diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-02-27 07:35:43 -0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-02-27 07:35:43 -0800 |
| commit | 4ef63b64a9517cb4b1e3f4c5b8068e3467378862 (patch) | |
| tree | 167a3d2ddfe1512177c954afc3a8f4a530ae9dca /tests | |
| parent | bd08799bcce99b94250ad3b3313826651c8c0181 (diff) | |
| parent | bb97691d33c3ebb0764f1d97bbbda387c9eaa665 (diff) | |
| download | cryptography-4ef63b64a9517cb4b1e3f4c5b8068e3467378862.tar.gz cryptography-4ef63b64a9517cb4b1e3f4c5b8068e3467378862.tar.bz2 cryptography-4ef63b64a9517cb4b1e3f4c5b8068e3467378862.zip | |
Merge pull request #675 from reaperhulk/rsa-verification
RSA Verification Support
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 11 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 115 |
2 files changed, 126 insertions, 0 deletions
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index be1e76e2..63168180 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -89,6 +89,10 @@ class DummyRSABackend(object): def create_rsa_signature_ctx(self, private_key, padding, algorithm): pass + def create_rsa_verification_ctx(self, public_key, signature, padding, + algorithm): + pass + class TestMultiBackend(object): def test_ciphers(self): @@ -165,6 +169,9 @@ class TestMultiBackend(object): backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) + backend.create_rsa_verification_ctx("public_key", "sig", + padding.PKCS1v15(), hashes.MD5()) + backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) @@ -172,3 +179,7 @@ class TestMultiBackend(object): with pytest.raises(UnsupportedAlgorithm): backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_verification_ctx( + "public_key", "sig", padding.PKCS1v15(), hashes.MD5()) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 647c51b4..79323265 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -443,3 +443,118 @@ class TestRSASignature(object): ) with pytest.raises(TypeError): private_key.signer("notpadding", hashes.SHA1(), backend) + + +@pytest.mark.rsa +class TestRSAVerification(object): + @pytest.mark.parametrize( + "pkcs1_example", + _flatten_pkcs1_examples(load_vectors_from_file( + os.path.join( + "asymmetric", "RSA", "pkcs1v15sign-vectors.txt"), + load_pkcs1_vectors + )) + ) + def test_pkcs1v15_verification(self, pkcs1_example, backend): + private, public, example = pkcs1_example + public_key = rsa.RSAPublicKey( + public_exponent=public["public_exponent"], + modulus=public["modulus"] + ) + verifier = public_key.verifier( + binascii.unhexlify(example["signature"]), + padding.PKCS1v15(), + hashes.SHA1(), + backend + ) + verifier.update(binascii.unhexlify(example["message"])) + verifier.verify() + + def test_invalid_pkcs1v15_signature_wrong_data(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) + signer.update(b"sign me") + signature = signer.finalize() + verifier = public_key.verifier( + signature, + padding.PKCS1v15(), + hashes.SHA1(), + backend + ) + verifier.update(b"incorrect data") + with pytest.raises(exceptions.InvalidSignature): + verifier.verify() + + def test_invalid_pkcs1v15_signature_wrong_key(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + private_key2 = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key2.public_key() + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) + signer.update(b"sign me") + signature = signer.finalize() + verifier = public_key.verifier( + signature, + padding.PKCS1v15(), + hashes.SHA1(), + backend + ) + verifier.update(b"sign me") + with pytest.raises(exceptions.InvalidSignature): + verifier.verify() + + def test_use_after_finalize(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) + signer.update(b"sign me") + signature = signer.finalize() + + verifier = public_key.verifier( + signature, + padding.PKCS1v15(), + hashes.SHA1(), + backend + ) + verifier.update(b"sign me") + verifier.verify() + with pytest.raises(exceptions.AlreadyFinalized): + verifier.verify() + with pytest.raises(exceptions.AlreadyFinalized): + verifier.update(b"more data") + + def test_unsupported_padding(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + with pytest.raises(exceptions.UnsupportedPadding): + public_key.verifier(b"sig", DummyPadding(), hashes.SHA1(), backend) + + def test_padding_incorrect_type(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + with pytest.raises(TypeError): + public_key.verifier(b"sig", "notpadding", hashes.SHA1(), backend) |