diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-07-15 09:15:16 +0530 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-07-14 23:45:16 -0400 |
| commit | bb23c6c7cbb3f62f1b1b2480f9dc07c6beba3398 (patch) | |
| tree | 9e4fe9cecf15bd625558fcf32614ea3fbca5bbc8 /tests/hazmat | |
| parent | 33db1c83b7ccb18e3319dedb5c7eb38edb74d8ab (diff) | |
| download | cryptography-bb23c6c7cbb3f62f1b1b2480f9dc07c6beba3398.tar.gz cryptography-bb23c6c7cbb3f62f1b1b2480f9dc07c6beba3398.tar.bz2 cryptography-bb23c6c7cbb3f62f1b1b2480f9dc07c6beba3398.zip | |
document one shot AEAD length restrictions (#4322)
* document one shot AEAD length restrictions
* write a test that won't consume infinity ram
continue to raise OverflowError since that's what cffi did.
* this applies to associated_data too
* remove unneeded arg
* review feedback on docs
Diffstat (limited to 'tests/hazmat')
| -rw-r--r-- | tests/hazmat/primitives/test_aead.py | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/test_aead.py b/tests/hazmat/primitives/test_aead.py index dc2f357b..a0cc79e1 100644 --- a/tests/hazmat/primitives/test_aead.py +++ b/tests/hazmat/primitives/test_aead.py @@ -22,6 +22,11 @@ from ...utils import ( ) +class FakeData(object): + def __len__(self): + return 2 ** 32 + 1 + + def _aead_supported(cls): try: cls(b"0" * 32) @@ -46,6 +51,17 @@ def test_chacha20poly1305_unsupported_on_older_openssl(backend): ) @pytest.mark.requires_backend_interface(interface=CipherBackend) class TestChaCha20Poly1305(object): + def test_data_too_large(self): + key = ChaCha20Poly1305.generate_key() + chacha = ChaCha20Poly1305(key) + nonce = b"0" * 12 + + with pytest.raises(OverflowError): + chacha.encrypt(nonce, FakeData(), b"") + + with pytest.raises(OverflowError): + chacha.encrypt(nonce, b"", FakeData()) + def test_generate_key(self): key = ChaCha20Poly1305.generate_key() assert len(key) == 32 @@ -168,6 +184,17 @@ def test_aesccm_unsupported_on_older_openssl(backend): ) @pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESCCM(object): + def test_data_too_large(self): + key = AESCCM.generate_key(128) + aesccm = AESCCM(key) + nonce = b"0" * 12 + + with pytest.raises(OverflowError): + aesccm.encrypt(nonce, FakeData(), b"") + + with pytest.raises(OverflowError): + aesccm.encrypt(nonce, b"", FakeData()) + def test_default_tag_length(self, backend): key = AESCCM.generate_key(128) aesccm = AESCCM(key) @@ -309,6 +336,17 @@ def _load_gcm_vectors(): @pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESGCM(object): + def test_data_too_large(self): + key = AESGCM.generate_key(128) + aesgcm = AESGCM(key) + nonce = b"0" * 12 + + with pytest.raises(OverflowError): + aesgcm.encrypt(nonce, FakeData(), b"") + + with pytest.raises(OverflowError): + aesgcm.encrypt(nonce, b"", FakeData()) + @pytest.mark.parametrize("vector", _load_gcm_vectors()) def test_vectors(self, vector): key = binascii.unhexlify(vector["key"]) |