diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-03-20 13:33:57 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-03-20 13:33:57 -0400 |
| commit | f903da081b3eac3bc84a2e596591e7e634c3355d (patch) | |
| tree | 720fc1607b0e0ae1a3d9d9f3a88a2a49e1a3e34a /tests | |
| parent | 79748a9e84b8084559e9a2794ed2d88e05259611 (diff) | |
| download | cryptography-f903da081b3eac3bc84a2e596591e7e634c3355d.tar.gz cryptography-f903da081b3eac3bc84a2e596591e7e634c3355d.tar.bz2 cryptography-f903da081b3eac3bc84a2e596591e7e634c3355d.zip | |
fix bug with n % 8 length wrapping on AESKWP (#4160)
* fix bug with n % 8 length wrapping on AESKWP
* review feedback
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/primitives/test_keywrap.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/test_keywrap.py b/tests/hazmat/primitives/test_keywrap.py index 8311c2a4..9b1e43e4 100644 --- a/tests/hazmat/primitives/test_keywrap.py +++ b/tests/hazmat/primitives/test_keywrap.py @@ -143,6 +143,18 @@ class TestAESKeyWrapWithPadding(object): @pytest.mark.parametrize( "params", + _load_all_params("keywrap", ["kwp_botan.txt"], load_nist_vectors) + ) + def test_wrap_additional_vectors(self, backend, params): + wrapping_key = binascii.unhexlify(params["key"]) + key_to_wrap = binascii.unhexlify(params["input"]) + wrapped_key = keywrap.aes_key_wrap_with_padding( + wrapping_key, key_to_wrap, backend + ) + assert wrapped_key == binascii.unhexlify(params["output"]) + + @pytest.mark.parametrize( + "params", _load_all_params( os.path.join("keywrap", "kwtestvectors"), ["KWP_AD_128.txt", "KWP_AD_192.txt", "KWP_AD_256.txt"], @@ -163,6 +175,18 @@ class TestAESKeyWrapWithPadding(object): ) assert params["p"] == binascii.hexlify(unwrapped_key) + @pytest.mark.parametrize( + "params", + _load_all_params("keywrap", ["kwp_botan.txt"], load_nist_vectors) + ) + def test_unwrap_additional_vectors(self, backend, params): + wrapping_key = binascii.unhexlify(params["key"]) + wrapped_key = binascii.unhexlify(params["output"]) + unwrapped_key = keywrap.aes_key_unwrap_with_padding( + wrapping_key, wrapped_key, backend + ) + assert unwrapped_key == binascii.unhexlify(params["input"]) + def test_unwrap_invalid_wrapped_key_length(self, backend): # Keys to unwrap must be at least 16 bytes with pytest.raises(ValueError, match='Must be at least 16 bytes'): |