2 files changed, 57 insertions, 0 deletions

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 088465a1..63d7dd23 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -101,6 +101,9 @@ class DummyRSABackend(object):
     def mgf1_hash_supported(self, algorithm):
         pass
 
+    def rsa_padding_supported(self, padding):
+        pass
+
     def decrypt_rsa(self, private_key, ciphertext, padding):
         pass
 
@@ -222,6 +225,8 @@ class TestMultiBackend(object):
 
         backend.mgf1_hash_supported(hashes.MD5())
 
+        backend.rsa_padding_supported(padding.PKCS1v15())
+
         backend.encrypt_rsa("public_key", "encryptme", padding.PKCS1v15())
 
         backend.decrypt_rsa("private_key", "encrypted", padding.PKCS1v15())
@@ -252,6 +257,11 @@ class TestMultiBackend(object):
         with raises_unsupported_algorithm(
             _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
         ):
+            backend.rsa_padding_supported(padding.PKCS1v15())
+
+        with raises_unsupported_algorithm(
+            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
+        ):
             backend.encrypt_rsa("public_key", "encryptme", padding.PKCS1v15())
 
         with raises_unsupported_algorithm(
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 19274bf8..b3432003 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -43,11 +43,20 @@ class DummyCipher(object):
     name = "dummy-cipher"
 
 
+@utils.register_interface(interfaces.AsymmetricPadding)
+class DummyPadding(object):
+    name = "dummy-cipher"
+
+
 @utils.register_interface(interfaces.HashAlgorithm)
 class DummyHash(object):
     name = "dummy-hash"
 
 
+class DummyMGF(object):
+    _salt_length = 0
+
+
 class TestOpenSSL(object):
     def test_backend_exists(self):
         assert backend
@@ -300,6 +309,44 @@ class TestOpenSSLRSA(object):
     def test_unsupported_mgf1_hash_algorithm(self):
         assert backend.mgf1_hash_supported(DummyHash()) is False
 
+    def test_rsa_padding_unsupported_pss_mgf1_hash(self):
+        assert backend.rsa_padding_supported(
+            padding.PSS(mgf=padding.MGF1(DummyHash()), salt_length=0)
+        ) is False
+
+    def test_rsa_padding_unsupported(self):
+        assert backend.rsa_padding_supported(DummyPadding()) is False
+
+    def test_rsa_padding_supported_pkcs1v15(self):
+        assert backend.rsa_padding_supported(padding.PKCS1v15()) is True
+
+    def test_rsa_padding_supported_pss(self):
+        assert backend.rsa_padding_supported(
+            padding.PSS(mgf=padding.MGF1(hashes.SHA1()), salt_length=0)
+        ) is True
+
+    def test_rsa_padding_supported_oaep(self):
+        assert backend.rsa_padding_supported(
+            padding.OAEP(
+                mgf=padding.MGF1(algorithm=hashes.SHA1()),
+                algorithm=hashes.SHA1(),
+                label=None
+            ),
+        ) is True
+
+    def test_rsa_padding_unsupported_mgf(self):
+        assert backend.rsa_padding_supported(
+            padding.OAEP(
+                mgf=DummyMGF(),
+                algorithm=hashes.SHA1(),
+                label=None
+            ),
+        ) is False
+
+        assert backend.rsa_padding_supported(
+            padding.PSS(mgf=DummyMGF(), salt_length=0)
+        ) is False
+
     def test_unsupported_mgf1_hash_algorithm_decrypt(self):
         private_key = rsa.RSAPrivateKey.generate(
             public_exponent=65537,