aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2013-11-19 07:38:19 -0800
committerAlex Gaynor <alex.gaynor@gmail.com>2013-11-19 07:38:19 -0800
commitb29a6b2e4623fa87fecaccc05551b996f684cd53 (patch)
treef3579a5536862a304eaba25612f07f0c2515c8bd /tests
parent867acfa0300ca75f2c11c15490e04b556d8bfe99 (diff)
parent62e96cbb0698d8f7d65d8dd2d301ef975a829d9e (diff)
downloadcryptography-b29a6b2e4623fa87fecaccc05551b996f684cd53.tar.gz
cryptography-b29a6b2e4623fa87fecaccc05551b996f684cd53.tar.bz2
cryptography-b29a6b2e4623fa87fecaccc05551b996f684cd53.zip
Merge branch 'master' into fernet
Diffstat (limited to 'tests')
-rw-r--r--tests/hazmat/bindings/test_openssl.py19
-rw-r--r--tests/hazmat/primitives/test_3des.py14
-rw-r--r--tests/hazmat/primitives/test_aes.py14
-rw-r--r--tests/hazmat/primitives/test_arc4.py43
-rw-r--r--tests/hazmat/primitives/test_block.py23
-rw-r--r--tests/hazmat/primitives/test_blowfish.py18
-rw-r--r--tests/hazmat/primitives/test_camellia.py18
-rw-r--r--tests/hazmat/primitives/test_cast5.py10
-rw-r--r--tests/hazmat/primitives/test_ciphers.py21
-rw-r--r--tests/hazmat/primitives/test_hash_vectors.py38
-rw-r--r--tests/hazmat/primitives/test_hashes.py36
-rw-r--r--tests/hazmat/primitives/test_hmac.py21
-rw-r--r--tests/hazmat/primitives/test_hmac_vectors.py30
-rw-r--r--tests/hazmat/primitives/test_padding.py2
-rw-r--r--tests/hazmat/primitives/test_utils.py13
-rw-r--r--tests/hazmat/primitives/utils.py65
-rw-r--r--tests/test_utils.py373
-rw-r--r--tests/utils.py75
18 files changed, 471 insertions, 362 deletions
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
index f1493e8d..9f27aab7 100644
--- a/tests/hazmat/bindings/test_openssl.py
+++ b/tests/hazmat/bindings/test_openssl.py
@@ -13,18 +13,21 @@
import pytest
+from cryptography import utils
from cryptography.exceptions import UnsupportedAlgorithm
from cryptography.hazmat.bindings.openssl.backend import backend, Backend
+from cryptography.hazmat.primitives import interfaces
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers.algorithms import AES
from cryptography.hazmat.primitives.ciphers.modes import CBC
-class FakeMode(object):
+class DummyMode(object):
pass
-class FakeCipher(object):
+@utils.register_interface(interfaces.CipherAlgorithm)
+class DummyCipher(object):
pass
@@ -44,11 +47,11 @@ class TestOpenSSL(object):
assert backend.openssl_version_text().startswith("OpenSSL")
def test_supports_cipher(self):
- assert backend.ciphers.supported(None, None) is False
+ assert backend.cipher_supported(None, None) is False
def test_register_duplicate_cipher_adapter(self):
with pytest.raises(ValueError):
- backend.ciphers.register_cipher_adapter(AES, CBC, None)
+ backend.register_cipher_adapter(AES, CBC, None)
def test_instances_share_ffi(self):
b = Backend()
@@ -57,13 +60,13 @@ class TestOpenSSL(object):
def test_nonexistent_cipher(self):
b = Backend()
- b.ciphers.register_cipher_adapter(
- FakeCipher,
- FakeMode,
+ b.register_cipher_adapter(
+ DummyCipher,
+ DummyMode,
lambda backend, cipher, mode: backend.ffi.NULL
)
cipher = Cipher(
- FakeCipher(), FakeMode(), backend=b,
+ DummyCipher(), DummyMode(), backend=b,
)
with pytest.raises(UnsupportedAlgorithm):
cipher.encryptor()
diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py
index af6bdc04..69ec9c9a 100644
--- a/tests/hazmat/primitives/test_3des.py
+++ b/tests/hazmat/primitives/test_3des.py
@@ -23,12 +23,12 @@ import os
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
-from ...utils import load_nist_vectors_from_file
+from ...utils import load_nist_vectors
class TestTripleDES_CBC(object):
test_KAT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "CBC"),
[
"TCBCinvperm.rsp",
@@ -42,7 +42,7 @@ class TestTripleDES_CBC(object):
)
test_MMT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "CBC"),
[
"TCBCMMT1.rsp",
@@ -58,7 +58,7 @@ class TestTripleDES_CBC(object):
class TestTripleDES_OFB(object):
test_KAT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "OFB"),
[
"TOFBpermop.rsp",
@@ -72,7 +72,7 @@ class TestTripleDES_OFB(object):
)
test_MMT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "OFB"),
[
"TOFBMMT1.rsp",
@@ -88,7 +88,7 @@ class TestTripleDES_OFB(object):
class TestTripleDES_CFB(object):
test_KAT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "CFB"),
[
"TCFB64invperm.rsp",
@@ -102,7 +102,7 @@ class TestTripleDES_CFB(object):
)
test_MMT = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "3DES", "CFB"),
[
"TCFB64MMT1.rsp",
diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py
index 66471fac..d178da7b 100644
--- a/tests/hazmat/primitives/test_aes.py
+++ b/tests/hazmat/primitives/test_aes.py
@@ -20,13 +20,13 @@ from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import (
- load_nist_vectors_from_file, load_openssl_vectors_from_file
+ load_nist_vectors, load_openssl_vectors,
)
class TestAES(object):
test_CBC = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "AES", "CBC"),
[
"CBCGFSbox128.rsp",
@@ -50,7 +50,7 @@ class TestAES(object):
)
test_ECB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "AES", "ECB"),
[
"ECBGFSbox128.rsp",
@@ -74,7 +74,7 @@ class TestAES(object):
)
test_OFB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "AES", "OFB"),
[
"OFBGFSbox128.rsp",
@@ -98,7 +98,7 @@ class TestAES(object):
)
test_CFB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "AES", "CFB"),
[
"CFB128GFSbox128.rsp",
@@ -122,12 +122,12 @@ class TestAES(object):
)
test_CTR = generate_encrypt_test(
- load_openssl_vectors_from_file,
+ load_openssl_vectors,
os.path.join("ciphers", "AES", "CTR"),
["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"],
lambda key, iv: algorithms.AES(binascii.unhexlify(key)),
lambda key, iv: modes.CTR(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16)
),
skip_message="Does not support AES CTR",
diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py
new file mode 100644
index 00000000..d233bec2
--- /dev/null
+++ b/tests/hazmat/primitives/test_arc4.py
@@ -0,0 +1,43 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+import os
+
+from cryptography.hazmat.primitives.ciphers import algorithms
+
+from .utils import generate_stream_encryption_test
+from ...utils import load_nist_vectors
+
+
+class TestARC4(object):
+ test_rfc = generate_stream_encryption_test(
