diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2018-08-02 18:49:25 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-08-03 06:49:25 +0800 |
| commit | ebfa6690437daa9c97c856007e1f1527b4cd7a82 (patch) | |
| tree | 67b103412af1b80e144cd7fa74c9b46109b61d4c /tests | |
| parent | f6ccb2ef6c5d787955c2b25d1d0b542152d8aaeb (diff) | |
| download | cryptography-ebfa6690437daa9c97c856007e1f1527b4cd7a82.tar.gz cryptography-ebfa6690437daa9c97c856007e1f1527b4cd7a82.tar.bz2 cryptography-ebfa6690437daa9c97c856007e1f1527b4cd7a82.zip | |
Refs #4375 -- added RSA PSS wycheproof tests (#4381)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/wycheproof/test_rsa.py | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/tests/wycheproof/test_rsa.py b/tests/wycheproof/test_rsa.py index 9de4bc5f..3d35f42d 100644 --- a/tests/wycheproof/test_rsa.py +++ b/tests/wycheproof/test_rsa.py @@ -62,7 +62,7 @@ def should_verify(backend, wycheproof): "rsa_signature_4096_sha384_test.json", "rsa_signature_4096_sha512_test.json", ) -def test_rsa_signature(backend, wycheproof): +def test_rsa_pkcs1v15_signature(backend, wycheproof): key = serialization.load_der_public_key( binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend ) @@ -83,3 +83,43 @@ def test_rsa_signature(backend, wycheproof): padding.PKCS1v15(), digest, ) + + +@pytest.mark.requires_backend_interface(interface=RSABackend) +@pytest.mark.wycheproof_tests( + "rsa_pss_2048_sha1_mgf1_20_test.json", + "rsa_pss_2048_sha256_mgf1_0_test.json", + "rsa_pss_2048_sha256_mgf1_32_test.json", + "rsa_pss_3072_sha256_mgf1_32_test.json", + "rsa_pss_4096_sha256_mgf1_32_test.json", + "rsa_pss_4096_sha512_mgf1_32_test.json", + "rsa_pss_misc_test.json", +) +def test_rsa_pss_signature(backend, wycheproof): + key = serialization.load_der_public_key( + binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend + ) + digest = _DIGESTS[wycheproof.testgroup["sha"]] + mgf_digest = _DIGESTS[wycheproof.testgroup["mgfSha"]] + + if wycheproof.valid or wycheproof.acceptable: + key.verify( + binascii.unhexlify(wycheproof.testcase["sig"]), + binascii.unhexlify(wycheproof.testcase["msg"]), + padding.PSS( + mgf=padding.MGF1(mgf_digest), + salt_length=wycheproof.testgroup["sLen"] + ), + digest + ) + else: + with pytest.raises(InvalidSignature): + key.verify( + binascii.unhexlify(wycheproof.testcase["sig"]), + binascii.unhexlify(wycheproof.testcase["msg"]), + padding.PSS( + mgf=padding.MGF1(mgf_digest), + salt_length=wycheproof.testgroup["sLen"] + ), + digest + ) |