From e5c5eec8cc5b0a4a1faa47013c0b90d01483b125 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 13 Dec 2013 08:10:20 -0800 Subject: Clean up test generation to not use generators anymore and use parametrization --- tests/hazmat/primitives/utils.py | 541 +++++++++++++++------------------------ 1 file changed, 209 insertions(+), 332 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 705983a0..7f67ad40 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -3,7 +3,6 @@ import os import pytest -from cryptography.hazmat.bindings import _ALL_BACKENDS from cryptography.hazmat.primitives import hashes, hmac from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.exceptions import ( @@ -13,378 +12,256 @@ from cryptography.exceptions import ( from ...utils import load_vectors_from_file +def _load_all_params(path, file_names, param_loader): + all_params = [] + for file_name in file_names: + all_params.extend( + load_vectors_from_file(os.path.join(path, file_name), param_loader) + ) + return all_params + + def generate_encrypt_test(param_loader, path, file_names, cipher_factory, mode_factory, only_if=lambda backend: True, skip_message=None): - def test_encryption(self): - for backend in _ALL_BACKENDS: - for file_name in file_names: - for params in load_vectors_from_file( - os.path.join(path, file_name), - param_loader - ): - yield ( - encrypt_test, - backend, - cipher_factory, - mode_factory, - params, - only_if, - skip_message - ) - return test_encryption - + all_params = _load_all_params(path, file_names, param_loader) + + @pytest.mark.parametrize("params", all_params) + def test_encryption(self, backend, params): + if not only_if(backend): + pytest.skip(skip_message) + plaintext = params.pop("plaintext") + ciphertext = params.pop("ciphertext") + cipher = Cipher( + cipher_factory(**params), + mode_factory(**params), + backend=backend + ) + encryptor = cipher.encryptor() + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() + assert actual_ciphertext == binascii.unhexlify(ciphertext) + decryptor = cipher.decryptor() + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) -def encrypt_test(backend, cipher_factory, mode_factory, params, only_if, - skip_message): - if not only_if(backend): - pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") - cipher = Cipher( - cipher_factory(**params), - mode_factory(**params), - backend=backend - ) - encryptor = cipher.encryptor() - actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) - actual_ciphertext += encryptor.finalize() - assert actual_ciphertext == binascii.unhexlify(ciphertext) - decryptor = cipher.decryptor() - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - actual_plaintext += decryptor.finalize() - assert actual_plaintext == binascii.unhexlify(plaintext) + return test_encryption def generate_aead_test(param_loader, path, file_names, cipher_factory, mode_factory, only_if, skip_message): - def test_aead(self): - for backend in _ALL_BACKENDS: - for file_name in file_names: - for params in load_vectors_from_file( - os.path.join(path, file_name), - param_loader - ): - yield ( - aead_test, - backend, - cipher_factory, - mode_factory, - params, - only_if, - skip_message - ) + all_params = _load_all_params(path, file_names, param_loader) + + @pytest.mark.parametrize("params", all_params) + def test_aead(self, backend, params): + if not only_if(backend): + pytest.skip(skip_message) + if params.get("pt") is not None: + plaintext = params.pop("pt") + ciphertext = params.pop("ct") + aad = params.pop("aad") + if params.get("fail") is True: + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), + binascii.unhexlify(params["tag"])), + backend + ) + decryptor = cipher.decryptor() + decryptor.authenticate_additional_data(binascii.unhexlify(aad)) + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + with pytest.raises(InvalidTag): + decryptor.finalize() + else: + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), None), + backend + ) + encryptor = cipher.encryptor() + encryptor.authenticate_additional_data(binascii.unhexlify(aad)) + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() + tag_len = len(params["tag"]) + assert binascii.hexlify(encryptor.tag)[:tag_len] == params["tag"] + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), + binascii.unhexlify(params["tag"])), + backend + ) + decryptor = cipher.decryptor() + decryptor.authenticate_additional_data(binascii.unhexlify(aad)) + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) + return test_aead -def aead_test(backend, cipher_factory, mode_factory, params, only_if, - skip_message): - if not only_if(backend): - pytest.skip(skip_message) - if params.get("pt") is not None: - plaintext = params.pop("pt") - ciphertext = params.pop("ct") - aad = params.pop("aad") - if params.get("fail") is True: - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), - binascii.unhexlify(params["tag"])), - backend - ) - decryptor = cipher.decryptor() - decryptor.authenticate_additional_data(binascii.unhexlify(aad)) - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - with pytest.raises(InvalidTag): - decryptor.finalize() - else: - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), None), - backend - ) +def generate_stream_encryption_test(param_loader, path, file_names, + cipher_factory, only_if=None, + skip_message=None): + all_params = _load_all_params(path, file_names, param_loader) + + @pytest.mark.parametrize("params", all_params) + def test_stream_encryption(self, backend, params): + if not only_if(backend): + pytest.skip(skip_message) + plaintext = params.pop("plaintext") + ciphertext = params.pop("ciphertext") + offset = params.pop("offset") + cipher = Cipher(cipher_factory(**params), None, backend=backend) encryptor = cipher.encryptor() - encryptor.authenticate_additional_data(binascii.unhexlify(aad)) + # throw away offset bytes + encryptor.update(b"\x00" * int(offset)) actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) actual_ciphertext += encryptor.finalize() - tag_len = len(params["tag"]) - assert binascii.hexlify(encryptor.tag)[:tag_len] == params["tag"] - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), - binascii.unhexlify(params["tag"])), - backend - ) + assert actual_ciphertext == binascii.unhexlify(ciphertext) decryptor = cipher.decryptor() - decryptor.authenticate_additional_data(binascii.unhexlify(aad)) + decryptor.update(b"\x00" * int(offset)) actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) actual_plaintext += decryptor.finalize() assert actual_plaintext == binascii.unhexlify(plaintext) - -def generate_stream_encryption_test(param_loader, path, file_names, - cipher_factory, only_if=None, - skip_message=None): - def test_stream_encryption(self): - for backend in _ALL_BACKENDS: - for file_name in file_names: - for params in load_vectors_from_file( - os.path.join(path, file_name), - param_loader - ): - yield ( - stream_encryption_test, - backend, - cipher_factory, - params, - only_if, - skip_message - ) return test_stream_encryption -def stream_encryption_test(backend, cipher_factory, params, only_if, - skip_message): - if not only_if(backend): - pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") - offset = params.pop("offset") - cipher = Cipher(cipher_factory(**params), None, backend=backend) - encryptor = cipher.encryptor() - # throw away offset bytes - encryptor.update(b"\x00" * int(offset)) - actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) - actual_ciphertext += encryptor.finalize() - assert actual_ciphertext == binascii.unhexlify(ciphertext) - decryptor = cipher.decryptor() - decryptor.update(b"\x00" * int(offset)) - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - actual_plaintext += decryptor.finalize() - assert actual_plaintext == binascii.unhexlify(plaintext) - - -def generate_hash_test(param_loader, path, file_names, hash_cls, - only_if=None, skip_message=None): - def test_hash(self): - for backend in _ALL_BACKENDS: - for file_name in file_names: - for params in load_vectors_from_file( - os.path.join(path, file_name), - param_loader - ): - yield ( - hash_test, - backend, - hash_cls, - params, - only_if, - skip_message - ) - return test_hash +def generate_hash_test(param_loader, path, file_names, algorithm, only_if=None, + skip_message=None): + all_params = _load_all_params(path, file_names, param_loader) + @pytest.mark.parametrize("params", all_params) + def test_hash(self, backend, params): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + msg, md = params + m = hashes.Hash(algorithm, backend=backend) + m.update(binascii.unhexlify(msg)) + expected_md = md.replace(" ", "").lower().encode("ascii") + assert m.finalize() == binascii.unhexlify(expected_md) -def hash_test(backend, algorithm, params, only_if, skip_message): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - msg = params[0] - md = params[1] - m = hashes.Hash(algorithm, backend=backend) - m.update(binascii.unhexlify(msg)) - expected_md = md.replace(" ", "").lower().encode("ascii") - assert m.finalize() == binascii.unhexlify(expected_md) - - -def generate_base_hash_test(algorithm, digest_size, block_size, - only_if=None, skip_message=None): - def test_base_hash(self): - for backend in _ALL_BACKENDS: - yield ( - base_hash_test, - backend, - algorithm, - digest_size, - block_size, - only_if, - skip_message, - ) - return test_base_hash + return test_hash -def base_hash_test(backend, algorithm, digest_size, block_size, only_if, - skip_message): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) +def generate_base_hash_test(algorithm, digest_size, block_size, only_if=None, + skip_message=None): + def test_base_hash(self, backend): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) - m = hashes.Hash(algorithm, backend=backend) - assert m.algorithm.digest_size == digest_size - assert m.algorithm.block_size == block_size - m_copy = m.copy() - assert m != m_copy - assert m._ctx != m_copy._ctx + m = hashes.Hash(algorithm, backend=backend) + assert m.algorithm.digest_size == digest_size + assert m.algorithm.block_size == block_size + m_copy = m.copy() + assert m != m_copy + assert m._ctx != m_copy._ctx - m.update(b"abc") - copy = m.copy() - copy.update(b"123") - m.update(b"123") - assert copy.finalize() == m.finalize() + m.update(b"abc") + copy = m.copy() + copy.update(b"123") + m.update(b"123") + assert copy.finalize() == m.finalize() + + return test_base_hash -def generate_long_string_hash_test(hash_factory, md, only_if=None, +def generate_long_string_hash_test(algorithm, md, only_if=None, skip_message=None): - def test_long_string_hash(self): - for backend in _ALL_BACKENDS: - yield( - long_string_hash_test, - backend, - hash_factory, - md, - only_if, - skip_message - ) + def test_long_string_hash(self, backend): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + m = hashes.Hash(algorithm, backend=backend) + m.update(b"a" * 1000000) + assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) + return test_long_string_hash -def long_string_hash_test(backend, algorithm, md, only_if, skip_message): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - m = hashes.Hash(algorithm, backend=backend) - m.update(b"a" * 1000000) - assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) - - -def generate_hmac_test(param_loader, path, file_names, algorithm, - only_if=None, skip_message=None): - def test_hmac(self): - for backend in _ALL_BACKENDS: - for file_name in file_names: - for params in load_vectors_from_file( - os.path.join(path, file_name), - param_loader - ): - yield ( - hmac_test, - backend, - algorithm, - params, - only_if, - skip_message - ) +def generate_hmac_test(param_loader, path, file_names, algorithm, only_if=None, + skip_message=None): + all_params = _load_all_params(path, file_names, param_loader) + + @pytest.mark.parametrize("params", all_params) + def test_hmac(self, backend, params): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + msg, md, key = params + h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) + h.update(binascii.unhexlify(msg)) + assert h.finalize() == binascii.unhexlify(md.encode("ascii")) + return test_hmac -def hmac_test(backend, algorithm, params, only_if, skip_message): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - msg = params[0] - md = params[1] - key = params[2] - h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) - h.update(binascii.unhexlify(msg)) - assert h.finalize() == binascii.unhexlify(md.encode("ascii")) - - -def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None): - def test_base_hmac(self): - for backend in _ALL_BACKENDS: - yield ( - base_hmac_test, - backend, - hash_cls, - only_if, - skip_message, - ) +def generate_base_hmac_test(algorithm, only_if=None, skip_message=None): + def test_base_hmac(self, backend): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + key = b"ab" + h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) + h_copy = h.copy() + assert h != h_copy + assert h._ctx != h_copy._ctx + return test_base_hmac -def base_hmac_test(backend, algorithm, only_if, skip_message): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - key = b"ab" - h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) - h_copy = h.copy() - assert h != h_copy - assert h._ctx != h_copy._ctx - - -def generate_aead_exception_test(cipher_factory, mode_factory, - only_if, skip_message): - def test_aead_exception(self): - for backend in _ALL_BACKENDS: - yield ( - aead_exception_test, - backend, - cipher_factory, - mode_factory, - only_if, - skip_message - ) - return test_aead_exception +def generate_aead_exception_test(cipher_factory, mode_factory, only_if, + skip_message): + def test_aead_exception(self, backend): + if not only_if(backend): + pytest.skip(skip_message) + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24)), + backend + ) + encryptor = cipher.encryptor() + encryptor.update(b"a" * 16) + with pytest.raises(NotYetFinalized): + encryptor.tag + with pytest.raises(AlreadyUpdated): + encryptor.authenticate_additional_data(b"b" * 16) + encryptor.finalize() + with pytest.raises(AlreadyFinalized): + encryptor.authenticate_additional_data(b"b" * 16) + with pytest.raises(AlreadyFinalized): + encryptor.update(b"b" * 16) + with pytest.raises(AlreadyFinalized): + encryptor.finalize() + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), + backend + ) + decryptor = cipher.decryptor() + decryptor.update(b"a" * 16) + with pytest.raises(AttributeError): + decryptor.tag + return test_aead_exception -def aead_exception_test(backend, cipher_factory, mode_factory, - only_if, skip_message): - if not only_if(backend): - pytest.skip(skip_message) - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24)), - backend - ) - encryptor = cipher.encryptor() - encryptor.update(b"a" * 16) - with pytest.raises(NotYetFinalized): - encryptor.tag - with pytest.raises(AlreadyUpdated): - encryptor.authenticate_additional_data(b"b" * 16) - encryptor.finalize() - with pytest.raises(AlreadyFinalized): - encryptor.authenticate_additional_data(b"b" * 16) - with pytest.raises(AlreadyFinalized): - encryptor.update(b"b" * 16) - with pytest.raises(AlreadyFinalized): - encryptor.finalize() - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), - backend - ) - decryptor = cipher.decryptor() - decryptor.update(b"a" * 16) - with pytest.raises(AttributeError): - decryptor.tag - - -def generate_aead_tag_exception_test(cipher_factory, mode_factory, - only_if, skip_message): - def test_aead_tag_exception(self): - for backend in _ALL_BACKENDS: - yield ( - aead_tag_exception_test, - backend, - cipher_factory, - mode_factory, - only_if, - skip_message - ) - return test_aead_tag_exception +def generate_aead_tag_exception_test(cipher_factory, mode_factory, only_if, + skip_message): + def test_aead_tag_exception(self, backend): + if not only_if(backend): + pytest.skip(skip_message) + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24)), + backend + ) + with pytest.raises(ValueError): + cipher.decryptor() + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), + backend + ) + with pytest.raises(ValueError): + cipher.encryptor() -def aead_tag_exception_test(backend, cipher_factory, mode_factory, - only_if, skip_message): - if not only_if(backend): - pytest.skip(skip_message) - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24)), - backend - ) - with pytest.raises(ValueError): - cipher.decryptor() - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), - backend - ) - with pytest.raises(ValueError): - cipher.encryptor() + return test_aead_tag_exception -- cgit v1.2.3 From 21919e218ae485e52da3f66e8373e79230e61a4c Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 13 Dec 2013 08:56:32 -0800 Subject: Make this less invasive --- tests/hazmat/primitives/utils.py | 457 ++++++++++++++++++++++++--------------- 1 file changed, 280 insertions(+), 177 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 7f67ad40..cfc885b0 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -3,6 +3,7 @@ import os import pytest +from cryptography.hazmat.bindings import _ALL_BACKENDS from cryptography.hazmat.primitives import hashes, hmac from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.exceptions import ( @@ -20,7 +21,6 @@ def _load_all_params(path, file_names, param_loader): ) return all_params - def generate_encrypt_test(param_loader, path, file_names, cipher_factory, mode_factory, only_if=lambda backend: True, skip_message=None): @@ -28,240 +28,343 @@ def generate_encrypt_test(param_loader, path, file_names, cipher_factory, @pytest.mark.parametrize("params", all_params) def test_encryption(self, backend, params): - if not only_if(backend): - pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") - cipher = Cipher( - cipher_factory(**params), - mode_factory(**params), - backend=backend + encrypt_test( + backend, + cipher_factory, + mode_factory, + params, + only_if, + skip_message ) - encryptor = cipher.encryptor() - actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) - actual_ciphertext += encryptor.finalize() - assert actual_ciphertext == binascii.unhexlify(ciphertext) - decryptor = cipher.decryptor() - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - actual_plaintext += decryptor.finalize() - assert actual_plaintext == binascii.unhexlify(plaintext) return test_encryption +def encrypt_test(backend, cipher_factory, mode_factory, params, only_if, + skip_message): + if not only_if(backend): + pytest.skip(skip_message) + plaintext = params.pop("plaintext") + ciphertext = params.pop("ciphertext") + cipher = Cipher( + cipher_factory(**params), + mode_factory(**params), + backend=backend + ) + encryptor = cipher.encryptor() + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() + assert actual_ciphertext == binascii.unhexlify(ciphertext) + decryptor = cipher.decryptor() + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) + + def generate_aead_test(param_loader, path, file_names, cipher_factory, mode_factory, only_if, skip_message): all_params = _load_all_params(path, file_names, param_loader) @pytest.mark.parametrize("params", all_params) def test_aead(self, backend, params): - if not only_if(backend): - pytest.skip(skip_message) - if params.get("pt") is not None: - plaintext = params.pop("pt") - ciphertext = params.pop("ct") - aad = params.pop("aad") - if params.get("fail") is True: - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), - binascii.unhexlify(params["tag"])), - backend - ) - decryptor = cipher.decryptor() - decryptor.authenticate_additional_data(binascii.unhexlify(aad)) - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - with pytest.raises(InvalidTag): - decryptor.finalize() - else: - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), None), - backend - ) - encryptor = cipher.encryptor() - encryptor.authenticate_additional_data(binascii.unhexlify(aad)) - actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) - actual_ciphertext += encryptor.finalize() - tag_len = len(params["tag"]) - assert binascii.hexlify(encryptor.tag)[:tag_len] == params["tag"] - cipher = Cipher( - cipher_factory(binascii.unhexlify(params["key"])), - mode_factory(binascii.unhexlify(params["iv"]), - binascii.unhexlify(params["tag"])), - backend - ) - decryptor = cipher.decryptor() - decryptor.authenticate_additional_data(binascii.unhexlify(aad)) - actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) - actual_plaintext += decryptor.finalize() - assert actual_plaintext == binascii.unhexlify(plaintext) + aead_test( + backend, + cipher_factory, + mode_factory, + params, + only_if, + skip_message + ) return test_aead -def generate_stream_encryption_test(param_loader, path, file_names, - cipher_factory, only_if=None, - skip_message=None): - all_params = _load_all_params(path, file_names, param_loader) - - @pytest.mark.parametrize("params", all_params) - def test_stream_encryption(self, backend, params): - if not only_if(backend): - pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") - offset = params.pop("offset") - cipher = Cipher(cipher_factory(**params), None, backend=backend) +def aead_test(backend, cipher_factory, mode_factory, params, only_if, + skip_message): + if not only_if(backend): + pytest.skip(skip_message) + if params.get("pt") is not None: + plaintext = params.pop("pt") + ciphertext = params.pop("ct") + aad = params.pop("aad") + if params.get("fail") is True: + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), + binascii.unhexlify(params["tag"])), + backend + ) + decryptor = cipher.decryptor() + decryptor.authenticate_additional_data(binascii.unhexlify(aad)) + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + with pytest.raises(InvalidTag): + decryptor.finalize() + else: + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), None), + backend + ) encryptor = cipher.encryptor() - # throw away offset bytes - encryptor.update(b"\x00" * int(offset)) + encryptor.authenticate_additional_data(binascii.unhexlify(aad)) actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) actual_ciphertext += encryptor.finalize() - assert actual_ciphertext == binascii.unhexlify(ciphertext) + tag_len = len(params["tag"]) + assert binascii.hexlify(encryptor.tag)[:tag_len] == params["tag"] + cipher = Cipher( + cipher_factory(binascii.unhexlify(params["key"])), + mode_factory(binascii.unhexlify(params["iv"]), + binascii.unhexlify(params["tag"])), + backend + ) decryptor = cipher.decryptor() - decryptor.update(b"\x00" * int(offset)) + decryptor.authenticate_additional_data(binascii.unhexlify(aad)) actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) actual_plaintext += decryptor.finalize() assert actual_plaintext == binascii.unhexlify(plaintext) + +def generate_stream_encryption_test(param_loader, path, file_names, + cipher_factory, only_if=None, + skip_message=None): + all_params = _load_all_params(path, file_names, param_loader) + + @pytest.mark.parametrize("params", all_params) + def test_stream_encryption(self, backend, params): + stream_encryption_test( + backend, + cipher_factory, + params, + only_if, + skip_message + ) return test_stream_encryption -def generate_hash_test(param_loader, path, file_names, algorithm, only_if=None, - skip_message=None): +def stream_encryption_test(backend, cipher_factory, params, only_if, + skip_message): + if not only_if(backend): + pytest.skip(skip_message) + plaintext = params.pop("plaintext") + ciphertext = params.pop("ciphertext") + offset = params.pop("offset") + cipher = Cipher(cipher_factory(**params), None, backend=backend) + encryptor = cipher.encryptor() + # throw away offset bytes + encryptor.update(b"\x00" * int(offset)) + actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext)) + actual_ciphertext += encryptor.finalize() + assert actual_ciphertext == binascii.unhexlify(ciphertext) + decryptor = cipher.decryptor() + decryptor.update(b"\x00" * int(offset)) + actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext)) + actual_plaintext += decryptor.finalize() + assert actual_plaintext == binascii.unhexlify(plaintext) + + +def generate_hash_test(param_loader, path, file_names, hash_cls, + only_if=None, skip_message=None): all_params = _load_all_params(path, file_names, param_loader) @pytest.mark.parametrize("params", all_params) def test_hash(self, backend, params): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - msg, md = params - m = hashes.Hash(algorithm, backend=backend) - m.update(binascii.unhexlify(msg)) - expected_md = md.replace(" ", "").lower().encode("ascii") - assert m.finalize() == binascii.unhexlify(expected_md) - + hash_test( + backend, + hash_cls, + params, + only_if, + skip_message + ) return test_hash -def generate_base_hash_test(algorithm, digest_size, block_size, only_if=None, - skip_message=None): - def test_base_hash(self, backend): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - - m = hashes.Hash(algorithm, backend=backend) - assert m.algorithm.digest_size == digest_size - assert m.algorithm.block_size == block_size - m_copy = m.copy() - assert m != m_copy - assert m._ctx != m_copy._ctx - - m.update(b"abc") - copy = m.copy() - copy.update(b"123") - m.update(b"123") - assert copy.finalize() == m.finalize() +def hash_test(backend, algorithm, params, only_if, skip_message): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + msg = params[0] + md = params[1] + m = hashes.Hash(algorithm, backend=backend) + m.update(binascii.unhexlify(msg)) + expected_md = md.replace(" ", "").lower().encode("ascii") + assert m.finalize() == binascii.unhexlify(expected_md) + +def generate_base_hash_test(algorithm, digest_size, block_size, + only_if=None, skip_message=None): + def test_base_hash(self, backend): + base_hash_test( + backend, + algorithm, + digest_size, + block_size, + only_if, + skip_message, + ) return test_base_hash -def generate_long_string_hash_test(algorithm, md, only_if=None, +def base_hash_test(backend, algorithm, digest_size, block_size, only_if, + skip_message): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + + m = hashes.Hash(algorithm, backend=backend) + assert m.algorithm.digest_size == digest_size + assert m.algorithm.block_size == block_size + m_copy = m.copy() + assert m != m_copy + assert m._ctx != m_copy._ctx + + m.update(b"abc") + copy = m.copy() + copy.update(b"123") + m.update(b"123") + assert copy.finalize() == m.finalize() + + +def generate_long_string_hash_test(hash_factory, md, only_if=None, skip_message=None): def test_long_string_hash(self, backend): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - m = hashes.Hash(algorithm, backend=backend) - m.update(b"a" * 1000000) - assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) - + long_string_hash_test( + backend, + hash_factory, + md, + only_if, + skip_message + ) return test_long_string_hash -def generate_hmac_test(param_loader, path, file_names, algorithm, only_if=None, - skip_message=None): +def long_string_hash_test(backend, algorithm, md, only_if, skip_message): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + m = hashes.Hash(algorithm, backend=backend) + m.update(b"a" * 1000000) + assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) + + +def generate_hmac_test(param_loader, path, file_names, algorithm, + only_if=None, skip_message=None): all_params = _load_all_params(path, file_names, param_loader) @pytest.mark.parametrize("params", all_params) def test_hmac(self, backend, params): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - msg, md, key = params - h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) - h.update(binascii.unhexlify(msg)) - assert h.finalize() == binascii.unhexlify(md.encode("ascii")) - + hmac_test( + backend, + algorithm, + params, + only_if, + skip_message + ) return test_hmac -def generate_base_hmac_test(algorithm, only_if=None, skip_message=None): - def test_base_hmac(self, backend): - if only_if is not None and not only_if(backend): - pytest.skip(skip_message) - key = b"ab" - h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) - h_copy = h.copy() - assert h != h_copy - assert h._ctx != h_copy._ctx +def hmac_test(backend, algorithm, params, only_if, skip_message): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + msg = params[0] + md = params[1] + key = params[2] + h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) + h.update(binascii.unhexlify(msg)) + assert h.finalize() == binascii.unhexlify(md.encode("ascii")) + +def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None): + def test_base_hmac(self, backend): + base_hmac_test( + backend, + hash_cls, + only_if, + skip_message, + ) return test_base_hmac -def generate_aead_exception_test(cipher_factory, mode_factory, only_if, - skip_message): +def base_hmac_test(backend, algorithm, only_if, skip_message): + if only_if is not None and not only_if(backend): + pytest.skip(skip_message) + key = b"ab" + h = hmac.HMAC(binascii.unhexlify(key), algorithm, backend=backend) + h_copy = h.copy() + assert h != h_copy + assert h._ctx != h_copy._ctx + + +def generate_aead_exception_test(cipher_factory, mode_factory, + only_if, skip_message): def test_aead_exception(self, backend): - if not only_if(backend): - pytest.skip(skip_message) - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24)), - backend - ) - encryptor = cipher.encryptor() - encryptor.update(b"a" * 16) - with pytest.raises(NotYetFinalized): - encryptor.tag - with pytest.raises(AlreadyUpdated): - encryptor.authenticate_additional_data(b"b" * 16) - encryptor.finalize() - with pytest.raises(AlreadyFinalized): - encryptor.authenticate_additional_data(b"b" * 16) - with pytest.raises(AlreadyFinalized): - encryptor.update(b"b" * 16) - with pytest.raises(AlreadyFinalized): - encryptor.finalize() - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), - backend + aead_exception_test( + backend, + cipher_factory, + mode_factory, + only_if, + skip_message ) - decryptor = cipher.decryptor() - decryptor.update(b"a" * 16) - with pytest.raises(AttributeError): - decryptor.tag - return test_aead_exception -def generate_aead_tag_exception_test(cipher_factory, mode_factory, only_if, - skip_message): +def aead_exception_test(backend, cipher_factory, mode_factory, + only_if, skip_message): + if not only_if(backend): + pytest.skip(skip_message) + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24)), + backend + ) + encryptor = cipher.encryptor() + encryptor.update(b"a" * 16) + with pytest.raises(NotYetFinalized): + encryptor.tag + with pytest.raises(AlreadyUpdated): + encryptor.authenticate_additional_data(b"b" * 16) + encryptor.finalize() + with pytest.raises(AlreadyFinalized): + encryptor.authenticate_additional_data(b"b" * 16) + with pytest.raises(AlreadyFinalized): + encryptor.update(b"b" * 16) + with pytest.raises(AlreadyFinalized): + encryptor.finalize() + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), + backend + ) + decryptor = cipher.decryptor() + decryptor.update(b"a" * 16) + with pytest.raises(AttributeError): + decryptor.tag + + +def generate_aead_tag_exception_test(cipher_factory, mode_factory, + only_if, skip_message): def test_aead_tag_exception(self, backend): - if not only_if(backend): - pytest.skip(skip_message) - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24)), - backend + aead_tag_exception_test( + backend, + cipher_factory, + mode_factory, + only_if, + skip_message ) - with pytest.raises(ValueError): - cipher.decryptor() - cipher = Cipher( - cipher_factory(binascii.unhexlify(b"0" * 32)), - mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), - backend - ) - with pytest.raises(ValueError): - cipher.encryptor() - return test_aead_tag_exception + + +def aead_tag_exception_test(backend, cipher_factory, mode_factory, + only_if, skip_message): + if not only_if(backend): + pytest.skip(skip_message) + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24)), + backend + ) + with pytest.raises(ValueError): + cipher.decryptor() + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), + backend + ) + with