poly1305 support (#4802)

* poly1305 support * some more tests * have I mentioned how bad the spellchecker is? * doc improvements * EVP_PKEY_new_raw_private_key copies the key but that's not documented Let's assume that might change and be very defensive * review feedback * add a test that fails on a tag of the correct length but wrong value * docs improvements
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2019-03-10 10:12:00 +0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2019-03-09 21:12:00 -0500
commit: b73ed5a6a3067c832413a6b4c987667a9d545153 (patch)
tree: e8d2881b29c41bc7967c2e24805de506fc996468 /tests/hazmat
parent: 3a300e6c8ed64503f3ef6cc22e5dda403fe8751a (diff)
download: cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.gz
cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.bz2
cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.zip
1 files changed, 125 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/test_poly1305.py b/tests/hazmat/primitives/test_poly1305.py
new file mode 100644
index 00000000..71495ff7
--- /dev/null
+++ b/tests/hazmat/primitives/test_poly1305.py
@@ -0,0 +1,125 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+import os
+
+import pytest
+
+from cryptography.exceptions import (
+    AlreadyFinalized, InvalidSignature, _Reasons
+)
+from cryptography.hazmat.primitives.poly1305 import Poly1305
+
+from ...utils import (
+    load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm
+)
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: not backend.poly1305_supported(),
+    skip_message="Requires OpenSSL without poly1305 support"
+)
+def test_poly1305_unsupported(backend):
+    with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MAC):
+        Poly1305(b"0" * 32)
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.poly1305_supported(),
+    skip_message="Requires OpenSSL with poly1305 support"
+)
+class TestPoly1305(object):
+    @pytest.mark.parametrize(
+        "vector",
+        load_vectors_from_file(
+            os.path.join("poly1305", "rfc7539.txt"), load_nist_vectors
+        )
+    )
+    def test_vectors(self, vector, backend):
+        key = binascii.unhexlify(vector["key"])
+        msg = binascii.unhexlify(vector["msg"])
+        tag = binascii.unhexlify(vector["tag"])
+        poly = Poly1305(key)
+        poly.update(msg)
+        assert poly.finalize() == tag
+
+    def test_key_with_no_additional_references(self, backend):
+        poly = Poly1305(os.urandom(32))
+        assert len(poly.finalize()) == 16
+
+    def test_raises_after_finalize(self, backend):
+        poly = Poly1305(b"0" * 32)
+        poly.finalize()
+
+        with pytest.raises(AlreadyFinalized):
+            poly.update(b"foo")
+
+        with pytest.raises(AlreadyFinalized):
+            poly.finalize()
+
+    def test_reject_unicode(self, backend):
+        poly = Poly1305(b"0" * 32)
+        with pytest.raises(TypeError):
+            poly.update(u'')
+
+    def test_verify(self, backend):
+        poly = Poly1305(b"0" * 32)
+        poly.update(b"msg")
+        tag = poly.finalize()
+
+        with pytest.raises(AlreadyFinalized):
+            poly.verify(b"")
+
+        poly2 = Poly1305(b"0" * 32)
+        poly2.update(b"msg")
+        poly2.verify(tag)
+
+    def test_invalid_verify(self, backend):
+        poly = Poly1305(b"0" * 32)
+        poly.update(b"msg")
+        with pytest.raises(InvalidSignature):
+            poly.verify(b"")
+
+        p2 = Poly1305(b"0" * 32)
+        p2.update(b"msg")
+        with pytest.raises(InvalidSignature):
+            p2.verify(b"\x00" * 16)
+
+    def test_verify_reject_unicode(self, backend):
+        poly = Poly1305(b"0" * 32)
+        with pytest.raises(TypeError):
+            poly.verify(u'')
+
+    def test_invalid_key_type(self, backend):
+        with pytest.raises(TypeError):
+            Poly1305(object())
+
+    def test_invalid_key_length(self, backend):
+        with pytest.raises(ValueError):
+            Poly1305(b"0" * 31)
+
+        with pytest.raises(ValueError):
+            Poly1305(b"0" * 33)
+
+    def test_buffer_protocol(self, backend):
+        key = binascii.unhexlify(
+            b"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cb"
+            b"c207075c0"
+        )
+        msg = binascii.unhexlify(
+            b"2754776173206272696c6c69672c20616e642074686520736c69746"
+            b"87920746f7665730a446964206779726520616e642067696d626c65"
+            b"20696e2074686520776162653a0a416c6c206d696d7379207765726"
+            b"52074686520626f726f676f7665732c0a416e6420746865206d6f6d"
+            b"65207261746873206f757467726162652e"
+        )
+        key = bytearray(key)
+        poly = Poly1305(key)
+        poly.update(bytearray(msg))
+        assert poly.finalize() == binascii.unhexlify(
+            b"4541669a7eaaee61e708dc7cbcc5eb62"
+        )
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2019-03-10 10:12:00 +0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2019-03-09 21:12:00 -0500
commit	b73ed5a6a3067c832413a6b4c987667a9d545153 (patch)
tree	e8d2881b29c41bc7967c2e24805de506fc996468 /tests/hazmat
parent	3a300e6c8ed64503f3ef6cc22e5dda403fe8751a (diff)
download	cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.gz cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.bz2 cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.zip