aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives/test_serialization.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/hazmat/primitives/test_serialization.py')
-rw-r--r--tests/hazmat/primitives/test_serialization.py85
1 files changed, 49 insertions, 36 deletions
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index a4a91430..07a8f02e 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -16,15 +16,10 @@ from cryptography.hazmat.backends.interfaces import (
DERSerializationBackend, DSABackend, EllipticCurveBackend,
PEMSerializationBackend, RSABackend
)
-from cryptography.hazmat.primitives import interfaces
-from cryptography.hazmat.primitives.asymmetric import ec
-from cryptography.hazmat.primitives.asymmetric.dsa import (
- DSAParameterNumbers, DSAPublicNumbers
-)
-from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers
+from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
from cryptography.hazmat.primitives.serialization import (
- load_der_private_key, load_der_public_key, load_pem_private_key,
- load_pem_public_key, load_ssh_public_key
+ BestAvailableEncryption, load_der_private_key, load_der_public_key,
+ load_pem_private_key, load_pem_public_key, load_ssh_public_key
)
@@ -57,8 +52,8 @@ class TestDERSerialization(object):
mode="rb"
)
assert key
- assert isinstance(key, interfaces.RSAPrivateKey)
- if isinstance(key, interfaces.RSAPrivateKeyWithNumbers):
+ assert isinstance(key, rsa.RSAPrivateKey)
+ if isinstance(key, rsa.RSAPrivateKeyWithNumbers):
_check_rsa_private_numbers(key.private_numbers())
@pytest.mark.requires_backend_interface(interface=DSABackend)
@@ -80,8 +75,8 @@ class TestDERSerialization(object):
mode="rb"
)
assert key
- assert isinstance(key, interfaces.DSAPrivateKey)
- if isinstance(key, interfaces.DSAPrivateKeyWithNumbers):
+ assert isinstance(key, dsa.DSAPrivateKey)
+ if isinstance(key, dsa.DSAPrivateKeyWithNumbers):
_check_dsa_private_numbers(key.private_numbers())
@pytest.mark.parametrize(
@@ -103,7 +98,7 @@ class TestDERSerialization(object):
)
assert key
- assert isinstance(key, interfaces.EllipticCurvePrivateKey)
+ assert isinstance(key, ec.EllipticCurvePrivateKey)
assert key.curve.name == "secp256r1"
assert key.curve.key_size == 256
@@ -238,6 +233,7 @@ class TestDERSerialization(object):
"asymmetric", "DER_Serialization", "unenc-rsa-pkcs8.pub.der"),
os.path.join(
"asymmetric", "DER_Serialization", "rsa_public_key.der"),
+ os.path.join("asymmetric", "public", "PKCS1", "rsa.pub.der"),
]
)
@pytest.mark.requires_backend_interface(interface=RSABackend)
@@ -250,8 +246,8 @@ class TestDERSerialization(object):
mode="rb"
)
assert key
- assert isinstance(key, interfaces.RSAPublicKey)
- if isinstance(key, interfaces.RSAPublicKeyWithNumbers):
+ assert isinstance(key, rsa.RSAPublicKey)
+ if isinstance(key, rsa.RSAPublicKeyWithNumbers):
numbers = key.public_numbers()
assert numbers.e == 65537
@@ -278,7 +274,7 @@ class TestDERSerialization(object):
mode="rb"
)
assert key
- assert isinstance(key, interfaces.DSAPublicKey)
+ assert isinstance(key, dsa.DSAPublicKey)
@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
def test_load_ec_public_key(self, backend):
@@ -293,7 +289,7 @@ class TestDERSerialization(object):
mode="rb"
)
assert key
- assert isinstance(key, interfaces.EllipticCurvePublicKey)
+ assert isinstance(key, ec.EllipticCurvePublicKey)
assert key.curve.name == "secp256r1"
assert key.curve.key_size == 256
@@ -333,8 +329,8 @@ class TestPEMSerialization(object):
)
assert key
- assert isinstance(key, interfaces.RSAPrivateKey)
- if isinstance(key, interfaces.RSAPrivateKeyWithNumbers):
+ assert isinstance(key, rsa.RSAPrivateKey)
+ if isinstance(key, rsa.RSAPrivateKeyWithNumbers):
_check_rsa_private_numbers(key.private_numbers())
@pytest.mark.parametrize(
@@ -355,8 +351,8 @@ class TestPEMSerialization(object):
)
)
assert key
- assert isinstance(key, interfaces.DSAPrivateKey)
- if isinstance(key, interfaces.DSAPrivateKeyWithNumbers):
+ assert isinstance(key, dsa.DSAPrivateKey)
+ if isinstance(key, dsa.DSAPrivateKeyWithNumbers):
_check_dsa_private_numbers(key.private_numbers())
@pytest.mark.parametrize(
@@ -379,7 +375,7 @@ class TestPEMSerialization(object):
)
assert key
- assert isinstance(key, interfaces.EllipticCurvePrivateKey)
+ assert isinstance(key, ec.EllipticCurvePrivateKey)
assert key.curve.name == "secp256r1"
