aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2014-01-01 08:11:13 -0800
committerAlex Gaynor <alex.gaynor@gmail.com>2014-01-01 08:11:13 -0800
commit2a160d6a159817dd9d08a84e77d102e328f9af4f (patch)
tree461b7c607367f243bb46996ec16ad7424e48d440 /tests/hazmat/primitives
parent62aefffb1396190930074bf04c91459d1536bd0e (diff)
parent522487e5a7dd3004747da85c9f6c53fc5dc4de06 (diff)
downloadcryptography-2a160d6a159817dd9d08a84e77d102e328f9af4f.tar.gz
cryptography-2a160d6a159817dd9d08a84e77d102e328f9af4f.tar.bz2
cryptography-2a160d6a159817dd9d08a84e77d102e328f9af4f.zip
Merge branch 'master' into validate-iv
Conflicts: tests/hazmat/backends/test_openssl.py tests/hazmat/primitives/test_block.py
Diffstat (limited to 'tests/hazmat/primitives')
-rw-r--r--tests/hazmat/primitives/test_3des.py53
-rw-r--r--tests/hazmat/primitives/test_aes.py84
-rw-r--r--tests/hazmat/primitives/test_arc4.py15
-rw-r--r--tests/hazmat/primitives/test_block.py35
-rw-r--r--tests/hazmat/primitives/test_blowfish.py70
-rw-r--r--tests/hazmat/primitives/test_camellia.py70
-rw-r--r--tests/hazmat/primitives/test_cast5.py17
-rw-r--r--tests/hazmat/primitives/test_hash_vectors.py62
-rw-r--r--tests/hazmat/primitives/test_hashes.py71
-rw-r--r--tests/hazmat/primitives/test_hmac.py51
-rw-r--r--tests/hazmat/primitives/test_hmac_vectors.py51
-rw-r--r--tests/hazmat/primitives/test_utils.py117
-rw-r--r--tests/hazmat/primitives/utils.py292
13 files changed, 503 insertions, 485 deletions
diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py
index 69ec9c9a..581c47eb 100644
--- a/tests/hazmat/primitives/test_3des.py
+++ b/tests/hazmat/primitives/test_3des.py
@@ -20,12 +20,21 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import load_nist_vectors
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.TripleDES("\x00" * 8), modes.CBC("\x00" * 8)
+ ),
+ skip_message="Does not support TripleDES CBC",
+)
+@pytest.mark.cipher
class TestTripleDES_CBC(object):
test_KAT = generate_encrypt_test(
load_nist_vectors,
@@ -37,8 +46,8 @@ class TestTripleDES_CBC(object):
"TCBCvarkey.rsp",
"TCBCvartext.rsp",
],
- lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)),
- lambda keys, iv: modes.CBC(binascii.unhexlify(iv)),
+ lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)),
+ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
test_MMT = generate_encrypt_test(
@@ -49,13 +58,20 @@ class TestTripleDES_CBC(object):
"TCBCMMT2.rsp",
"TCBCMMT3.rsp",
],
- lambda key1, key2, key3, iv: (
- algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3))
+ lambda key1, key2, key3, **kwargs: algorithms.TripleDES(
+ binascii.unhexlify(key1 + key2 + key3)
),
- lambda key1, key2, key3, iv: modes.CBC(binascii.unhexlify(iv)),
+ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.TripleDES("\x00" * 8), modes.OFB("\x00" * 8)
+ ),
+ skip_message="Does not support TripleDES OFB",
+)
+@pytest.mark.cipher
class TestTripleDES_OFB(object):
test_KAT = generate_encrypt_test(
load_nist_vectors,
@@ -67,8 +83,8 @@ class TestTripleDES_OFB(object):
"TOFBvartext.rsp",
"TOFBinvperm.rsp",
],
- lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)),
- lambda keys, iv: modes.OFB(binascii.unhexlify(iv)),
+ lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)),
+ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)),
)
test_MMT = generate_encrypt_test(
@@ -79,13 +95,20 @@ class TestTripleDES_OFB(object):
"TOFBMMT2.rsp",
"TOFBMMT3.rsp",
],
- lambda key1, key2, key3, iv: (
- algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3))
+ lambda key1, key2, key3, **kwargs: algorithms.TripleDES(
+ binascii.unhexlify(key1 + key2 + key3)
),
- lambda key1, key2, key3, iv: modes.OFB(binascii.unhexlify(iv)),
+ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)),
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.TripleDES("\x00" * 8), modes.CFB("\x00" * 8)
+ ),
+ skip_message="Does not support TripleDES CFB",
+)
+@pytest.mark.cipher
class TestTripleDES_CFB(object):
test_KAT = generate_encrypt_test(
load_nist_vectors,
@@ -97,8 +120,8 @@ class TestTripleDES_CFB(object):
"TCFB64varkey.rsp",
"TCFB64vartext.rsp",
],
- lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)),
- lambda keys, iv: modes.CFB(binascii.unhexlify(iv)),
+ lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)),
+ lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)),
)
test_MMT = generate_encrypt_test(
@@ -109,8 +132,8 @@ class TestTripleDES_CFB(object):
"TCFB64MMT2.rsp",
"TCFB64MMT3.rsp",
],
- lambda key1, key2, key3, iv: (
- algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3))
+ lambda key1, key2, key3, **kwargs: algorithms.TripleDES(
+ binascii.unhexlify(key1 + key2 + key3)
),
- lambda key1, key2, key3, iv: modes.CFB(binascii.unhexlify(iv)),
+ lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)),
)
diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py
index f7b0b9a0..8cba8c66 100644
--- a/tests/hazmat/primitives/test_aes.py
+++ b/tests/hazmat/primitives/test_aes.py
@@ -16,6 +16,8 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test, generate_aead_test
@@ -24,7 +26,14 @@ from ...utils import (
)
-class TestAES(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.CBC("\x00" * 16)
+ ),
+ skip_message="Does not support AES CBC",
+)
+@pytest.mark.cipher
+class TestAES_CBC(object):
