From 9aaeee0dc62189204f38097c815a0913fabe006c Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 30 Apr 2015 14:06:47 -0400 Subject: Add an Elliptic Curve Key Exchange Algorithm(ECDH) The ECDH Key Exchange algorithm as standardized in NIST publication 800-56A Revision 2 Includes tests with vectors from NIST. Signed-off-by: Simo Sorce --- tests/hazmat/primitives/test_ec.py | 94 +++++++++++++++++++++++++++++++++++++- 1 file changed, 93 insertions(+), 1 deletion(-) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 5467464a..c3a99e5d 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -7,6 +7,8 @@ from __future__ import absolute_import, division, print_function import itertools import os +from binascii import hexlify + import pytest from cryptography import exceptions, utils @@ -21,7 +23,8 @@ from cryptography.hazmat.primitives.asymmetric.utils import ( from ...utils import ( load_fips_ecdsa_key_pair_vectors, load_fips_ecdsa_signing_vectors, - load_vectors_from_file, raises_unsupported_algorithm + load_kasvs_ecdh_vectors, load_vectors_from_file, + raises_unsupported_algorithm ) _HASH_TYPES = { @@ -54,6 +57,15 @@ def _skip_curve_unsupported(backend, curve): ) +def _skip_exchange_algorithm_unsupported(backend): + if not backend.elliptic_curve_exchange_algorithm_supported(): + pytest.skip( + "Exchange algorithm is not supported by this backend {0}".format( + backend + ) + ) + + @utils.register_interface(ec.EllipticCurve) class DummyCurve(object): name = "dummy-curve" @@ -749,3 +761,83 @@ class TestECDSAVerification(object): public_key = key.public_key() with pytest.raises(TypeError): public_key.verifier(1234, ec.ECDSA(hashes.SHA256())) + + +class DummyECDHBackend(object): + @classmethod + def elliptic_curve_exchange_algorithm_supported(cls): + return False + + +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) +class TestECDHVectors(object): + + def test_unsupported_ecdh_arguments(self, backend): + with pytest.raises(TypeError): + ec.ECDH(None) + curve = ec.SECP521R1 + _skip_curve_unsupported(backend, curve) + prikey = ec.generate_private_key(curve, backend) + ecdh = ec.ECDH(prikey) + ecdh.compute_key(ecdh.public_key()) + with pytest.raises(TypeError): + ecdh.compute_key(None) + with pytest.raises(exceptions.UnsupportedAlgorithm): + prikey._backend = DummyECDHBackend() + ecdh = ec.ECDH(prikey) + _skip_exchange_algorithm_unsupported(DummyECDHBackend()) + + def key_exchange(self, backend, vector): + key_numbers = vector['IUT'] + peer_numbers = vector['CAVS'] + + prikey = ec.EllipticCurvePrivateNumbers( + key_numbers['d'], + ec.EllipticCurvePublicNumbers( + key_numbers['x'], + key_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ) + ).private_key(backend) + + peerkey = ec.EllipticCurvePrivateNumbers( + peer_numbers['d'], + ec.EllipticCurvePublicNumbers( + peer_numbers['x'], + peer_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ) + ).private_key(backend) + peerpubkey = peerkey.public_key() + + ecdh = ec.ECDH(prikey) + z = ecdh.compute_key(peerpubkey) + + return int(hexlify(z).decode('ascii'), 16) + + @pytest.mark.parametrize( + "vector", + load_vectors_from_file( + os.path.join( + "asymmetric", "ECDH", + "KASValidityTest_ECCStaticUnified_NOKC_ZZOnly_init.fax"), + load_kasvs_ecdh_vectors + ) + ) + def test_key_exchange_with_vectors(self, backend, vector): + _skip_curve_unsupported(backend, ec._CURVE_TYPES[vector['curve']]) + _skip_exchange_algorithm_unsupported(backend) + + try: + z = self.key_exchange(backend, vector) + except ValueError: + assert vector['fail'] is True + + if vector['fail']: + # Errno 7 denotes a changed private key. Errno 8 denotes a changed + # shared key. Both these errors will not cause a failure in the + # exchange but should lead to a non-matching derived shared key. + if vector['errno'] in [7, 8]: + assert z != vector['Z'] + else: + assert z == vector['Z'] -- cgit v1.2.3 From 5cdfba5c8d06ed10510310de03e1df0265a89bcc Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 17 Oct 2015 16:33:04 -0400 Subject: a refactor to the API --- tests/hazmat/primitives/test_ec.py | 94 +++++++++++++++++--------------------- 1 file changed, 41 insertions(+), 53 deletions(-) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index c3a99e5d..2594d5db 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -57,8 +57,10 @@ def _skip_curve_unsupported(backend, curve): ) -def _skip_exchange_algorithm_unsupported(backend): - if not backend.elliptic_curve_exchange_algorithm_supported(): +def _skip_exchange_algorithm_unsupported(backend, algorithm, curve): + if not backend.elliptic_curve_exchange_algorithm_supported( + algorithm, curve + ): pytest.skip( "Exchange algorithm is not supported by this backend {0}".format( backend @@ -771,50 +773,6 @@ class DummyECDHBackend(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) class TestECDHVectors(object): - - def test_unsupported_ecdh_arguments(self, backend): - with pytest.raises(TypeError): - ec.ECDH(None) - curve = ec.SECP521R1 - _skip_curve_unsupported(backend, curve) - prikey = ec.generate_private_key(curve, backend) - ecdh = ec.ECDH(prikey) - ecdh.compute_key(ecdh.public_key()) - with pytest.raises(TypeError): - ecdh.compute_key(None) - with pytest.raises(exceptions.UnsupportedAlgorithm): - prikey._backend = DummyECDHBackend() - ecdh = ec.ECDH(prikey) - _skip_exchange_algorithm_unsupported(DummyECDHBackend()) - - def key_exchange(self, backend, vector): - key_numbers = vector['IUT'] - peer_numbers = vector['CAVS'] - - prikey = ec.EllipticCurvePrivateNumbers( - key_numbers['d'], - ec.EllipticCurvePublicNumbers( - key_numbers['x'], - key_numbers['y'], - ec._CURVE_TYPES[vector['curve']]() - ) - ).private_key(backend) - - peerkey = ec.EllipticCurvePrivateNumbers( - peer_numbers['d'], - ec.EllipticCurvePublicNumbers( - peer_numbers['x'], - peer_numbers['y'], - ec._CURVE_TYPES[vector['curve']]() - ) - ).private_key(backend) - peerpubkey = peerkey.public_key() - - ecdh = ec.ECDH(prikey) - z = ecdh.compute_key(peerpubkey) - - return int(hexlify(z).decode('ascii'), 16) - @pytest.mark.parametrize( "vector", load_vectors_from_file( @@ -825,19 +783,49 @@ class TestECDHVectors(object): ) ) def test_key_exchange_with_vectors(self, backend, vector): - _skip_curve_unsupported(backend, ec._CURVE_TYPES[vector['curve']]) - _skip_exchange_algorithm_unsupported(backend) + _skip_exchange_algorithm_unsupported( + backend, ec.ECDH(), ec._CURVE_TYPES[vector['curve']] + ) + key_numbers = vector['IUT'] try: - z = self.key_exchange(backend, vector) + private_key = ec.EllipticCurvePrivateNumbers( + key_numbers['d'], + ec.EllipticCurvePublicNumbers( + key_numbers['x'], + key_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ) + ).private_key(backend) except ValueError: - assert vector['fail'] is True + # Errno 5 and 6 indicates a bad public key, this doesn't test the + # ECDH code at all + assert vector['fail'] and vector['errno'] in [5, 6] + return - if vector['fail']: + peer_numbers = vector['CAVS'] + try: + peer_pubkey = ec.EllipticCurvePublicNumbers( + peer_numbers['x'], + peer_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ).public_key(backend) + except ValueError: + # Errno 1 and 2 indicates a bad public key, this doesn't test the + # ECDH code at all + assert vector['fail'] and vector['errno'] in [1, 2] + return + + if vector['fail'] and vector['errno'] not in [7, 8]: + with pytest.raises(ValueError): + private_key.exchange(ec.ECDH(), peer_pubkey) + else: + z = private_key.exchange(ec.ECDH(), peer_pubkey) + z = int(hexlify(z).decode('ascii'), 16) # Errno 7 denotes a changed private key. Errno 8 denotes a changed # shared key. Both these errors will not cause a failure in the # exchange but should lead to a non-matching derived shared key. if vector['errno'] in [7, 8]: assert z != vector['Z'] - else: - assert z == vector['Z'] + else: + assert z == vector['Z'] -- cgit v1.2.3 From 4c081ad1fb54dae846a1ade2b15fe15e9ff31b0d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 17 Oct 2015 16:34:33 -0400 Subject: unused --- tests/hazmat/primitives/test_ec.py | 6 ------ 1 file changed, 6 deletions(-) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 2594d5db..13bc11c9 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -765,12 +765,6 @@ class TestECDSAVerification(object): public_key.verifier(1234, ec.ECDSA(hashes.SHA256())) -class DummyECDHBackend(object): - @classmethod - def elliptic_curve_exchange_algorithm_supported(cls): - return False - - @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) class TestECDHVectors(object): @pytest.mark.parametrize( -- cgit v1.2.3 From 799b33f69a8bfd1aaf7f90a81b6ee3fdebc777a1 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 18 Oct 2015 16:59:08 -0400 Subject: be more pro-active in handling invalid keys --- tests/hazmat/primitives/test_ec.py | 50 ++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 23 deletions(-) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 13bc11c9..a634afe8 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -782,33 +782,37 @@ class TestECDHVectors(object): ) key_numbers = vector['IUT'] - try: - private_key = ec.EllipticCurvePrivateNumbers( - key_numbers['d'], - ec.EllipticCurvePublicNumbers( - key_numbers['x'], - key_numbers['y'], - ec._CURVE_TYPES[vector['curve']]() - ) - ).private_key(backend) - except ValueError: - # Errno 5 and 6 indicates a bad public key, this doesn't test the - # ECDH code at all - assert vector['fail'] and vector['errno'] in [5, 6] + private_numbers = ec.EllipticCurvePrivateNumbers( + key_numbers['d'], + ec.EllipticCurvePublicNumbers( + key_numbers['x'], + key_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ) + ) + # Errno 5 and 6 indicates a bad public key, this doesn't test the ECDH + # code at all + if vector['fail'] and vector['errno'] in [5, 6]: + with pytest.raises(ValueError): + private_numbers.private_key(backend) return + else: + private_key = private_numbers.private_key(backend) peer_numbers = vector['CAVS'] - try: - peer_pubkey = ec.EllipticCurvePublicNumbers( - peer_numbers['x'], - peer_numbers['y'], - ec._CURVE_TYPES[vector['curve']]() - ).public_key(backend) - except ValueError: - # Errno 1 and 2 indicates a bad public key, this doesn't test the - # ECDH code at all - assert vector['fail'] and vector['errno'] in [1, 2] + public_numbers = ec.EllipticCurvePublicNumbers( + peer_numbers['x'], + peer_numbers['y'], + ec._CURVE_TYPES[vector['curve']]() + ) + # Errno 1 and 2 indicates a bad public key, this doesn't test the ECDH + # code at all + if vector['fail'] and vector['errno'] in [1, 2]: + with pytest.raises(ValueError): + public_numbers.public_key(backend) return + else: + peer_pubkey = public_numbers.public_key(backend) if vector['fail'] and vector['errno'] not in [7, 8]: with pytest.raises(ValueError): -- cgit v1.2.3 From 7c60ffc621320349f88cf36b12cd087d8bd9b6a3 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 19 Oct 2015 08:04:17 -0400 Subject: removed unused code, and added a test --- tests/hazmat/primitives/test_ec.py | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index a634afe8..6c184522 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -90,6 +90,12 @@ def test_skip_curve_unsupported(backend): _skip_curve_unsupported(backend, DummyCurve()) +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) +def test_skip_exchange_algorithm_unsupported(backend): + with pytest.raises(pytest.skip.Exception): + _skip_exchange_algorithm_unsupported(backend, ec.ECDH(), DummyCurve()) + + def test_ec_numbers(): numbers = ec.EllipticCurvePrivateNumbers( 1, @@ -814,16 +820,11 @@ class TestECDHVectors(object): else: peer_pubkey = public_numbers.public_key(backend) - if vector['fail'] and vector['errno'] not in [7, 8]: - with pytest.raises(ValueError): - private_key.exchange(ec.ECDH(), peer_pubkey) + z = private_key.exchange(ec.ECDH(), peer_pubkey) + z = int(hexlify(z).decode('ascii'), 16) + # At this point fail indicates that one of the underlying keys was + # changed. This results in a non-matching derived key. + if vector['fail']: + assert z != vector['Z'] else: - z = private_key.exchange(ec.ECDH(), peer_pubkey) - z = int(hexlify(z).decode('ascii'), 16) - # Errno 7 denotes a changed private key. Errno 8 denotes a changed - # shared key. Both these errors will not cause a failure in the - # exchange but should lead to a non-matching derived shared key. - if vector['errno'] in [7, 8]: - assert z != vector['Z'] - else: - assert z == vector['Z'] + assert z == vector['Z'] -- cgit v1.2.3 From 7a40209a64c800be1b964a0eded2ab1f40accf50 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 19 Oct 2015 08:26:27 -0400 Subject: better place for this test --- tests/hazmat/primitives/test_ec.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'tests/hazmat/primitives/test_ec.py') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 6c184522..4c4d5b90 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -828,3 +828,19 @@ class TestECDHVectors(object): assert z != vector['Z'] else: assert z == vector['Z'] + + def test_exchange_unsupported_algorithm(self, backend): + _skip_curve_unsupported(backend, ec.SECP256R1()) + + key = load_vectors_from_file( + os.path.join( + "asymmetric", "PKCS8", "ec_private_key.pem"), + lambda pemfile: serialization.load_pem_private_key( + pemfile.read().encode(), None, backend + ) + ) + + with raises_unsupported_algorithm( + exceptions._Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM + ): + key.exchange(None, key.public_key()) -- cgit v1.2.3