aboutsummaryrefslogtreecommitdiffstats
path: root/tests/primitives
diff options
context:
space:
mode:
Diffstat (limited to 'tests/primitives')
-rw-r--r--tests/primitives/test_block.py20
-rw-r--r--tests/primitives/test_ciphers.py17
-rw-r--r--tests/primitives/test_cryptrec.py42
-rw-r--r--tests/primitives/test_nist.py171
-rw-r--r--tests/primitives/test_openssl_vectors.py73
-rw-r--r--tests/primitives/test_utils.py14
-rw-r--r--tests/primitives/utils.py42
-rw-r--r--tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt4
-rw-r--r--tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt4
-rw-r--r--tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt5
10 files changed, 265 insertions, 127 deletions
diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py
index 774409ca..f4d3f467 100644
--- a/tests/primitives/test_block.py
+++ b/tests/primitives/test_block.py
@@ -23,17 +23,17 @@ from cryptography.primitives.block.base import _Operation
class TestBlockCipher(object):
- def test_cipher_name(self):
- cipher = BlockCipher(
+ def test_instantiate_without_api(self):
+ BlockCipher(
ciphers.AES(binascii.unhexlify(b"0" * 32)),
modes.CBC(binascii.unhexlify(b"0" * 32))
)
- assert cipher.name == "AES-128-CBC"
- def test_use_after_finalize(self):
+ def test_use_after_finalize(self, api):
cipher = BlockCipher(
ciphers.AES(binascii.unhexlify(b"0" * 32)),
- modes.CBC(binascii.unhexlify(b"0" * 32))
+ modes.CBC(binascii.unhexlify(b"0" * 32)),
+ api
)
cipher.encrypt(b"a" * 16)
cipher.finalize()
@@ -42,20 +42,22 @@ class TestBlockCipher(object):
with pytest.raises(ValueError):
cipher.finalize()
- def test_encrypt_with_invalid_operation(self):
+ def test_encrypt_with_invalid_operation(self, api):
cipher = BlockCipher(
ciphers.AES(binascii.unhexlify(b"0" * 32)),
- modes.CBC(binascii.unhexlify(b"0" * 32))
+ modes.CBC(binascii.unhexlify(b"0" * 32)),
+ api
)
cipher._operation = _Operation.decrypt
with pytest.raises(ValueError):
cipher.encrypt(b"b" * 16)
- def test_finalize_with_invalid_operation(self):
+ def test_finalize_with_invalid_operation(self, api):
cipher = BlockCipher(
ciphers.AES(binascii.unhexlify(b"0" * 32)),
- modes.CBC(binascii.unhexlify(b"0" * 32))
+ modes.CBC(binascii.unhexlify(b"0" * 32)),
+ api
)
cipher._operation = pretend.stub(name="wat")
diff --git a/tests/primitives/test_ciphers.py b/tests/primitives/test_ciphers.py
index 5ee9f223..27d35850 100644
--- a/tests/primitives/test_ciphers.py
+++ b/tests/primitives/test_ciphers.py
@@ -17,7 +17,7 @@ import binascii
import pytest
-from cryptography.primitives.block.ciphers import AES
+from cryptography.primitives.block.ciphers import AES, Camellia
class TestAES(object):
@@ -33,3 +33,18 @@ class TestAES(object):
def test_invalid_key_size(self):
with pytest.raises(ValueError):
AES(binascii.unhexlify(b"0" * 12))
+
+
+class TestCamellia(object):
+ @pytest.mark.parametrize(("key", "keysize"), [
+ (b"0" * 32, 128),
+ (b"0" * 48, 192),
+ (b"0" * 64, 256),
+ ])
+ def test_key_size(self, key, keysize):
+ cipher = Camellia(binascii.unhexlify(key))
+ assert cipher.key_size == keysize
+
+ def test_invalid_key_size(self):
+ with pytest.raises(ValueError):
+ Camellia(binascii.unhexlify(b"0" * 12))
diff --git a/tests/primitives/test_cryptrec.py b/tests/primitives/test_cryptrec.py
new file mode 100644
index 00000000..edf97652
--- /dev/null
+++ b/tests/primitives/test_cryptrec.py
@@ -0,0 +1,42 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Tests using the CRYPTREC (Camellia) Test Vectors
+"""
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+import os
+
+from cryptography.primitives.block import ciphers, modes
+
+from .utils import generate_encrypt_test
+from ..utils import load_cryptrec_vectors_from_file
+
+
+class TestCamelliaECB(object):
+ test_NTT = generate_encrypt_test(
+ load_cryptrec_vectors_from_file,
+ os.path.join("Camellia", "NTT"),
+ [
+ "camellia-128-ecb.txt",
+ "camellia-192-ecb.txt",
+ "camellia-256-ecb.txt"
+ ],
+ lambda key: ciphers.Camellia(binascii.unhexlify((key))),
+ lambda key: modes.ECB(),
+ only_if=lambda api: api.supports_cipher("camellia-128-ecb"),
+ skip_message="Does not support Camellia ECB",
+ )
diff --git a/tests/primitives/test_nist.py b/tests/primitives/test_nist.py
index 1e5d2396..d97b207b 100644
--- a/tests/primitives/test_nist.py
+++ b/tests/primitives/test_nist.py
@@ -18,33 +18,18 @@ Test using the NIST Test Vectors
from __future__ import absolute_import, division, print_function
import binascii
-import itertools
import os
-import pytest
-
-from cryptography.primitives.block import BlockCipher, ciphers, modes
