From 587e5a24b5eb56c060fd1d374c1a5d3c8671efec Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 7 May 2014 19:55:44 -0700 Subject: Add load_rsa_numbers to the RSABackend interface. --- cryptography/hazmat/backends/interfaces.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py index ba02bbd2..19d6fb70 100644 --- a/cryptography/hazmat/backends/interfaces.py +++ b/cryptography/hazmat/backends/interfaces.py @@ -142,6 +142,11 @@ class RSABackend(object): generation. """ + def load_rsa_numbers(self, numbers): + """ + Returns an RSAPrivateKey provider. + """ + @six.add_metaclass(abc.ABCMeta) class DSABackend(object): -- cgit v1.2.3 From eeb5fbc368d05de41121893a7c536fcc59a5a6bd Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 7 May 2014 19:57:07 -0700 Subject: Implement load_rsa_numbers on the openssl backend. --- cryptography/hazmat/backends/openssl/backend.py | 18 ++ tests/hazmat/primitives/test_rsa.py | 248 ++++++++++++++++++++++++ 2 files changed, 266 insertions(+) diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 4112f0e5..e5870f3e 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -377,6 +377,24 @@ class Backend(object): return (public_exponent >= 3 and public_exponent & 1 != 0 and key_size >= 512) + def load_rsa_numbers(self, numbers): + if isinstance(numbers, rsa.RSAPublicNumbers): + return rsa.RSAPublicKey( + public_exponent=numbers.e, + modulus=numbers.n + ) + elif isinstance(numbers, rsa.RSAPrivateNumbers): + return rsa.RSAPrivateKey( + p=numbers.p, + q=numbers.q, + private_exponent=numbers.d, + dmp1=numbers.dmp1, + dmq1=numbers.dmq1, + iqmp=numbers.iqmp, + public_exponent=numbers.public_numbers.e, + modulus=numbers.public_numbers.n + ) + def _new_evp_pkey(self): evp_pkey = self._lib.EVP_PKEY_new() assert evp_pkey != self._ffi.NULL diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index ba668bff..a1652594 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1666,6 +1666,7 @@ class TestRSAEncryption(object): ) +@pytest.mark.rsa class TestRSANumbers(object): def test_rsa_public_numbers(self): public_numbers = rsa.RSAPublicNumbers(e=1, n=15) @@ -1778,3 +1779,250 @@ class TestRSANumbers(object): iqmp=2, public_numbers=None ) + + def test_invalid_public_numbers_argument_values(self, backend): + # Start with public_exponent=7, modulus=15. Then change one value at a + # time to test the bounds. + + # Test a modulus < 3. + + with pytest.raises(ValueError): + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=7, n=2)) + + # Test a public_exponent < 3 + with pytest.raises(ValueError): + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=1, n=15)) + + # Test a public_exponent > modulus + with pytest.raises(ValueError): + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=17, n=15)) + + # Test a public_exponent that is not odd. + with pytest.raises(ValueError): + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=16, n=15)) + + def test_invalid_private_numbers_argument_values(self, backend): + # Start with p=3, q=11, private_exponent=3, public_exponent=7, + # modulus=33, dmp1=1, dmq1=3, iqmp=2. Then change one value at + # a time to test the bounds. + + # Test a modulus < 3. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=2 + ) + ) + ) + + # Test a modulus != p * q. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=35 + ) + ) + ) + + # Test a p > modulus. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=37, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a q > modulus. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=37, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a dmp1 > modulus. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=35, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a dmq1 > modulus. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=35, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test an iqmp > modulus. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=35, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a private_exponent > modulus + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=37, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a public_exponent < 3 + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=1, + n=33 + ) + ) + ) + + # Test a public_exponent > modulus + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=35, + public_numbers=rsa.RSAPublicNumbers( + e=65537, + n=33 + ) + ) + ) + + # Test a public_exponent that is not odd. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=6, + n=33 + ) + ) + ) + + # Test a dmp1 that is not odd. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=2, + dmq1=3, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) + + # Test a dmq1 that is not odd. + with pytest.raises(ValueError): + backend.load_rsa_numbers( + rsa.RSAPrivateNumbers( + p=3, + q=11, + d=3, + dmp1=1, + dmq1=4, + iqmp=2, + public_numbers=rsa.RSAPublicNumbers( + e=7, + n=33 + ) + ) + ) -- cgit v1.2.3 From 6bca12ffdac94bc3ad0865c27ead1f5e9bba5325 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 8 May 2014 10:09:37 -0700 Subject: Add load_rsa_numbers support to MultiBackend. --- cryptography/hazmat/backends/multibackend.py | 7 +++++++ tests/hazmat/backends/test_multibackend.py | 11 ++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index b4cb6889..5acec333 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -178,6 +178,13 @@ class MultiBackend(object): raise UnsupportedAlgorithm("RSA is not supported by the backend.", _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + def load_rsa_numbers(self, numbers): + for b in self._filtered_backends(RSABackend): + return b.load_rsa_numbers(numbers) + + raise UnsupportedAlgorithm("RSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + def generate_dsa_parameters(self, key_size): for b in self._filtered_backends(DSABackend): return b.generate_dsa_parameters(key_size) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 3fa364e2..d4c89be3 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -23,7 +23,7 @@ from cryptography.hazmat.backends.interfaces import ( ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac -from cryptography.hazmat.primitives.asymmetric import padding +from cryptography.hazmat.primitives.asymmetric import padding, rsa from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from ...utils import raises_unsupported_algorithm @@ -111,6 +111,8 @@ class DummyRSABackend(object): pass def encrypt_rsa(self, public_key, plaintext, padding): + + def load_rsa_numbers(self, numbers): pass @@ -236,6 +238,8 @@ class TestMultiBackend(object): backend.decrypt_rsa("private_key", "encrypted", padding.PKCS1v15()) + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=3, n=1)) + backend = MultiBackend([]) with raises_unsupported_algorithm( _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM @@ -279,6 +283,11 @@ class TestMultiBackend(object): ): backend.decrypt_rsa("private_key", "encrypted", padding.PKCS1v15()) + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=3, n=1)) + def test_dsa(self): backend = MultiBackend([ DummyDSABackend() -- cgit v1.2.3 From 68b509a399b5d24b6e6fe1b707096928a8483c9a Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 8 May 2014 10:31:51 -0700 Subject: Document the backend interface. --- docs/hazmat/backends/interfaces.rst | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index c1ce621a..341fdc34 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -315,12 +315,28 @@ A specific ``backend`` may provide one or more of these interfaces. :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` provider. +<<<<<<< HEAD :return bytes: The encrypted data. :raises cryptography.exceptions.UnsupportedAlgorithm: If an unsupported MGF, hash function, or padding is chosen. :raises ValueError: When plaintext is too long for the key size. +======= + .. method:: load_rsa_numbers(numbers): + + :param numbers: An instance of + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` or + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicNumbers`. + + :returns: A provider of + :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` or + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` + depending on if it's input was an + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` or + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicNumbers`. + +>>>>>>> 70cf9ba... Document the backend interface. .. class:: TraditionalOpenSSLSerializationBackend -- cgit v1.2.3 From 576a15393fd3efb1512926c5ce1884b602104539 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 28 May 2014 14:00:41 -0700 Subject: Resolve conflict. --- docs/hazmat/backends/interfaces.