diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/bindings/test_openssl.py | 10 | ||||
| -rw-r--r-- | tests/primitives/test_block.py | 56 | ||||
| -rw-r--r-- | tests/primitives/test_ciphers.py | 17 | ||||
| -rw-r--r-- | tests/primitives/test_cryptrec.py | 4 | ||||
| -rw-r--r-- | tests/primitives/test_hashes.py | 15 | ||||
| -rw-r--r-- | tests/primitives/test_nist.py | 90 | ||||
| -rw-r--r-- | tests/primitives/test_openssl_vectors.py | 16 | ||||
| -rw-r--r-- | tests/primitives/test_utils.py | 5 | ||||
| -rw-r--r-- | tests/primitives/utils.py | 13 | ||||
| -rw-r--r-- | tests/test_utils.py | 10 |
10 files changed, 197 insertions, 39 deletions
diff --git a/tests/bindings/test_openssl.py b/tests/bindings/test_openssl.py index e5b78d18..bf201e4d 100644 --- a/tests/bindings/test_openssl.py +++ b/tests/bindings/test_openssl.py @@ -11,7 +11,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +import pytest + from cryptography.bindings.openssl.api import api +from cryptography.primitives.block.ciphers import AES +from cryptography.primitives.block.modes import CBC class TestOpenSSL(object): @@ -30,4 +34,8 @@ class TestOpenSSL(object): assert api.openssl_version_text().startswith("OpenSSL") def test_supports_cipher(self): - assert api.supports_cipher("not-a-real-cipher") is False + assert api.supports_cipher(None, None) is False + + def test_register_duplicate_cipher_adapter(self): + with pytest.raises(ValueError): + api.register_cipher_adapter(AES, CBC, None) diff --git a/tests/primitives/test_block.py b/tests/primitives/test_block.py index 9f5905bf..5e147a79 100644 --- a/tests/primitives/test_block.py +++ b/tests/primitives/test_block.py @@ -15,11 +15,10 @@ from __future__ import absolute_import, division, print_function import binascii -import pretend import pytest +from cryptography.primitives import interfaces from cryptography.primitives.block import BlockCipher, ciphers, modes -from cryptography.primitives.block.base import _Operation class TestBlockCipher(object): @@ -29,40 +28,42 @@ class TestBlockCipher(object): modes.CBC(binascii.unhexlify(b"0" * 32)) ) - def test_use_after_finalize(self, api): + def test_creates_encryptor(self): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)), - api + modes.CBC(binascii.unhexlify(b"0" * 32)) ) - cipher.encrypt(b"a" * 16) - cipher.finalize() - with pytest.raises(ValueError): - cipher.encrypt(b"b" * 16) - with pytest.raises(ValueError): - cipher.finalize() + assert isinstance(cipher.encryptor(), interfaces.CipherContext) - def test_encrypt_with_invalid_operation(self, api): + def test_creates_decryptor(self): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), - modes.CBC(binascii.unhexlify(b"0" * 32)), - api + modes.CBC(binascii.unhexlify(b"0" * 32)) ) - cipher._operation = _Operation.decrypt + assert isinstance(cipher.decryptor(), interfaces.CipherContext) - with pytest.raises(ValueError): - cipher.encrypt(b"b" * 16) - def test_finalize_with_invalid_operation(self, api): +class TestBlockCipherContext(object): + def test_use_after_finalize(self, api): cipher = BlockCipher( ciphers.AES(binascii.unhexlify(b"0" * 32)), modes.CBC(binascii.unhexlify(b"0" * 32)), api ) - cipher._operation = pretend.stub(name="wat") - + encryptor = cipher.encryptor() + encryptor.update(b"a" * 16) + encryptor.finalize() + with pytest.raises(ValueError): + encryptor.update(b"b" * 16) + with pytest.raises(ValueError): + encryptor.finalize() + decryptor = cipher.decryptor() + decryptor.update(b"a" * 16) + decryptor.finalize() + with pytest.raises(ValueError): + decryptor.update(b"b" * 16) with pytest.raises(ValueError): - cipher.finalize() + decryptor.finalize() def test_unaligned_block_encryption(self, api): cipher = BlockCipher( @@ -70,7 +71,16 @@ class TestBlockCipher(object): modes.ECB(), api ) - ct = cipher.encrypt(b"a" * 15) + encryptor = cipher.encryptor() + ct = encryptor.update(b"a" * 15) assert ct == b"" - ct += cipher.encrypt(b"a" * 65) + ct += encryptor.update(b"a" * 65) assert len(ct) == 80 + ct += encryptor.finalize() + decryptor = cipher.decryptor() + pt = decryptor.update(ct[:3]) + assert pt == b"" + pt += decryptor.update(ct[3:]) + assert len(pt) == 80 + assert pt == b"a" * 80 + decryptor.finalize() diff --git a/tests/primitives/test_ciphers.py