+ load_nist_vectors,
+ os.path.join("ciphers", "ARC4"),
+ [
+ "rfc-6229-40.txt",
+ "rfc-6229-56.txt",
+ "rfc-6229-64.txt",
+ "rfc-6229-80.txt",
+ "rfc-6229-128.txt",
+ "rfc-6229-192.txt",
+ "rfc-6229-256.txt",
+ ],
+ lambda key: algorithms.ARC4(binascii.unhexlify((key))),
+ only_if=lambda backend: backend.cipher_supported(
+ algorithms.ARC4("\x00" * 16), None
+ ),
+ skip_message="Does not support ARC4",
+ )
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py
index 28f34478..9460c53d 100644
--- a/tests/hazmat/primitives/test_block.py
+++ b/tests/hazmat/primitives/test_block.py
@@ -17,13 +17,19 @@ import binascii
import pytest
-from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography import utils
+from cryptography.exceptions import UnsupportedAlgorithm, AlreadyFinalized
from cryptography.hazmat.primitives import interfaces
from cryptography.hazmat.primitives.ciphers import (
Cipher, algorithms, modes
)
+@utils.register_interface(interfaces.CipherAlgorithm)
+class DummyCipher(object):
+ pass
+
+
class TestCipher(object):
def test_instantiate_without_backend(self):
Cipher(
@@ -45,6 +51,11 @@ class TestCipher(object):
)
assert isinstance(cipher.decryptor(), interfaces.CipherContext)
+ def test_instantiate_with_non_algorithm(self):
+ algorithm = object()
+ with pytest.raises(TypeError):
+ Cipher(algorithm, mode=None)
+
class TestCipherContext(object):
def test_use_after_finalize(self, backend):
@@ -56,16 +67,16 @@ class TestCipherContext(object):
encryptor = cipher.encryptor()
encryptor.update(b"a" * 16)
encryptor.finalize()
- with pytest.raises(ValueError):
+ with pytest.raises(AlreadyFinalized):
encryptor.update(b"b" * 16)
- with pytest.raises(ValueError):
+ with pytest.raises(AlreadyFinalized):
encryptor.finalize()
decryptor = cipher.decryptor()
decryptor.update(b"a" * 16)
decryptor.finalize()
- with pytest.raises(ValueError):
+ with pytest.raises(AlreadyFinalized):
decryptor.update(b"b" * 16)
- with pytest.raises(ValueError):
+ with pytest.raises(AlreadyFinalized):
decryptor.finalize()
def test_unaligned_block_encryption(self, backend):
@@ -90,7 +101,7 @@ class TestCipherContext(object):
def test_nonexistent_cipher(self, backend):
cipher = Cipher(
- object(), object(), backend
+ DummyCipher(), object(), backend
)
with pytest.raises(UnsupportedAlgorithm):
cipher.encryptor()
diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py
index a7f13823..d5fbed6f 100644
--- a/tests/hazmat/primitives/test_blowfish.py
+++ b/tests/hazmat/primitives/test_blowfish.py
@@ -19,53 +19,53 @@ import os
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
-from ...utils import load_nist_vectors_from_file
+from ...utils import load_nist_vectors
class TestBlowfish(object):
test_ECB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-ecb.txt"],
lambda key: algorithms.Blowfish(binascii.unhexlify(key)),
lambda key: modes.ECB(),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Blowfish("\x00" * 56), modes.ECB()
),
skip_message="Does not support Blowfish ECB",
)
test_CBC = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-cbc.txt"],
lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8)
),
skip_message="Does not support Blowfish CBC",
)
test_OFB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-ofb.txt"],
lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8)
),
skip_message="Does not support Blowfish OFB",
)
test_CFB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "Blowfish"),
["bf-cfb.txt"],
lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)),
lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8)
),
skip_message="Does not support Blowfish CFB",
diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py
index e1be5d1d..a2c935d9 100644
--- a/tests/hazmat/primitives/test_camellia.py
+++ b/tests/hazmat/primitives/test_camellia.py
@@ -20,13 +20,13 @@ from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
from ...utils import (
- load_cryptrec_vectors_from_file, load_openssl_vectors_from_file
+ load_cryptrec_vectors, load_openssl_vectors
)
class TestCamellia(object):
test_ECB = generate_encrypt_test(
- load_cryptrec_vectors_from_file,
+ load_cryptrec_vectors,
os.path.join("ciphers", "Camellia"),
[
"camellia-128-ecb.txt",
@@ -35,43 +35,43 @@ class TestCamellia(object):
],
lambda key: algorithms.Camellia(binascii.unhexlify((key))),
lambda key: modes.ECB(),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Camellia("\x00" * 16), modes.ECB()
),
skip_message="Does not support Camellia ECB",
)
test_CBC = generate_encrypt_test(
- load_openssl_vectors_from_file,
+ load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-cbc.txt"],
lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16)
),
skip_message="Does not support Camellia CBC",
)
test_OFB = generate_encrypt_test(
- load_openssl_vectors_from_file,
+ load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-ofb.txt"],
lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16)
),
skip_message="Does not support Camellia OFB",
)
test_CFB = generate_encrypt_test(
- load_openssl_vectors_from_file,
+ load_openssl_vectors,
os.path.join("ciphers", "Camellia"),
["camellia-cfb.txt"],
lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)),
lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16)
),
skip_message="Does not support Camellia CFB",
diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py
index b2988437..a283dafc 100644
--- a/tests/hazmat/primitives/test_cast5.py
+++ b/tests/hazmat/primitives/test_cast5.py
@@ -19,19 +19,17 @@ import os
from cryptography.hazmat.primitives.ciphers import algorithms, modes
from .utils import generate_encrypt_test
-from ...utils import load_nist_vectors_from_file
+from ...utils import load_nist_vectors
class TestCAST5(object):
test_ECB = generate_encrypt_test(
- lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ load_nist_vectors,
os.path.join("ciphers", "CAST5"),
- [
- "cast5-ecb.txt",
- ],
+ ["cast5-ecb.txt"],
lambda key: algorithms.CAST5(binascii.unhexlify((key))),
lambda key: modes.ECB(),
- only_if=lambda backend: backend.ciphers.supported(
+ only_if=lambda backend: backend.cipher_supported(
algorithms.CAST5("\x00" * 16), modes.ECB()
),
skip_message="Does not support CAST5 ECB",
diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py
index dfafab3f..653f7ce6 100644