test_CBC = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "AES", "CBC"),
@@ -45,10 +54,19 @@ class TestAES(object):
"CBCMMT192.rsp",
"CBCMMT256.rsp",
],
- lambda key, iv: algorithms.AES(binascii.unhexlify(key)),
- lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
+ lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.ECB()
+ ),
+ skip_message="Does not support AES ECB",
+)
+@pytest.mark.cipher
+class TestAES_ECB(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "AES", "ECB"),
@@ -69,10 +87,19 @@ class TestAES(object):
"ECBMMT192.rsp",
"ECBMMT256.rsp",
],
- lambda key: algorithms.AES(binascii.unhexlify(key)),
- lambda key: modes.ECB(),
+ lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)),
+ lambda **kwargs: modes.ECB(),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.OFB("\x00" * 16)
+ ),
+ skip_message="Does not support AES OFB",
+)
+@pytest.mark.cipher
+class TestAES_OFB(object):
test_OFB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "AES", "OFB"),
@@ -93,10 +120,19 @@ class TestAES(object):
"OFBMMT192.rsp",
"OFBMMT256.rsp",
],
- lambda key, iv: algorithms.AES(binascii.unhexlify(key)),
- lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
+ lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.CFB("\x00" * 16)
+ ),
+ skip_message="Does not support AES CFB",
+)
+@pytest.mark.cipher
+class TestAES_CFB(object):
test_CFB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "AES", "CFB"),
@@ -117,22 +153,36 @@ class TestAES(object):
"CFB128MMT192.rsp",
"CFB128MMT256.rsp",
],
- lambda key, iv: algorithms.AES(binascii.unhexlify(key)),
- lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
+ lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16)
+ ),
+ skip_message="Does not support AES CTR",
+)
+@pytest.mark.cipher
+class TestAES_CTR(object):
test_CTR = generate_encrypt_test(
load_openssl_vectors,
os.path.join("ciphers", "AES", "CTR"),
["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"],
- lambda key, iv: algorithms.AES(binascii.unhexlify(key)),
- lambda key, iv: modes.CTR(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16)
- ),
- skip_message="Does not support AES CTR",
+ lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CTR(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12)
+ ),
+ skip_message="Does not support AES GCM",
+)
+@pytest.mark.cipher
+class TestAES_GCM(object):
test_GCM = generate_aead_test(
load_nist_vectors,
os.path.join("ciphers", "AES", "GCM"),
@@ -146,8 +196,4 @@ class TestAES(object):
],
lambda key: algorithms.AES(key),
lambda iv, tag: modes.GCM(iv, tag),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12)
- ),
- skip_message="Does not support AES GCM",
)
diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py
index d233bec2..33f7ff09 100644
--- a/tests/hazmat/primitives/test_arc4.py
+++ b/tests/hazmat/primitives/test_arc4.py
@@ -16,12 +16,21 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms
from .utils import generate_stream_encryption_test
from ...utils import load_nist_vectors
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.ARC4("\x00" * 16), None
+ ),
+ skip_message="Does not support ARC4",
+)
+@pytest.mark.cipher
class TestARC4(object):
test_rfc = generate_stream_encryption_test(
load_nist_vectors,
@@ -35,9 +44,5 @@ class TestARC4(object):
"rfc-6229-192.txt",
"rfc-6229-256.txt",
],
- lambda key: algorithms.ARC4(binascii.unhexlify((key))),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.ARC4("\x00" * 16), None
- ),
- skip_message="Does not support ARC4",
+ lambda key, **kwargs: algorithms.ARC4(binascii.unhexlify(key)),
)
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py
index 7c4331e0..f758ffaa 100644
--- a/tests/hazmat/primitives/test_block.py
+++ b/tests/hazmat/primitives/test_block.py
@@ -31,16 +31,20 @@ from .utils import (
)
-@utils.register_interface(interfaces.CipherAlgorithm)
-class DummyCipher(object):
- pass
-
-
+@utils.register_interface(interfaces.Mode)
class DummyMode(object):
+ name = "dummy-mode"
+
def validate_for_algorithm(self, algorithm):
pass
+@utils.register_interface(interfaces.CipherAlgorithm)
+class DummyCipher(object):
+ name = "dummy-cipher"
+
+
+@pytest.mark.cipher
class TestCipher(object):
def test_creates_encryptor(self, backend):
cipher = Cipher(
@@ -64,6 +68,7 @@ class TestCipher(object):
Cipher(algorithm, mode=None, backend=backend)
+@pytest.mark.cipher
class TestCipherContext(object):
def test_use_after_finalize(self, backend):
cipher = Cipher(
@@ -106,9 +111,10 @@ class TestCipherContext(object):
assert pt == b"a" * 80
decryptor.finalize()
- def test_nonexistent_cipher(self, backend):
+ @pytest.mark.parametrize("mode", [DummyMode(), None])
+ def test_nonexistent_cipher(self, backend, mode):
cipher = Cipher(
- DummyCipher(), DummyMode(), backend
+ DummyCipher(), mode, backend
)
with pytest.raises(UnsupportedAlgorithm):
cipher.encryptor()
@@ -133,22 +139,21 @@ class TestCipherContext(object):
decryptor.finalize()
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12)
+ ),
+ skip_message="Does not support AES GCM",
+)
+@pytest.mark.cipher
class TestAEADCipherContext(object):
test_aead_exceptions = generate_aead_exception_test(
algorithms.AES,
modes.GCM,
- only_if=lambda backend: backend.cipher_supported(
- algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12)