pytest.raises(ValueError): + cipher.encryptor() -- cgit v1.2.3 From 4eec0bb4e1d79f107f40b3856f2c9ec76c3eef88 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Fri, 13 Dec 2013 09:12:19 -0800 Subject: pep8 --- tests/hazmat/primitives/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index cfc885b0..758e755c 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -3,7 +3,6 @@ import os import pytest -from cryptography.hazmat.bindings import _ALL_BACKENDS from cryptography.hazmat.primitives import hashes, hmac from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.exceptions import ( @@ -21,6 +20,7 @@ def _load_all_params(path, file_names, param_loader): ) return all_params + def generate_encrypt_test(param_loader, path, file_names, cipher_factory, mode_factory, only_if=lambda backend: True, skip_message=None): -- cgit v1.2.3 From 2288e30119e2af3e2b448345cf6a9e61f8d06aa0 Mon Sep 17 00:00:00 2001 From: Julian Krause Date: Tue, 17 Dec 2013 21:26:23 -0800 Subject: Add verify function to hmac and hashes. --- tests/hazmat/primitives/test_hashes.py | 25 ++++++++++++++++++++++++- tests/hazmat/primitives/test_hmac.py | 25 ++++++++++++++++++++++++- 2 files changed, 48 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index ff42e8f4..cd58b065 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -19,7 +19,7 @@ import pytest import six -from cryptography.exceptions import AlreadyFinalized +from cryptography.exceptions import AlreadyFinalized, InvalidSignature from cryptography.hazmat.primitives import hashes from .utils import generate_base_hash_test @@ -57,6 +57,29 @@ class TestHashContext(object): with pytest.raises(AlreadyFinalized): h.finalize() + def test_verify(self, backend): + h = hashes.Hash(hashes.SHA1(), backend=backend) + digest = h.finalize() + + h = hashes.Hash(hashes.SHA1(), backend=backend) + h.verify(digest) + + with pytest.raises(AlreadyFinalized): + h.verify(b'') + + def test_invalid_verify(self, backend): + h = hashes.Hash(hashes.SHA1(), backend=backend) + with pytest.raises(InvalidSignature): + h.verify(b'') + + with pytest.raises(AlreadyFinalized): + h.verify(b'') + + def test_verify_reject_unicode(self, backend): + h = hashes.Hash(hashes.SHA1(), backend=backend) + with pytest.raises(TypeError): + h.verify(six.u('')) + class TestSHA1(object): test_SHA1 = generate_base_hash_test( diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 992bcb1a..48360185 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -19,7 +19,7 @@ import pytest import six -from cryptography.exceptions import AlreadyFinalized +from cryptography.exceptions import AlreadyFinalized, InvalidSignature from cryptography.hazmat.primitives import hashes, hmac from .utils import generate_base_hmac_test @@ -63,3 +63,26 @@ class TestHMAC(object): with pytest.raises(AlreadyFinalized): h.finalize() + + def test_verify(self, backend): + h = hmac.HMAC(b'', hashes.SHA1(), backend=backend) + digest = h.finalize() + + h = hmac.HMAC(b'', hashes.SHA1(), backend=backend) + h.verify(digest) + + with pytest.raises(AlreadyFinalized): + h.verify(b'') + + def test_invalid_verify(self, backend): + h = hmac.HMAC(b'', hashes.SHA1(), backend=backend) + with pytest.raises(InvalidSignature): + h.verify(b'') + + with pytest.raises(AlreadyFinalized): + h.verify(b'') + + def test_verify_reject_unicode(self, backend): + h = hmac.HMAC(b'', hashes.SHA1(), backend=backend) + with pytest.raises(TypeError): + h.verify(six.u('')) -- cgit v1.2.3 From a620b7dfc15cf945a589e9d472b01db6f48a50a5 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 20 Dec 2013 22:59:02 -0600 Subject: don't modify params on parametrized tests multiple backends receive the same params dicts, but we were modifying them using pop. --- tests/hazmat/primitives/test_3des.py | 42 ++++++++++++++++++-------------- tests/hazmat/primitives/test_aes.py | 20 +++++++-------- tests/hazmat/primitives/test_arc4.py | 2 +- tests/hazmat/primitives/test_blowfish.py | 24 ++++++++++++------ tests/hazmat/primitives/test_camellia.py | 24 ++++++++++++------ tests/hazmat/primitives/test_cast5.py | 4 +-- tests/hazmat/primitives/utils.py | 16 ++++++------ 7 files changed, 77 insertions(+), 55 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 69ec9c9a..35745310 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -37,8 +37,10 @@ class TestTripleDES_CBC(object): "TCBCvarkey.rsp", "TCBCvartext.rsp", ], - lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), - lambda keys, iv: modes.CBC(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES( + binascii.unhexlify(kwargs["keys"]) + ), + lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), ) test_MMT = generate_encrypt_test( @@ -49,10 +51,10 @@ class TestTripleDES_CBC(object): "TCBCMMT2.rsp", "TCBCMMT3.rsp", ], - lambda key1, key2, key3, iv: ( - algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) - ), - lambda key1, key2, key3, iv: modes.CBC(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( + kwargs["key1"] + kwargs["key2"] + kwargs["key3"] + )), + lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), ) @@ -67,8 +69,10 @@ class TestTripleDES_OFB(object): "TOFBvartext.rsp", "TOFBinvperm.rsp", ], - lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), - lambda keys, iv: modes.OFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES( + binascii.unhexlify(kwargs["keys"]) + ), + lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), ) test_MMT = generate_encrypt_test( @@ -79,10 +83,10 @@ class TestTripleDES_OFB(object): "TOFBMMT2.rsp", "TOFBMMT3.rsp", ], - lambda key1, key2, key3, iv: ( - algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) - ), - lambda key1, key2, key3, iv: modes.OFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( + kwargs["key1"] + kwargs["key2"] + kwargs["key3"] + )), + lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), ) @@ -97,8 +101,10 @@ class TestTripleDES_CFB(object): "TCFB64varkey.rsp", "TCFB64vartext.rsp", ], - lambda keys, iv: algorithms.TripleDES(binascii.unhexlify(keys)), - lambda keys, iv: modes.CFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES( + binascii.unhexlify(kwargs["keys"]) + ), + lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), ) test_MMT = generate_encrypt_test( @@ -109,8 +115,8 @@ class TestTripleDES_CFB(object): "TCFB64MMT2.rsp", "TCFB64MMT3.rsp", ], - lambda key1, key2, key3, iv: ( - algorithms.TripleDES(binascii.unhexlify(key1 + key2 + key3)) - ), - lambda key1, key2, key3, iv: modes.CFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( + kwargs["key1"] + kwargs["key2"] + kwargs["key3"] + )), + lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), ) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index f7b0b9a0..d706cbd8 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -45,8 +45,8 @@ class TestAES(object): "CBCMMT192.rsp", "CBCMMT256.rsp", ], - lambda key, iv: algorithms.AES(binascii.unhexlify(key)), - lambda key, iv: modes.CBC(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), ) test_ECB = generate_encrypt_test( @@ -69,8 +69,8 @@ class TestAES(object): "ECBMMT192.rsp", "ECBMMT256.rsp", ], - lambda key: algorithms.AES(binascii.unhexlify(key)), - lambda key: modes.ECB(), + lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda **kwargs: modes.ECB(), ) test_OFB = generate_encrypt_test( @@ -93,8 +93,8 @@ class TestAES(object): "OFBMMT192.rsp", "OFBMMT256.rsp", ], - lambda key, iv: algorithms.AES(binascii.unhexlify(key)), - lambda key, iv: modes.OFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), ) test_CFB = generate_encrypt_test( @@ -117,16 +117,16 @@ class TestAES(object): "CFB128MMT192.rsp", "CFB128MMT256.rsp", ], - lambda key, iv: algorithms.AES(binascii.unhexlify(key)), - lambda key, iv: modes.CFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), ) test_CTR = generate_encrypt_test( load_openssl_vectors, os.path.join("ciphers", "AES", "CTR"), ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"], - lambda key, iv: algorithms.AES(binascii.unhexlify(key)), - lambda key, iv: modes.CTR(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda **kwargs: modes.CTR(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16) ), diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py index d233bec2..7ce93061 100644 --- a/tests/hazmat/primitives/test_arc4.py +++ b/tests/hazmat/primitives/test_arc4.py @@ -35,7 +35,7 @@ class TestARC4(object): "rfc-6229-192.txt", "rfc-6229-256.txt", ], - lambda key: algorithms.ARC4(binascii.unhexlify((key))), + lambda **kwargs: algorithms.ARC4(binascii.unhexlify((kwargs["key"]))), only_if=lambda backend: backend.cipher_supported( algorithms.ARC4("\x00" * 16), None ), diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index d5fbed6f..3e0e9025 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -27,8 +27,10 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-ecb.txt"], - lambda key: algorithms.Blowfish(binascii.unhexlify(key)), - lambda key: modes.ECB(), + lambda **kwargs: algorithms.Blowfish( + binascii.unhexlify(kwargs["key"]) + ), + lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.ECB() ), @@ -39,8 +41,10 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-cbc.txt"], - lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), - lambda key, iv: modes.CBC(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Blowfish( + binascii.unhexlify(kwargs["key"]) + ), + lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) ), @@ -51,8 +55,10 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-ofb.txt"], - lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), - lambda key, iv: modes.OFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Blowfish( + binascii.unhexlify(kwargs["key"]) + ), + lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) ), @@ -63,8 +69,10 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-cfb.txt"], - lambda key, iv: algorithms.Blowfish(binascii.unhexlify(key)), - lambda key, iv: modes.CFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Blowfish( + binascii.unhexlify(kwargs["key"]) + ), + lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) ), diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index a2c935d9..e11d590a 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -33,8 +33,10 @@ class TestCamellia(object): "camellia-192-ecb.txt", "camellia-256-ecb.txt" ], - lambda key: algorithms.Camellia(binascii.unhexlify((key))), - lambda key: modes.ECB(), + lambda **kwargs: algorithms.Camellia( + binascii.unhexlify((kwargs["key"])) + ), + lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.ECB() ), @@ -45,8 +47,10 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-cbc.txt"], - lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), - lambda