--- a/tests/hazmat/primitives/test_ciphers.py
+++ b/tests/hazmat/primitives/test_ciphers.py
@@ -18,7 +18,7 @@ import binascii
import pytest
from cryptography.hazmat.primitives.ciphers.algorithms import (
- AES, Camellia, TripleDES, Blowfish, CAST5
+ AES, Camellia, TripleDES, Blowfish, CAST5, ARC4
)
@@ -91,3 +91,22 @@ class TestCAST5(object):
def test_invalid_key_size(self):
with pytest.raises(ValueError):
CAST5(binascii.unhexlify(b"0" * 34))
+
+
+class TestARC4(object):
+ @pytest.mark.parametrize(("key", "keysize"), [
+ (b"0" * 10, 40),
+ (b"0" * 14, 56),
+ (b"0" * 16, 64),
+ (b"0" * 20, 80),
+ (b"0" * 32, 128),
+ (b"0" * 48, 192),
+ (b"0" * 64, 256),
+ ])
+ def test_key_size(self, key, keysize):
+ cipher = ARC4(binascii.unhexlify(key))
+ assert cipher.key_size == keysize
+
+ def test_invalid_key_size(self):
+ with pytest.raises(ValueError):
+ ARC4(binascii.unhexlify(b"0" * 34))
diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py
index fca839c7..a8655812 100644
--- a/tests/hazmat/primitives/test_hash_vectors.py
+++ b/tests/hazmat/primitives/test_hash_vectors.py
@@ -18,108 +18,108 @@ import os
from cryptography.hazmat.primitives import hashes
from .utils import generate_hash_test, generate_long_string_hash_test
-from ...utils import load_hash_vectors_from_file
+from ...utils import load_hash_vectors
class TestSHA1(object):
test_SHA1 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "SHA1"),
[
"SHA1LongMsg.rsp",
"SHA1ShortMsg.rsp",
],
hashes.SHA1(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA1),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1),
skip_message="Does not support SHA1",
)
class TestSHA224(object):
test_SHA224 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "SHA2"),
[
"SHA224LongMsg.rsp",
"SHA224ShortMsg.rsp",
],
hashes.SHA224(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA224),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224),
skip_message="Does not support SHA224",
)
class TestSHA256(object):
test_SHA256 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "SHA2"),
[
"SHA256LongMsg.rsp",
"SHA256ShortMsg.rsp",
],
hashes.SHA256(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA256),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256),
skip_message="Does not support SHA256",
)
class TestSHA384(object):
test_SHA384 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "SHA2"),
[
"SHA384LongMsg.rsp",
"SHA384ShortMsg.rsp",
],
hashes.SHA384(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA384),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384),
skip_message="Does not support SHA384",
)
class TestSHA512(object):
test_SHA512 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "SHA2"),
[
"SHA512LongMsg.rsp",
"SHA512ShortMsg.rsp",
],
hashes.SHA512(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA512),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512),
skip_message="Does not support SHA512",
)
class TestRIPEMD160(object):
test_RIPEMD160 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "ripemd160"),
[
"ripevectors.txt",
],
hashes.RIPEMD160(),
- only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
skip_message="Does not support RIPEMD160",
)
test_RIPEMD160_long_string = generate_long_string_hash_test(
hashes.RIPEMD160(),
"52783243c1697bdbe16d37f97f68f08325dc1528",
- only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
skip_message="Does not support RIPEMD160",
)
class TestWhirlpool(object):
test_whirlpool = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "whirlpool"),
[
"iso-test-vectors.txt",
],
hashes.Whirlpool(),
- only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool),
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
skip_message="Does not support Whirlpool",
)
@@ -128,19 +128,19 @@ class TestWhirlpool(object):
("0c99005beb57eff50a7cf005560ddf5d29057fd86b2"
"0bfd62deca0f1ccea4af51fc15490eddc47af32bb2b"
"66c34ff9ad8c6008ad677f77126953b226e4ed8b01"),
- only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool),
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
skip_message="Does not support Whirlpool",
)
class TestMD5(object):
test_md5 = generate_hash_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
os.path.join("hashes", "MD5"),
[
"rfc-1321.txt",
],
hashes.MD5(),
- only_if=lambda backend: backend.hashes.supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
skip_message="Does not support MD5",
)
diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py
index 07ab2489..367e764f 100644
--- a/tests/hazmat/primitives/test_hashes.py
+++ b/tests/hazmat/primitives/test_hashes.py
@@ -19,6 +19,7 @@ import pytest
import six
+from cryptography.exceptions import AlreadyFinalized
from cryptography.hazmat.bindings import _default_backend
from cryptography.hazmat.primitives import hashes
@@ -32,9 +33,9 @@ class TestHashContext(object):
m.update(six.u("\u00FC"))
def test_copy_backend_object(self):
- pretend_hashes = pretend.stub(copy_ctx=lambda a: "copiedctx")
- pretend_backend = pretend.stub(hashes=pretend_hashes)
- pretend_ctx = pretend.stub()
+ pretend_backend = pretend.stub()
+ copied_ctx = pretend.stub()
+ pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
h = hashes.Hash(hashes.SHA1(), backend=pretend_backend,
ctx=pretend_ctx)
assert h._backend is pretend_backend
@@ -51,13 +52,26 @@ class TestHashContext(object):
with pytest.raises(TypeError):
hashes.Hash(hashes.SHA1)
+ def test_raises_after_finalize(self):
+ h = hashes.Hash(hashes.SHA1())
+ h.finalize()
+
+ with pytest.raises(AlreadyFinalized):
+ h.update(b"foo")
+
+ with pytest.raises(AlreadyFinalized):
+ h.copy()
+
+ with pytest.raises(AlreadyFinalized):
+ h.finalize()
+
class TestSHA1(object):
test_SHA1 = generate_base_hash_test(
hashes.SHA1(),
digest_size=20,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.SHA1),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1),
skip_message="Does not support SHA1",
)
@@ -67,7 +81,7 @@ class TestSHA224(object):
hashes.SHA224(),
digest_size=28,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.SHA224),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224),
skip_message="Does not support SHA224",
)
@@ -77,7 +91,7 @@ class TestSHA256(object):
hashes.SHA256(),