- ),
- skip_message="Does not support AES GCM",
)
test_aead_tag_exceptions = generate_aead_tag_exception_test(
algorithms.AES,
modes.GCM,
- only_if=lambda backend: backend.cipher_supported(
- algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12)
- ),
- skip_message="Does not support AES GCM",
)
diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py
index d5fbed6f..18512a6e 100644
--- a/tests/hazmat/primitives/test_blowfish.py
+++ b/tests/hazmat/primitives/test_blowfish.py
@@ -16,57 +16,77 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import load_nist_vectors
-class TestBlowfish(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Blowfish("\x00" * 56), modes.ECB()
+ ),
+ skip_message="Does not support Blowfish ECB",
+)
+@pytest.mark.cipher
+class TestBlowfish_ECB(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-ecb.txt"],
- lambda key: algorithms.Blowfish(binascii.unhexlify(key)),
- lambda key: modes.ECB(),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Blowfish("\x00" * 56), modes.ECB()
- ),
- skip_message="Does not support Blowfish ECB",
+ lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)),
+ lambda **kwargs: modes.ECB(),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8)
+ ),
+ skip_message="Does not support Blowfish CBC",
+)
+@pytest.mark.cipher
+class TestBlowfish_CBC(object):
test_CBC = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-cbc.txt"],
- lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
- lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8)
- ),
- skip_message="Does not support Blowfish CBC",
+ lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8)
+ ),
+ skip_message="Does not support Blowfish OFB",
+)
+@pytest.mark.cipher
+class TestBlowfish_OFB(object):
test_OFB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-ofb.txt"],
- lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
- lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8)
- ),
- skip_message="Does not support Blowfish OFB",
+ lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8)
+ ),
+ skip_message="Does not support Blowfish CFB",
+)
+@pytest.mark.cipher
+class TestBlowfish_CFB(object):
test_CFB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-cfb.txt"],
- lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
- lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8)
- ),
- skip_message="Does not support Blowfish CFB",
+ lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)),
)
diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py
index a2c935d9..7c56f6f9 100644
--- a/tests/hazmat/primitives/test_camellia.py
+++ b/tests/hazmat/primitives/test_camellia.py
@@ -16,6 +16,8 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
@@ -24,7 +26,14 @@ from ...utils import (
)
-class TestCamellia(object):
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Camellia("\x00" * 16), modes.ECB()
+ ),
+ skip_message="Does not support Camellia ECB",
+)
+@pytest.mark.cipher
+class TestCamellia_ECB(object):
test_ECB = generate_encrypt_test(
load_cryptrec_vectors,
os.path.join("ciphers", "Camellia"),
@@ -33,46 +42,57 @@ class TestCamellia(object):
"camellia-192-ecb.txt",
"camellia-256-ecb.txt"
],
- lambda key: algorithms.Camellia(binascii.unhexlify((key))),
- lambda key: modes.ECB(),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Camellia("\x00" * 16), modes.ECB()
- ),
- skip_message="Does not support Camellia ECB",
+ lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)),
+ lambda **kwargs: modes.ECB(),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16)
+ ),
+ skip_message="Does not support Camellia CBC",
+)
+@pytest.mark.cipher
+class TestCamellia_CBC(object):
test_CBC = generate_encrypt_test(
load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-cbc.txt"],
- lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
- lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16)
- ),
- skip_message="Does not support Camellia CBC",
+ lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16)
+ ),
+ skip_message="Does not support Camellia OFB",
+)
+@pytest.mark.cipher
+class TestCamellia_OFB(object):
test_OFB = generate_encrypt_test(
load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-ofb.txt"],
- lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
- lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16)
- ),
- skip_message="Does not support Camellia OFB",
+ lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)),
)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16)
+ ),
+ skip_message="Does not support Camellia CFB",
+)
+@pytest.mark.cipher
+class TestCamellia_CFB(object):
test_CFB = generate_encrypt_test(
load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-cfb.txt"],
- lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
- lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16)
- ),
- skip_message="Does not support Camellia CFB",
+ lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)),
+ lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)),
)
diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py
index a283dafc..d65a86b2 100644
--- a/tests/hazmat/primitives/test_cast5.py
+++ b/tests/hazmat/primitives/test_cast5.py
@@ -16,21 +16,26 @@ from __future__ import absolute_import, division, print_function