key, iv: modes.CBC(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Camellia( + binascii.unhexlify((kwargs["key"])) + ), + lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16) ), @@ -57,8 +61,10 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-ofb.txt"], - lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), - lambda key, iv: modes.OFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Camellia( + binascii.unhexlify((kwargs["key"])) + ), + lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16) ), @@ -69,8 +75,10 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-cfb.txt"], - lambda key, iv: algorithms.Camellia(binascii.unhexlify(key)), - lambda key, iv: modes.CFB(binascii.unhexlify(iv)), + lambda **kwargs: algorithms.Camellia( + binascii.unhexlify((kwargs["key"])) + ), + lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16) ), diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index a283dafc..10c6ef39 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -27,8 +27,8 @@ class TestCAST5(object): load_nist_vectors, os.path.join("ciphers", "CAST5"), ["cast5-ecb.txt"], - lambda key: algorithms.CAST5(binascii.unhexlify((key))), - lambda key: modes.ECB(), + lambda **kwargs: algorithms.CAST5(binascii.unhexlify((kwargs["key"]))), + lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.CAST5("\x00" * 16), modes.ECB() ), diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 758e755c..227a4055 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -44,8 +44,8 @@ def encrypt_test(backend, cipher_factory, mode_factory, params, only_if, skip_message): if not only_if(backend): pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") + plaintext = params["plaintext"] + ciphertext = params["ciphertext"] cipher = Cipher( cipher_factory(**params), mode_factory(**params), @@ -84,9 +84,9 @@ def aead_test(backend, cipher_factory, mode_factory, params, only_if, if not only_if(backend): pytest.skip(skip_message) if params.get("pt") is not None: - plaintext = params.pop("pt") - ciphertext = params.pop("ct") - aad = params.pop("aad") + plaintext = params["pt"] + ciphertext = params["ct"] + aad = params["aad"] if params.get("fail") is True: cipher = Cipher( cipher_factory(binascii.unhexlify(params["key"])), @@ -145,9 +145,9 @@ def stream_encryption_test(backend, cipher_factory, params, only_if, skip_message): if not only_if(backend): pytest.skip(skip_message) - plaintext = params.pop("plaintext") - ciphertext = params.pop("ciphertext") - offset = params.pop("offset") + plaintext = params["plaintext"] + ciphertext = params["ciphertext"] + offset = params["offset"] cipher = Cipher(cipher_factory(**params), None, backend=backend) encryptor = cipher.encryptor() # throw away offset bytes -- cgit v1.2.3 From 687d0f849fd88eeaa6fe8968091a9d79b7f96901 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 21 Dec 2013 10:53:50 -0600 Subject: use both kwargs and named args in lambdas for clarity --- tests/hazmat/primitives/test_3des.py | 42 ++++++++++++++------------------ tests/hazmat/primitives/test_aes.py | 18 +++++++------- tests/hazmat/primitives/test_arc4.py | 2 +- tests/hazmat/primitives/test_blowfish.py | 22 ++++++----------- tests/hazmat/primitives/test_camellia.py | 22 ++++++----------- tests/hazmat/primitives/test_cast5.py | 2 +- 6 files changed, 43 insertions(+), 65 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 35745310..0db56f47 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -37,10 +37,8 @@ class TestTripleDES_CBC(object): "TCBCvarkey.rsp", "TCBCvartext.rsp", ], - lambda **kwargs: algorithms.TripleDES( - binascii.unhexlify(kwargs["keys"]) - ), - lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), + lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), ) test_MMT = generate_encrypt_test( @@ -51,10 +49,10 @@ class TestTripleDES_CBC(object): "TCBCMMT2.rsp", "TCBCMMT3.rsp", ], - lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( - kwargs["key1"] + kwargs["key2"] + kwargs["key3"] - )), - lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), + lambda key1, key2, key3, **kwargs: algorithms.TripleDES( + binascii.unhexlify(key1 + key2 + key3) + ), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), ) @@ -69,10 +67,8 @@ class TestTripleDES_OFB(object): "TOFBvartext.rsp", "TOFBinvperm.rsp", ], - lambda **kwargs: algorithms.TripleDES( - binascii.unhexlify(kwargs["keys"]) - ), - lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), + lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), ) test_MMT = generate_encrypt_test( @@ -83,10 +79,10 @@ class TestTripleDES_OFB(object): "TOFBMMT2.rsp", "TOFBMMT3.rsp", ], - lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( - kwargs["key1"] + kwargs["key2"] + kwargs["key3"] - )), - lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), + lambda key1, key2, key3, **kwargs: algorithms.TripleDES( + binascii.unhexlify(key1 + key2 + key3) + ), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), ) @@ -101,10 +97,8 @@ class TestTripleDES_CFB(object): "TCFB64varkey.rsp", "TCFB64vartext.rsp", ], - lambda **kwargs: algorithms.TripleDES( - binascii.unhexlify(kwargs["keys"]) - ), - lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), + lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), ) test_MMT = generate_encrypt_test( @@ -115,8 +109,8 @@ class TestTripleDES_CFB(object): "TCFB64MMT2.rsp", "TCFB64MMT3.rsp", ], - lambda **kwargs: algorithms.TripleDES(binascii.unhexlify( - kwargs["key1"] + kwargs["key2"] + kwargs["key3"] - )), - lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), + lambda key1, key2, key3, **kwargs: algorithms.TripleDES( + binascii.unhexlify(key1 + key2 + key3) + ), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), ) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index d706cbd8..9e5a3cb5 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -45,8 +45,8 @@ class TestAES(object): "CBCMMT192.rsp", "CBCMMT256.rsp", ], - lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), - lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), ) test_ECB = generate_encrypt_test( @@ -69,7 +69,7 @@ class TestAES(object): "ECBMMT192.rsp", "ECBMMT256.rsp", ], - lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), + lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), lambda **kwargs: modes.ECB(), ) @@ -93,8 +93,8 @@ class TestAES(object): "OFBMMT192.rsp", "OFBMMT256.rsp", ], - lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), - lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), ) test_CFB = generate_encrypt_test( @@ -117,16 +117,16 @@ class TestAES(object): "CFB128MMT192.rsp", "CFB128MMT256.rsp", ], - lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), - lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), ) test_CTR = generate_encrypt_test( load_openssl_vectors, os.path.join("ciphers", "AES", "CTR"), ["aes-128-ctr.txt", "aes-192-ctr.txt", "aes-256-ctr.txt"], - lambda **kwargs: algorithms.AES(binascii.unhexlify(kwargs["key"])), - lambda **kwargs: modes.CTR(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CTR(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.AES("\x00" * 16), modes.CTR("\x00" * 16) ), diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py index 7ce93061..a9ef2bbe 100644 --- a/tests/hazmat/primitives/test_arc4.py +++ b/tests/hazmat/primitives/test_arc4.py @@ -35,7 +35,7 @@ class TestARC4(object): "rfc-6229-192.txt", "rfc-6229-256.txt", ], - lambda **kwargs: algorithms.ARC4(binascii.unhexlify((kwargs["key"]))), + lambda key, **kwargs: algorithms.ARC4(binascii.unhexlify(key)), only_if=lambda backend: backend.cipher_supported( algorithms.ARC4("\x00" * 16), None ), diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index 3e0e9025..065855d7 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -27,9 +27,7 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-ecb.txt"], - lambda **kwargs: algorithms.Blowfish( - binascii.unhexlify(kwargs["key"]) - ), + lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)), lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.ECB() @@ -41,10 +39,8 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-cbc.txt"], - lambda **kwargs: algorithms.Blowfish( - binascii.unhexlify(kwargs["key"]) - ), - lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) ), @@ -55,10 +51,8 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-ofb.txt"], - lambda **kwargs: algorithms.Blowfish( - binascii.unhexlify(kwargs["key"]) - ), - lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) ), @@ -69,10 +63,8 @@ class TestBlowfish(object): load_nist_vectors, os.path.join("ciphers", "Blowfish"), ["bf-cfb.txt"], - lambda **kwargs: algorithms.Blowfish( - binascii.unhexlify(kwargs["key"]) - ), - lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Blowfish(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) ), diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index e11d590a..6e5fe682 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -33,9 +33,7 @@ class TestCamellia(object): "camellia-192-ecb.txt", "camellia-256-ecb.txt" ], - lambda **kwargs: algorithms.Camellia( - binascii.unhexlify((kwargs["key"])) - ), + lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)), lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.ECB() @@ -47,10 +45,8 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-cbc.txt"], - lambda **kwargs: algorithms.Camellia( - binascii.unhexlify((kwargs["key"])) - ), - lambda **kwargs: modes.CBC(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.CBC("\x00" * 16) ), @@ -61,10 +57,8 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-ofb.txt"], - lambda **kwargs: algorithms.Camellia( - binascii.unhexlify((kwargs["key"])) - ), - lambda **kwargs: modes.OFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.OFB("\x00" * 16) ), @@ -75,10 +69,8 @@ class TestCamellia(object): load_openssl_vectors, os.path.join("ciphers", "Camellia"), ["camellia-cfb.txt"], - lambda **kwargs: algorithms.Camellia( - binascii.unhexlify((kwargs["key"])) - ), - lambda **kwargs: modes.CFB(binascii.unhexlify(kwargs["iv"])), + lambda key, **kwargs: algorithms.Camellia(binascii.unhexlify(key)), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), only_if=lambda backend: backend.cipher_supported( algorithms.Camellia("\x00" * 16), modes.CFB("\x00" * 16) ), diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index 10c6ef39..406f9b55 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -27,7 +27,7 @@ class TestCAST5(object): load_nist_vectors, os.path.join("ciphers", "CAST5"), ["cast5-ecb.txt"], - lambda **kwargs: algorithms.CAST5(binascii.unhexlify((kwargs["key"]))), + lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), lambda **kwargs: modes.ECB(), only_if=lambda backend: backend.cipher_supported( algorithms.CAST5("\x00" * 16), modes.ECB() -- cgit v1.2.3 From 1b1327cfe537b9e7bdc271239d1025c2479239c3 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 21 Dec 2013 15:16:57 +0000 Subject: Raise UnsupportedAlgorithm when initing Hash() Instead of just an AssertionError. --- tests/hazmat/primitives/test_hashes.