch) | |
| tree | 27f88222ed222e45784f4c1e6ea0b8d6b9f9d07b /tests/hazmat/primitives/test_x448.py | |
| parent | 9b198104db8b53178212b5849919b6a61ca794ab (diff) | |
| download | cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.gz cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.bz2 cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.zip | |
support x448 public/private serialization both raw and pkcs8 (#4653)
* support x448 public/private serialization both raw and pkcs8
* add tests for all other asym key types to prevent Raw
* more tests
* better tests
* fix a test
* funny story, I'm actually illiterate.
* pep8
* require PrivateFormat.Raw or PublicFormat.Raw with Encoding.Raw
* missing docs
* parametrize
* docs fixes
* remove dupe line
* assert something
Diffstat (limited to 'tests/hazmat/primitives/test_x448.py')
| -rw-r--r-- | tests/hazmat/primitives/test_x448.py | 107 |
1 files changed, 100 insertions, 7 deletions
diff --git a/tests/hazmat/primitives/test_x448.py b/tests/hazmat/primitives/test_x448.py index 71b25341..1833b03d 100644 --- a/tests/hazmat/primitives/test_x448.py +++ b/tests/hazmat/primitives/test_x448.py @@ -11,6 +11,7 @@ import pytest from cryptography.exceptions import _Reasons from cryptography.hazmat.backends.interfaces import DHBackend +from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric.x448 import ( X448PrivateKey, X448PublicKey ) @@ -50,7 +51,7 @@ class TestX448Exchange(object): private = binascii.unhexlify(vector["input_scalar"]) public = binascii.unhexlify(vector["input_u"]) shared_key = binascii.unhexlify(vector["output_u"]) - private_key = X448PrivateKey._from_private_bytes(private) + private_key = X448PrivateKey.from_private_bytes(private) public_key = X448PublicKey.from_public_bytes(public) computed_shared_key = private_key.exchange(public_key) assert computed_shared_key == shared_key @@ -64,11 +65,11 @@ class TestX448Exchange(object): b"aa3b4749d55b9daf1e5b00288826c467274ce3ebbdd5c17b975e09d4" b"af6c67cf10d087202db88286e2b79fceea3ec353ef54faa26e219f38" ) - private_key = X448PrivateKey._from_private_bytes(private) + private_key = X448PrivateKey.from_private_bytes(private) public_key = X448PublicKey.from_public_bytes(public) for _ in range(1000): computed_shared_key = private_key.exchange(public_key) - private_key = X448PrivateKey._from_private_bytes( + private_key = X448PrivateKey.from_private_bytes( computed_shared_key ) public_key = X448PublicKey.from_public_bytes(old_private) @@ -103,11 +104,60 @@ class TestX448Exchange(object): ) ] ) - def test_public_bytes(self, private_bytes, public_bytes, backend): - private_key = X448PrivateKey._from_private_bytes(private_bytes) - assert private_key.public_key().public_bytes() == public_bytes + def test_pub_priv_bytes_raw(self, private_bytes, public_bytes, backend): + private_key = X448PrivateKey.from_private_bytes(private_bytes) + assert private_key.private_bytes( + serialization.Encoding.Raw, + serialization.PrivateFormat.Raw, + serialization.NoEncryption() + ) == private_bytes + assert private_key.public_key().public_bytes( + serialization.Encoding.Raw, serialization.PublicFormat.Raw + ) == public_bytes public_key = X448PublicKey.from_public_bytes(public_bytes) - assert public_key.public_bytes() == public_bytes + assert public_key.public_bytes( + serialization.Encoding.Raw, serialization.PublicFormat.Raw + ) == public_bytes + + @pytest.mark.parametrize( + ("encoding", "fmt", "encryption", "passwd", "load_func"), + [ + ( + serialization.Encoding.PEM, + serialization.PrivateFormat.PKCS8, + serialization.BestAvailableEncryption(b"password"), + b"password", + serialization.load_pem_private_key + ), + ( + serialization.Encoding.DER, + serialization.PrivateFormat.PKCS8, + serialization.BestAvailableEncryption(b"password"), + b"password", + serialization.load_der_private_key + ), + ( + serialization.Encoding.PEM, + serialization.PrivateFormat.PKCS8, + serialization.NoEncryption(), + None, + serialization.load_pem_private_key + ), + ( + serialization.Encoding.DER, + serialization.PrivateFormat.PKCS8, + serialization.NoEncryption(), + None, + serialization.load_der_private_key + ), + ] + ) + def test_round_trip_private_serialization(self, encoding, fmt, encryption, + passwd, load_func, backend): + key = X448PrivateKey.generate() + serialized = key.private_bytes(encoding, fmt, encryption) + loaded_key = load_func(serialized, passwd, backend) + assert isinstance(loaded_key, X448PrivateKey) def test_generate(self, backend): key = X448PrivateKey.generate() @@ -125,3 +175,46 @@ class TestX448Exchange(object): with pytest.raises(ValueError): X448PublicKey.from_public_bytes(b"a" * 57) + + def test_invalid_private_bytes(self, backend): + key = X448PrivateKey.generate() + with pytest.raises(ValueError): + key.private_bytes( + serialization.Encoding.Raw, + serialization.PrivateFormat.Raw, + None + ) + + with pytest.raises(ValueError): + key.private_bytes( + serialization.Encoding.Raw, + serialization.PrivateFormat.PKCS8, + None + ) + + with pytest.raises(ValueError): + key.private_bytes( + serialization.Encoding.PEM, + serialization.PrivateFormat.Raw, + serialization.NoEncryption() + ) + + def test_invalid_public_bytes(self, backend): + key = X448PrivateKey.generate().public_key() + with pytest.raises(ValueError): + key.public_bytes( + serialization.Encoding.Raw, + serialization.PublicFormat.SubjectPublicKeyInfo + ) + + with pytest.raises(ValueError): + key.public_bytes( + serialization.Encoding.PEM, + serialization.PublicFormat.PKCS1 + ) + + with pytest.raises(ValueError): + key.public_bytes( + serialization.Encoding.PEM, + serialization.PublicFormat.Raw + ) |