From aa7dacaf53e150d9d6e58224c46b88214f2957df Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 27 Nov 2014 10:40:12 -1000 Subject: add encode_rfc6979_signature and refactor tests to use it --- tests/hazmat/primitives/test_asym_utils.py | 34 ++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 tests/hazmat/primitives/test_asym_utils.py (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py new file mode 100644 index 00000000..f2f8850f --- /dev/null +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -0,0 +1,34 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives.asymmetric.utils import ( + decode_rfc6979_signature, encode_rfc6979_signature +) + + +def test_rfc6979_signature(): + sig = encode_rfc6979_signature(1, 1) + assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" + assert decode_rfc6979_signature(sig) == (1, 1) + + r_s1 = ( + 1037234182290683143945502320610861668562885151617, + 559776156650501990899426031439030258256861634312 + ) + sig2 = encode_rfc6979_signature(*r_s1) + assert sig2 == ( + b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b' + b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08' + ) + assert decode_rfc6979_signature(sig2) == r_s1 + + sig3 = encode_rfc6979_signature(0, 0) + assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00" + assert decode_rfc6979_signature(sig3) == (0, 0) + + sig4 = encode_rfc6979_signature(-1, 0) + assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" + assert decode_rfc6979_signature(sig4) == (-1, 0) -- cgit v1.2.3 From 94a0713e3aa1b2ec4f98fe1eb690ef2160d70fdf Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 30 Nov 2014 09:51:10 -1000 Subject: error if signature has trailing bytes --- tests/hazmat/primitives/test_asym_utils.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index f2f8850f..f8a67b68 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -4,6 +4,8 @@ from __future__ import absolute_import, division, print_function +import pytest + from cryptography.hazmat.primitives.asymmetric.utils import ( decode_rfc6979_signature, encode_rfc6979_signature ) @@ -32,3 +34,8 @@ def test_rfc6979_signature(): sig4 = encode_rfc6979_signature(-1, 0) assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" assert decode_rfc6979_signature(sig4) == (-1, 0) + + +def test_decode_rfc6979_trailing_bytes(): + with pytest.raises(ValueError): + decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00") -- cgit v1.2.3 From 73251faf2cb043dc9795b46c98c7084482d2aed2 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 6 Dec 2014 23:17:23 -0600 Subject: catch PyAsn1Error when decoding rfc6979 signature --- tests/hazmat/primitives/test_asym_utils.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index f8a67b68..640b5b3d 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -39,3 +39,8 @@ def test_rfc6979_signature(): def test_decode_rfc6979_trailing_bytes(): with pytest.raises(ValueError): decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00") + + +def test_decode_rfc6979_invalid_asn1(): + with pytest.raises(ValueError): + decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01") -- cgit v1.2.3 From ae6db32351447bf41b809ea4b18f17641724dac1 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 7 Dec 2014 10:41:34 -0600 Subject: add comment describing how the ASN.1 sequence in a test is invalid --- tests/hazmat/primitives/test_asym_utils.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index 640b5b3d..1a945f3a 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -43,4 +43,6 @@ def test_decode_rfc6979_trailing_bytes(): def test_decode_rfc6979_invalid_asn1(): with pytest.raises(ValueError): + # This byte sequence has an invalid ASN.1 sequence length as well as + # an invalid integer length for the second integer. decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01") -- cgit v1.2.3 From a43964a0e90d7788b81521c9e7b949cdc2b555a0 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 7 Dec 2014 11:44:04 -0600 Subject: catch PyAsn1Error for encoding signature as well --- tests/hazmat/primitives/test_asym_utils.py | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index 1a945f3a..3598f78a 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -36,6 +36,14 @@ def test_rfc6979_signature(): assert decode_rfc6979_signature(sig4) == (-1, 0) +def test_encode_rfc6979_non_integer(): + with pytest.raises(ValueError): + encode_rfc6979_signature("h", 3) + encode_rfc6979_signature(3, "h") + encode_rfc6979_signature(3.3, 1.2) + encode_rfc6979_signature("hello", "world") + + def test_decode_rfc6979_trailing_bytes(): with pytest.raises(ValueError): decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00") -- cgit v1.2.3 From 6a4342c18ca0507f3d1842591553bddac6eb9189 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 7 Dec 2014 13:52:39 -0600 Subject: directly test r, s for integer-ness --- tests/hazmat/primitives/test_asym_utils.py | 1 + 1 file changed, 1 insertion(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index 3598f78a..9403669c 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -39,6 +39,7 @@ def test_rfc6979_signature(): def test_encode_rfc6979_non_integer(): with pytest.raises(ValueError): encode_rfc6979_signature("h", 3) + encode_rfc6979_signature("3", "2") encode_rfc6979_signature(3, "h") encode_rfc6979_signature(3.3, 1.2) encode_rfc6979_signature("hello", "world") -- cgit v1.2.3 From ac4d5f2249de136cbfef72aa650dcc4703b67851 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 7 Dec 2014 17:44:29 -0600 Subject: Stupid mistake number one billion. --- tests/hazmat/primitives/test_asym_utils.py | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'tests/hazmat/primitives/test_asym_utils.py') diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index 9403669c..bf55bad8 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -39,9 +39,17 @@ def test_rfc6979_signature(): def test_encode_rfc6979_non_integer(): with pytest.raises(ValueError): encode_rfc6979_signature("h", 3) + + with pytest.raises(ValueError): encode_rfc6979_signature("3", "2") + + with pytest.raises(ValueError): encode_rfc6979_signature(3, "h") + + with pytest.raises(ValueError): encode_rfc6979_signature(3.3, 1.2) + + with pytest.raises(ValueError): encode_rfc6979_signature("hello", "world") -- cgit v1.2.3