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index ff42e8f4..72bc3e27 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -19,12 +19,18 @@ import pytest import six -from cryptography.exceptions import AlreadyFinalized -from cryptography.hazmat.primitives import hashes +from cryptography import utils +from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm +from cryptography.hazmat.primitives import hashes, interfaces from .utils import generate_base_hash_test +@utils.register_interface(interfaces.HashAlgorithm) +class UnsupportedDummyHash(object): + name = "unsupported-dummy-hash" + + class TestHashContext(object): def test_hash_reject_unicode(self, backend): m = hashes.Hash(hashes.SHA1(), backend=backend) @@ -57,6 +63,10 @@ class TestHashContext(object): with pytest.raises(AlreadyFinalized): h.finalize() + def test_unsupported_hash(self, backend): + with pytest.raises(UnsupportedAlgorithm): + hashes.Hash(UnsupportedDummyHash(), backend) + class TestSHA1(object): test_SHA1 = generate_base_hash_test( -- cgit v1.2.3 From 447d64fb69e19c0059e3ba18ef3b1317a716a7c4 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 21 Dec 2013 21:26:55 +0000 Subject: Raise UnsupportedAlgorithm when initing HMACs --- tests/hazmat/primitives/test_hmac.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 992bcb1a..124c4377 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -19,12 +19,18 @@ import pytest import six -from cryptography.exceptions import AlreadyFinalized -from cryptography.hazmat.primitives import hashes, hmac +from cryptography import utils +from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm +from cryptography.hazmat.primitives import hashes, hmac, interfaces from .utils import generate_base_hmac_test +@utils.register_interface(interfaces.HashAlgorithm) +class UnsupportedDummyHash(object): + name = "unsupported-dummy-hash" + + class TestHMAC(object): test_copy = generate_base_hmac_test( hashes.MD5(), @@ -63,3 +69,7 @@ class TestHMAC(object): with pytest.raises(AlreadyFinalized): h.finalize() + + def test_unsupported_hash(self, backend): + with pytest.raises(UnsupportedAlgorithm): + hmac.HMAC(b"key", UnsupportedDummyHash(), backend) -- cgit v1.2.3 From f7b4ede584f5612546a07eb085eb5672629dcb96 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 21 Dec 2013 17:25:19 -0600 Subject: restrict gcm tags to a minimum of 4 bytes in length --- tests/hazmat/primitives/utils.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 227a4055..b00d3184 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -359,6 +359,13 @@ def aead_tag_exception_test(backend, cipher_factory, mode_factory, mode_factory(binascii.unhexlify(b"0" * 24)), backend ) + with pytest.raises(ValueError): + cipher.decryptor() + cipher = Cipher( + cipher_factory(binascii.unhexlify(b"0" * 32)), + mode_factory(binascii.unhexlify(b"0" * 24), b"000"), + backend + ) with pytest.raises(ValueError): cipher.decryptor() cipher = Cipher( -- cgit v1.2.3 From 35cb3659bcf97eea22ce1ad14b7fc3d0913d2be2 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 21 Dec 2013 16:29:45 +0000 Subject: UnsupportedAlgorithm error messages for Ciphers --- tests/hazmat/backends/test_openssl.py | 12 +++++++----- tests/hazmat/primitives/test_block.py | 12 +++++++++--- 2 files changed, 16 insertions(+), 8 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 962959b9..543a05fe 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -23,13 +23,14 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC +@utils.register_interface(interfaces.Mode) class DummyMode(object): - pass + name = "dummy-mode" @utils.register_interface(interfaces.CipherAlgorithm) class DummyCipher(object): - pass + name = "dummy-cipher" class TestOpenSSL(object): @@ -62,15 +63,16 @@ class TestOpenSSL(object): assert b.ffi is backend.ffi assert b.lib is backend.lib - def test_nonexistent_cipher(self): + @pytest.mark.parametrize("mode", [DummyMode(), None]) + def test_nonexistent_cipher(self, mode): b = Backend() b.register_cipher_adapter( DummyCipher, - DummyMode, + type(mode), lambda backend, cipher, mode: backend.ffi.NULL ) cipher = Cipher( - DummyCipher(), DummyMode(), backend=b, + DummyCipher(), mode, backend=b, ) with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index 02de3861..573f5633 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -31,9 +31,14 @@ from .utils import ( ) +@utils.register_interface(interfaces.Mode) +class DummyMode(object): + name = "dummy-mode" + + @utils.register_interface(interfaces.CipherAlgorithm) class DummyCipher(object): - pass + name = "dummy-cipher" class TestCipher(object): @@ -101,9 +106,10 @@ class TestCipherContext(object): assert pt == b"a" * 80 decryptor.finalize() - def test_nonexistent_cipher(self, backend): + @pytest.mark.parametrize("mode", [DummyMode(), None]) + def test_nonexistent_cipher(self, backend, mode): cipher = Cipher( - DummyCipher(), object(), backend + DummyCipher(), mode, backend ) with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() -- cgit v1.2.3 From 90ae866e0a83ef92ce2b2e7c58ccb86e79f3bee8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 23 Dec 2013 17:21:00 -0600 Subject: add hmac_supported method to backend. Previously we were implicitly assuming that if a hash was supported then its hmac equivalent was as well. --- tests/hazmat/primitives/test_hmac.py | 2 +- tests/hazmat/primitives/test_hmac_vectors.py | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 124c4377..1e776c98 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -34,7 +34,7 @@ class UnsupportedDummyHash(object): class TestHMAC(object): test_copy = generate_base_hmac_test( hashes.MD5(), - only_if=lambda backend: backend.hash_supported(hashes.MD5), + only_if=lambda backend: backend.hmac_supported(hashes.MD5), skip_message="Does not support MD5", ) diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py index 7d0f156a..f884d850 100644 --- a/tests/hazmat/primitives/test_hmac_vectors.py +++ b/tests/hazmat/primitives/test_hmac_vectors.py @@ -27,7 +27,7 @@ class TestHMAC_MD5(object): "rfc-2202-md5.txt", ], hashes.MD5(), - only_if=lambda backend: backend.hash_supported(hashes.MD5), + only_if=lambda backend: backend.hmac_supported(hashes.MD5), skip_message="Does not support MD5", ) @@ -40,7 +40,7 @@ class TestHMAC_SHA1(object): "rfc-2202-sha1.txt", ], hashes.SHA1(), - only_if=lambda backend: backend.hash_supported(hashes.SHA1), + only_if=lambda backend: backend.hmac_supported(hashes.SHA1), skip_message="Does not support SHA1", ) @@ -53,7 +53,7 @@ class TestHMAC_SHA224(object): "rfc-4231-sha224.txt", ], hashes.SHA224(), - only_if=lambda backend: backend.hash_supported(hashes.SHA224), + only_if=lambda backend: backend.hmac_supported(hashes.SHA224), skip_message="Does not support SHA224", ) @@ -66,7 +66,7 @@ class TestHMAC_SHA256(object): "rfc-4231-sha256.txt", ], hashes.SHA256(), - only_if=lambda backend: backend.hash_supported(hashes.SHA256), + only_if=lambda backend: backend.hmac_supported(hashes.SHA256), skip_message="Does not support SHA256", ) @@ -79,7 +79,7 @@ class TestHMAC_SHA384(object): "rfc-4231-sha384.txt", ], hashes.SHA384(), - only_if=lambda backend: backend.hash_supported(hashes.SHA384), + only_if=lambda backend: backend.hmac_supported(hashes.SHA384), skip_message="Does not support SHA384", ) @@ -92,7 +92,7 @@ class TestHMAC_SHA512(object): "rfc-4231-sha512.txt", ], hashes.SHA512(), - only_if=lambda backend: backend.hash_supported(hashes.SHA512), + only_if=lambda backend: backend.hmac_supported(hashes.SHA512), skip_message="Does not support SHA512", ) @@ -105,6 +105,6 @@ class TestHMAC_RIPEMD160(object): "rfc-2286-ripemd160.txt", ], hashes.RIPEMD160(), - only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160), + only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160), skip_message="Does not support RIPEMD160", ) -- cgit v1.2.3 From c80c68da793a255c552e0131ebc07ba2cf911570 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 23 Dec 2013 19:38:08 -0600 Subject: add more skip check lambdas --- tests/hazmat/primitives/test_3des.py | 24 ++++++++++++++++++++++++ tests/hazmat/primitives/test_aes.py | 16 ++++++++++++++++ 2 files changed, 40 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 0db56f47..4e380dee 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -39,6 +39,10 @@ class TestTripleDES_CBC(object): ], lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.CBC("\x00" * 8) + ), + skip_message="Does not support TripleDES CBC", ) test_MMT = generate_encrypt_test( @@ -53,6 +57,10 @@ class TestTripleDES_CBC(object): binascii.unhexlify(key1 + key2 + key3) ), lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.CBC("\x00" * 8) + ), + skip_message="Does not support TripleDES CBC", ) @@ -69,6 +77,10 @@ class TestTripleDES_OFB(object): ], lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.OFB("\x00" * 8) + ), + skip_message="Does not support TripleDES OFB", ) test_MMT = generate_encrypt_test( @@ -83,6 +95,10 @@ class TestTripleDES_OFB(object): binascii.unhexlify(key1 + key2 + key3) ), lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.OFB("\x00" * 8) + ), + skip_message="Does not support TripleDES OFB", ) @@ -99,6 +115,10 @@ class TestTripleDES_CFB(object): ], lambda keys, **kwargs: algorithms.TripleDES(binascii.unhexlify(keys)), lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.CFB("\x00" * 8) + ), + skip_message="Does not support TripleDES CFB", ) test_MMT = generate_encrypt_test( @@ -113,4 +133,8 @@ class TestTripleDES_CFB(object): binascii.unhexlify(key1 + key2 + key3) ), lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.TripleDES("\x00" * 8), modes.CFB("\x00" * 8) + ), + skip_message="Does not support TripleDES CFB", ) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 9e5a3cb5..241772e6 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -47,6 +47,10 @@ class TestAES(object): ], lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.CBC("\x00" * 16) + ), + skip_message="Does not support AES CBC", ) test_ECB = generate_encrypt_test( @@ -71,6 +75,10 @@ class TestAES(object): ], lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), lambda **kwargs: modes.ECB(), + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.ECB() + ), + skip_message="Does not support AES ECB", ) test_OFB = generate_encrypt_test( @@ -95,6 +103,10 @@ class TestAES(object): ], lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.OFB("\x00" * 16) + ), + skip_message="Does not support AES OFB", ) test_CFB = generate_encrypt_test( @@ -119,6 +131,10 @@ class TestAES(object): ], lambda key, **kwargs: algorithms.AES(binascii.unhexlify(key)), lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.cipher_supported( + algorithms.AES("\x00" * 16), modes.CFB("\x00" * 16) + ), + skip_message="Does not support AES CFB", ) test_CTR = generate_encrypt_test( -- cgit v1.2.3 From 2a36dd1b9f68f34f2545e519f8eac00b8b40c59d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 24 Dec 2013 13:44:45 -0800 Subject: Cover a missed branch --- tests/hazmat/primitives/utils.