1 files changed, 31 insertions, 3 deletions

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index f46009d4..d8c09bd7 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -18,11 +18,11 @@ from cryptography.exceptions import (
     UnsupportedAlgorithm, _Reasons
 )
 from cryptography.hazmat.backends.interfaces import (
-    CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
-    RSABackend
+    CMACBackend, CipherBackend, DSABackend, HMACBackend, HashBackend,
+    PBKDF2HMACBackend, RSABackend
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
-from cryptography.hazmat.primitives import hashes, hmac
+from cryptography.hazmat.primitives import cmac, hashes, hmac
 from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 
@@ -108,6 +108,19 @@ class DummyDSABackend(object):
         pass
 
 
+@utils.register_interface(CMACBackend)
+class DummyCMACBackend(object):
+    def __init__(self, supported_algorithms):
+        self._algorithms = supported_algorithms
+
+    def cmac_algorithm_supported(self, algorithm):
+        return type(algorithm) in self._algorithms
+
+    def create_cmac_ctx(self, algorithm):
+        if not self.cmac_algorithm_supported(algorithm):
+            raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_CIPHER)
+
+
 class TestMultiBackend(object):
     def test_ciphers(self):
         backend = MultiBackend([
@@ -224,3 +237,18 @@ class TestMultiBackend(object):
             _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
         ):
             backend.generate_dsa_private_key(parameters)
+
+    def test_cmac(self):
+        backend = MultiBackend([
+            DummyCMACBackend([algorithms.AES])
+        ])
+
+        fake_key = b"\x00" * 16
+
+        assert backend.cmac_algorithm_supported(
+            algorithms.AES(fake_key)) is True
+
+        cmac.CMAC(algorithms.AES(fake_key), backend)
+
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
+            cmac.CMAC(algorithms.TripleDES(fake_key), backend)