From 1955ebfb81ac498a86ccd50fd582ca8216a5fa56 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Mar 2015 08:38:57 -0500 Subject: support DER serialization of public keys --- tests/hazmat/backends/test_openssl.py | 8 ----- tests/hazmat/primitives/test_dsa.py | 29 ++++++++++++++---- tests/hazmat/primitives/test_ec.py | 31 ++++++++++++++----- tests/hazmat/primitives/test_rsa.py | 56 ++++++++++++++++++++++------------- 4 files changed, 81 insertions(+), 43 deletions(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index ba0a2ba3..cfdc06b4 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -516,11 +516,3 @@ class TestRSAPEMSerialization(object): serialization.PrivateFormat.PKCS8, serialization.NoEncryption() ) - - def test_unsupported_public_key_encoding(self): - key = RSA_KEY_2048.private_key(backend).public_key() - with pytest.raises(ValueError): - key.public_bytes( - serialization.Encoding.DER, - serialization.PublicFormat.SubjectPublicKeyInfo - ) diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 112818f4..d699b7c6 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -944,16 +944,33 @@ class TestDSASerialization(object): @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) class TestDSAPEMPublicKeySerialization(object): - def test_public_bytes_unencrypted_pem(self, backend): + @pytest.mark.parametrize( + ("key_path", "loader_func", "encoding"), + [ + ( + os.path.join("asymmetric", "PKCS8", "unenc-dsa-pkcs8.pub.pem"), + serialization.load_pem_public_key, + serialization.Encoding.PEM, + ), ( + os.path.join( + "asymmetric", + "DER_Serialization", + "unenc-dsa-pkcs8.pub.der" + ), + serialization.load_der_public_key, + serialization.Encoding.DER, + ) + ] + ) + def test_public_bytes_match(self, key_path, loader_func, encoding, + backend): key_bytes = load_vectors_from_file( - os.path.join("asymmetric", "PKCS8", "unenc-dsa-pkcs8.pub.pem"), - lambda pemfile: pemfile.read().encode() + key_path, lambda pemfile: pemfile.read(), mode="rb" ) - key = serialization.load_pem_public_key(key_bytes, backend) + key = loader_func(key_bytes, backend) _skip_if_no_serialization(key, backend) serialized = key.public_bytes( - serialization.Encoding.PEM, - serialization.PublicFormat.SubjectPublicKeyInfo, + encoding, serialization.PublicFormat.SubjectPublicKeyInfo, ) assert serialized == key_bytes diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 40b1741c..a0d7861d 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -558,19 +558,34 @@ class TestECSerialization(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) class TestEllipticCurvePEMPublicKeySerialization(object): - def test_public_bytes_unencrypted_pem(self, backend): + @pytest.mark.parametrize( + ("key_path", "loader_func", "encoding"), + [ + ( + os.path.join( + "asymmetric", "PEM_Serialization", "ec_public_key.pem" + ), + serialization.load_pem_public_key, + serialization.Encoding.PEM, + ), ( + os.path.join( + "asymmetric", "DER_Serialization", "ec_public_key.der" + ), + serialization.load_der_public_key, + serialization.Encoding.DER, + ) + ] + ) + def test_public_bytes_match(self, key_path, loader_func, encoding, + backend): _skip_curve_unsupported(backend, ec.SECP256R1()) key_bytes = load_vectors_from_file( - os.path.join( - "asymmetric", "PEM_Serialization", "ec_public_key.pem" - ), - lambda pemfile: pemfile.read().encode() + key_path, lambda pemfile: pemfile.read(), mode="rb" ) - key = serialization.load_pem_public_key(key_bytes, backend) + key = loader_func(key_bytes, backend) _skip_if_no_serialization(key, backend) serialized = key.public_bytes( - serialization.Encoding.PEM, - serialization.PublicFormat.SubjectPublicKeyInfo, + encoding, serialization.PublicFormat.SubjectPublicKeyInfo, ) assert serialized == key_bytes diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index e6d0ac28..78e550d1 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1865,30 +1865,44 @@ class TestRSAPEMPrivateKeySerialization(object): @pytest.mark.requires_backend_interface(interface=RSABackend) @pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) class TestRSAPEMPublicKeySerialization(object): - def test_public_bytes_unencrypted_pem(self, backend): - key_bytes = load_vectors_from_file( - os.path.join("asymmetric", "PKCS8", "unenc-rsa-pkcs8.pub.pem"), - lambda pemfile: pemfile.read().encode() - ) - key = serialization.load_pem_public_key(key_bytes, backend) - _skip_if_no_serialization(key, backend) - serialized = key.public_bytes( - serialization.Encoding.PEM, - serialization.PublicFormat.SubjectPublicKeyInfo, - ) - assert serialized == key_bytes - - def test_public_bytes_pkcs1_unencrypted_pem(self, backend): + @pytest.mark.parametrize( + ("key_path", "loader_func", "encoding", "format"), + [ + ( + os.path.join("asymmetric", "public", "PKCS1", "rsa.pub.pem"), + serialization.load_pem_public_key, + serialization.Encoding.PEM, + serialization.PublicFormat.PKCS1, + ), ( + os.path.join("asymmetric", "public", "PKCS1", "rsa.pub.der"), + serialization.load_der_public_key, + serialization.Encoding.DER, + serialization.PublicFormat.PKCS1, + ), ( + os.path.join("asymmetric", "PKCS8", "unenc-rsa-pkcs8.pub.pem"), + serialization.load_pem_public_key, + serialization.Encoding.PEM, + serialization.PublicFormat.SubjectPublicKeyInfo, + ), ( + os.path.join( + "asymmetric", + "DER_Serialization", + "unenc-rsa-pkcs8.pub.der" + ), + serialization.load_der_public_key, + serialization.Encoding.DER, + serialization.PublicFormat.SubjectPublicKeyInfo, + ) + ] + ) + def test_public_bytes_match(self, key_path, loader_func, encoding, format, + backend): key_bytes = load_vectors_from_file( - os.path.join("asymmetric", "public", "PKCS1", "rsa.pub.pem"), - lambda pemfile: pemfile.read().encode() + key_path, lambda pemfile: pemfile.read(), mode="rb" ) - key = serialization.load_pem_public_key(key_bytes, backend) + key = loader_func(key_bytes, backend) _skip_if_no_serialization(key, backend) - serialized = key.public_bytes( - serialization.Encoding.PEM, - serialization.PublicFormat.PKCS1, - ) + serialized = key.public_bytes(encoding, format) assert serialized == key_bytes def test_public_bytes_invalid_encoding(self, backend): -- cgit v1.2.3