aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat
diff options
context:
space:
mode:
Diffstat (limited to 'tests/hazmat')
-rw-r--r--tests/hazmat/backends/test_openssl.py21
-rw-r--r--tests/hazmat/bindings/test_commoncrypto.py32
-rw-r--r--tests/hazmat/bindings/test_openssl.py3
-rw-r--r--tests/hazmat/primitives/test_block.py37
-rw-r--r--tests/hazmat/primitives/test_cast5.py41
-rw-r--r--tests/hazmat/primitives/test_ciphers.py15
-rw-r--r--tests/hazmat/primitives/test_hash_vectors.py16
-rw-r--r--tests/hazmat/primitives/test_hashes.py16
-rw-r--r--tests/hazmat/primitives/test_hmac.py2
-rw-r--r--tests/hazmat/primitives/test_hmac_vectors.py14
10 files changed, 118 insertions, 79 deletions
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index b7d999b8..51eb408f 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -119,6 +119,9 @@ def unregister_dummy_engine():
class DummyMode(object):
name = "dummy-mode"
+ def validate_for_algorithm(self, algorithm):
+ pass
+
@utils.register_interface(interfaces.CipherAlgorithm)
class DummyCipher(object):
@@ -185,6 +188,24 @@ class TestOpenSSL(object):
0
)
+ def test_ssl_ciphers_registered(self):
+ meth = backend._lib.TLSv1_method()
+ ctx = backend._lib.SSL_CTX_new(meth)
+ assert ctx != backend._ffi.NULL
+ backend._lib.SSL_CTX_free(ctx)
+
+ def test_evp_ciphers_registered(self):
+ cipher = backend._lib.EVP_get_cipherbyname(b"aes-256-cbc")
+ assert cipher != backend._ffi.NULL
+
+ def test_error_strings_loaded(self):
+ # returns a value in a static buffer
+ err = backend._lib.ERR_error_string(101183626, backend._ffi.NULL)
+ assert backend._ffi.string(err) == (
+ b"error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:"
+ b"data not multiple of block length"
+ )
+
# This test is not in the next class because to check if it's really
# default we don't want to run the setup_method before it
def test_osrandom_engine_is_default(self):
diff --git a/tests/hazmat/bindings/test_commoncrypto.py b/tests/hazmat/bindings/test_commoncrypto.py
new file mode 100644
index 00000000..db3d1b74
--- /dev/null
+++ b/tests/hazmat/bindings/test_commoncrypto.py
@@ -0,0 +1,32 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import pytest
+
+from cryptography.hazmat.bindings.commoncrypto.binding import Binding
+
+
+@pytest.mark.skipif(not Binding.is_available(),
+ reason="CommonCrypto not available")
+class TestCommonCrypto(object):
+ def test_binding_loads(self):
+ binding = Binding()
+ assert binding
+ assert binding.lib
+ assert binding.ffi
+
+ def test_binding_returns_same_lib(self):
+ binding = Binding()
+ binding2 = Binding()
+ assert binding.lib == binding2.lib
+ assert binding.ffi == binding2.ffi
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
index 31f736ab..d1e85058 100644
--- a/tests/hazmat/bindings/test_openssl.py
+++ b/tests/hazmat/bindings/test_openssl.py
@@ -20,3 +20,6 @@ class TestOpenSSL(object):
assert binding
assert binding.lib
assert binding.ffi
+
+ def test_is_available(self):
+ assert Binding.is_available() is True
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py
index 30cf1d60..f758ffaa 100644
--- a/tests/hazmat/primitives/test_block.py
+++ b/tests/hazmat/primitives/test_block.py
@@ -35,6 +35,9 @@ from .utils import (
class DummyMode(object):
name = "dummy-mode"
+ def validate_for_algorithm(self, algorithm):
+ pass
+
@utils.register_interface(interfaces.CipherAlgorithm)
class DummyCipher(object):
@@ -152,3 +155,37 @@ class TestAEADCipherContext(object):
algorithms.AES,
modes.GCM,
)
+
+
+class TestModeValidation(object):
+ def test_cbc(self, backend):
+ with pytest.raises(ValueError):
+ Cipher(
+ algorithms.AES(b"\x00" * 16),
+ modes.CBC(b"abc"),
+ backend,
+ )
+
+ def test_ofb(self, backend):
+ with pytest.raises(ValueError):
+ Cipher(
+ algorithms.AES(b"\x00" * 16),
+ modes.OFB(b"abc"),
+ backend,
+ )
+
+ def test_cfb(self, backend):
+ with pytest.raises(ValueError):
+ Cipher(
+ algorithms.AES(b"\x00" * 16),
+ modes.CFB(b"abc"),