import binascii
import os
+import pytest
+
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import load_nist_vectors
+@pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.CAST5("\x00" * 16), modes.ECB()
+ ),
+ skip_message="Does not support CAST5 ECB",
+)
+@pytest.mark.cipher
class TestCAST5(object):
test_ECB = generate_encrypt_test(
load_nist_vectors,
os.path.join("ciphers", "CAST5"),
["cast5-ecb.txt"],
- lambda key: algorithms.CAST5(binascii.unhexlify((key))),
- lambda key: modes.ECB(),
- only_if=lambda backend: backend.cipher_supported(
- algorithms.CAST5("\x00" * 16), modes.ECB()
- ),
- skip_message="Does not support CAST5 ECB",
+ lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
+ lambda **kwargs: modes.ECB(),
)
diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py
index a8655812..13ffc3fd 100644
--- a/tests/hazmat/primitives/test_hash_vectors.py
+++ b/tests/hazmat/primitives/test_hash_vectors.py
@@ -15,12 +15,19 @@ from __future__ import absolute_import, division, print_function
import os
+import pytest
+
from cryptography.hazmat.primitives import hashes
from .utils import generate_hash_test, generate_long_string_hash_test
from ...utils import load_hash_vectors
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1),
+ skip_message="Does not support SHA1",
+)
+@pytest.mark.hash
class TestSHA1(object):
test_SHA1 = generate_hash_test(
load_hash_vectors,
@@ -30,11 +37,14 @@ class TestSHA1(object):
"SHA1ShortMsg.rsp",
],
hashes.SHA1(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA1),
- skip_message="Does not support SHA1",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224),
+ skip_message="Does not support SHA224",
+)
+@pytest.mark.hash
class TestSHA224(object):
test_SHA224 = generate_hash_test(
load_hash_vectors,
@@ -44,11 +54,14 @@ class TestSHA224(object):
"SHA224ShortMsg.rsp",
],
hashes.SHA224(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA224),
- skip_message="Does not support SHA224",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256),
+ skip_message="Does not support SHA256",
+)
+@pytest.mark.hash
class TestSHA256(object):
test_SHA256 = generate_hash_test(
load_hash_vectors,
@@ -58,11 +71,14 @@ class TestSHA256(object):
"SHA256ShortMsg.rsp",
],
hashes.SHA256(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA256),
- skip_message="Does not support SHA256",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384),
+ skip_message="Does not support SHA384",
+)
+@pytest.mark.hash
class TestSHA384(object):
test_SHA384 = generate_hash_test(
load_hash_vectors,
@@ -72,11 +88,14 @@ class TestSHA384(object):
"SHA384ShortMsg.rsp",
],
hashes.SHA384(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA384),
- skip_message="Does not support SHA384",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512),
+ skip_message="Does not support SHA512",
+)
+@pytest.mark.hash
class TestSHA512(object):
test_SHA512 = generate_hash_test(
load_hash_vectors,
@@ -86,11 +105,14 @@ class TestSHA512(object):
"SHA512ShortMsg.rsp",
],
hashes.SHA512(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA512),
- skip_message="Does not support SHA512",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
+ skip_message="Does not support RIPEMD160",
+)
+@pytest.mark.hash
class TestRIPEMD160(object):
test_RIPEMD160 = generate_hash_test(
load_hash_vectors,
@@ -99,18 +121,19 @@ class TestRIPEMD160(object):
"ripevectors.txt",
],
hashes.RIPEMD160(),
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
- skip_message="Does not support RIPEMD160",
)
test_RIPEMD160_long_string = generate_long_string_hash_test(
hashes.RIPEMD160(),
"52783243c1697bdbe16d37f97f68f08325dc1528",
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
- skip_message="Does not support RIPEMD160",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
+ skip_message="Does not support Whirlpool",
+)
+@pytest.mark.hash
class TestWhirlpool(object):
test_whirlpool = generate_hash_test(
load_hash_vectors,
@@ -119,8 +142,6 @@ class TestWhirlpool(object):
"iso-test-vectors.txt",
],
hashes.Whirlpool(),
- only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
- skip_message="Does not support Whirlpool",
)
test_whirlpool_long_string = generate_long_string_hash_test(
@@ -128,11 +149,14 @@ class TestWhirlpool(object):
("0c99005beb57eff50a7cf005560ddf5d29057fd86b2"
"0bfd62deca0f1ccea4af51fc15490eddc47af32bb2b"
"66c34ff9ad8c6008ad677f77126953b226e4ed8b01"),
- only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
- skip_message="Does not support Whirlpool",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
+ skip_message="Does not support MD5",
+)
+@pytest.mark.hash
class TestMD5(object):
test_md5 = generate_hash_test(
load_hash_vectors,
@@ -141,6 +165,4 @@ class TestMD5(object):
"rfc-1321.txt",
],
hashes.MD5(),
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
- skip_message="Does not support MD5",
)
diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py
index ff42e8f4..c907ef61 100644
--- a/tests/hazmat/primitives/test_hashes.py
+++ b/tests/hazmat/primitives/test_hashes.py
@@ -19,12 +19,19 @@ import pytest
import six
-from cryptography.exceptions import AlreadyFinalized
-from cryptography.hazmat.primitives import hashes
+from cryptography import utils
+from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm
+from cryptography.hazmat.primitives import hashes, interfaces
from .utils import generate_base_hash_test
+@utils.register_interface(interfaces.HashAlgorithm)
+class UnsupportedDummyHash(object):
+ name = "unsupported-dummy-hash"
+
+
+@pytest.mark.hash
class TestHashContext(object):
def test_hash_reject_unicode(self, backend):
m = hashes.Hash(hashes.SHA1(), backend=backend)
@@ -57,82 +64,110 @@ class TestHashContext(object):
with pytest.raises(AlreadyFinalized):
h.finalize()
+ def test_unsupported_hash(self, backend):
+ with pytest.raises(UnsupportedAlgorithm):
+ hashes.Hash(UnsupportedDummyHash(), backend)
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1),
+ skip_message="Does not support SHA1",
+)
+@pytest.mark.hash
class TestSHA1(object):
test_SHA1 = generate_base_hash_test(
hashes.SHA1(),
digest_size=20,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.SHA1),
- skip_message="Does not support SHA1",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224),
+ skip_message="Does not support SHA224",
+)
+@pytest.mark.hash
class TestSHA224(object):
test_SHA224 = generate_base_hash_test(
hashes.SHA224(),
digest_size=28,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.SHA224),
- skip_message="Does not support SHA224",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256),
+ skip_message="Does not support SHA256",
+)
+@pytest.mark.hash
class TestSHA256(object):
test_SHA256 = generate_base_hash_test(
hashes.SHA256(),
digest_size=32,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.SHA256),
- skip_message="Does not support SHA256",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384),
+ skip_message="Does not support SHA384",
+)
+@pytest.mark.hash
class TestSHA384(object):
test_SHA384 = generate_base_hash_test(
hashes.SHA384(),
digest_size=48,
block_size=128,
- only_if=lambda backend: backend.hash_supported(hashes.SHA384),
- skip_message="Does not support SHA384",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512),
+ skip_message="Does not support SHA512",
+)
+@pytest.mark.hash
class TestSHA512(object):
test_SHA512 = generate_base_hash_test(
hashes.SHA512(),
digest_size=64,
block_size=128,
- only_if=lambda backend: backend.hash_supported(hashes.SHA512),
- skip_message="Does not support SHA512",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
+ skip_message="Does not support RIPEMD160",
+)
+@pytest.mark.hash
class TestRIPEMD160(object):
test_RIPEMD160 = generate_base_hash_test(
hashes.RIPEMD160(),
digest_size=20,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
- skip_message="Does not support RIPEMD160",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
+ skip_message="Does not support Whirlpool",
+)
+@pytest.mark.hash
class TestWhirlpool(object):
test_Whirlpool = generate_base_hash_test(
hashes.Whirlpool(),
digest_size=64,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
- skip_message="Does not support Whirlpool",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
+ skip_message="Does not support MD5",
+)
+@pytest.mark.hash
class TestMD5(object):
test_MD5 = generate_base_hash_test(
hashes.MD5(),
digest_size=16,
block_size=64,
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
- skip_message="Does not support MD5",
)
diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py
index 992bcb1a..04913af6 100644
--- a/tests/hazmat/primitives/test_hmac.py
+++ b/tests/hazmat/primitives/test_hmac.py
@@ -19,19 +19,33 @@ import pytest
import six
-from cryptography.exceptions import AlreadyFinalized
-from cryptography.hazmat.primitives import hashes, hmac
+from cryptography import utils
+from cryptography.exceptions import (
+ AlreadyFinalized, UnsupportedAlgorithm, InvalidSignature
+)
+from cryptography.hazmat.primitives import hashes, hmac, interfaces
from .utils import generate_base_hmac_test
-class TestHMAC(object):
+@utils.register_interface(interfaces.HashAlgorithm)
+class UnsupportedDummyHash(object):
+ name = "unsupported-dummy-hash"
+
+
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.MD5),
+ skip_message="Does not support MD5",
+)
+@pytest.mark.hmac
+class TestHMACCopy(object):
test_copy = generate_base_hmac_test(
hashes.MD5(),
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
- skip_message="Does not support MD5",
)
+
+@pytest.mark.hmac
+class TestHMAC(object):
def test_hmac_reject_unicode(self, backend):
h = hmac.HMAC(b"mykey", hashes.SHA1(), backend=backend)
with pytest.raises(TypeError):
@@ -63,3 +77,30 @@ class TestHMAC(object):
with pytest.raises(AlreadyFinalized):
h.finalize()
+
+ def test_verify(self, backend):
+ h = hmac.HMAC(b'', hashes.SHA1(), backend=backend)
+ digest = h.finalize()
+
+ h = hmac.HMAC(b'', hashes.SHA1(), backend=backend)
+ h.verify(digest)
+
+ with pytest.raises(AlreadyFinalized):
+ h.verify(b'')
+
+ def test_invalid_verify(self, backend):
+ h = hmac.HMAC(b'', hashes.SHA1(), backend=backend)
+ with pytest.raises(InvalidSignature):
+ h.verify(b'')
+
+ with pytest.raises(AlreadyFinalized):
+ h.verify(b'')
+
+ def test_verify_reject_unicode(self, backend):
+ h = hmac.HMAC(b'', hashes.SHA1(), backend=backend)
+ with pytest.raises(TypeError):
+ h.verify(six.u(''))
+
+ def test_unsupported_hash(self, backend):
+ with pytest.raises(UnsupportedAlgorithm):
+ hmac.HMAC(b"key", UnsupportedDummyHash(), backend)
diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py
index 7d0f156a..c5644459 100644
--- a/tests/hazmat/primitives/test_hmac_vectors.py
+++ b/tests/hazmat/primitives/test_hmac_vectors.py
@@ -13,12 +13,19 @@
from __future__ import absolute_import, division, print_function
+import pytest
+
from cryptography.hazmat.primitives import hashes
from .utils import generate_hmac_test
from ...utils import load_hash_vectors
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.MD5),
+ skip_message="Does not support MD5",
+)
+@pytest.mark.hmac
class TestHMAC_MD5(object):
test_hmac_md5 = generate_hmac_test(
load_hash_vectors,
@@ -27,11 +34,14 @@ class TestHMAC_MD5(object):
"rfc-2202-md5.txt",
],
hashes.MD5(),
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
- skip_message="Does not support MD5",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA1),
+ skip_message="Does not support SHA1",
+)
+@pytest.mark.hmac
class TestHMAC_SHA1(object):
test_hmac_sha1 = generate_hmac_test(
load_hash_vectors,
@@ -40,11 +50,14 @@ class TestHMAC_SHA1(object):
"rfc-2202-sha1.txt",
],
hashes.SHA1(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA1),
- skip_message="Does not support SHA1",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA224),
+ skip_message="Does not support SHA224",
+)
+@pytest.mark.hmac
class TestHMAC_SHA224(object):
test_hmac_sha224 = generate_hmac_test(
load_hash_vectors,
@@ -53,11 +66,14 @@ class TestHMAC_SHA224(object):
"rfc-4231-sha224.txt",
],
hashes.SHA224(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA224),
- skip_message="Does not support SHA224",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA256),
+ skip_message="Does not support SHA256",
+)
+@pytest.mark.hmac
class TestHMAC_SHA256(object):
test_hmac_sha256 = generate_hmac_test(
load_hash_vectors,
@@ -66,11 +82,14 @@ class TestHMAC_SHA256(object):
"rfc-4231-sha256.txt",
],
hashes.SHA256(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA256),
- skip_message="Does not support SHA256",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA384),
+ skip_message="Does not support SHA384",
+)
+@pytest.mark.hmac
class TestHMAC_SHA384(object):
test_hmac_sha384 = generate_hmac_test(
load_hash_vectors,
@@ -79,11 +98,14 @@ class TestHMAC_SHA384(object):
"rfc-4231-sha384.txt",
],
hashes.SHA384(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA384),
- skip_message="Does not support SHA384",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA512),
+ skip_message="Does not support SHA512",
+)
+@pytest.mark.hmac
class TestHMAC_SHA512(object):
test_hmac_sha512 = generate_hmac_test(
load_hash_vectors,
@@ -92,11 +114,14 @@ class TestHMAC_SHA512(object):
"rfc-4231-sha512.txt",
],
hashes.SHA512(),
- only_if=lambda backend: backend.hash_supported(hashes.SHA512),
- skip_message="Does not support SHA512",
)
+@pytest.mark.supported(
+ only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160),
+ skip_message="Does not support RIPEMD160",
+)
+@pytest.mark.hmac
class TestHMAC_RIPEMD160(object):
test_hmac_ripemd160 = generate_hmac_test(
load_hash_vectors,
@@ -105,6 +130,4 @@ class TestHMAC_RIPEMD160(object):
"rfc-2286-ripemd160.txt",
],
hashes.RIPEMD160(),
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
- skip_message="Does not support RIPEMD160",
)
diff --git a/tests/hazmat/primitives/test_utils.py b/tests/hazmat/primitives/test_utils.py
deleted file mode 100644
index c39364c7..00000000
--- a/tests/hazmat/primitives/test_utils.py
+++ /dev/null
@@ -1,117 +0,0 @@
-import pytest
-
-from .utils import (
- base_hash_test, encrypt_test, hash_test, long_string_hash_test,
- base_hmac_test, hmac_test, stream_encryption_test, aead_test,
- aead_exception_test, aead_tag_exception_test,
-)
-
-
-class TestEncryptTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- encrypt_test(
- None, None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestAEADTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- aead_test(
- None, None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestAEADExceptionTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- aead_exception_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestAEADTagExceptionTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- aead_tag_exception_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestHashTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- hash_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestBaseHashTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- base_hash_test(
- None, None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestLongHashTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- long_string_hash_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestHMACTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- hmac_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestBaseHMACTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- base_hmac_test(
- None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
-
-
-class TestStreamEncryptionTest(object):
- def test_skips_if_only_if_returns_false(self):
- with pytest.raises(pytest.skip.Exception) as exc_info:
- stream_encryption_test(
- None, None, None,
- only_if=lambda backend: False,
- skip_message="message!"
- )
- assert exc_info.value.args[0] == "message!"
