aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives/test_aes.py
Commit message (Collapse)AuthorAgeFilesLines
* Add support for AES XTS (#3900)Paul Kehrer2017-10-011-1/+35
| | | | | | | | | | | | | | | | | | | | | | | | * Add support for AES XTS We drop the non-byte aligned test vectors because according to NIST http://csrc.nist.gov/groups/STM/cavp/documents/aes/XTSVS.pdf "An implementation may support a data unit length that is not a multiple of 8 bits." OpenSSL does not support this, so we can't use those test vectors. * fix docs and pep8 * docs fix * the spellchecker is so frustrating * add note about AES 192 for XTS (it's not supported) * docs work * enforce key length on ECB mode in AES as well (thanks XTS) * a few more words about why we exclude some test vectors for XTS
* Removed branches that are now unused (#3589)Alex Gaynor2017-05-241-3/+0
|
* use openssl constants (#3534)Paul Kehrer2017-05-031-6/+15
|
* postpone GCM authentication tag requirement until finalization (#3421)Philipp Gesang2017-05-021-0/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * postpone GCM authentication tag requirement until finalization Add a .finalize_with_tag() variant of the .finalize() function of the GCM context. At the same time, do not enforce the requirement of supplying the tag with the mode ctor. This facilitates streamed decryption when the MAC is appended to the ciphertext and cannot be efficiently retrieved ahead of decryption. According to the GCM spec (section 7.2: “Algorithm for the Authenticated Decryption Function”), the tag itself is not needed until the ciphertext has been decrypted. Addresses #3380 Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com> * disallow delayed GCM tag passing for legacy OpenSSL Old versions of Ubuntu supported by Cryptography ship a v1.0.1 of OpenSSL which is no longer supported by upstream. This library seems to cause erratic test failures with the delayed GCM tag functionality which are not reproducible outside the CI. Unfortunately OpenSSL v1.0.1 does not even document the required API (``EVP_EncryptInit(3)``) so there is no by-the-book fix. For backends of version 1.0.1 and earlier, verify the GCM tag at the same stage as before. Also, indicate to the user that late passing of GCM tags is unsupported by throwing ``NotImplementedError`` for these backend versions if - the method ``finalize_with_tag()`` is invoked, or - the mode ctor is called without passing a tag. Unit tests have been adapted to account for different backend versions.
* pass bytes to modes/algorithms like we shouldPaul Kehrer2016-03-071-6/+6
|
* do the same simplification to the aad testPaul Kehrer2015-07-011-3/+1
|
* add missing test, simplify encrypted byte near limit calculationPaul Kehrer2015-07-011-3/+15
|
* add additional increment testsPaul Kehrer2015-07-011-8/+18
|
* put the AAD and encrypted byte limit checks in the parent contextPaul Kehrer2015-07-011-0/+30
|
* Update the license header for every source file, as well as the documentation.Alex Gaynor2014-11-161-12/+3
| | | | Fixes #1209
* Change how we represented that a test requires a backend.Alex Gaynor2014-10-231-7/+8
| | | | This way is more extensible and requires less maintaince
* resolve GCM tag issue with AAD only on OpenSSL 1.0.1 in Ubuntu 12.04Paul Kehrer2014-09-121-4/+4
|
* moved GCM tests to be run against all backends, added radar bug numbersPaul Kehrer2014-09-111-1/+34
|
* Simplify code and add testAlex Gaynor2014-06-301-2/+2
|
* Fixes #1200 -- disallow GCM truncation by defaultAlex Gaynor2014-06-291-1/+1
|
* add CFB8 support for AES/3DES on CommonCrypto and OpenSSL backendsPaul Kehrer2014-05-151-0/+33
|
* import order fixes for future automated checkingPaul Kehrer2014-03-191-1/+1
|
* updates to make the project pep8-naming cleanPaul Kehrer2014-02-241-6/+6
|
* Reformat AES CTR vectors to use NIST loader & document their source properlyPaul Kehrer2014-02-151-4/+2
|
* refactor all tests to use mark instead of generator skipsPaul Kehrer2013-12-261-25/+52
|
* correct import stylePaul Kehrer2013-12-241-0/+1
|
* add all the markers to the testsPaul Kehrer2013-12-241-0/+2
|
* add more skip check lambdasPaul Kehrer2013-12-231-0/+16
|
* use both kwargs and named args in lambdas for clarityPaul Kehrer2013-12-211-9/+9
|
* don't modify params on parametrized testsPaul Kehrer2013-12-201-10/+10
| | | | | multiple backends receive the same params dicts, but we were modifying them using pop.
* GCM supportPaul Kehrer2013-11-291-1/+20
|
* Also remove teh ciphers specific classAlex Gaynor2013-11-131-1/+1
|
* Remove separate file loaders and replace with onePaul Kehrer2013-11-111-6/+6
| | | | All tests updated to work with the new simplified loader
* Ignore the sections of the NIST filesAlex Gaynor2013-11-111-4/+4
|
* block cipher renamePaul Kehrer2013-11-061-7/+7
| | | | | | * block renamed to ciphers * ciphers renamed to algorithms * base moved into algorithms
* simplify some test class structurePaul Kehrer2013-10-311-13/+1
|
* update tests for new test vector locationsPaul Kehrer2013-10-311-45/+9
|
* move around the tests to organize by cipherPaul Kehrer2013-10-301-0/+182
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-15 14:51:36 +0000