+ backend,
+ )
+
+ def test_ctr(self, backend):
+ with pytest.raises(ValueError):
+ Cipher(
+ algorithms.AES(b"\x00" * 16),
+ modes.CTR(b"abc"),
+ backend,
+ )
diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py
deleted file mode 100644
index d65a86b2..00000000
--- a/tests/hazmat/primitives/test_cast5.py
+++ /dev/null
@@ -1,41 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from __future__ import absolute_import, division, print_function
-
-import binascii
-import os
-
-import pytest
-
-from cryptography.hazmat.primitives.ciphers import algorithms, modes
-
-from .utils import generate_encrypt_test
-from ...utils import load_nist_vectors
-
-
-@pytest.mark.supported(
- only_if=lambda backend: backend.cipher_supported(
- algorithms.CAST5("\x00" * 16), modes.ECB()
- ),
- skip_message="Does not support CAST5 ECB",
-)
-@pytest.mark.cipher
-class TestCAST5(object):
- test_ECB = generate_encrypt_test(
- load_nist_vectors,
- os.path.join("ciphers", "CAST5"),
- ["cast5-ecb.txt"],
- lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
- lambda **kwargs: modes.ECB(),
- )
diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py
index 653f7ce6..6a7b2f93 100644
--- a/tests/hazmat/primitives/test_ciphers.py
+++ b/tests/hazmat/primitives/test_ciphers.py
@@ -18,7 +18,7 @@ import binascii
import pytest
from cryptography.hazmat.primitives.ciphers.algorithms import (
- AES, Camellia, TripleDES, Blowfish, CAST5, ARC4
+ AES, Camellia, TripleDES, Blowfish, ARC4
)
@@ -80,19 +80,6 @@ class TestBlowfish(object):
Blowfish(binascii.unhexlify(b"0" * 6))
-class TestCAST5(object):
- @pytest.mark.parametrize(("key", "keysize"), [
- (b"0" * (keysize // 4), keysize) for keysize in range(40, 129, 8)
- ])
- def test_key_size(self, key, keysize):
- cipher = CAST5(binascii.unhexlify(key))
- assert cipher.key_size == keysize
-
- def test_invalid_key_size(self):
- with pytest.raises(ValueError):
- CAST5(binascii.unhexlify(b"0" * 34))
-
-
class TestARC4(object):
@pytest.mark.parametrize(("key", "keysize"), [
(b"0" * 10, 40),
diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py
index 13ffc3fd..ca97fc11 100644
--- a/tests/hazmat/primitives/test_hash_vectors.py
+++ b/tests/hazmat/primitives/test_hash_vectors.py
@@ -24,7 +24,7 @@ from ...utils import load_hash_vectors
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA1),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
skip_message="Does not support SHA1",
)
@pytest.mark.hash
@@ -41,7 +41,7 @@ class TestSHA1(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA224),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
skip_message="Does not support SHA224",
)
@pytest.mark.hash
@@ -58,7 +58,7 @@ class TestSHA224(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA256),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
skip_message="Does not support SHA256",
)
@pytest.mark.hash
@@ -75,7 +75,7 @@ class TestSHA256(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA384),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
skip_message="Does not support SHA384",
)
@pytest.mark.hash
@@ -92,7 +92,7 @@ class TestSHA384(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA512),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
skip_message="Does not support SHA512",
)
@pytest.mark.hash
@@ -109,7 +109,7 @@ class TestSHA512(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()),
skip_message="Does not support RIPEMD160",
)
@pytest.mark.hash
@@ -130,7 +130,7 @@ class TestRIPEMD160(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()),
skip_message="Does not support Whirlpool",
)
@pytest.mark.hash
@@ -153,7 +153,7 @@ class TestWhirlpool(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5()),
skip_message="Does not support MD5",
)
@pytest.mark.hash
diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py
index c907ef61..9ca2feee 100644
--- a/tests/hazmat/primitives/test_hashes.py
+++ b/tests/hazmat/primitives/test_hashes.py