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index b06f9b29..cdcf84cb 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -3,7 +3,6 @@ import os
import pytest
-from cryptography.hazmat.backends import _ALL_BACKENDS
from cryptography.hazmat.primitives import hashes, hmac
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.exceptions import (
@@ -13,34 +12,29 @@ from cryptography.exceptions import (
from ...utils import load_vectors_from_file
+def _load_all_params(path, file_names, param_loader):
+ all_params = []
+ for file_name in file_names:
+ all_params.extend(
+ load_vectors_from_file(os.path.join(path, file_name), param_loader)
+ )
+ return all_params
+
+
def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
- mode_factory, only_if=lambda backend: True,
- skip_message=None):
- def test_encryption(self):
- for backend in _ALL_BACKENDS:
- for file_name in file_names:
- for params in load_vectors_from_file(
- os.path.join(path, file_name),
- param_loader
- ):
- yield (
- encrypt_test,
- backend,
- cipher_factory,
- mode_factory,
- params,
- only_if,
- skip_message
- )
+ mode_factory):
+ all_params = _load_all_params(path, file_names, param_loader)
+
+ @pytest.mark.parametrize("params", all_params)
+ def test_encryption(self, backend, params):
+ encrypt_test(backend, cipher_factory, mode_factory, params)
+
return test_encryption
-def encrypt_test(backend, cipher_factory, mode_factory, params, only_if,
- skip_message):
- if not only_if(backend):
- pytest.skip(skip_message)
- plaintext = params.pop("plaintext")
- ciphertext = params.pop("ciphertext")
+def encrypt_test(backend, cipher_factory, mode_factory, params):
+ plaintext = params["plaintext"]
+ ciphertext = params["ciphertext"]
cipher = Cipher(
cipher_factory(**params),
mode_factory(**params),
@@ -57,34 +51,21 @@ def encrypt_test(backend, cipher_factory, mode_factory, params, only_if,
def generate_aead_test(param_loader, path, file_names, cipher_factory,
- mode_factory, only_if, skip_message):
- def test_aead(self):
- for backend in _ALL_BACKENDS:
- for file_name in file_names:
- for params in load_vectors_from_file(
- os.path.join(path, file_name),
- param_loader
- ):
- yield (
- aead_test,
- backend,
- cipher_factory,
- mode_factory,
- params,
- only_if,
- skip_message
- )
+ mode_factory):
+ all_params = _load_all_params(path, file_names, param_loader)
+
+ @pytest.mark.parametrize("params", all_params)
+ def test_aead(self, backend, params):
+ aead_test(backend, cipher_factory, mode_factory, params)
+
return test_aead
-def aead_test(backend, cipher_factory, mode_factory, params, only_if,
- skip_message):
- if not only_if(backend):
- pytest.skip(skip_message)
+def aead_test(backend, cipher_factory, mode_factory, params):
if params.get("pt") is not None:
- plaintext = params.pop("pt")
- ciphertext = params.pop("ct")
- aad = params.pop("aad")
+ plaintext = params["pt"]
+ ciphertext = params["ct"]
+ aad = params["aad"]
if params.get("fail") is True:
cipher = Cipher(
cipher_factory(binascii.unhexlify(params["key"])),
@@ -123,33 +104,19 @@ def aead_test(backend, cipher_factory, mode_factory, params, only_if,
def generate_stream_encryption_test(param_loader, path, file_names,
- cipher_factory, only_if=None,
- skip_message=None):
- def test_stream_encryption(self):
- for backend in _ALL_BACKENDS:
- for file_name in file_names:
- for params in load_vectors_from_file(
- os.path.join(path, file_name),
- param_loader
- ):
- yield (
- stream_encryption_test,
- backend,
- cipher_factory,
- params,
- only_if,
- skip_message
- )
+ cipher_factory):
+ all_params = _load_all_params(path, file_names, param_loader)
+
+ @pytest.mark.parametrize("params", all_params)
+ def test_stream_encryption(self, backend, params):
+ stream_encryption_test(backend, cipher_factory, params)
return test_stream_encryption
-def stream_encryption_test(backend, cipher_factory, params, only_if,
- skip_message):
- if not only_if(backend):
- pytest.skip(skip_message)
- plaintext = params.pop("plaintext")
- ciphertext = params.pop("ciphertext")
- offset = params.pop("offset")
+def stream_encryption_test(backend, cipher_factory, params):
+ plaintext = params["plaintext"]
+ ciphertext = params["ciphertext"]
+ offset = params["offset"]
cipher = Cipher(cipher_factory(**params), None, backend=backend)
encryptor = cipher.encryptor()
# throw away offset bytes
@@ -164,29 +131,16 @@ def stream_encryption_test(backend, cipher_factory, params, only_if,
assert actual_plaintext == binascii.unhexlify(plaintext)
-def generate_hash_test(param_loader, path, file_names, hash_cls,
- only_if=None, skip_message=None):
- def test_hash(self):
- for backend in _ALL_BACKENDS:
- for file_name in file_names:
- for params in load_vectors_from_file(
- os.path.join(path, file_name),
- param_loader
- ):
- yield (
- hash_test,
- backend,
- hash_cls,
- params,
- only_if,
- skip_message
- )
+def generate_hash_test(param_loader, path, file_names, hash_cls):
+ all_params = _load_all_params(path, file_names, param_loader)
+
+ @pytest.mark.parametrize("params", all_params)
+ def test_hash(self, backend, params):
+ hash_test(backend, hash_cls, params)
return test_hash
-def hash_test(backend, algorithm, params, only_if, skip_message):
- if only_if is not None and not only_if(backend):
- pytest.skip(skip_message)
+def hash_test(backend, algorithm, params):
msg = params[0]
md = params[1]
m = hashes.Hash(algorithm, backend=backend)
@@ -195,27 +149,13 @@ def hash_test(backend, algorithm, params, only_if, skip_message):
assert m.finalize() == binascii.unhexlify(expected_md)
-def generate_base_hash_test(algorithm, digest_size, block_size,
- only_if=None, skip_message=None):
