diff options
-rw-r--r-- | docs/contributing.rst | 6 | ||||
-rw-r--r-- | docs/index.rst | 11 | ||||
-rw-r--r-- | tests/hazmat/primitives/utils.py | 7 | ||||
-rw-r--r-- | tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA1.txt | 8 | ||||
-rw-r--r-- | tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA256.txt | 6 | ||||
-rw-r--r-- | tests/hazmat/primitives/vectors/KDF/rfc-6070-PBKDF2-SHA1.txt | 48 | ||||
-rw-r--r-- | tests/utils.py | 23 |
7 files changed, 93 insertions, 16 deletions
diff --git a/docs/contributing.rst b/docs/contributing.rst index 3de41fd5..184ba214 100644 --- a/docs/contributing.rst +++ b/docs/contributing.rst @@ -60,6 +60,12 @@ always indistinguishable. As a result ``cryptography`` has, as a design philosophy: "make it hard to do insecure things". Here are a few strategies for API design which should be both followed, and should inspire other API choices: +If it is necessary to compare a user provided value with a computed value (for +example, verifying a signature), there should be an API provided which performs +the verification in a secure way (for example, using a constant time +comparison), rather than requiring the user to perform the comparison +themselves. + If it is incorrect to ignore the result of a method, it should raise an exception, and not return a boolean ``True``/``False`` flag. For example, a method to verify a signature should raise ``InvalidSignature``, and not return diff --git a/docs/index.rst b/docs/index.rst index a1cebc30..b800bcaf 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -17,7 +17,16 @@ You can install ``cryptography`` with ``pip``: .. note:: If you're on Windows you'll need to make sure you have OpenSSL installed. - There are `pre-compiled binaries`_ available. + There are `pre-compiled binaries`_ available. If your installation is in + an unusual location set the ``LIB`` and ``INCLUDE`` environment variables + to include the corresponding locations. For example: + + .. code-block:: console + + C:\> \path\to\vcvarsall.bat x86_amd64 + C:\> set LIB=C:\OpenSSL-1.0.1f-64bit\lib;%LIB% + C:\> set INCLUDE=C:\OpenSSL-1.0.1f-64bit\include;%INCLUDE% + C:\> pip install cryptography Why a new crypto library for Python? diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 6ecc70ff..f27afe41 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -141,8 +141,7 @@ def generate_hash_test(param_loader, path, file_names, hash_cls): def hash_test(backend, algorithm, params): - msg = params[0] - md = params[1] + msg, md = params m = hashes.Hash(algorithm, backend=backend) m.update(binascii.unhexlify(msg)) expected_md = md.replace(" ", "").lower().encode("ascii") @@ -206,9 +205,7 @@ def generate_hmac_test(param_loader, path, file_names, algorithm): def hmac_test(backend, algorithm, params): - msg = params[0] - md = params[1] - key = params[2] + msg, md, key = params h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) h.update(binascii.unhexlify(msg)) assert h.finalize() == binascii.unhexlify(md.encode("ascii")) diff --git a/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA1.txt b/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA1.txt index 598ecaae..b3fd03aa 100644 --- a/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA1.txt +++ b/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA1.txt @@ -1,6 +1,8 @@ # A.4. Test Case 4 # Basic test case with SHA-1 +COUNT = 4 + Hash = SHA-1 IKM = 0b0b0b0b0b0b0b0b0b0b0b salt = 000102030405060708090a0b0c @@ -13,6 +15,8 @@ OKM = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e42247 # A.5. Test Case 5 # Test with SHA-1 and longer inputs/outputs +COUNT = 5 + Hash = SHA-1 IKM = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f salt = 606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf @@ -25,6 +29,8 @@ OKM = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e # A.6. Test Case 6 # Test with SHA-1 and zero-length salt/info +COUNT = 6 + Hash = SHA-1 IKM = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b salt = @@ -38,6 +44,8 @@ OKM = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de # Test with SHA-1, salt not provided (defaults