@@ -70,7 +70,7 @@ class TestHashContext(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA1),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
skip_message="Does not support SHA1",
)
@pytest.mark.hash
@@ -83,7 +83,7 @@ class TestSHA1(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA224),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
skip_message="Does not support SHA224",
)
@pytest.mark.hash
@@ -96,7 +96,7 @@ class TestSHA224(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA256),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
skip_message="Does not support SHA256",
)
@pytest.mark.hash
@@ -109,7 +109,7 @@ class TestSHA256(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA384),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
skip_message="Does not support SHA384",
)
@pytest.mark.hash
@@ -122,7 +122,7 @@ class TestSHA384(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.SHA512),
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
skip_message="Does not support SHA512",
)
@pytest.mark.hash
@@ -135,7 +135,7 @@ class TestSHA512(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()),
skip_message="Does not support RIPEMD160",
)
@pytest.mark.hash
@@ -148,7 +148,7 @@ class TestRIPEMD160(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.Whirlpool),
+ only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()),
skip_message="Does not support Whirlpool",
)
@pytest.mark.hash
@@ -161,7 +161,7 @@ class TestWhirlpool(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hash_supported(hashes.MD5),
+ only_if=lambda backend: backend.hash_supported(hashes.MD5()),
skip_message="Does not support MD5",
)
@pytest.mark.hash
diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py
index 04913af6..dd9cdaab 100644
--- a/tests/hazmat/primitives/test_hmac.py
+++ b/tests/hazmat/primitives/test_hmac.py
@@ -34,7 +34,7 @@ class UnsupportedDummyHash(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.MD5),
+ only_if=lambda backend: backend.hmac_supported(hashes.MD5()),
skip_message="Does not support MD5",
)
@pytest.mark.hmac
diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py
index c5644459..0792080b 100644
--- a/tests/hazmat/primitives/test_hmac_vectors.py
+++ b/tests/hazmat/primitives/test_hmac_vectors.py
@@ -22,7 +22,7 @@ from ...utils import load_hash_vectors
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.MD5),
+ only_if=lambda backend: backend.hmac_supported(hashes.MD5()),
skip_message="Does not support MD5",
)
@pytest.mark.hmac
@@ -38,7 +38,7 @@ class TestHMAC_MD5(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.SHA1),
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA1()),
skip_message="Does not support SHA1",
)
@pytest.mark.hmac
@@ -54,7 +54,7 @@ class TestHMAC_SHA1(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.SHA224),
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA224()),
skip_message="Does not support SHA224",
)
@pytest.mark.hmac
@@ -70,7 +70,7 @@ class TestHMAC_SHA224(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.SHA256),
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA256()),
skip_message="Does not support SHA256",
)
@pytest.mark.hmac
@@ -86,7 +86,7 @@ class TestHMAC_SHA256(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.SHA384),
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA384()),
skip_message="Does not support SHA384",
)
@pytest.mark.hmac
@@ -102,7 +102,7 @@ class TestHMAC_SHA384(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.SHA512),
+ only_if=lambda backend: backend.hmac_supported(hashes.SHA512()),
skip_message="Does not support SHA512",
)
@pytest.mark.hmac
@@ -118,7 +118,7 @@ class TestHMAC_SHA512(object):
@pytest.mark.supported(
- only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160),
+ only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160()),
skip_message="Does not support RIPEMD160",
)
@pytest.mark.hmac
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-07 16:17:30 +0000