b/tests/primitives/test_ciphers.py index 27d35850..17fcdbaf 100644 --- a/tests/primitives/test_ciphers.py +++ b/tests/primitives/test_ciphers.py @@ -17,7 +17,7 @@ import binascii import pytest -from cryptography.primitives.block.ciphers import AES, Camellia +from cryptography.primitives.block.ciphers import AES, Camellia, TripleDES class TestAES(object): @@ -48,3 +48,18 @@ class TestCamellia(object): def test_invalid_key_size(self): with pytest.raises(ValueError): Camellia(binascii.unhexlify(b"0" * 12)) + + +class TestTripleDES(object): + @pytest.mark.parametrize("key", [ + b"0" * 16, + b"0" * 32, + b"0" * 48, + ]) + def test_key_size(self, key): + cipher = TripleDES(binascii.unhexlify(key)) + assert cipher.key_size == 192 + + def test_invalid_key_size(self): + with pytest.raises(ValueError): + TripleDES(binascii.unhexlify(b"0" * 12)) diff --git a/tests/primitives/test_cryptrec.py b/tests/primitives/test_cryptrec.py index edf97652..02a04473 100644 --- a/tests/primitives/test_cryptrec.py +++ b/tests/primitives/test_cryptrec.py @@ -37,6 +37,8 @@ class TestCamelliaECB(object): ], lambda key: ciphers.Camellia(binascii.unhexlify((key))), lambda key: modes.ECB(), - only_if=lambda api: api.supports_cipher("camellia-128-ecb"), + only_if=lambda api: api.supports_cipher( + ciphers.Camellia("\x00" * 16), modes.ECB() + ), skip_message="Does not support Camellia ECB", ) diff --git a/tests/primitives/test_hashes.py b/tests/primitives/test_hashes.py index 901ddabb..03de8916 100644 --- a/tests/primitives/test_hashes.py +++ b/tests/primitives/test_hashes.py @@ -13,11 +13,26 @@ from __future__ import absolute_import, division, print_function +import pytest + +import six + from cryptography.primitives import hashes from .utils import generate_base_hash_test +class TestBaseHash(object): + def test_base_hash_reject_unicode(self, api): + m = hashes.SHA1(api=api) + with pytest.raises(TypeError): + m.update(six.u("\u00FC")) + + def test_base_hash_hexdigest_string_type(self, api): + m = hashes.SHA1(api=api, data=b"") + assert isinstance(m.hexdigest(), str) + + class TestSHA1(object): test_SHA1 = generate_base_hash_test( hashes.SHA1, diff --git a/tests/primitives/test_nist.py b/tests/primitives/test_nist.py index d97b207b..2a32d1bc 100644 --- a/tests/primitives/test_nist.py +++ b/tests/primitives/test_nist.py @@ -164,3 +164,93 @@ class TestAES_CFB(object): lambda key, iv: ciphers.AES(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), ) + + +class TestTripleDES_CBC(object): + test_KAT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "KAT"), + [ + "TCBCinvperm.rsp", + "TCBCpermop.rsp", + "TCBCsubtab.rsp", + "TCBCvarkey.rsp", + "TCBCvartext.rsp", + ], + lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: modes.CBC(binascii.unhexlify(iv)), + ) + + test_MMT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "MMT"), + [ + "TCBCMMT1.rsp", + "TCBCMMT2.rsp", + "TCBCMMT3.rsp", + ], + lambda key1, key2, key3, iv: ( + ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + ), + lambda key1, key2, key3, iv: modes.CBC(binascii.unhexlify(iv)), + ) + + +class TestTripleDES_OFB(object): + test_KAT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "KAT"), + [ + "TOFBpermop.rsp", + "TOFBsubtab.rsp", + "TOFBvarkey.rsp", + "TOFBvartext.rsp", + "TOFBinvperm.rsp", + ], + lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: modes.OFB(binascii.unhexlify(iv)), + ) + + test_MMT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "MMT"), + [ + "TOFBMMT1.rsp", + "TOFBMMT2.rsp", + "TOFBMMT3.rsp", + ], + lambda key1, key2, key3, iv: ( + ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + ), + lambda key1, key2, key3, iv: modes.OFB(binascii.unhexlify(iv)), + ) + + +class TestTripleDES_CFB(object): + test_KAT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "KAT"), + [ + "TCFB64invperm.rsp", + "TCFB64permop.rsp", + "TCFB64subtab.rsp", + "TCFB64varkey.rsp", + "TCFB64vartext.rsp", + ], + lambda keys, iv: ciphers.TripleDES(binascii.unhexlify(keys)), + lambda keys, iv: modes.CFB(binascii.unhexlify(iv)), + ) + + test_MMT = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("3DES", "MMT"), + [ + "TCFB64MMT1.rsp", + "TCFB64MMT2.rsp", + "TCFB64MMT3.rsp", + ], + lambda key1, key2, key3, iv: ( + ciphers.TripleDES(binascii.unhexlify(key1 + key2 + key3)) + ), + lambda