+from cryptography.primitives.block import ciphers, modes
+from .utils import generate_encrypt_test
from ..utils import load_nist_vectors_from_file
-def parameterize_encrypt_test(cipher, vector_type, params, fnames):
- return pytest.mark.parametrize(params,
- list(itertools.chain.from_iterable(
- load_nist_vectors_from_file(
- os.path.join(cipher, vector_type, fname),
- "ENCRYPT",
- params
- )
- for fname in fnames
- ))
- )
-
-
class TestAES_CBC(object):
- @parameterize_encrypt_test(
- "AES", "KAT",
- ("key", "iv", "plaintext", "ciphertext"),
+ test_KAT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "KAT"),
[
"CBCGFSbox128.rsp",
"CBCGFSbox192.rsp",
@@ -58,40 +43,28 @@ class TestAES_CBC(object):
"CBCVarTxt128.rsp",
"CBCVarTxt192.rsp",
"CBCVarTxt256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
)
- def test_KAT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.CBC(binascii.unhexlify(iv)),
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
-
- @parameterize_encrypt_test(
- "AES", "MMT",
- ("key", "iv", "plaintext", "ciphertext"),
+
+ test_MMT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "MMT"),
[
"CBCMMT128.rsp",
"CBCMMT192.rsp",
"CBCMMT256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
)
- def test_MMT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.CBC(binascii.unhexlify(iv)),
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
class TestAES_ECB(object):
- @parameterize_encrypt_test(
- "AES", "KAT",
- ("key", "plaintext", "ciphertext"),
+ test_KAT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "KAT"),
[
"ECBGFSbox128.rsp",
"ECBGFSbox192.rsp",
@@ -105,40 +78,28 @@ class TestAES_ECB(object):
"ECBVarTxt128.rsp",
"ECBVarTxt192.rsp",
"ECBVarTxt256.rsp",
- ]
+ ],
+ lambda key: ciphers.AES(binascii.unhexlify(key)),
+ lambda key: modes.ECB(),
)
- def test_KAT(self, key, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.ECB()
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
-
- @parameterize_encrypt_test(
- "AES", "MMT",
- ("key", "plaintext", "ciphertext"),
+
+ test_MMT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "MMT"),
[
"ECBMMT128.rsp",
"ECBMMT192.rsp",
"ECBMMT256.rsp",
- ]
+ ],
+ lambda key: ciphers.AES(binascii.unhexlify(key)),
+ lambda key: modes.ECB(),
)
- def test_MMT(self, key, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.ECB()
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
class TestAES_OFB(object):
- @parameterize_encrypt_test(
- "AES", "KAT",
- ("key", "iv", "plaintext", "ciphertext"),
+ test_KAT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "KAT"),
[
"OFBGFSbox128.rsp",
"OFBGFSbox192.rsp",
@@ -152,40 +113,28 @@ class TestAES_OFB(object):
"OFBVarTxt128.rsp",
"OFBVarTxt192.rsp",
"OFBVarTxt256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
)
- def test_KAT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.OFB(binascii.unhexlify(iv))
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
-
- @parameterize_encrypt_test(
- "AES", "MMT",
- ("key", "iv", "plaintext", "ciphertext"),
+
+ test_MMT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "MMT"),
[
"OFBMMT128.rsp",
"OFBMMT192.rsp",
"OFBMMT256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
)
- def test_MMT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.OFB(binascii.unhexlify(iv))
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
class TestAES_CFB(object):
- @parameterize_encrypt_test(
- "AES", "KAT",
- ("key", "iv", "plaintext", "ciphertext"),
+ test_KAT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "KAT"),
[
"CFB128GFSbox128.rsp",
"CFB128GFSbox192.rsp",
@@ -199,31 +148,19 @@ class TestAES_CFB(object):
"CFB128VarTxt128.rsp",
"CFB128VarTxt192.rsp",
"CFB128VarTxt256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
)
- def test_KAT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.CFB(binascii.unhexlify(iv))
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
-
- @parameterize_encrypt_test(
- "AES", "MMT",
- ("key", "iv", "plaintext", "ciphertext"),
+
+ test_MMT = generate_encrypt_test(
+ lambda path: load_nist_vectors_from_file(path, "ENCRYPT"),
+ os.path.join("AES", "MMT"),
[
"CFB128MMT128.rsp",
"CFB128MMT192.rsp",
"CFB128MMT256.rsp",
- ]
+ ],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
)
- def test_MMT(self, key, iv, plaintext, ciphertext):
- cipher = BlockCipher(
- ciphers.AES(binascii.unhexlify(key)),
- modes.CFB(binascii.unhexlify(iv))
- )
- actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
- actual_ciphertext += cipher.finalize()
- assert binascii.hexlify(actual_ciphertext) == ciphertext