digest_size=32,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.SHA256),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256),
skip_message="Does not support SHA256",
)
@@ -87,7 +101,7 @@ class TestSHA384(object):
hashes.SHA384(),
digest_size=48,
block_size=128,
- only_if=lambda backend: backend.hashes.supported(hashes.SHA384),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384),
skip_message="Does not support SHA384",
)
@@ -97,7 +111,7 @@ class TestSHA512(object):
hashes.SHA512(),
digest_size=64,
block_size=128,
- only_if=lambda backend: backend.hashes.supported(hashes.SHA512),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512),
skip_message="Does not support SHA512",
)
@@ -107,7 +121,7 @@ class TestRIPEMD160(object):
hashes.RIPEMD160(),
digest_size=20,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
skip_message="Does not support RIPEMD160",
)
@@ -117,7 +131,7 @@ class TestWhirlpool(object):
hashes.Whirlpool(),
digest_size=64,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool),
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
skip_message="Does not support Whirlpool",
)
@@ -127,6 +141,6 @@ class TestMD5(object):
hashes.MD5(),
digest_size=16,
block_size=64,
- only_if=lambda backend: backend.hashes.supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
skip_message="Does not support MD5",
)
diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py
index a44838cf..d17049e3 100644
--- a/tests/hazmat/primitives/test_hmac.py
+++ b/tests/hazmat/primitives/test_hmac.py
@@ -19,6 +19,7 @@ import pytest
import six
+from cryptography.exceptions import AlreadyFinalized
from cryptography.hazmat.primitives import hashes, hmac
from .utils import generate_base_hmac_test
@@ -27,7 +28,7 @@ from .utils import generate_base_hmac_test
class TestHMAC(object):
test_copy = generate_base_hmac_test(
hashes.MD5(),
- only_if=lambda backend: backend.hashes.supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
skip_message="Does not support MD5",
)
@@ -37,9 +38,10 @@ class TestHMAC(object):
h.update(six.u("\u00FC"))
def test_copy_backend_object(self):
- pretend_hmac = pretend.stub(copy_ctx=lambda a: True)
+ pretend_hmac = pretend.stub()
pretend_backend = pretend.stub(hmacs=pretend_hmac)
- pretend_ctx = pretend.stub()
+ copied_ctx = pretend.stub()
+ pretend_ctx = pretend.stub(copy=lambda: copied_ctx)
h = hmac.HMAC(b"key", hashes.SHA1(), backend=pretend_backend,
ctx=pretend_ctx)
assert h._backend is pretend_backend
@@ -48,3 +50,16 @@ class TestHMAC(object):
def test_hmac_algorithm_instance(self):
with pytest.raises(TypeError):
hmac.HMAC(b"key", hashes.SHA1)
+
+ def test_raises_after_finalize(self):
+ h = hmac.HMAC(b"key", hashes.SHA1())
+ h.finalize()
+
+ with pytest.raises(AlreadyFinalized):
+ h.update(b"foo")
+
+ with pytest.raises(AlreadyFinalized):
+ h.copy()
+
+ with pytest.raises(AlreadyFinalized):
+ h.finalize()
diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py
index 52d592b6..7d0f156a 100644
--- a/tests/hazmat/primitives/test_hmac_vectors.py
+++ b/tests/hazmat/primitives/test_hmac_vectors.py
@@ -16,95 +16,95 @@ from __future__ import absolute_import, division, print_function
from cryptography.hazmat.primitives import hashes
from .utils import generate_hmac_test
-from ...utils import load_hash_vectors_from_file
+from ...utils import load_hash_vectors
class TestHMAC_MD5(object):
test_hmac_md5 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-2202-md5.txt",
],
hashes.MD5(),
- only_if=lambda backend: backend.hashes.supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5),
skip_message="Does not support MD5",
)
class TestHMAC_SHA1(object):
test_hmac_sha1 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-2202-sha1.txt",
],
hashes.SHA1(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA1),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1),
skip_message="Does not support SHA1",
)
class TestHMAC_SHA224(object):
test_hmac_sha224 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-4231-sha224.txt",
],
hashes.SHA224(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA224),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224),
skip_message="Does not support SHA224",
)
class TestHMAC_SHA256(object):
test_hmac_sha256 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-4231-sha256.txt",
],
hashes.SHA256(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA256),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256),
skip_message="Does not support SHA256",
)
class TestHMAC_SHA384(object):
test_hmac_sha384 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-4231-sha384.txt",
],
hashes.SHA384(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA384),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384),
skip_message="Does not support SHA384",
)
class TestHMAC_SHA512(object):
test_hmac_sha512 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-4231-sha512.txt",
],
hashes.SHA512(),
- only_if=lambda backend: backend.hashes.supported(hashes.SHA512),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512),
skip_message="Does not support SHA512",
)
class TestHMAC_RIPEMD160(object):
test_hmac_ripemd160 = generate_hmac_test(
- load_hash_vectors_from_file,
+ load_hash_vectors,
"HMAC",
[
"rfc-2286-ripemd160.txt",
],
hashes.RIPEMD160(),
- only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
skip_message="Does not support RIPEMD160",
)
diff --git a/tests/hazmat/primitives/test_padding.py b/tests/hazmat/primitives/test_padding.py
index 3cefafaf..6a2b6243 100644
--- a/tests/hazmat/primitives/test_padding.py
+++ b/tests/hazmat/primitives/test_padding.py
@@ -29,6 +29,8 @@ class TestPKCS7(object):
(128, b"1111111111111111"),
(128, b"111111111111111\x06"),
(128, b""),
+ (128, b"\x06" * 6),
+ (128, b"\x00" * 16),
])
def test_invalid_padding(self, size, padded):
unpadder = padding.PKCS7(size).unpadder()
diff --git a/tests/hazmat/primitives/test_utils.py b/tests/hazmat/primitives/test_utils.py
index d7247e67..cee0b20e 100644
--- a/tests/hazmat/primitives/test_utils.py
+++ b/tests/hazmat/primitives/test_utils.py
@@ -2,7 +2,7 @@ import pytest
from .utils import (
base_hash_test, encrypt_test, hash_test, long_string_hash_test,
- base_hmac_test, hmac_test
+ base_hmac_test, hmac_test, stream_encryption_test
)
@@ -70,3 +70,14 @@ class TestBaseHMACTest(object):
skip_message="message!"
