aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/primitives/__init__.py0
-rw-r--r--tests/primitives/test_block.py59
-rw-r--r--tests/primitives/test_ciphers.py29
-rw-r--r--tests/primitives/test_nist.py196
4 files changed, 284 insertions, 0 deletions
diff --git a/tests/primitives/__init__.py b/tests/primitives/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/tests/primitives/__init__.py
diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py
new file mode 100644
index 00000000..799e5f03
--- /dev/null
+++ b/tests/primitives/test_block.py
@@ -0,0 +1,59 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import binascii
+
+import pytest
+
+from cryptography.primitives.block import BlockCipher, ciphers, modes
+
+
+class TestBlockCipher(object):
+ def test_cipher_name(self):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(b"0" * 32)),
+ modes.CBC(binascii.unhexlify(b"0" * 32))
+ )
+ assert cipher.name == "AES-128-CBC"
+
+ def test_use_after_finalize(self):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(b"0" * 32)),
+ modes.CBC(binascii.unhexlify(b"0" * 32))
+ )
+ cipher.encrypt(b"a" * 16)
+ cipher.finalize()
+ with pytest.raises(ValueError):
+ cipher.encrypt(b"b" * 16)
+ with pytest.raises(ValueError):
+ cipher.finalize()
+
+ def test_encrypt_with_invalid_operation(self):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(b"0" * 32)),
+ modes.CBC(binascii.unhexlify(b"0" * 32))
+ )
+ cipher._operation = "decrypt"
+
+ with pytest.raises(ValueError):
+ cipher.encrypt(b"b" * 16)
+
+ def test_finalize_with_invalid_operation(self):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(b"0" * 32)),
+ modes.CBC(binascii.unhexlify(b"0" * 32))
+ )
+ cipher._operation = "wat"
+
+ with pytest.raises(ValueError):
+ cipher.encrypt(b"b" * 16)
diff --git a/tests/primitives/test_ciphers.py b/tests/primitives/test_ciphers.py
new file mode 100644
index 00000000..31b4275e
--- /dev/null
+++ b/tests/primitives/test_ciphers.py
@@ -0,0 +1,29 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import binascii
+
+import pytest
+
+from cryptography.primitives.block.ciphers import AES
+
+
+class TestAES(object):
+ @pytest.mark.parametrize(("key", "keysize"), [
+ (b"0" * 32, 128),
+ (b"0" * 48, 192),
+ (b"0" * 64, 256),
+ ])
+ def test_key_size(self, key, keysize):
+ cipher = AES(binascii.unhexlify(key))
+ assert cipher.key_size == keysize
diff --git a/tests/primitives/test_nist.py b/tests/primitives/test_nist.py
new file mode 100644
index 00000000..8b63665c
--- /dev/null
+++ b/tests/primitives/test_nist.py
@@ -0,0 +1,196 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Test using the NIST Test Vectors
+"""
+import binascii
+import os
+
+import pytest
+
+from cryptography.primitives.block import BlockCipher, ciphers, modes
+
+from ..utils import load_nist_vectors_from_file
+
+
+def parameterize_kat_encrypt(fname):
+ return pytest.mark.parametrize(("key", "iv", "plaintext", "ciphertext"),
+ load_nist_vectors_from_file(
+ os.path.join("AES/KAT/", fname),
+ "ENCRYPT",
+ ["key", "iv", "plaintext", "ciphertext"],
+ ),
+ )
+
+
+def paramterize_mmt_encrypt(fname):
+ return pytest.mark.parametrize(("key", "iv", "plaintext", "ciphertext"),
+ load_nist_vectors_from_file(
+ os.path.join("AES/MMT", fname),
+ "ENCRYPT",
+ ["key", "iv", "plaintext", "ciphertext"],
+ )
+ )
+
+
+class TestAES_CBC(object):
+ @parameterize_kat_encrypt("CBCGFSbox128.rsp")
+ def test_KAT_GFSbox_128_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCGFSbox192.rsp")
+ def test_KAT_GFSbox_192_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCGFSbox256.rsp")
+ def test_KAT_GFSbox_256_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCKeySbox128.rsp")
+ def test_KAT_KeySbox_128_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCKeySbox192.rsp")
+ def test_KAT_KeySbox_192_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCKeySbox256.rsp")
+ def test_KAT_KeySbox_256_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarKey128.rsp")
+ def test_KAT_VarKey_128_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarKey192.rsp")
+ def test_KAT_VarKey_192_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarKey256.rsp")
+ def test_KAT_VarKey_256_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarTxt128.rsp")
+ def test_KAT_VarTxt_128_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarTxt192.rsp")
+ def test_KAT_VarTxt_192_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @parameterize_kat_encrypt("CBCVarTxt256.rsp")
+ def test_KAT_VarTxt_256_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @paramterize_mmt_encrypt("CBCMMT128.rsp")
+ def test_MMT_128_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @paramterize_mmt_encrypt("CBCMMT192.rsp")
+ def test_MMT_192_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
+
+ @paramterize_mmt_encrypt("CBCMMT256.rsp")
+ def test_MMT_256_encrypt(self, key, iv, plaintext, ciphertext):
+ cipher = BlockCipher(
+ ciphers.AES(binascii.unhexlify(key)),
+ modes.CBC(binascii.unhexlify(iv)),
+ )
+ actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext))
+ actual_ciphertext += cipher.finalize()
+ assert binascii.hexlify(actual_ciphertext) == ciphertext
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-05 12:57:34 +0000