2 files changed, 91 insertions, 0 deletions

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index ce77ce2f..be1e76e2 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -20,6 +20,7 @@ from cryptography.hazmat.backends.interfaces import (
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import hashes, hmac
+from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 
 
@@ -85,6 +86,9 @@ class DummyRSABackend(object):
     def generate_rsa_private_key(self, public_exponent, private_key):
         pass
 
+    def create_rsa_signature_ctx(self, private_key, padding, algorithm):
+        pass
+
 
 class TestMultiBackend(object):
     def test_ciphers(self):
@@ -158,6 +162,13 @@ class TestMultiBackend(object):
             key_size=1024, public_exponent=65537
         )
 
+        backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(),
+                                         hashes.MD5())
+
         backend = MultiBackend([])
         with pytest.raises(UnsupportedAlgorithm):
             backend.generate_rsa_private_key(key_size=1024, public_exponent=3)
+
+        with pytest.raises(UnsupportedAlgorithm):
+            backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(),
+                                             hashes.MD5())
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index df3a70f5..647c51b4 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -14,16 +14,25 @@
 
 from __future__ import absolute_import, division, print_function
 
+import binascii
 import itertools
 import os
 
 import pytest
 
+from cryptography import exceptions, utils
+from cryptography.hazmat.primitives import hashes, interfaces
 from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.asymmetric import padding
 
 from ...utils import load_pkcs1_vectors, load_vectors_from_file
 
 
+@utils.register_interface(interfaces.AsymmetricPadding)
+class DummyPadding(object):
+    name = "UNSUPPORTED-PADDING"
+
+
 def _modinv(e, m):
     """
     Modular Multiplicative Inverse.  Returns x such that: (x*e) mod m == 1
@@ -55,6 +64,17 @@ def _check_rsa_private_key(skey):
     assert skey.key_size == pkey.key_size
 
 
+def _flatten_pkcs1_examples(vectors):
+    flattened_vectors = []
+    for vector in vectors:
+        examples = vector[0].pop("examples")
+        for example in examples:
+            merged_vector = (vector[0], vector[1], example)
+            flattened_vectors.append(merged_vector)
+
+    return flattened_vectors
+
+
 def test_modular_inverse():
     p = int(
         "d1f9f6c09fd3d38987f7970247b85a6da84907753d42ec52bc23b745093f4fff5cff3"
@@ -363,3 +383,63 @@ class TestRSA(object):
         # Test a public_exponent that is not odd.
         with pytest.raises(ValueError):
             rsa.RSAPublicKey(public_exponent=6, modulus=15)
+
+
+@pytest.mark.rsa
+class TestRSASignature(object):
+    @pytest.mark.parametrize(
+        "pkcs1_example",
+        _flatten_pkcs1_examples(load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "RSA", "pkcs1v15sign-vectors.txt"),
+            load_pkcs1_vectors
+        ))
+    )
+    def test_pkcs1v15_signing(self, pkcs1_example, backend):
+        private, public, example = pkcs1_example
+        private_key = rsa.RSAPrivateKey(
+            p=private["p"],
+            q=private["q"],
+            private_exponent=private["private_exponent"],
+            dmp1=private["dmp1"],
+            dmq1=private["dmq1"],
+            iqmp=private["iqmp"],
+            public_exponent=private["public_exponent"],
+            modulus=private["modulus"]
+        )
+        signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend)
+        signer.update(binascii.unhexlify(example["message"]))
+        signature = signer.finalize()
+        assert binascii.hexlify(signature) == example["signature"]
+
+    def test_use_after_finalize(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
+        signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend)
+        signer.update(b"sign me")
+        signer.finalize()
+        with pytest.raises(exceptions.AlreadyFinalized):
+            signer.finalize()
+        with pytest.raises(exceptions.AlreadyFinalized):
+            signer.update(b"more data")
+
+    def test_unsupported_padding(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
+        with pytest.raises(exceptions.UnsupportedPadding):
+            private_key.signer(DummyPadding(), hashes.SHA1(), backend)
+
+    def test_padding_incorrect_type(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
+        with pytest.raises(TypeError):
+            private_key.signer("notpadding", hashes.SHA1(), backend)