)
assert exc_info.value.args[0] == "message!"
+
+
+class TestStreamEncryptionTest(object):
+ def test_skips_if_only_if_returns_false(self):
+ with pytest.raises(pytest.skip.Exception) as exc_info:
+ stream_encryption_test(
+ None, None, None,
+ only_if=lambda backend: False,
+ skip_message="message!"
+ )
+ assert exc_info.value.args[0] == "message!"
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index e6e97d1d..9327b0eb 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -8,6 +8,8 @@ from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import hmac
from cryptography.hazmat.primitives.ciphers import Cipher
+from ...utils import load_vectors_from_file
+
def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
mode_factory, only_if=lambda backend: True,
@@ -15,7 +17,10 @@ def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
def test_encryption(self):
for backend in _ALL_BACKENDS:
for file_name in file_names:
- for params in param_loader(os.path.join(path, file_name)):
+ for params in load_vectors_from_file(
+ os.path.join(path, file_name),
+ param_loader
+ ):
yield (
encrypt_test,
backend,
@@ -49,12 +54,57 @@ def encrypt_test(backend, cipher_factory, mode_factory, params, only_if,
assert actual_plaintext == binascii.unhexlify(plaintext)
+def generate_stream_encryption_test(param_loader, path, file_names,
+ cipher_factory, only_if=None,
+ skip_message=None):
+ def test_stream_encryption(self):
+ for backend in _ALL_BACKENDS:
+ for file_name in file_names:
+ for params in load_vectors_from_file(
+ os.path.join(path, file_name),
+ param_loader
+ ):
+ yield (
+ stream_encryption_test,
+ backend,
+ cipher_factory,
+ params,
+ only_if,
+ skip_message
+ )
+ return test_stream_encryption
+
+
+def stream_encryption_test(backend, cipher_factory, params, only_if,
+ skip_message):
+ if not only_if(backend):
+ pytest.skip(skip_message)
+ plaintext = params.pop("plaintext")
+ ciphertext = params.pop("ciphertext")
+ offset = params.pop("offset")
+ cipher = Cipher(cipher_factory(**params), None, backend)
+ encryptor = cipher.encryptor()
+ # throw away offset bytes
+ encryptor.update(b"\x00" * int(offset))
+ actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
+ actual_ciphertext += encryptor.finalize()
+ assert actual_ciphertext == binascii.unhexlify(ciphertext)
+ decryptor = cipher.decryptor()
+ decryptor.update(b"\x00" * int(offset))
+ actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
+ actual_plaintext += decryptor.finalize()
+ assert actual_plaintext == binascii.unhexlify(plaintext)
+
+
def generate_hash_test(param_loader, path, file_names, hash_cls,
only_if=None, skip_message=None):
def test_hash(self):
for backend in _ALL_BACKENDS:
for file_name in file_names:
- for params in param_loader(os.path.join(path, file_name)):
+ for params in load_vectors_from_file(
+ os.path.join(path, file_name),
+ param_loader
+ ):
yield (
hash_test,
backend,
@@ -105,6 +155,12 @@ def base_hash_test(backend, algorithm, digest_size, block_size, only_if,
assert m != m_copy
assert m._ctx != m_copy._ctx
+ m.update(b"abc")
+ copy = m.copy()
+ copy.update(b"123")
+ m.update(b"123")
+ assert copy.finalize() == m.finalize()
+
def generate_long_string_hash_test(hash_factory, md, only_if=None,
skip_message=None):
@@ -134,7 +190,10 @@ def generate_hmac_test(param_loader, path, file_names, algorithm,
def test_hmac(self):
for backend in _ALL_BACKENDS:
for file_name in file_names:
- for params in param_loader(os.path.join(path, file_name)):
+ for params in load_vectors_from_file(
+ os.path.join(path, file_name),
+ param_loader
+ ):
yield (
hmac_test,
backend,
diff --git a/tests/test_utils.py b/tests/test_utils.py
index 0692c8d1..5c58fd76 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -17,14 +17,12 @@ import textwrap
import pytest
from .utils import (
- load_nist_vectors, load_nist_vectors_from_file, load_cryptrec_vectors,
- load_cryptrec_vectors_from_file, load_openssl_vectors,
- load_openssl_vectors_from_file, load_hash_vectors,
- load_hash_vectors_from_file
+ load_nist_vectors, load_vectors_from_file, load_cryptrec_vectors,
+ load_openssl_vectors, load_hash_vectors,
)
-def test_load_nist_vectors_encrypt():
+def test_load_nist_vectors():
vector_data = textwrap.dedent("""
# CAVS 11.1
# Config info for aes_values
@@ -62,7 +60,7 @@ def test_load_nist_vectors_encrypt():
PLAINTEXT = 9798c4640bad75c7c3227db910174e72
""").splitlines()
- assert load_nist_vectors(vector_data, "ENCRYPT") == [