diff --git a/tests/primitives/test_openssl_vectors.py b/tests/primitives/test_openssl_vectors.py
new file mode 100644
index 00000000..5b2be784
--- /dev/null
+++ b/tests/primitives/test_openssl_vectors.py
@@ -0,0 +1,73 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Test using the OpenSSL Test Vectors
+"""
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+
+from cryptography.primitives.block import ciphers, modes
+
+from .utils import generate_encrypt_test
+from ..utils import load_openssl_vectors_from_file
+
+
+class TestCamelliaCBC(object):
+ test_OpenSSL = generate_encrypt_test(
+ load_openssl_vectors_from_file,
+ "Camellia",
+ ["camellia-cbc.txt"],
+ lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)),
+ lambda key, iv: modes.CBC(binascii.unhexlify(iv)),
+ only_if=lambda api: api.supports_cipher("camellia-128-cbc"),
+ skip_message="Does not support Camellia CBC",
+ )
+
+
+class TestCamelliaOFB(object):
+ test_OpenSSL = generate_encrypt_test(
+ load_openssl_vectors_from_file,
+ "Camellia",
+ ["camellia-ofb.txt"],
+ lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)),
+ lambda key, iv: modes.OFB(binascii.unhexlify(iv)),
+ only_if=lambda api: api.supports_cipher("camellia-128-ofb"),
+ skip_message="Does not support Camellia OFB",
+ )
+
+
+class TestCamelliaCFB(object):
+ test_OpenSSL = generate_encrypt_test(
+ load_openssl_vectors_from_file,
+ "Camellia",
+ ["camellia-cfb.txt"],
+ lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)),
+ lambda key, iv: modes.CFB(binascii.unhexlify(iv)),
+ only_if=lambda api: api.supports_cipher("camellia-128-cfb"),
+ skip_message="Does not support Camellia CFB",
+ )
+
+
+class TestAESCTR(object):
+ test_OpenSSL = generate_encrypt_test(
+ load_openssl_vectors_from_file,
+ "AES",
+ ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"],
+ lambda key, iv: ciphers.AES(binascii.unhexlify(key)),
+ lambda key, iv: modes.CTR(binascii.unhexlify(iv)),
+ only_if=lambda api: api.supports_cipher("aes-128-ctr"),
+ skip_message="Does not support AES CTR",
+ )
diff --git a/tests/primitives/test_utils.py b/tests/primitives/test_utils.py
new file mode 100644
index 00000000..4666ece7
--- /dev/null
+++ b/tests/primitives/test_utils.py
@@ -0,0 +1,14 @@
+import pytest
+
+from .utils import encrypt_test
+
+
+class TestEncryptTest(object):
+ def test_skips_if_only_if_returns_false(self):
+ with pytest.raises(pytest.skip.Exception) as exc_info:
+ encrypt_test(
+ None, None, None, None,
+ only_if=lambda api: False,
+ skip_message="message!"
+ )
+ assert exc_info.value.args[0] == "message!"
diff --git a/tests/primitives/utils.py b/tests/primitives/utils.py
new file mode 100644
index 00000000..3cf08c28
--- /dev/null
+++ b/tests/primitives/utils.py
@@ -0,0 +1,42 @@
+import binascii
+import os
+
+import pytest
+
+from cryptography.bindings import _ALL_APIS
+from cryptography.primitives.block import BlockCipher
+
+
+def generate_encrypt_test(param_loader, path, file_names, cipher_factory,
+ mode_factory, only_if=lambda api: True,
+ skip_message=None):
+ def test_encryption(self):
+ for api in _ALL_APIS:
+ for file_name in file_names:
+ for params in param_loader(os.path.join(path, file_name)):
+ yield (
+ encrypt_test,
+ api,
+ cipher_factory,
+ mode_factory,
+ params,
+ only_if,
+ skip_message
+ )
+ return test_encryption
+
+
+def encrypt_test(api, cipher_factory, mode_factory, params, only_if,
+ skip_message):
+ if not only_if(api):
+ pytest.skip(skip_message)
+ plaintext = params.pop("plaintext")
+ ciphertext = params.pop("ciphertext")
+ cipher = BlockCipher(
+ cipher_factory(**params),
+ mode_factory(**params),
+ api
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert actual_ciphertext == binascii.unhexlify(ciphertext)
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt
new file mode 100644
index 00000000..f4ce15eb
--- /dev/null
+++ b/tests/primitives/vectors/OpenSSL/AES/aes-128-ctr.txt
@@ -0,0 +1,4 @@
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt
new file mode 100644
index 00000000..9e166fc4
--- /dev/null
+++ b/tests/primitives/vectors/OpenSSL/AES/aes-192-ctr.txt
@@ -0,0 +1,4 @@
+# AES Counter test vectors from RFC3686
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
diff --git a/tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt b/tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt
new file mode 100644
index 00000000..d4998750
--- /dev/null
+++ b/tests/primitives/vectors/OpenSSL/AES/aes-256-ctr.txt
@@ -0,0 +1,5 @@
+# AES Counter test vectors from RFC3686
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-03 22:54:32 +0000