diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-07-17 22:39:06 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-07-17 10:39:06 -0400 |
commit | 14faf3ca00d39f12bc379518bed66f9169a891d9 (patch) | |
tree | 2042a0b4654b286b15cea99ce9e7edb60f613b65 /tests/wycheproof/test_cmac.py | |
parent | d4378e42937b56f473ddade2667f919ce32208cb (diff) | |
download | cryptography-14faf3ca00d39f12bc379518bed66f9169a891d9.tar.gz cryptography-14faf3ca00d39f12bc379518bed66f9169a891d9.tar.bz2 cryptography-14faf3ca00d39f12bc379518bed66f9169a891d9.zip |
add wycheproof tests for AES CMAC (#4344)
* add wycheproof tests for AES CMAC
* review feedback
Diffstat (limited to 'tests/wycheproof/test_cmac.py')
-rw-r--r-- | tests/wycheproof/test_cmac.py | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/tests/wycheproof/test_cmac.py b/tests/wycheproof/test_cmac.py new file mode 100644 index 00000000..bef85839 --- /dev/null +++ b/tests/wycheproof/test_cmac.py @@ -0,0 +1,36 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +import binascii + +import pytest + +from cryptography.exceptions import InvalidSignature +from cryptography.hazmat.backends.interfaces import CMACBackend +from cryptography.hazmat.primitives.ciphers.algorithms import AES +from cryptography.hazmat.primitives.cmac import CMAC + + +@pytest.mark.requires_backend_interface(interface=CMACBackend) +@pytest.mark.wycheproof_tests("aes_cmac_test.json") +def test_aes_cmac(backend, wycheproof): + key = binascii.unhexlify(wycheproof.testcase["key"]) + msg = binascii.unhexlify(wycheproof.testcase["msg"]) + tag = binascii.unhexlify(wycheproof.testcase["tag"]) + + # skip truncated tags, which we don't support in the API + if wycheproof.valid and len(tag) == 16: + ctx = CMAC(AES(key), backend) + ctx.update(msg) + ctx.verify(tag) + elif len(key) not in [16, 24, 32]: + with pytest.raises(ValueError): + CMAC(AES(key), backend) + else: + ctx = CMAC(AES(key), backend) + ctx.update(msg) + with pytest.raises(InvalidSignature): + ctx.verify(tag) |