key1, key2, key3, iv: modes.CFB(binascii.unhexlify(iv)), + ) diff --git a/tests/primitives/test_openssl_vectors.py b/tests/primitives/test_openssl_vectors.py index 5b2be784..86ff7cad 100644 --- a/tests/primitives/test_openssl_vectors.py +++ b/tests/primitives/test_openssl_vectors.py @@ -32,7 +32,9 @@ class TestCamelliaCBC(object): ["camellia-cbc.txt"], lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), - only_if=lambda api: api.supports_cipher("camellia-128-cbc"), + only_if=lambda api: api.supports_cipher( + ciphers.Camellia("\x00" * 16), modes.CBC("\x00" * 16) + ), skip_message="Does not support Camellia CBC", ) @@ -44,7 +46,9 @@ class TestCamelliaOFB(object): ["camellia-ofb.txt"], lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), - only_if=lambda api: api.supports_cipher("camellia-128-ofb"), + only_if=lambda api: api.supports_cipher( + ciphers.Camellia("\x00" * 16), modes.OFB("\x00" * 16) + ), skip_message="Does not support Camellia OFB", ) @@ -56,7 +60,9 @@ class TestCamelliaCFB(object): ["camellia-cfb.txt"], lambda key, iv: ciphers.Camellia(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), - only_if=lambda api: api.supports_cipher("camellia-128-cfb"), + only_if=lambda api: api.supports_cipher( + ciphers.Camellia("\x00" * 16), modes.CFB("\x00" * 16) + ), skip_message="Does not support Camellia CFB", ) @@ -68,6 +74,8 @@ class TestAESCTR(object): ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"], lambda key, iv: ciphers.AES(binascii.unhexlify(key)), lambda key, iv: modes.CTR(binascii.unhexlify(iv)), - only_if=lambda api: api.supports_cipher("aes-128-ctr"), + only_if=lambda api: api.supports_cipher( + ciphers.AES("\x00" * 16), modes.CTR("\x00" * 16) + ), skip_message="Does not support AES CTR", ) diff --git a/tests/primitives/test_utils.py b/tests/primitives/test_utils.py index 9888309e..6e197923 100644 --- a/tests/primitives/test_utils.py +++ b/tests/primitives/test_utils.py @@ -1,7 +1,8 @@ import pytest -from .utils import (base_hash_test, encrypt_test, hash_test, - long_string_hash_test) +from .utils import ( + base_hash_test, encrypt_test, hash_test, long_string_hash_test +) class TestEncryptTest(object): diff --git a/tests/primitives/utils.py b/tests/primitives/utils.py index a3759b03..91ca36d8 100644 --- a/tests/primitives/utils.py +++ b/tests/primitives/utils.py @@ -37,9 +37,14 @@ def encrypt_test(api, cipher_factory, mode_factory, params, only_if, mode_factory(**params), api ) - actual_ciphertext = cipher.encrypt(binascii.unhexlify(plaintext)) - actual_ciphertext += cipher.finalize() + encryptor = cipher.encryptor() + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() assert actual_ciphertext == binascii.unhexlify(ciphertext) + decryptor = cipher.decryptor() + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) def generate_hash_test(param_loader, path, file_names, hash_cls, @@ -67,6 +72,8 @@ def hash_test(api, hash_cls, params, only_if, skip_message): m = hash_cls(api=api) m.update(binascii.unhexlify(msg)) assert m.hexdigest() == md.replace(" ", "").lower() + digest = hash_cls(api=api, data=binascii.unhexlify(msg)).hexdigest() + assert digest == md.replace(" ", "").lower() def generate_base_hash_test(hash_cls, digest_size, block_size, @@ -115,6 +122,6 @@ def generate_long_string_hash_test(hash_factory, md, only_if=None, def long_string_hash_test(api, hash_factory, md, only_if, skip_message): if only_if is not None and not only_if(api): pytest.skip(skip_message) - m = hash_factory(api) + m = hash_factory(api=api) m.update(b"a" * 1000000) assert m.hexdigest() == md.lower() diff --git a/tests/test_utils.py b/tests/test_utils.py index 3fe9e570..f96cf004 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -15,10 +15,12 @@ import textwrap import pytest -from .utils import (load_nist_vectors, load_nist_vectors_from_file, - load_cryptrec_vectors, load_cryptrec_vectors_from_file, - load_openssl_vectors, load_openssl_vectors_from_file, load_hash_vectors, - load_hash_vectors_from_file) +from .utils import ( + load_nist_vectors, load_nist_vectors_from_file, load_cryptrec_vectors, + load_cryptrec_vectors_from_file, load_openssl_vectors, + load_openssl_vectors_from_file, load_hash_vectors, + load_hash_vectors_from_file +) def test_load_nist_vectors_encrypt(): |