to HashLen zero octets), # zero-length info +COUNT = 7 + Hash = SHA-1 IKM = 0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c salt = diff --git a/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA256.txt b/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA256.txt index 170dd13e..9068a739 100644 --- a/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA256.txt +++ b/tests/hazmat/primitives/vectors/KDF/rfc-5869-HKDF-SHA256.txt @@ -1,6 +1,8 @@ # A.1. Test Case 1 # Basic test case with SHA-256 +COUNT = 1 + Hash = SHA-256 IKM = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b salt = 000102030405060708090a0b0c @@ -12,6 +14,8 @@ OKM = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d # A.2. Test Case 2 # Test with SHA-256 and longer inputs/outputs +COUNT = 2 + Hash = SHA-256 IKM = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f salt = 606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf @@ -24,6 +28,8 @@ OKM = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99c # A.3. Test Case 3 # Test with SHA-256 and zero-length salt/info +COUNT = 3 + Hash = SHA-256 IKM = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b salt = diff --git a/tests/hazmat/primitives/vectors/KDF/rfc-6070-PBKDF2-SHA1.txt b/tests/hazmat/primitives/vectors/KDF/rfc-6070-PBKDF2-SHA1.txt new file mode 100644 index 00000000..739f3f36 --- /dev/null +++ b/tests/hazmat/primitives/vectors/KDF/rfc-6070-PBKDF2-SHA1.txt @@ -0,0 +1,48 @@ +# PBKDF2 SHA1 vectors from http://www.ietf.org/rfc/rfc6070.txt + +COUNT = 0 +PASSWORD = password +SALT = salt +ITERATIONS = 1 +LENGTH = 20 +DERIVED_KEY = 0c60c80f961f0e71f3a9b524af6012062fe037a6 + + +COUNT = 1 +PASSWORD = password +SALT = salt +ITERATIONS = 2 +LENGTH = 20 +DERIVED_KEY = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957 + + +COUNT = 2 +PASSWORD = password +SALT = salt +ITERATIONS = 4096 +LENGTH = 20 +DERIVED_KEY = 4b007901b765489abead49d926f721d065a429c1 + + +COUNT = 3 +PASSWORD = password +SALT = salt +ITERATIONS = 16777216 +LENGTH = 20 +DERIVED_KEY = eefe3d61cd4da4e4e9945b3d6ba2158c2634e984 + + +COUNT = 4 +PASSWORD = passwordPASSWORDpassword +SALT = saltSALTsaltSALTsaltSALTsaltSALTsalt +ITERATIONS = 4096 +LENGTH = 25 +DERIVED_KEY = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038 + + +COUNT = 5 +PASSWORD = pass\0word +SALT = sa\0lt +ITERATIONS = 4096 +LENGTH = 16 +DERIVED_KEY = 56fa6aa75548099dcc37d7f03425e0c3 diff --git a/tests/utils.py b/tests/utils.py index a2432256..507bc421 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -11,11 +11,18 @@ # See the License for the specific language governing permissions and # limitations under the License. +import collections import os import pytest +HashVector = collections.namedtuple("HashVector", ["message", "digest"]) +KeyedHashVector = collections.namedtuple( + "KeyedHashVector", ["message", "digest", "key"] +) + + def select_backends(names, backend_list): if names is None: return backend_list @@ -158,27 +165,23 @@ def load_hash_vectors(vector_data): if line.startswith("Len"): length = int(line.split(" = ")[1]) elif line.startswith("Key"): - """ - HMAC vectors contain a key attribute. Hash vectors do not. - """ + # HMAC vectors contain a key attribute. Hash vectors do not. key = line.split(" = ")[1].encode("ascii") elif line.startswith("Msg"): - """ - In the NIST vectors they have chosen to represent an empty - string as hex 00, which is of course not actually an empty - string. So we parse the provided length and catch this edge case. - """ + # In the NIST vectors they have chosen to represent an empty + # string as hex 00, which is of course not actually an empty + # string. So we parse the provided length and catch this edge case. msg = line.split(" = ")[1].encode("ascii") if length > 0 else b"" elif line.startswith("MD"): md = line.split(" = ")[1] # after MD is found the Msg+MD (+ potential key) tuple is complete if key is not None: - vectors.append((msg, md, key)) + vectors.append(KeyedHashVector(msg, md, key)) key = None msg = None md = None else: - vectors.append((msg, md)) + vectors.append(HashVector(msg, md)) msg = None md = None else: |