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index 341fdc34..c7d5667d 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -315,14 +315,13 @@ A specific ``backend`` may provide one or more of these interfaces. :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` provider. -<<<<<<< HEAD :return bytes: The encrypted data. :raises cryptography.exceptions.UnsupportedAlgorithm: If an unsupported MGF, hash function, or padding is chosen. :raises ValueError: When plaintext is too long for the key size. -======= + .. method:: load_rsa_numbers(numbers): :param numbers: An instance of @@ -336,7 +335,6 @@ A specific ``backend`` may provide one or more of these interfaces. :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` or :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicNumbers`. ->>>>>>> 70cf9ba... Document the backend interface. .. class:: TraditionalOpenSSLSerializationBackend -- cgit v1.2.3 From 30cbba7a13e4352fae4949c0924768866de3d049 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 28 May 2014 14:44:58 -0700 Subject: Semantic conflict resolution anyone? --- tests/hazmat/backends/test_multibackend.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index d4c89be3..b399837d 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -111,7 +111,8 @@ class DummyRSABackend(object): pass def encrypt_rsa(self, public_key, plaintext, padding): - + pass + def load_rsa_numbers(self, numbers): pass -- cgit v1.2.3 From 85936b2fbf496b8a93b71557573583985276bc29 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 28 May 2014 14:58:06 -0700 Subject: Remove trailing whitespace --- tests/hazmat/backends/test_multibackend.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index b399837d..71755f91 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -112,7 +112,7 @@ class DummyRSABackend(object): def encrypt_rsa(self, public_key, plaintext, padding): pass - + def load_rsa_numbers(self, numbers): pass -- cgit v1.2.3 From a674afef93a23d5cf85e6c86e8c007cc338c37d5 Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 30 May 2014 14:15:29 -0700 Subject: Split load_rsa_numbers into load_rsa_private_numbers and load_rsa_public_numbers. --- cryptography/hazmat/backends/interfaces.py | 9 ++++++- cryptography/hazmat/backends/multibackend.py | 11 ++++++-- cryptography/hazmat/backends/openssl/backend.py | 34 ++++++++++++------------- docs/hazmat/backends/interfaces.rst | 19 ++++++++------ tests/hazmat/backends/test_multibackend.py | 16 +++++++++--- tests/hazmat/primitives/test_rsa.py | 34 ++++++++++++------------- 6 files changed, 75 insertions(+), 48 deletions(-) diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py index 19d6fb70..524e0a5b 100644 --- a/cryptography/hazmat/backends/interfaces.py +++ b/cryptography/hazmat/backends/interfaces.py @@ -142,11 +142,18 @@ class RSABackend(object): generation. """ - def load_rsa_numbers(self, numbers): + @abc.abstractmethod + def load_rsa_private_numbers(self, numbers): """ Returns an RSAPrivateKey provider. """ + @abc.abstractmethod + def load_rsa_public_numbers(self, numbers): + """ + Returns an RSAPublicKey provider. + """ + @six.add_metaclass(abc.ABCMeta) class DSABackend(object): diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 5acec333..f3c79376 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -178,9 +178,16 @@ class MultiBackend(object): raise UnsupportedAlgorithm("RSA is not supported by the backend.", _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) - def load_rsa_numbers(self, numbers): + def load_rsa_private_numbers(self, numbers): for b in self._filtered_backends(RSABackend): - return b.load_rsa_numbers(numbers) + return b.load_rsa_private_numbers(numbers) + + raise UnsupportedAlgorithm("RSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + + def load_rsa_public_numbers(self, numbers): + for b in self._filtered_backends(RSABackend): + return b.load_rsa_public_numbers(numbers) raise UnsupportedAlgorithm("RSA is not supported by the backend", _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index e5870f3e..ffe09663 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -377,23 +377,23 @@ class Backend(object): return (public_exponent >= 3 and public_exponent & 1 != 0 and key_size >= 512) - def load_rsa_numbers(self, numbers): - if isinstance(numbers, rsa.RSAPublicNumbers): - return rsa.RSAPublicKey( - public_exponent=numbers.e, - modulus=numbers.n - ) - elif isinstance(numbers, rsa.RSAPrivateNumbers): - return