diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-04-26 22:10:34 -0700 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-04-26 22:10:34 -0700 |
commit | db1524b8db4959f25c880f871ea0d2ddb137ec58 (patch) | |
tree | c9df839f820b8a09ef4394d3ff3b894af46d2dd0 /tests/hazmat/primitives | |
parent | b30402c6b5ad6aa3625fcfbd9e7cb7998670d2f4 (diff) | |
parent | 857c0e9c18206c35958a4ad573e7c36a743daabd (diff) | |
download | cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.gz cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.bz2 cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.zip |
Merge pull request #962 from reaperhulk/rsa-enc
RSA encryption support
Diffstat (limited to 'tests/hazmat/primitives')
-rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 120 |
1 files changed, 119 insertions, 1 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 34b80cc3..38a5d0af 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1260,7 +1260,7 @@ class TestRSADecryption(object): backend=backend ) with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): - private_key.decrypt(b"somedata", DummyPadding(), backend) + private_key.decrypt(b"0" * 64, DummyPadding(), backend) def test_decrypt_invalid_decrypt(self, backend): private_key = rsa.RSAPrivateKey.generate( @@ -1355,6 +1355,124 @@ class TestRSADecryption(object): ) with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF): private_key.decrypt( + b"0" * 64, + padding.OAEP( + mgf=DummyMGF(), + algorithm=hashes.SHA1(), + label=None + ), + backend + ) + + +@pytest.mark.rsa +class TestRSAEncryption(object): + @pytest.mark.parametrize( + ("key_size", "pad"), + itertools.product( + (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048), + ( + padding.OAEP( + mgf=padding.MGF1(algorithm=hashes.SHA1()), + algorithm=hashes.SHA1(), + label=None + ), + padding.PKCS1v15() + ) + ) + ) + def test_rsa_encrypt(self, key_size, pad, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=key_size, + backend=backend + ) + pt = b"encrypt me!" + public_key = private_key.public_key() + ct = public_key.encrypt( + pt, + pad, + backend + ) + assert ct != pt + assert len(ct) == math.ceil(public_key.key_size / 8.0) + recovered_pt = private_key.decrypt( + ct, + pad, + backend + ) + assert recovered_pt == pt + + @pytest.mark.parametrize( + ("key_size", "pad"), + itertools.product( + (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048), + ( + padding.OAEP( + mgf=padding.MGF1(algorithm=hashes.SHA1()), + algorithm=hashes.SHA1(), + label=None + ), + padding.PKCS1v15() + ) + ) + ) + def test_rsa_encrypt_key_too_small(self, key_size, pad, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=key_size, + backend=backend + ) + public_key = private_key.public_key() + # Slightly smaller than the key size but not enough for padding. + with pytest.raises(ValueError): + public_key.encrypt( + b"\x00" * (key_size // 8 - 1), + pad, + backend + ) + + # Larger than the key size. + with pytest.raises(ValueError): + public_key.encrypt( + b"\x00" * (key_size // 8 + 5), + pad, + backend + ) + + def test_rsa_encrypt_invalid_backend(self, backend): + pretend_backend = object() + private_key = rsa.RSAPrivateKey.generate(65537, 512, backend) + public_key = private_key.public_key() + + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): + public_key.encrypt( + b"irrelevant", + padding.PKCS1v15(), + pretend_backend + ) + + def test_unsupported_padding(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): + public_key.encrypt(b"somedata", DummyPadding(), backend) + + def test_unsupported_oaep_mgf(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF): + public_key.encrypt( b"ciphertext", padding.OAEP( mgf=DummyMGF(), |