aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives/test_rsa.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/hazmat/primitives/test_rsa.py')
-rw-r--r--tests/hazmat/primitives/test_rsa.py182
1 files changed, 134 insertions, 48 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 67b5b2e0..67189c24 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -27,7 +27,7 @@ from cryptography.exceptions import (
from cryptography.hazmat.primitives import hashes, interfaces
from cryptography.hazmat.primitives.asymmetric import padding, rsa
-from .utils import generate_rsa_pss_test
+from .utils import generate_rsa_verification_test
from ...utils import (
load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file
)
@@ -748,89 +748,175 @@ class TestRSAVerification(object):
verifier.verify()
-@pytest.mark.supported(
- only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA1()),
- skip_message="Does not support SHA1 with MGF1."
-)
@pytest.mark.rsa
-class TestRSAPSSMGF1VerificationSHA1(object):
- test_rsa_pss_mgf1_sha1 = generate_rsa_pss_test(
+class TestRSAPSSMGF1Verification(object):
+ test_rsa_pss_mgf1_sha1 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA1()),
+ skip_message="Does not support SHA1 with MGF1."
+ )(generate_rsa_verification_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA1()
- )
-
+ hashes.SHA1(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
-@pytest.mark.supported(
- only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA224()),
- skip_message="Does not support SHA224 with MGF1."
-)
-@pytest.mark.rsa
-class TestRSAPSSMGF1VerificationSHA224(object):
- test_rsa_pss_mgf1_sha224 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha224 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA224()),
+ skip_message="Does not support SHA224 with MGF1."
+ )(generate_rsa_verification_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA224()
- )
-
+ hashes.SHA224(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
-@pytest.mark.supported(
- only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA256()),
- skip_message="Does not support SHA256 with MGF1."
-)
-@pytest.mark.rsa
-class TestRSAPSSMGF1VerificationSHA256(object):
- test_rsa_pss_mgf1_sha256 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha256 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA256()),
+ skip_message="Does not support SHA256 with MGF1."
+ )(generate_rsa_verification_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA256()
- )
+ hashes.SHA256(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+ test_rsa_pss_mgf1_sha384 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA384()),
+ skip_message="Does not support SHA384 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA384(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
-@pytest.mark.supported(
- only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA384()),
- skip_message="Does not support SHA384 with MGF1."
-)
-@pytest.mark.rsa
-class TestRSAPSSMGF1VerificationSHA384(object):
- test_rsa_pss_mgf1_sha384 = generate_rsa_pss_test(
+ test_rsa_pss_mgf1_sha512 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512 with MGF1."
+ )(generate_rsa_verification_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
"SigGenPSS_186-2.rsp",
"SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
],
- hashes.SHA384()
- )
+ hashes.SHA512(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
-@pytest.mark.supported(
- only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA512()),
- skip_message="Does not support SHA512 with MGF1."
-)
@pytest.mark.rsa
-class TestRSAPSSMGF1VerificationSHA512(object):
- test_rsa_pss_mgf1_sha512 = generate_rsa_pss_test(
+class TestRSAPKCS1Verification(object):
+ test_rsa_pkcs1v15_verify_sha1 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
+ skip_message="Does not support SHA1."
+ )(generate_rsa_verification_test(
load_rsa_nist_vectors,
os.path.join("asymmetric", "RSA", "FIPS_186-2"),
[
- "SigGenPSS_186-2.rsp",
- "SigGenPSS_186-3.rsp",
+ "SigVer15_186-3.rsp",
],
- hashes.SHA512()
- )
+ hashes.SHA1(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha224 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
+ skip_message="Does not support SHA224."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA224(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha256 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
+ skip_message="Does not support SHA256."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA256(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha384 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
+ skip_message="Does not support SHA384."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA384(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha512 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA512(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
class TestMGF1(object):