diff options
Diffstat (limited to 'tests/hazmat/primitives/test_block.py')
| -rw-r--r-- | tests/hazmat/primitives/test_block.py | 80 |
1 files changed, 64 insertions, 16 deletions
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index 28f34478..02de3861 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -17,34 +17,47 @@ import binascii import pytest -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography import utils +from cryptography.exceptions import ( + UnsupportedAlgorithm, AlreadyFinalized, +) from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers import ( Cipher, algorithms, modes ) +from .utils import ( + generate_aead_exception_test, generate_aead_tag_exception_test +) -class TestCipher(object): - def test_instantiate_without_backend(self): - Cipher( - algorithms.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)) - ) - def test_creates_encryptor(self): +@utils.register_interface(interfaces.CipherAlgorithm) +class DummyCipher(object): + pass + + +class TestCipher(object): + def test_creates_encryptor(self, backend): cipher = Cipher( algorithms.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)) + modes.CBC(binascii.unhexlify(b"0" * 32)), + backend ) assert isinstance(cipher.encryptor(), interfaces.CipherContext) - def test_creates_decryptor(self): + def test_creates_decryptor(self, backend): cipher = Cipher( algorithms.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)) + modes.CBC(binascii.unhexlify(b"0" * 32)), + backend ) assert isinstance(cipher.decryptor(), interfaces.CipherContext) + def test_instantiate_with_non_algorithm(self, backend): + algorithm = object() + with pytest.raises(TypeError): + Cipher(algorithm, mode=None, backend=backend) + class TestCipherContext(object): def test_use_after_finalize(self, backend): @@ -56,16 +69,16 @@ class TestCipherContext(object): encryptor = cipher.encryptor() encryptor.update(b"a" * 16) encryptor.finalize() - with pytest.raises(ValueError): + with pytest.raises(AlreadyFinalized): encryptor.update(b"b" * 16) - with pytest.raises(ValueError): + with pytest.raises(AlreadyFinalized): encryptor.finalize() decryptor = cipher.decryptor() decryptor.update(b"a" * 16) decryptor.finalize() - with pytest.raises(ValueError): + with pytest.raises(AlreadyFinalized): decryptor.update(b"b" * 16) - with pytest.raises(ValueError): + with pytest.raises(AlreadyFinalized): decryptor.finalize() def test_unaligned_block_encryption(self, backend): @@ -90,10 +103,45 @@ class TestCipherContext(object): def test_nonexistent_cipher(self, backend): cipher = Cipher( - object(), object(), backend + DummyCipher(), object(), backend ) with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() with pytest.raises(UnsupportedAlgorithm): cipher.decryptor() + + def test_incorrectly_padded(self, backend): + cipher = Cipher( + algorithms.AES(b"\x00" * 16), + modes.CBC(b"\x00" * 16), + backend + ) + encryptor = cipher.encryptor() + encryptor.update(b"1") + with pytest.raises(ValueError): + encryptor.finalize() + + decryptor = cipher.decryptor() + decryptor.update(b"1") + with pytest.raises(ValueError): + decryptor.finalize() + + +class TestAEADCipherContext(object): + test_aead_exceptions = generate_aead_exception_test( + algorithms.AES, + modes.GCM, + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12) + ), + skip_message="Does not support AES GCM", + ) + test_aead_tag_exceptions = generate_aead_tag_exception_test( + algorithms.AES, + modes.GCM, + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.GCM("\x00" * 12) + ), + skip_message="Does not support AES GCM", + ) |