assert key.curve.key_size == 256
@@ -389,6 +385,7 @@ class TestPEMSerialization(object):
os.path.join("asymmetric", "PKCS8", "unenc-rsa-pkcs8.pub.pem"),
os.path.join(
"asymmetric", "PEM_Serialization", "rsa_public_key.pem"),
+ os.path.join("asymmetric", "public", "PKCS1", "rsa.pub.pem"),
]
)
def test_load_pem_rsa_public_key(self, key_file, backend):
@@ -399,8 +396,8 @@ class TestPEMSerialization(object):
)
)
assert key
- assert isinstance(key, interfaces.RSAPublicKey)
- if isinstance(key, interfaces.RSAPublicKeyWithNumbers):
+ assert isinstance(key, rsa.RSAPublicKey)
+ if isinstance(key, rsa.RSAPublicKeyWithNumbers):
numbers = key.public_numbers()
assert numbers.e == 65537
@@ -421,7 +418,7 @@ class TestPEMSerialization(object):
)
)
assert key
- assert isinstance(key, interfaces.DSAPublicKey)
+ assert isinstance(key, dsa.DSAPublicKey)
@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
def test_load_ec_public_key(self, backend):
@@ -435,7 +432,7 @@ class TestPEMSerialization(object):
)
)
assert key
- assert isinstance(key, interfaces.EllipticCurvePublicKey)
+ assert isinstance(key, ec.EllipticCurvePublicKey)
assert key.curve.name == "secp256r1"
assert key.curve.key_size == 256
@@ -542,7 +539,7 @@ class TestPEMSerialization(object):
)
)
- def test_wrong_format(self, backend):
+ def test_wrong_private_format(self, backend):
key_data = b"---- NOT A KEY ----\n"
with pytest.raises(ValueError):
@@ -555,6 +552,12 @@ class TestPEMSerialization(object):
key_data, b"this password will not be used", backend
)
+ def test_wrong_public_format(self, backend):
+ key_data = b"---- NOT A KEY ----\n"
+
+ with pytest.raises(ValueError):
+ load_pem_public_key(key_data, backend)
+
def test_corrupt_traditional_format(self, backend):
# privkey.pem with a bunch of data missing.
key_data = textwrap.dedent("""\
@@ -762,12 +765,12 @@ class TestPEMSerialization(object):
)
)
assert key
- assert isinstance(key, interfaces.DSAPrivateKey)
+ assert isinstance(key, dsa.DSAPrivateKey)
params = key.parameters()
- assert isinstance(params, interfaces.DSAParameters)
+ assert isinstance(params, dsa.DSAParameters)
- if isinstance(params, interfaces.DSAParametersWithNumbers):
+ if isinstance(params, dsa.DSAParametersWithNumbers):
num = key.private_numbers()
pub = num.public_numbers
parameter_numbers = pub.parameter_numbers
@@ -917,7 +920,7 @@ class TestRSASSHSerialization(object):
key = load_ssh_public_key(ssh_key, backend)
assert key is not None
- assert isinstance(key, interfaces.RSAPublicKey)
+ assert isinstance(key, rsa.RSAPublicKey)
numbers = key.public_numbers()
@@ -934,7 +937,7 @@ class TestRSASSHSerialization(object):
'46F8706AB88DDADBD9E8204D48B87789081E074024C8996783B31'
'7076A98ABF0A2D8550EAF2097D8CCC7BE76EF', 16)
- expected = RSAPublicNumbers(expected_e, expected_n)
+ expected = rsa.RSAPublicNumbers(expected_e, expected_n)
assert numbers == expected
@@ -1017,7 +1020,7 @@ class TestDSSSSHSerialization(object):
key = load_ssh_public_key(ssh_key, backend)
assert key is not None
- assert isinstance(key, interfaces.DSAPublicKey)
+ assert isinstance(key, dsa.DSAPublicKey)
numbers = key.public_numbers()
@@ -1043,9 +1046,9 @@ class TestDSSSSHSerialization(object):
"debb5982fc94d6a8c291f758feae63ad769a5621947221522a2dc31d18ede6f"
"b656", 16
)
- expected = DSAPublicNumbers(
+ expected = dsa.DSAPublicNumbers(
expected_y,
- DSAParameterNumbers(expected_p, expected_q, expected_g)
+ dsa.DSAParameterNumbers(expected_p, expected_q, expected_g)
)
assert numbers == expected
@@ -1062,7 +1065,7 @@ class TestECDSASSHSerialization(object):
b"teIg1TO03/FD9hbpBFgBeix3NrCFPls= root@cloud-server-01"
)
key = load_ssh_public_key(ssh_key, backend)
- assert isinstance(key, interfaces.EllipticCurvePublicKey)
+ assert isinstance(key, ec.EllipticCurvePublicKey)
expected_x = int(
"44196257377740326295529888716212621920056478823906609851236662550"
@@ -1164,3 +1167,13 @@ class TestECDSASSHSerialization(object):
)
with pytest.raises(ValueError):
load_ssh_public_key(ssh_key, backend)
+
+
+class TestKeySerializationEncryptionTypes(object):
+ def test_non_bytes_password(self):
+ with pytest.raises(ValueError):
+ BestAvailableEncryption(object())
+
+ def test_encryption_with_zero_length_password(self):
+ with pytest.raises(ValueError):
+ BestAvailableEncryption(b"")
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-09 00:05:15 +0000