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index b00d3184..e0184777 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -22,8 +22,7 @@ def _load_all_params(path, file_names, param_loader): def generate_encrypt_test(param_loader, path, file_names, cipher_factory, - mode_factory, only_if=lambda backend: True, - skip_message=None): + mode_factory, only_if, skip_message=None): all_params = _load_all_params(path, file_names, param_loader) @pytest.mark.parametrize("params", all_params) -- cgit v1.2.3 From 7e4bc6d87741e8469ffcd00dc8004875ec9a95fe Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 24 Dec 2013 22:23:53 -0600 Subject: add test marks for various backend functionality --- tests/conftest.py | 16 ++++++++++++++++ tests/skip_check.py | 22 ++++++++++++++++++++++ tests/test_skip_check.py | 31 +++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 tests/skip_check.py create mode 100644 tests/test_skip_check.py (limited to 'tests') diff --git a/tests/conftest.py b/tests/conftest.py index 71662802..91ba988f 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -1,5 +1,21 @@ +import pytest + +from cryptography.hazmat.backends.interfaces import ( + HMACBackend, CipherBackend, HashBackend +) + +from .skip_check import skip_check + + def pytest_generate_tests(metafunc): from cryptography.hazmat.backends import _ALL_BACKENDS if "backend" in metafunc.fixturenames: metafunc.parametrize("backend", _ALL_BACKENDS) + + +@pytest.mark.trylast +def pytest_runtest_setup(item): + skip_check('hmac', HMACBackend, item) + skip_check('cipher', CipherBackend, item) + skip_check('hash', HashBackend, item) diff --git a/tests/skip_check.py b/tests/skip_check.py new file mode 100644 index 00000000..4d454d73 --- /dev/null +++ b/tests/skip_check.py @@ -0,0 +1,22 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import pytest + + +def skip_check(name, iface, item): + if name in item.keywords and item.funcargs.get('backend') is not None: + if not isinstance(item.funcargs['backend'], iface): + pytest.skip("Backend does not support {}".format(name)) diff --git a/tests/test_skip_check.py b/tests/test_skip_check.py new file mode 100644 index 00000000..3b303aca --- /dev/null +++ b/tests/test_skip_check.py @@ -0,0 +1,31 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import pretend + +import pytest + +from .skip_check import skip_check + + +class FakeInterface(object): + pass + + +def test_skip_check(): + item = pretend.stub(keywords=["fake_name"], funcargs={"backend": True}) + with pytest.raises(pytest.skip.Exception) as exc_info: + skip_check("fake_name", FakeInterface, item) + assert exc_info.value.args[0] == "Backend does not support fake_name" -- cgit v1.2.3 From 0cbcfa67fc7c1e13764f4b662fc238a372507af8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 24 Dec 2013 22:29:12 -0600 Subject: whoops, python 2.6 compatible format string --- tests/skip_check.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/skip_check.py b/tests/skip_check.py index 4d454d73..454a3c5f 100644 --- a/tests/skip_check.py +++ b/tests/skip_check.py @@ -19,4 +19,4 @@ import pytest def skip_check(name, iface, item): if name in item.keywords and item.funcargs.get('backend') is not None: if not isinstance(item.funcargs['backend'], iface): - pytest.skip("Backend does not support {}".format(name)) + pytest.skip("Backend does not support {0}".format(name)) -- cgit v1.2.3 From 4f2b1031c3c155b9af3817126b9ac508cbf849a3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 24 Dec 2013 22:24:31 -0600 Subject: add all the markers to the tests --- tests/hazmat/primitives/test_3des.py | 4 ++++ tests/hazmat/primitives/test_aes.py | 2 ++ tests/hazmat/primitives/test_arc4.py | 2 ++ tests/hazmat/primitives/test_block.py | 3 +++ tests/hazmat/primitives/test_blowfish.py | 2 ++ tests/hazmat/primitives/test_camellia.py | 2 ++ tests/hazmat/primitives/test_cast5.py | 2 ++ tests/hazmat/primitives/test_hash_vectors.py | 9 +++++++++ tests/hazmat/primitives/test_hashes.py | 9 +++++++++ tests/hazmat/primitives/test_hmac.py | 1 + tests/hazmat/primitives/test_hmac_vectors.py | 9 +++++++++ 11 files changed, 45 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 4e380dee..4c43898c 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -19,6 +19,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes @@ -26,6 +27,7 @@ from .utils import generate_encrypt_test from ...utils import load_nist_vectors +@pytest.mark.cipher class TestTripleDES_CBC(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -64,6 +66,7 @@ class TestTripleDES_CBC(object): ) +@pytest.mark.cipher class TestTripleDES_OFB(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -102,6 +105,7 @@ class TestTripleDES_OFB(object): ) +@pytest.mark.cipher class TestTripleDES_CFB(object): test_KAT = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 241772e6..5b706842 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes @@ -24,6 +25,7 @@ from ...utils import ( ) +@pytest.mark.cipher class TestAES(object): test_CBC = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py index a9ef2bbe..d506a8a1 100644 --- a/tests/hazmat/primitives/test_arc4.py +++ b/tests/hazmat/primitives/test_arc4.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms @@ -22,6 +23,7 @@ from .utils import generate_stream_encryption_test from ...utils import load_nist_vectors +@pytest.mark.cipher class TestARC4(object): test_rfc = generate_stream_encryption_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index 573f5633..22a7c02f 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -41,6 +41,7 @@ class DummyCipher(object): name = "dummy-cipher" +@pytest.mark.cipher class TestCipher(object): def test_creates_encryptor(self, backend): cipher = Cipher( @@ -64,6 +65,7 @@ class TestCipher(object): Cipher(algorithm, mode=None, backend=backend) +@pytest.mark.cipher class TestCipherContext(object): def test_use_after_finalize(self, backend): cipher = Cipher( @@ -134,6 +136,7 @@ class TestCipherContext(object): decryptor.finalize() +@pytest.mark.cipher class TestAEADCipherContext(object): test_aead_exceptions = generate_aead_exception_test( algorithms.AES, diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index 065855d7..2d5dc521 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes @@ -22,6 +23,7 @@ from .utils import generate_encrypt_test from ...utils import load_nist_vectors +@pytest.mark.cipher class TestBlowfish(object): test_ECB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index 6e5fe682..0b6c37fb 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes @@ -24,6 +25,7 @@ from ...utils import ( ) +@pytest.mark.cipher class TestCamellia(object): test_ECB = generate_encrypt_test( load_cryptrec_vectors, diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index 406f9b55..2ebc040b 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os +import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes @@ -22,6 +23,7 @@ from .utils import generate_encrypt_test from ...utils import load_nist_vectors +@pytest.mark.cipher class TestCAST5(object): test_ECB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index a8655812..5c9e9bed 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -14,6 +14,7 @@ from __future__ import absolute_import, division, print_function import os +import pytest from cryptography.hazmat.primitives import hashes @@ -21,6 +22,7 @@ from .utils import generate_hash_test, generate_long_string_hash_test from ...utils import load_hash_vectors +@pytest.mark.hash class TestSHA1(object): test_SHA1 = generate_hash_test( load_hash_vectors, @@ -35,6 +37,7 @@ class TestSHA1(object): ) +@pytest.mark.hash class TestSHA224(object): test_SHA224 = generate_hash_test( load_hash_vectors, @@ -49,6 +52,7 @@ class TestSHA224(object): ) +@pytest.mark.hash class TestSHA256(object): test_SHA256 = generate_hash_test( load_hash_vectors, @@ -63,6 +67,7 @@ class TestSHA256(object): ) +@pytest.mark.hash class TestSHA384(object): test_SHA384 = generate_hash_test( load_hash_vectors, @@ -77,6 +82,7 @@ class TestSHA384(object): ) +@pytest.mark.hash class TestSHA512(object): test_SHA512 = generate_hash_test( load_hash_vectors, @@ -91,6 +97,7 @@ class TestSHA512(object): ) +@pytest.mark.hash class TestRIPEMD160(object): test_RIPEMD160 = generate_hash_test( load_hash_vectors, @@ -111,6 +118,7 @@ class TestRIPEMD160(object): ) +@pytest.mark.hash class TestWhirlpool(object): test_whirlpool = generate_hash_test( load_hash_vectors, @@ -133,6 +141,7 @@ class TestWhirlpool(object): ) +@pytest.mark.hash class TestMD5(object): test_md5 = generate_hash_test( load_hash_vectors, diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 72bc3e27..45faaab2 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -31,6 +31,7 @@ class UnsupportedDummyHash(object): name = "unsupported-dummy-hash" +@pytest.mark.hash class TestHashContext(object): def test_hash_reject_unicode(self, backend): m = hashes.Hash(hashes.SHA1(), backend=backend) @@ -68,6 +69,7 @@ class TestHashContext(object): hashes.Hash(UnsupportedDummyHash(), backend) +@pytest.mark.hash class TestSHA1(object): test_SHA1 = generate_base_hash_test( hashes.SHA1(), @@ -78,6 +80,7 @@ class TestSHA1(object): ) +@pytest.mark.hash class TestSHA224(object): test_SHA224 = generate_base_hash_test( hashes.SHA224(), @@ -88,6 +91,7 @@ class TestSHA224(object): ) +@pytest.mark.hash class TestSHA256(object): test_SHA256 = generate_base_hash_test( hashes.SHA256(), @@ -98,6 +102,7 @@ class TestSHA256(object): ) +@pytest.mark.hash class TestSHA384(object): test_SHA384 = generate_base_hash_test( hashes.SHA384(), @@ -108,6 +113,7 @@ class TestSHA384(object): ) +@pytest.mark.hash class TestSHA512(object): test_SHA512 = generate_base_hash_test( hashes.SHA512(), @@ -118,6 +124,7 @@ class TestSHA512(object): ) +@pytest.mark.hash class TestRIPEMD160(object): test_RIPEMD160 = generate_base_hash_test( hashes.RIPEMD160(), @@ -128,6 +135,7 @@ class TestRIPEMD160(object): ) +@pytest.mark.hash class TestWhirlpool(object): test_Whirlpool = generate_base_hash_test( hashes.Whirlpool(), @@ -138,6 +146,7 @@ class TestWhirlpool(object): ) +@pytest.mark.hash class TestMD5(object): test_MD5 = generate_base_hash_test( hashes.MD5(), diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 1e776c98..6d8cc27b 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -31,6 +31,7 @@ class UnsupportedDummyHash(object): name = "unsupported-dummy-hash" +@pytest.mark.hmac class TestHMAC(object): test_copy = generate_base_hmac_test( hashes.MD5(), diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py index f884d850..9bc06a2e 100644 --- a/tests/hazmat/primitives/test_hmac_vectors.py +++ b/tests/hazmat/primitives/test_hmac_vectors.py @@ -13,12 +13,15 @@ from __future__ import absolute_import, division, print_function +import pytest + from cryptography.hazmat.primitives import hashes from .utils import generate_hmac_test from ...utils import load_hash_vectors +@pytest.mark.hmac class TestHMAC_MD5(object): test_hmac_md5 = generate_hmac_test( load_hash_vectors, @@ -32,6 +35,7 @@ class TestHMAC_MD5(object): ) +@pytest.mark.hmac class TestHMAC_SHA1(object): test_hmac_sha1 = generate_hmac_test( load_hash_vectors, @@ -45,6 +49,7 @@ class TestHMAC_SHA1(object): ) +@pytest.mark.hmac class TestHMAC_SHA224(object): test_hmac_sha224 = generate_hmac_test( load_hash_vectors, @@ -58,6 +63,7 @@ class TestHMAC_SHA224(object): ) +@pytest.mark.hmac class TestHMAC_SHA256(object): test_hmac_sha256 = generate_hmac_test( load_hash_vectors, @@ -71,6 +77,7 @@ class TestHMAC_SHA256(object): ) +@pytest.mark.hmac class TestHMAC_SHA384(object): test_hmac_sha384 = generate_hmac_test( load_hash_vectors, @@ -84,6 +91,7 @@ class TestHMAC_SHA384(object): ) +@pytest.mark.hmac class TestHMAC_SHA512(object): test_hmac_sha512 = generate_hmac_test( load_hash_vectors, @@ -97,6 +105,7 @@ class TestHMAC_SHA512(object): ) +@pytest.mark.hmac class TestHMAC_RIPEMD160(object): test_hmac_ripemd160 = generate_hmac_test( load_hash_vectors, -- cgit v1.2.3 From 5a09c6e9545373cece95f87ed28579f05959fced Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 24 Dec 2013 21:03:23 -0800 Subject: Include teh name of the backend in the error message --- tests/skip_check.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/skip_check.py b/tests/skip_check.py index 454a3c5f..42a152ea 100644 --- a/tests/skip_check.py +++ b/tests/skip_check.py @@ -17,6 +17,8 @@ import pytest def skip_check(name, iface, item): - if name in item.keywords and item.funcargs.get('backend') is not None: - if not isinstance(item.funcargs['backend'], iface): - pytest.skip("Backend does not support {0}".format(name)) + if name in item.keywords and "backend" in item.funcargs: + if not isinstance(item.funcargs["backend"], iface): + pytest.skip("{0} backend does not support {1}".format( + item.funcargs["backend"], name + )) -- cgit v1.2.3 From 6198da1fcce93d7efb89995d0a10d9170ee8f230 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 24 Dec 2013 21:03:43 -0800 Subject: Update test --- tests/test_skip_check.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/test_skip_check.py b/tests/test_skip_check.py index 3b303aca..73a6e563 100644 --- a/tests/test_skip_check.py +++ b/tests/test_skip_check.py @@ -28,4 +28,4 @@ def test_skip_check(): item = pretend.stub(keywords=["fake_name"], funcargs={"backend": True}) with pytest.raises(pytest.skip.Exception) as exc_info: skip_check("fake_name", FakeInterface, item) - assert exc_info.value.args[0] == "Backend does not support fake_name" + assert exc_info.value.args[0] == "True backend does not support fake_name" -- cgit v1.2.3 From 8d85b058d28d37f1f505292f7cc6311092dd4f39 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 24 Dec 2013 23:50:59 -0600 Subject: correct import style --- tests/hazmat/primitives/test_3des.py | 1 + tests/hazmat/primitives/test_aes.py | 1 + tests/hazmat/primitives/test_arc4.py | 1 + tests/hazmat/primitives/test_blowfish.py | 1 + tests/hazmat/primitives/test_camellia.py | 1 + tests/hazmat/primitives/test_cast5.py | 1 + tests/hazmat/primitives/test_hash_vectors.py | 1 + 7 files changed, 7 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 4c43898c..439ca258 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -19,6 +19,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 5b706842..e9ef3853 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py index d506a8a1..f2e2452c 100644 --- a/tests/hazmat/primitives/test_arc4.py +++ b/tests/hazmat/primitives/test_arc4.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index 2d5dc521..79ceabe7 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index 0b6c37fb..c376220e 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index 2ebc040b..a4789c65 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import binascii import os + import pytest from cryptography.hazmat.primitives.ciphers import algorithms, modes diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index 5c9e9bed..d9febea9 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -14,6 +14,7 @@ from __future__ import absolute_import, division, print_function import os + import pytest from cryptography.hazmat.primitives import hashes -- cgit v1.2.3 From 2b3f94271209883aab4181ac5401c699c5c60b75 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 24 Dec 2013 21:55:24 -0800 Subject: Move stuff around and coverage --- tests/conftest.py | 8 ++++---- tests/skip_check.py | 24 ------------------------ tests/test_skip_check.py | 31 ------------------------------- tests/test_utils.py | 21 ++++++++++++++++++++- tests/utils.py | 12 +++++++++++- 5 files changed, 35 insertions(+), 61 deletions(-) delete mode 100644 tests/skip_check.py delete mode 100644 tests/test_skip_check.py (limited to 'tests') diff --git a/tests/conftest.py b/tests/conftest.py index 91ba988f..e059b630 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -4,7 +4,7 @@ from cryptography.hazmat.backends.interfaces import ( HMACBackend, CipherBackend, HashBackend ) -from .skip_check import skip_check +from .utils import check_for_iface def pytest_generate_tests(metafunc): @@ -16,6 +16,6 @@ def pytest_generate_tests(metafunc): @pytest.mark.trylast def pytest_runtest_setup(item): - skip_check('hmac', HMACBackend, item) - skip_check('cipher', CipherBackend, item) - skip_check('hash', HashBackend, item) + check_for_iface("hmac", HMACBackend, item) + check_for_iface("cipher", CipherBackend, item) + check_for_iface("hash", HashBackend, item) diff --git a/tests/skip_check.py b/tests/skip_check.py deleted file mode 100644 index 42a152ea..00000000 --- a/tests/skip_check.py +++ /dev/null @@ -1,24 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -import pytest - - -def skip_check(name, iface, item): - if name in item.keywords and "backend" in item.funcargs: - if not isinstance(item.funcargs["backend"], iface): - pytest.skip("{0} backend does not support {1}".format( - item.funcargs["backend"], name - )) diff --git a/tests/test_skip_check.py b/tests/test_skip_check.py deleted file mode 100644 index 73a6e563..00000000 --- a/tests/test_skip_check.py +++ /dev/null @@ -1,31 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, division, print_function - -import pretend - -import pytest - -from .skip_check import skip_check - - -class FakeInterface(object): - pass - - -def test_skip_check(): - item = pretend.stub(keywords=["fake_name"], funcargs={"backend": True}) - with pytest.raises(pytest.skip.Exception) as exc_info: - skip_check("fake_name", FakeInterface, item) - assert exc_info.value.args[0] == "True backend does not support fake_name" diff --git a/tests/test_utils.py b/tests/test_utils.py index 5c58fd76..a65091ff 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -14,14 +14,33 @@ import os import textwrap +import pretend + import pytest from .utils import ( load_nist_vectors, load_vectors_from_file, load_cryptrec_vectors, - load_openssl_vectors, load_hash_vectors, + load_openssl_vectors, load_hash_vectors, check_for_iface ) +class FakeInterface(object): + pass + + +def test_check_for_iface(): + item = pretend.stub(keywords=["fake_name"], funcargs={"backend": True}) + with pytest.raises(pytest.skip.Exception) as exc_info: + check_for_iface("fake_name", FakeInterface, item) + assert exc_info.value.args[0] == "True backend does not support fake_name" + + item = pretend.stub( + keywords=["fake_name"], + funcargs={"backend": FakeInterface()} + ) + check_for_iface("fake_name", FakeInterface, item) + + def test_load_nist_vectors(): vector_data = textwrap.dedent(""" # CAVS 11.1 diff --git a/tests/utils.py b/tests/utils.py index 94f97d59..82021a5f 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -11,7 +11,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -import os.path +import os + +import pytest + + +def check_for_iface(name, iface, item): + if name in item.keywords and "backend" in item.funcargs: + if not isinstance(item.funcargs["backend"], iface): + pytest.skip("{0} backend does not support {1}".format( + item.funcargs["backend"], name + )) def load_vectors_from_file(filename, loader): -- cgit v1.2.3 From b808f8cc91e302d4120eefa80c946a7cdcf9a155 Mon Sep 17 00:00:00 2001 From: Julian Krause Date: Thu, 26 Dec 2013 21:47:39 -0800 Subject: Remove verify from Hash. --- tests/hazmat/primitives/test_hashes.py | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 69d0773a..45faaab2 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -20,9 +20,7 @@ import pytest import six from cryptography import utils -from cryptography.exceptions import ( - AlreadyFinalized, UnsupportedAlgorithm, InvalidSignature -) +from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm from cryptography.hazmat.primitives import hashes, interfaces from .utils import generate_base_hash_test @@ -66,29 +64,6 @@ class TestHashContext(object): with pytest.raises(AlreadyFinalized): h.finalize() - def test_verify(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - digest = h.finalize() - - h = hashes.Hash(hashes.SHA1(), backend=backend) - h.verify(digest) - - with pytest.raises(AlreadyFinalized): - h.verify(b'') - - def test_invalid_verify(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - with pytest.raises(InvalidSignature): - h.verify(b'') - - with pytest.raises(AlreadyFinalized): - h.verify(b'') - - def test_verify_reject_unicode(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - with pytest.raises(TypeError): - h.verify(six.u('')) - def test_unsupported_hash(self, backend): with pytest.raises(UnsupportedAlgorithm): hashes.Hash(UnsupportedDummyHash(), backend) -- cgit v1.2.3