diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-02-25 20:58:19 -0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-02-25 20:58:19 -0800 |
| commit | d8c8f7cde6b43d08f39cd11cd2e2dd3ed7feb5a5 (patch) | |
| tree | f912b6b5d7bb466a05c7e802ffb6515716c87087 /tests | |
| parent | 8bae14b62bc5da70ddfd9cd587f016b8d8a0425a (diff) | |
| parent | 572cb46dcca8d1b06f44ab2135f866002b3e32e2 (diff) | |
| download | cryptography-d8c8f7cde6b43d08f39cd11cd2e2dd3ed7feb5a5.tar.gz cryptography-d8c8f7cde6b43d08f39cd11cd2e2dd3ed7feb5a5.tar.bz2 cryptography-d8c8f7cde6b43d08f39cd11cd2e2dd3ed7feb5a5.zip | |
Merge pull request #673 from reaperhulk/rsa-pkcs1-signature-only
Add RSA PKCS1 signing (and structure for PSS + verification)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 11 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 80 |
2 files changed, 91 insertions, 0 deletions
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index ce77ce2f..be1e76e2 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -20,6 +20,7 @@ from cryptography.hazmat.backends.interfaces import ( ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import hashes, hmac +from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes @@ -85,6 +86,9 @@ class DummyRSABackend(object): def generate_rsa_private_key(self, public_exponent, private_key): pass + def create_rsa_signature_ctx(self, private_key, padding, algorithm): + pass + class TestMultiBackend(object): def test_ciphers(self): @@ -158,6 +162,13 @@ class TestMultiBackend(object): key_size=1024, public_exponent=65537 ) + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), + hashes.MD5()) + backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), + hashes.MD5()) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index df3a70f5..647c51b4 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -14,16 +14,25 @@ from __future__ import absolute_import, division, print_function +import binascii import itertools import os import pytest +from cryptography import exceptions, utils +from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import rsa +from cryptography.hazmat.primitives.asymmetric import padding from ...utils import load_pkcs1_vectors, load_vectors_from_file +@utils.register_interface(interfaces.AsymmetricPadding) +class DummyPadding(object): + name = "UNSUPPORTED-PADDING" + + def _modinv(e, m): """ Modular Multiplicative Inverse. Returns x such that: (x*e) mod m == 1 @@ -55,6 +64,17 @@ def _check_rsa_private_key(skey): assert skey.key_size == pkey.key_size +def _flatten_pkcs1_examples(vectors): + flattened_vectors = [] + for vector in vectors: + examples = vector[0].pop("examples") + for example in examples: + merged_vector = (vector[0], vector[1], example) + flattened_vectors.append(merged_vector) + + return flattened_vectors + + def test_modular_inverse(): p = int( "d1f9f6c09fd3d38987f7970247b85a6da84907753d42ec52bc23b745093f4fff5cff3" @@ -363,3 +383,63 @@ class TestRSA(object): # Test a public_exponent that is not odd. with pytest.raises(ValueError): rsa.RSAPublicKey(public_exponent=6, modulus=15) + + +@pytest.mark.rsa +class TestRSASignature(object): + @pytest.mark.parametrize( + "pkcs1_example", + _flatten_pkcs1_examples(load_vectors_from_file( + os.path.join( + "asymmetric", "RSA", "pkcs1v15sign-vectors.txt"), + load_pkcs1_vectors + )) + ) + def test_pkcs1v15_signing(self, pkcs1_example, backend): + private, public, example = pkcs1_example + private_key = rsa.RSAPrivateKey( + p=private["p"], + q=private["q"], + private_exponent=private["private_exponent"], + dmp1=private["dmp1"], + dmq1=private["dmq1"], + iqmp=private["iqmp"], + public_exponent=private["public_exponent"], + modulus=private["modulus"] + ) + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) + signer.update(binascii.unhexlify(example["message"])) + signature = signer.finalize() + assert binascii.hexlify(signature) == example["signature"] + + def test_use_after_finalize(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend) + signer.update(b"sign me") + signer.finalize() + with pytest.raises(exceptions.AlreadyFinalized): + signer.finalize() + with pytest.raises(exceptions.AlreadyFinalized): + signer.update(b"more data") + + def test_unsupported_padding(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + with pytest.raises(exceptions.UnsupportedPadding): + private_key.signer(DummyPadding(), hashes.SHA1(), backend) + + def test_padding_incorrect_type(self, backend): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + with pytest.raises(TypeError): + private_key.signer("notpadding", hashes.SHA1(), backend) |