- def test_base_hash(self):
- for backend in _ALL_BACKENDS:
- yield (
- base_hash_test,
- backend,
- algorithm,
- digest_size,
- block_size,
- only_if,
- skip_message,
- )
+def generate_base_hash_test(algorithm, digest_size, block_size):
+ def test_base_hash(self, backend):
+ base_hash_test(backend, algorithm, digest_size, block_size)
return test_base_hash
-def base_hash_test(backend, algorithm, digest_size, block_size, only_if,
- skip_message):
- if only_if is not None and not only_if(backend):
- pytest.skip(skip_message)
-
+def base_hash_test(backend, algorithm, digest_size, block_size):
m = hashes.Hash(algorithm, backend=backend)
assert m.algorithm.digest_size == digest_size
assert m.algorithm.block_size == block_size
@@ -230,52 +170,42 @@ def base_hash_test(backend, algorithm, digest_size, block_size, only_if,
assert copy.finalize() == m.finalize()
-def generate_long_string_hash_test(hash_factory, md, only_if=None,
- skip_message=None):
- def test_long_string_hash(self):
- for backend in _ALL_BACKENDS:
- yield(
- long_string_hash_test,
- backend,
- hash_factory,
- md,
- only_if,
- skip_message
- )
+def generate_long_string_hash_test(hash_factory, md):
+ def test_long_string_hash(self, backend):
+ long_string_hash_test(backend, hash_factory, md)
return test_long_string_hash
-def long_string_hash_test(backend, algorithm, md, only_if, skip_message):
- if only_if is not None and not only_if(backend):
- pytest.skip(skip_message)
+def long_string_hash_test(backend, algorithm, md):
m = hashes.Hash(algorithm, backend=backend)
m.update(b"a" * 1000000)
assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii"))
-def generate_hmac_test(param_loader, path, file_names, algorithm,
- only_if=None, skip_message=None):
- def test_hmac(self):
- for backend in _ALL_BACKENDS:
- for file_name in file_names:
- for params in load_vectors_from_file(
- os.path.join(path, file_name),
- param_loader
- ):
- yield (
- hmac_test,
- backend,
- algorithm,
- params,
- only_if,
- skip_message
- )
+def generate_base_hmac_test(hash_cls):
+ def test_base_hmac(self, backend):
+ base_hmac_test(backend, hash_cls)
+ return test_base_hmac
+
+
+def base_hmac_test(backend, algorithm):
+ key = b"ab"
+ h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
+ h_copy = h.copy()
+ assert h != h_copy
+ assert h._ctx != h_copy._ctx
+
+
+def generate_hmac_test(param_loader, path, file_names, algorithm):
+ all_params = _load_all_params(path, file_names, param_loader)
+
+ @pytest.mark.parametrize("params", all_params)
+ def test_hmac(self, backend, params):
+ hmac_test(backend, algorithm, params)
return test_hmac
-def hmac_test(backend, algorithm, params, only_if, skip_message):
- if only_if is not None and not only_if(backend):
- pytest.skip(skip_message)
+def hmac_test(backend, algorithm, params):
msg = params[0]
md = params[1]
key = params[2]
@@ -284,48 +214,13 @@ def hmac_test(backend, algorithm, params, only_if, skip_message):
assert h.finalize() == binascii.unhexlify(md.encode("ascii"))
-def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None):
- def test_base_hmac(self):
- for backend in _ALL_BACKENDS:
- yield (
- base_hmac_test,
- backend,
- hash_cls,
- only_if,
- skip_message,
- )
- return test_base_hmac
-
-
-def base_hmac_test(backend, algorithm, only_if, skip_message):
- if only_if is not None and not only_if(backend):
- pytest.skip(skip_message)
- key = b"ab"
- h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend)
- h_copy = h.copy()
- assert h != h_copy
- assert h._ctx != h_copy._ctx
-
-
-def generate_aead_exception_test(cipher_factory, mode_factory,
- only_if, skip_message):
- def test_aead_exception(self):
- for backend in _ALL_BACKENDS:
- yield (
- aead_exception_test,
- backend,
- cipher_factory,
- mode_factory,
- only_if,
- skip_message
- )
+def generate_aead_exception_test(cipher_factory, mode_factory):
+ def test_aead_exception(self, backend):
+ aead_exception_test(backend, cipher_factory, mode_factory)
return test_aead_exception
-def aead_exception_test(backend, cipher_factory, mode_factory,
- only_if, skip_message):
- if not only_if(backend):
- pytest.skip(skip_message)
+def aead_exception_test(backend, cipher_factory, mode_factory):
cipher = Cipher(
cipher_factory(binascii.unhexlify(b"0" * 32)),
mode_factory(binascii.unhexlify(b"0" * 24)),
@@ -355,25 +250,13 @@ def aead_exception_test(backend, cipher_factory, mode_factory,
decryptor.tag
-def generate_aead_tag_exception_test(cipher_factory, mode_factory,
- only_if, skip_message):
- def test_aead_tag_exception(self):
- for backend in _ALL_BACKENDS:
- yield (
- aead_tag_exception_test,
- backend,
- cipher_factory,
- mode_factory,
- only_if,
- skip_message
- )
+def generate_aead_tag_exception_test(cipher_factory, mode_factory):
+ def test_aead_tag_exception(self, backend):
+ aead_tag_exception_test(backend, cipher_factory, mode_factory)
return test_aead_tag_exception
-def aead_tag_exception_test(backend, cipher_factory, mode_factory,
- only_if, skip_message):
- if not only_if(backend):
- pytest.skip(skip_message)
+def aead_tag_exception_test(backend, cipher_factory, mode_factory):
cipher = Cipher(
cipher_factory(binascii.unhexlify(b"0" * 32)),
mode_factory(binascii.unhexlify(b"0" * 24)),
@@ -383,6 +266,13 @@ def aead_tag_exception_test(backend, cipher_factory, mode_factory,
cipher.decryptor()
cipher = Cipher(
cipher_factory(binascii.unhexlify(b"0" * 32)),
+ mode_factory(binascii.unhexlify(b"0" * 24), b"000"),
+ backend
+ )
+ with pytest.raises(ValueError):
+ cipher.decryptor()
+ cipher = Cipher(
+ cipher_factory(binascii.unhexlify(b"0" * 32)),
mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16),
backend
)