rsa.RSAPrivateKey( - p=numbers.p, - q=numbers.q, - private_exponent=numbers.d, - dmp1=numbers.dmp1, - dmq1=numbers.dmq1, - iqmp=numbers.iqmp, - public_exponent=numbers.public_numbers.e, - modulus=numbers.public_numbers.n - ) + def load_rsa_private_numbers(self, numbers): + return rsa.RSAPrivateKey( + p=numbers.p, + q=numbers.q, + private_exponent=numbers.d, + dmp1=numbers.dmp1, + dmq1=numbers.dmq1, + iqmp=numbers.iqmp, + public_exponent=numbers.public_numbers.e, + modulus=numbers.public_numbers.n + ) + + def load_rsa_public_numbers(self, numbers): + return rsa.RSAPublicKey( + public_exponent=numbers.e, + modulus=numbers.n + ) def _new_evp_pkey(self): evp_pkey = self._lib.EVP_PKEY_new() diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index c7d5667d..a32829fc 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -322,18 +322,21 @@ A specific ``backend`` may provide one or more of these interfaces. :raises ValueError: When plaintext is too long for the key size. - .. method:: load_rsa_numbers(numbers): + .. method:: load_rsa_private_numbers(numbers): :param numbers: An instance of - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` or - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicNumbers`. + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers`. :returns: A provider of - :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` or - :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` - depending on if it's input was an - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` or - :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicNumbers`. + :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey`. + + .. method:: load_rsa_public_numbers(numbers): + + :param numbers: An instance of + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers`. + + :returns: A provider of + :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey`. .. class:: TraditionalOpenSSLSerializationBackend diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 71755f91..5a624204 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -113,7 +113,10 @@ class DummyRSABackend(object): def encrypt_rsa(self, public_key, plaintext, padding): pass - def load_rsa_numbers(self, numbers): + def load_rsa_private_numbers(self, numbers): + pass + + def load_rsa_public_numbers(self, numbers): pass @@ -239,7 +242,9 @@ class TestMultiBackend(object): backend.decrypt_rsa("private_key", "encrypted", padding.PKCS1v15()) - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=3, n=1)) + backend.load_rsa_private_numbers("private_numbers") + + backend.load_rsa_public_numbers("public_numbers") backend = MultiBackend([]) with raises_unsupported_algorithm( @@ -287,7 +292,12 @@ class TestMultiBackend(object): with raises_unsupported_algorithm( _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM ): - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=3, n=1)) + backend.load_rsa_private_numbers("private_numbers") + + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.load_rsa_public_numbers("public_numbers") def test_dsa(self): backend = MultiBackend([ diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index a1652594..a76c0ec2 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1787,19 +1787,19 @@ class TestRSANumbers(object): # Test a modulus < 3. with pytest.raises(ValueError): - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=7, n=2)) + backend.load_rsa_public_numbers(rsa.RSAPublicNumbers(e=7, n=2)) # Test a public_exponent < 3 with pytest.raises(ValueError): - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=1, n=15)) + backend.load_rsa_public_numbers(rsa.RSAPublicNumbers(e=1, n=15)) # Test a public_exponent > modulus with pytest.raises(ValueError): - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=17, n=15)) + backend.load_rsa_public_numbers(rsa.RSAPublicNumbers(e=17, n=15)) # Test a public_exponent that is not odd. with pytest.raises(ValueError): - backend.load_rsa_numbers(rsa.RSAPublicNumbers(e=16, n=15)) + backend.load_rsa_public_numbers(rsa.RSAPublicNumbers(e=16, n=15)) def test_invalid_private_numbers_argument_values(self, backend): # Start with p=3, q=11, private_exponent=3, public_exponent=7, @@ -1808,7 +1808,7 @@ class TestRSANumbers(object): # Test a modulus < 3. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1825,7 +1825,7 @@ class TestRSANumbers(object): # Test a modulus != p * q. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1842,7 +1842,7 @@ class TestRSANumbers(object): # Test a p > modulus. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=37, q=11, @@ -1859,7 +1859,7 @@ class TestRSANumbers(object): # Test a q > modulus. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=37, @@ -1876,7 +1876,7 @@ class TestRSANumbers(object): # Test a dmp1 > modulus. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1893,7 +1893,7 @@ class TestRSANumbers(object): # Test a dmq1 > modulus. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1910,7 +1910,7 @@ class TestRSANumbers(object): # Test an iqmp > modulus. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1927,7 +1927,7 @@ class TestRSANumbers(object): # Test a private_exponent > modulus with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1944,7 +1944,7 @@ class TestRSANumbers(object): # Test a public_exponent < 3 with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1961,7 +1961,7 @@ class TestRSANumbers(object): # Test a public_exponent > modulus with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1978,7 +1978,7 @@ class TestRSANumbers(object): # Test a public_exponent that is not odd. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -1995,7 +1995,7 @@ class TestRSANumbers(object): # Test a dmp1 that is not odd. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, @@ -2012,7 +2012,7 @@ class TestRSANumbers(object): # Test a dmq1 that is not odd. with pytest.raises(ValueError): - backend.load_rsa_numbers( + backend.load_rsa_private_numbers( rsa.RSAPrivateNumbers( p=3, q=11, -- cgit v1.2.3 From 414e2f7410f7aeded99be1740f252a49956cd496 Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 30 May 2014 14:33:03 -0700 Subject: pep8 --- tests/hazmat/backends/test_multibackend.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 5a624204..93d58483 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -23,7 +23,7 @@ from cryptography.hazmat.backends.interfaces import ( ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac -from cryptography.hazmat.primitives.asymmetric import padding, rsa +from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from ...utils import raises_unsupported_algorithm -- cgit v1.2.3 From c57a3761004b364347c9c5d5ce9736b94f7af3d3 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 3 Jun 2014 13:27:50 -0700 Subject: Document the valueerror these might raise. --- docs/hazmat/backends/interfaces.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index a32829fc..769ab989 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -330,6 +330,10 @@ A specific ``backend`` may provide one or more of these interfaces. :returns: A provider of :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey`. + :raises ValueError: This is raised when the values of ``p``, ``q``, + ``private_exponent``, ``public_exponent``, or ``modulus`` do not + match the bounds specified in :rfc:`3447`. + .. method:: load_rsa_public_numbers(numbers): :param numbers: An instance of @@ -338,6 +342,10 @@ A specific ``backend`` may provide one or more of these interfaces. :returns: A provider of :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey`. + :raises ValueError: This is raised when the values of + ``public_exponent`` or ``modulus`` do not match the bounds + specified in :rfc:`3447`. + .. class:: TraditionalOpenSSLSerializationBackend -- cgit v1.2.3 From da76ae019e98ef8580b9568bdd59fd27121ff432 Mon Sep 17 00:00:00 2001 From: David Reid Date: Tue, 3 Jun 2014 14:01:18 -0700 Subject: Document UnsupportedAlgorithm in a super vague way. --- docs/hazmat/backends/interfaces.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index 769ab989..1a2603bc 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -334,6 +334,9 @@ A specific ``backend`` may provide one or more of these interfaces. ``private_exponent``, ``public_exponent``, or ``modulus`` do not match the bounds specified in :rfc:`3447`. + :raises cryptography.exceptions.UnsupportedAlgorithm: This raised when + any backend specific criteria are not met. + .. method:: load_rsa_public_numbers(numbers): :param numbers: An instance of @@ -346,6 +349,9 @@ A specific ``backend`` may provide one or more of these interfaces. ``public_exponent`` or ``modulus`` do not match the bounds specified in :rfc:`3447`. + :raises cryptography.exceptions.UnsupportedAlgorithm: This raised when + any backend specific criteria are not met. + .. class:: TraditionalOpenSSLSerializationBackend -- cgit v1.2.3