+ assert load_nist_vectors(vector_data) == [
{
"key": b"00000000000000000000000000000000",
"iv": b"00000000000000000000000000000000",
@@ -75,118 +73,6 @@ def test_load_nist_vectors_encrypt():
"plaintext": b"9798c4640bad75c7c3227db910174e72",
"ciphertext": b"a9a1631bf4996954ebc093957b234589",
},
- ]
-
-
-def test_load_nist_vectors_decrypt():
- vector_data = textwrap.dedent("""
- # CAVS 11.1
- # Config info for aes_values
- # AESVS GFSbox test data for CBC
- # State : Encrypt and Decrypt
- # Key Length : 128
- # Generated on Fri Apr 22 15:11:33 2011
-
- [ENCRYPT]
-
- COUNT = 0
- KEY = 00000000000000000000000000000000
- IV = 00000000000000000000000000000000
- PLAINTEXT = f34481ec3cc627bacd5dc3fb08f273e6
- CIPHERTEXT = 0336763e966d92595a567cc9ce537f5e
-
- COUNT = 1
- KEY = 00000000000000000000000000000000
- IV = 00000000000000000000000000000000
- PLAINTEXT = 9798c4640bad75c7c3227db910174e72
- CIPHERTEXT = a9a1631bf4996954ebc093957b234589
-
- [DECRYPT]
-
- COUNT = 0
- KEY = 00000000000000000000000000000000
- IV = 00000000000000000000000000000000
- CIPHERTEXT = 0336763e966d92595a567cc9ce537f5e
- PLAINTEXT = f34481ec3cc627bacd5dc3fb08f273e6
-
- COUNT = 1
- KEY = 00000000000000000000000000000000
- IV = 00000000000000000000000000000000
- CIPHERTEXT = a9a1631bf4996954ebc093957b234589
- PLAINTEXT = 9798c4640bad75c7c3227db910174e72
- """).splitlines()
-
- assert load_nist_vectors(vector_data, "DECRYPT") == [
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"f34481ec3cc627bacd5dc3fb08f273e6",
- "ciphertext": b"0336763e966d92595a567cc9ce537f5e",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"9798c4640bad75c7c3227db910174e72",
- "ciphertext": b"a9a1631bf4996954ebc093957b234589",
- },
- ]
-
-
-def test_load_nist_vectors_from_file_encrypt():
- assert load_nist_vectors_from_file(
- os.path.join("ciphers", "AES", "CBC", "CBCGFSbox128.rsp"),
- "ENCRYPT"
- ) == [
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"f34481ec3cc627bacd5dc3fb08f273e6",
- "ciphertext": b"0336763e966d92595a567cc9ce537f5e",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"9798c4640bad75c7c3227db910174e72",
- "ciphertext": b"a9a1631bf4996954ebc093957b234589",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"96ab5c2ff612d9dfaae8c31f30c42168",
- "ciphertext": b"ff4f8391a6a40ca5b25d23bedd44a597",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"6a118a874519e64e9963798a503f1d35",
- "ciphertext": b"dc43be40be0e53712f7e2bf5ca707209",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"cb9fceec81286ca3e989bd979b0cb284",
- "ciphertext": b"92beedab1895a94faa69b632e5cc47ce",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"b26aeb1874e47ca8358ff22378f09144",
- "ciphertext": b"459264f4798f6a78bacb89c15ed3d601",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"58c8e00b2631686d54eab84b91f0aca1",
- "ciphertext": b"08a4e2efec8a8e3312ca7460b9040bbf",
- },
- ]
-
-
-def test_load_nist_vectors_from_file_decrypt():
- assert load_nist_vectors_from_file(
- os.path.join("ciphers", "AES", "CBC", "CBCGFSbox128.rsp"),
- "DECRYPT",
- ) == [
{
"key": b"00000000000000000000000000000000",
"iv": b"00000000000000000000000000000000",
@@ -199,36 +85,6 @@ def test_load_nist_vectors_from_file_decrypt():
"plaintext": b"9798c4640bad75c7c3227db910174e72",
"ciphertext": b"a9a1631bf4996954ebc093957b234589",
},
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"96ab5c2ff612d9dfaae8c31f30c42168",
- "ciphertext": b"ff4f8391a6a40ca5b25d23bedd44a597",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"6a118a874519e64e9963798a503f1d35",
- "ciphertext": b"dc43be40be0e53712f7e2bf5ca707209",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"cb9fceec81286ca3e989bd979b0cb284",
- "ciphertext": b"92beedab1895a94faa69b632e5cc47ce",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"b26aeb1874e47ca8358ff22378f09144",
- "ciphertext": b"459264f4798f6a78bacb89c15ed3d601",
- },
- {
- "key": b"00000000000000000000000000000000",
- "iv": b"00000000000000000000000000000000",
- "plaintext": b"58c8e00b2631686d54eab84b91f0aca1",
- "ciphertext": b"08a4e2efec8a8e3312ca7460b9040bbf",
- },
]
@@ -286,20 +142,6 @@ def test_load_cryptrec_vectors_invalid():
load_cryptrec_vectors(vector_data)
-def test_load_cryptrec_vectors_from_file_encrypt():
- test_set = load_cryptrec_vectors_from_file(
- os.path.join("ciphers", "Camellia", "camellia-128-ecb.txt"),
- )
- assert test_set[0] == (
- {
- "key": b"00000000000000000000000000000000",
