From 9aaeee0dc62189204f38097c815a0913fabe006c Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 30 Apr 2015 14:06:47 -0400 Subject: Add an Elliptic Curve Key Exchange Algorithm(ECDH) The ECDH Key Exchange algorithm as standardized in NIST publication 800-56A Revision 2 Includes tests with vectors from NIST. Signed-off-by: Simo Sorce --- tests/hazmat/backends/test_openssl.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'tests/hazmat/backends/test_openssl.py') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 8fd0d711..13162046 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -534,6 +534,11 @@ class DummyLibrary(object): Cryptography_HAS_EC = 0 +class DummyLibraryECDH(object): + Cryptography_HAS_EC = 1 + Cryptography_HAS_ECDH = 0 + + class TestOpenSSLEllipticCurve(object): def test_elliptic_curve_supported(self, monkeypatch): monkeypatch.setattr(backend, "_lib", DummyLibrary()) @@ -551,6 +556,15 @@ class TestOpenSSLEllipticCurve(object): with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): _sn_to_elliptic_curve(backend, b"fake") + def test_elliptic_curve_exchange_algorithm_supported(self, monkeypatch): + monkeypatch.setattr(backend, "_lib", DummyLibrary()) + + assert backend.elliptic_curve_exchange_algorithm_supported() is False + + monkeypatch.setattr(backend, "_lib", DummyLibraryECDH()) + + assert backend.elliptic_curve_exchange_algorithm_supported() is False + @pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAPEMSerialization(object): -- cgit v1.2.3 From 5cdfba5c8d06ed10510310de03e1df0265a89bcc Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 17 Oct 2015 16:33:04 -0400 Subject: a refactor to the API --- tests/hazmat/backends/test_openssl.py | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) (limited to 'tests/hazmat/backends/test_openssl.py') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 13162046..85331595 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -534,11 +534,6 @@ class DummyLibrary(object): Cryptography_HAS_EC = 0 -class DummyLibraryECDH(object): - Cryptography_HAS_EC = 1 - Cryptography_HAS_ECDH = 0 - - class TestOpenSSLEllipticCurve(object): def test_elliptic_curve_supported(self, monkeypatch): monkeypatch.setattr(backend, "_lib", DummyLibrary()) @@ -558,12 +553,9 @@ class TestOpenSSLEllipticCurve(object): def test_elliptic_curve_exchange_algorithm_supported(self, monkeypatch): monkeypatch.setattr(backend, "_lib", DummyLibrary()) - - assert backend.elliptic_curve_exchange_algorithm_supported() is False - - monkeypatch.setattr(backend, "_lib", DummyLibraryECDH()) - - assert backend.elliptic_curve_exchange_algorithm_supported() is False + assert not backend.elliptic_curve_exchange_algorithm_supported( + ec.ECDH(), ec.SECP256R1() + ) @pytest.mark.requires_backend_interface(interface=RSABackend) -- cgit v1.2.3 From aaf4e8bccd9cac827b5f740371feaa7faeebcb93 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 19 Oct 2015 08:07:43 -0400 Subject: another test --- tests/hazmat/backends/test_openssl.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests/hazmat/backends/test_openssl.py') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 85331595..3ccc54c8 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -557,6 +557,13 @@ class TestOpenSSLEllipticCurve(object): ec.ECDH(), ec.SECP256R1() ) + def test_elliptic_curve_exchange_unsupported_algorithm(self): + key = ec.generate_private_key(ec.SECP256R1(), backend=backend) + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM + ): + key.exchange(None, key.public_key()) + @pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAPEMSerialization(object): -- cgit v1.2.3 From 7a40209a64c800be1b964a0eded2ab1f40accf50 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 19 Oct 2015 08:26:27 -0400 Subject: better place for this test --- tests/hazmat/backends/test_openssl.py | 7 ------- 1 file changed, 7 deletions(-) (limited to 'tests/hazmat/backends/test_openssl.py') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 3ccc54c8..85331595 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -557,13 +557,6 @@ class TestOpenSSLEllipticCurve(object): ec.ECDH(), ec.SECP256R1() ) - def test_elliptic_curve_exchange_unsupported_algorithm(self): - key = ec.generate_private_key(ec.SECP256R1(), backend=backend) - with raises_unsupported_algorithm( - _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM - ): - key.exchange(None, key.public_key()) - @pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAPEMSerialization(object): -- cgit v1.2.3