From 95c30fb8c7f72f28ba6460602b080b638b74f19c Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 21 Mar 2014 19:24:24 -0400
Subject: some checks for PKCS1 keys being too small for the payload to be
 signed

---
 tests/hazmat/primitives/test_rsa.py | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 236a3bb1..1cbd1636 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -655,6 +655,35 @@ class TestRSASignature(object):
             private_key.signer(padding.PSS(mgf=DummyMGF()), hashes.SHA1(),
                                backend)
 
+    def test_pkcs1_digest_too_large_for_key_size(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=599,
+            backend=backend
+        )
+        signer = private_key.signer(
+            padding.PKCS1v15(),
+            hashes.SHA512(),
+            backend
+        )
+        signer.update(b"failure coming")
+        with pytest.raises(ValueError):
+            signer.finalize()
+
+    def test_pkcs1_minimum_key_size(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=745,
+            backend=backend
+        )
+        signer = private_key.signer(
+            padding.PKCS1v15(),
+            hashes.SHA512(),
+            backend
+        )
+        signer.update(b"no failure")
+        signer.finalize()
+
 
 @pytest.mark.rsa
 class TestRSAVerification(object):
-- 
cgit v1.2.3