- "plaintext": b"80000000000000000000000000000000",
- "ciphertext": b"07923A39EB0A817D1C4D87BDB82D1F1C",
- }
- )
- assert len(test_set) == 1280
-
-
def test_load_openssl_vectors():
vector_data = textwrap.dedent(
"""
@@ -351,39 +193,6 @@ def test_load_openssl_vectors():
]
-def test_load_openssl_vectors_from_file():
- test_list = load_openssl_vectors_from_file(
- os.path.join("ciphers", "Camellia", "camellia-ofb.txt")
- )
- assert len(test_list) == 24
- assert test_list[:4] == [
- {
- "key": b"2B7E151628AED2A6ABF7158809CF4F3C",
- "iv": b"000102030405060708090A0B0C0D0E0F",
- "plaintext": b"6BC1BEE22E409F96E93D7E117393172A",
- "ciphertext": b"14F7646187817EB586599146B82BD719",
- },
- {
- "key": b"2B7E151628AED2A6ABF7158809CF4F3C",
- "iv": b"50FE67CC996D32B6DA0937E99BAFEC60",
- "plaintext": b"AE2D8A571E03AC9C9EB76FAC45AF8E51",
- "ciphertext": b"25623DB569CA51E01482649977E28D84",
- },
- {
- "key": b"2B7E151628AED2A6ABF7158809CF4F3C",
- "iv": b"D9A4DADA0892239F6B8B3D7680E15674",
- "plaintext": b"30C81C46A35CE411E5FBC1191A0A52EF",
- "ciphertext": b"C776634A60729DC657D12B9FCA801E98",
- },
- {
- "key": b"2B7E151628AED2A6ABF7158809CF4F3C",
- "iv": b"A78819583F0308E7A6BF36B1386ABF23",
- "plaintext": b"F69F2445DF4F9B17AD2B417BE66C3710",
- "ciphertext": b"D776379BE0E50825E681DA1A4C980E8E",
- },
- ]
-
-
def test_load_hash_vectors():
vector_data = textwrap.dedent("""
@@ -442,14 +251,170 @@ def test_load_hash_vectors_bad_data():
load_hash_vectors(vector_data)
-def test_load_hash_vectors_from_file():
- test_list = load_hash_vectors_from_file(
- os.path.join("hashes", "MD5", "rfc-1321.txt")
+def test_load_vectors_from_file():
+ vectors = load_vectors_from_file(
+ os.path.join("ciphers", "Blowfish", "bf-cfb.txt"),
+ load_nist_vectors,
)
- assert len(test_list) == 7
- assert test_list[:4] == [
- (b"", "d41d8cd98f00b204e9800998ecf8427e"),
- (b"61", "0cc175b9c0f1b6a831c399e269772661"),
- (b"616263", "900150983cd24fb0d6963f7d28e17f72"),
- (b"6d65737361676520646967657374", "f96b697d7cb7938d525a2f31aaf161d0"),
+ assert vectors == [
+ {
+ "key": b"0123456789ABCDEFF0E1D2C3B4A59687",
+ "iv": b"FEDCBA9876543210",
+ "plaintext": (
+ b"37363534333231204E6F77206973207468652074696D6520666F722000"
+ ),
+ "ciphertext": (
+ b"E73214A2822139CAF26ECF6D2EB9E76E3DA3DE04D1517200519D57A6C3"
+ ),
+ }
+ ]
+
+
+def test_load_nist_gcm_vectors():
+ vector_data = textwrap.dedent("""
+ [Keylen = 128]
+ [IVlen = 96]
+ [PTlen = 0]
+ [AADlen = 0]
+ [Taglen = 128]
+
+ Count = 0
+ Key = 11754cd72aec309bf52f7687212e8957
+ IV = 3c819d9a9bed087615030b65
+ PT =
+ AAD =
+ CT =
+ Tag = 250327c674aaf477aef2675748cf6971
+
+ Count = 1
+ Key = 272f16edb81a7abbea887357a58c1917
+ IV = 794ec588176c703d3d2a7a07
+ PT =
+ AAD =
+ CT =
+ Tag = b6e6f197168f5049aeda32dafbdaeb
+
+ Count = 2
+ Key = a49a5e26a2f8cb63d05546c2a62f5343
+ IV = 907763b19b9b4ab6bd4f0281
+ CT =
+ AAD =
+ Tag = a2be08210d8c470a8df6e8fbd79ec5cf
+ FAIL
+
+ Count = 3
+ Key = 5c1155084cc0ede76b3bc22e9f7574ef
+ IV = 9549e4ba69a61cad7856efc1
+ PT = d1448fa852b84408e2dad8381f363de7
+ AAD = e98e9d9c618e46fef32660976f854ee3
+ CT = f78b60ca125218493bea1c50a2e12ef4
+ Tag = d72da7f5c6cf0bca7242c71835809449
+
+ [Keylen = 128]
+ [IVlen = 96]
+ [PTlen = 0]
+ [AADlen = 0]
+ [Taglen = 120]
+
+ Count = 0
+ Key = eac258e99c55e6ae8ef1da26640613d7
+ IV = 4e8df20faaf2c8eebe922902
+ CT =
+ AAD =
+ Tag = e39aeaebe86aa309a4d062d6274339
+ PT =
+
+ Count = 1
+ Key = 3726cf02fcc6b8639a5497652c94350d
+ IV = 55fef82cde693ce76efcc193
+ CT =
+ AAD =
+ Tag = 3d68111a81ed22d2ef5bccac4fc27f
+ FAIL
+
+ Count = 2
+ Key = f202299d5fd74f03b12d2119a6c4c038
+ IV = eec51e7958c3f20a1bb71815
+ CT =
+ AAD =
+ Tag = a81886b3fb26e51fca87b267e1e157
+ FAIL
+
+ Count = 3
+ Key = fd52925f39546b4c55ffb6b20c59898c
+ IV = f5cf3227444afd905a5f6dba
+ CT =
+ AAD =
+ Tag = 1665b0f1a0b456e1664cfd3de08ccd
+ PT =
+
+ [Keylen = 128]
+ [IVlen = 8]
+ [PTlen = 104]
+ [AADlen = 0]
+ [Taglen = 128]
+
+ Count = 0
+ Key = 58fab7632bcf10d2bcee58520bf37414
+ IV = 3c
+ CT = 15c4db4cbb451211179d57017f
+ AAD =
+ Tag = eae841d4355feeb3f786bc86625f1e5b
+ FAIL
+ """).splitlines()
+ assert load_nist_vectors(vector_data) == [
+ {'aad': b'',
+ 'pt': b'',
+ 'iv': b'3c819d9a9bed087615030b65',
+ 'tag': b'250327c674aaf477aef2675748cf6971',
+ 'key': b'11754cd72aec309bf52f7687212e8957',
+ 'ct': b''},
+ {'aad': b'',
+ 'pt': b'',
+ 'iv': b'794ec588176c703d3d2a7a07',
+ 'tag': b'b6e6f197168f5049aeda32dafbdaeb',
+ 'key': b'272f16edb81a7abbea887357a58c1917',
