diff options
| -rw-r--r-- | CHANGELOG.rst | 1 | ||||
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 15 | ||||
| -rw-r--r-- | docs/hazmat/primitives/symmetric-encryption.rst | 4 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_idea.py | 92 |
4 files changed, 101 insertions, 11 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 1fa9ab3a..391427d7 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,7 @@ Changelog * Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`. * Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`. +* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA` support. 0.2.2 - 2014-03-03 ~~~~~~~~~~~~~~~~~~ diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 5d739135..bdbbffd6 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -159,11 +159,14 @@ class Backend(object): mode_cls, GetCipherByName("bf-{mode.name}") ) - for mode_cls in [CBC, CFB, OFB, ECB]: + for cipher_cls, mode_cls in itertools.product( + [CAST5, IDEA], + [CBC, OFB, CFB, ECB], + ): self.register_cipher_adapter( - CAST5, + cipher_cls, mode_cls, - GetCipherByName("cast5-{mode.name}") + GetCipherByName("{cipher.name}-{mode.name}") ) self.register_cipher_adapter( ARC4, @@ -175,12 +178,6 @@ class Backend(object): GCM, GetCipherByName("{cipher.name}-{cipher.key_size}-{mode.name}") ) - for mode_cls in [ECB]: - self.register_cipher_adapter( - IDEA, - mode_cls, - GetCipherByName("idea-{mode.name}") - ) def create_symmetric_encryption_ctx(self, cipher, mode): return _CipherContext(self, cipher, mode, _CipherContext._ENCRYPT) diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index daa4b36f..741091b2 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -172,8 +172,8 @@ Weak Ciphers is susceptible to attacks when using weak keys. It is recommended that you do not use this cipher for new applications. - :param bytes key: The secret key, 128 bits in length. This must be kept - secret. + :param bytes key: The secret key This must be kept secret. ``128`` bits in + length. .. _symmetric-encryption-modes: diff --git a/tests/hazmat/primitives/test_idea.py b/tests/hazmat/primitives/test_idea.py new file mode 100644 index 00000000..de439259 --- /dev/null +++ b/tests/hazmat/primitives/test_idea.py @@ -0,0 +1,92 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import binascii +import os + +import pytest + +from cryptography.hazmat.primitives.ciphers import algorithms, modes + +from .utils import generate_encrypt_test +from ...utils import load_nist_vectors + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.IDEA("\x00" * 16), modes.ECB() + ), + skip_message="Does not support IDEA ECB", +) +@pytest.mark.cipher +class TestIDEAModeECB(object): + test_ECB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "IDEA"), + ["idea-ecb.txt"], + lambda key, **kwargs: algorithms.IDEA(binascii.unhexlify((key))), + lambda **kwargs: modes.ECB(), + ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.IDEA("\x00" * 16), modes.CBC("\x00" * 8) + ), + skip_message="Does not support IDEA CBC", +) +@pytest.mark.cipher +class TestIDEAModeCBC(object): + test_CBC = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "IDEA"), + ["idea-cbc.txt"], + lambda key, **kwargs: algorithms.IDEA(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)) + ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.IDEA("\x00" * 16), modes.OFB("\x00" * 8) + ), + skip_message="Does not support IDEA OFB", +) +@pytest.mark.cipher +class TestIDEAModeOFB(object): + test_OFB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "IDEA"), + ["idea-ofb.txt"], + lambda key, **kwargs: algorithms.IDEA(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)) + ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.IDEA("\x00" * 16), modes.CFB("\x00" * 8) + ), + skip_message="Does not support IDEA CFB", +) +@pytest.mark.cipher +class TestIDEAModeCFB(object): + test_CFB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "IDEA"), + ["idea-cfb.txt"], + lambda key, **kwargs: algorithms.IDEA(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)) + ) |