+ 'ct': b''},
+ {'aad': b'',
+ 'iv': b'907763b19b9b4ab6bd4f0281',
+ 'tag': b'a2be08210d8c470a8df6e8fbd79ec5cf',
+ 'key': b'a49a5e26a2f8cb63d05546c2a62f5343',
+ 'ct': b'',
+ 'fail': True},
+ {'aad': b'e98e9d9c618e46fef32660976f854ee3',
+ 'pt': b'd1448fa852b84408e2dad8381f363de7',
+ 'iv': b'9549e4ba69a61cad7856efc1',
+ 'tag': b'd72da7f5c6cf0bca7242c71835809449',
+ 'key': b'5c1155084cc0ede76b3bc22e9f7574ef',
+ 'ct': b'f78b60ca125218493bea1c50a2e12ef4'},
+ {'aad': b'',
+ 'pt': b'',
+ 'iv': b'4e8df20faaf2c8eebe922902',
+ 'tag': b'e39aeaebe86aa309a4d062d6274339',
+ 'key': b'eac258e99c55e6ae8ef1da26640613d7',
+ 'ct': b''},
+ {'aad': b'',
+ 'iv': b'55fef82cde693ce76efcc193',
+ 'tag': b'3d68111a81ed22d2ef5bccac4fc27f',
+ 'key': b'3726cf02fcc6b8639a5497652c94350d',
+ 'ct': b'',
+ 'fail': True},
+ {'aad': b'',
+ 'iv': b'eec51e7958c3f20a1bb71815',
+ 'tag': b'a81886b3fb26e51fca87b267e1e157',
+ 'key': b'f202299d5fd74f03b12d2119a6c4c038',
+ 'ct': b'',
+ 'fail': True},
+ {'aad': b'',
+ 'pt': b'',
+ 'iv': b'f5cf3227444afd905a5f6dba',
+ 'tag': b'1665b0f1a0b456e1664cfd3de08ccd',
+ 'key': b'fd52925f39546b4c55ffb6b20c59898c',
+ 'ct': b''},
+ {'aad': b'',
+ 'iv': b'3c',
+ 'tag': b'eae841d4355feeb3f786bc86625f1e5b',
+ 'key': b'58fab7632bcf10d2bcee58520bf37414',
+ 'ct': b'15c4db4cbb451211179d57017f',
+ 'fail': True},
]
diff --git a/tests/utils.py b/tests/utils.py
index 99ba2e2f..94f97d59 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -14,58 +14,44 @@
import os.path
-def load_nist_vectors(vector_data, op):
- section, count, data = None, None, {}
+def load_vectors_from_file(filename, loader):
+ base = os.path.join(
+ os.path.dirname(__file__), "hazmat", "primitives", "vectors",
+ )
+ with open(os.path.join(base, filename), "r") as vector_file:
+ return loader(vector_file)
+
+
+def load_nist_vectors(vector_data):
+ test_data = None
+ data = []
for line in vector_data:
line = line.strip()
- # Blank lines are ignored
- if not line:
- continue
-
- # Lines starting with # are comments
- if line.startswith("#"):
+ # Blank lines, comments, and section headers are ignored
+ if not line or line.startswith("#") or (line.startswith("[")
+ and line.endswith("]")):
continue
- # Look for section headers
- if line.startswith("[") and line.endswith("]"):
- section = line[1:-1]
- data[section] = {}
+ if line.strip() == "FAIL":
+ test_data["fail"] = True
continue
# Build our data using a simple Key = Value format
- name, value = line.split(" = ")
+ name, value = [c.strip() for c in line.split("=")]
# COUNT is a special token that indicates a new block of data
if name.upper() == "COUNT":
- count = value
- data[section][count] = {}
+ test_data = {}
+ data.append(test_data)
+ continue
# For all other tokens we simply want the name, value stored in
# the dictionary
else:
- data[section][count][name.lower()] = value.encode("ascii")
-
- # We want to test only for a particular operation, we sort them for the
- # benefit of the tests of this function.
- return [v for k, v in sorted(data[op].items(), key=lambda kv: kv[0])]
-
-
-def load_nist_vectors_from_file(filename, op):
- base = os.path.join(
- os.path.dirname(__file__), "hazmat", "primitives", "vectors",
- )
- with open(os.path.join(base, filename), "r") as vector_file:
- return load_nist_vectors(vector_file, op)
-
+ test_data[name.lower()] = value.encode("ascii")
-def load_cryptrec_vectors_from_file(filename):
- base = os.path.join(
- os.path.dirname(__file__),
- "hazmat", "primitives", "vectors",
- )
- with open(os.path.join(base, filename), "r") as vector_file:
- return load_cryptrec_vectors(vector_file)
+ return data
def load_cryptrec_vectors(vector_data):
@@ -96,15 +82,6 @@ def load_cryptrec_vectors(vector_data):
return cryptrec_list
-def load_openssl_vectors_from_file(filename):
- base = os.path.join(
- os.path.dirname(__file__),
- "hazmat", "primitives", "vectors",
- )
- with open(os.path.join(base, filename), "r") as vector_file:
- return load_openssl_vectors(vector_file)
-
-
def load_openssl_vectors(vector_data):
vectors = []
@@ -166,11 +143,3 @@ def load_hash_vectors(vector_data):
else:
raise ValueError("Unknown line in hash vector")
return vectors
-
-
-def load_hash_vectors_from_file(filename):
- base = os.path.join(
- os.path.dirname(__file__), "hazmat", "primitives", "vectors"
- )
- with open(os.path.join(base, filename), "r") as vector_file:
- return load_hash_vectors(vector_file)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 16:25:59 +0000