From 4ccceaf4484dce24c5f0994b52079293a5fdb37c Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 11:26:37 -0600
Subject: add RSA PKCS1 signing (and structure for PSS + verification)

---
 tests/hazmat/primitives/test_rsa.py | 60 +++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index df3a70f5..b2ea9bad 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -14,16 +14,25 @@
 
 from __future__ import absolute_import, division, print_function
 
+import binascii
 import itertools
 import os
 
 import pytest
 
+from cryptography import exceptions, utils
+from cryptography.hazmat.primitives import hashes, interfaces
 from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.asymmetric import padding
 
 from ...utils import load_pkcs1_vectors, load_vectors_from_file
 
 
+@utils.register_interface(interfaces.AsymmetricPadding)
+class FakePadding(object):
+    name = "UNSUPPORTED-PADDING"
+
+
 def _modinv(e, m):
     """
     Modular Multiplicative Inverse.  Returns x such that: (x*e) mod m == 1
@@ -55,6 +64,17 @@ def _check_rsa_private_key(skey):
     assert skey.key_size == pkey.key_size
 
 
+def _flatten_pkcs1_examples(vectors):
+    flattened_vectors = []
+    for vector in vectors:
+        examples = vector[0].pop("examples")
+        for example in examples:
+            merged_vector = (vector[0], vector[1], example)
+            flattened_vectors.append(merged_vector)
+
+    return flattened_vectors
+
+
 def test_modular_inverse():
     p = int(
         "d1f9f6c09fd3d38987f7970247b85a6da84907753d42ec52bc23b745093f4fff5cff3"
@@ -363,3 +383,43 @@ class TestRSA(object):
         # Test a public_exponent that is not odd.
         with pytest.raises(ValueError):
             rsa.RSAPublicKey(public_exponent=6, modulus=15)
+
+
+@pytest.mark.rsa
+class TestRSASignature(object):
+    @pytest.mark.parametrize(
+        "pkcs1_example",
+        _flatten_pkcs1_examples(load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "RSA", "pkcs1v15sign-vectors.txt"),
+            load_pkcs1_vectors
+        ))
+    )
+    def test_pkcs1v15_signing(self, pkcs1_example, backend):
+        private, public, example = pkcs1_example
+        private_key = rsa.RSAPrivateKey(**private)
+        public_key = rsa.RSAPublicKey(**public)
+        signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
+        signer.update(binascii.unhexlify(example["message"]))
+        signature = signer.finalize()
+        assert binascii.hexlify(signature) == example["signature"]
+
+    def test_use_after_finalize(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
+        signer.update(b"sign me")
+        signer.finalize()
+        with pytest.raises(exceptions.AlreadyFinalized):
+            signer.finalize()
+        with pytest.raises(exceptions.AlreadyFinalized):
+            signer.update(b"more data")
+
+    def test_unsupported_padding(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        with pytest.raises(exceptions.UnsupportedAsymmetricPadding):
+            private_key.signer(FakePadding(), hashes.SHA1(), backend)
+
+    def test_padding_incorrect_type(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        with pytest.raises(TypeError):
+            private_key.signer("notpadding", hashes.SHA1(), backend)
-- 
cgit v1.2.3


From da19e2b59957870fdb04e1027a9221b8fa2c810e Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 11:42:03 -0600
Subject: some style fixes

---
 tests/hazmat/primitives/test_rsa.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index b2ea9bad..11fb3729 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -29,7 +29,7 @@ from ...utils import load_pkcs1_vectors, load_vectors_from_file
 
 
 @utils.register_interface(interfaces.AsymmetricPadding)
-class FakePadding(object):
+class DummyPadding(object):
     name = "UNSUPPORTED-PADDING"
 
 
@@ -415,9 +415,13 @@ class TestRSASignature(object):
             signer.update(b"more data")
 
     def test_unsupported_padding(self, backend):
-        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
         with pytest.raises(exceptions.UnsupportedAsymmetricPadding):
-            private_key.signer(FakePadding(), hashes.SHA1(), backend)
+            private_key.signer(DummyPadding(), hashes.SHA1(), backend)
 
     def test_padding_incorrect_type(self, backend):
         private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
-- 
cgit v1.2.3


From a33df8ed655b507e72bdb4aab377dcf7a81954c5 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 15:05:37 -0600
Subject: fix pep8

---
 tests/hazmat/primitives/test_rsa.py | 1 -
 1 file changed, 1 deletion(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 11fb3729..8229b76b 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -398,7 +398,6 @@ class TestRSASignature(object):
     def test_pkcs1v15_signing(self, pkcs1_example, backend):
         private, public, example = pkcs1_example
         private_key = rsa.RSAPrivateKey(**private)
-        public_key = rsa.RSAPublicKey(**public)
         signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
         signer.update(binascii.unhexlify(example["message"]))
         signature = signer.finalize()
-- 
cgit v1.2.3


From dff1d43d0ae65da599eb60f99d411112b39fc8e9 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 15:09:56 -0600
Subject: add basic multibackend so we can do signatures using default_backend

---
 tests/hazmat/backends/test_multibackend.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'tests')

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index ce77ce2f..e3f83d3a 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -20,6 +20,7 @@ from cryptography.hazmat.backends.interfaces import (
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import hashes, hmac
+from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 
 
@@ -85,6 +86,9 @@ class DummyRSABackend(object):
     def generate_rsa_private_key(self, public_exponent, private_key):
         pass
 
+    def create_rsa_signature_ctx(self, private_key, padding, algorithm):
+        pass
+
 
 class TestMultiBackend(object):
     def test_ciphers(self):
@@ -158,6 +162,13 @@ class TestMultiBackend(object):
             key_size=1024, public_exponent=65537
         )
 
+        backend.create_rsa_signature_ctx("private_key", padding.PKCS1(),
+                                         hashes.MD5())
+
         backend = MultiBackend([])
         with pytest.raises(UnsupportedAlgorithm):
             backend.generate_rsa_private_key(key_size=1024, public_exponent=3)
+
+        with pytest.raises(UnsupportedAlgorithm):
+            backend.create_rsa_signature_ctx("private_key", padding.PKCS1(),
+                                             hashes.MD5())
-- 
cgit v1.2.3


From 0849575a216238410853f97780bb8646688078b9 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 15:11:14 -0600
Subject: keyword args

---
 tests/hazmat/primitives/test_rsa.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 8229b76b..14c3acf0 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -404,7 +404,11 @@ class TestRSASignature(object):
         assert binascii.hexlify(signature) == example["signature"]
 
     def test_use_after_finalize(self, backend):
-        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
         signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
         signer.update(b"sign me")
         signer.finalize()
-- 
cgit v1.2.3


From 8dd9713ae2a69a3e870275c088df08ce2a50dce9 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 23 Feb 2014 19:26:05 -0600
Subject: incorporate review feedback. kwarg!

---
 tests/hazmat/primitives/test_rsa.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 14c3acf0..d190ea95 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -397,7 +397,16 @@ class TestRSASignature(object):
     )
     def test_pkcs1v15_signing(self, pkcs1_example, backend):
         private, public, example = pkcs1_example
-        private_key = rsa.RSAPrivateKey(**private)
+        private_key = rsa.RSAPrivateKey(
+            p=private["p"],
+            q=private["q"],
+            private_exponent=private["private_exponent"],
+            dmp1=private["dmp1"],
+            dmq1=private["dmq1"],
+            iqmp=private["iqmp"],
+            public_exponent=private["public_exponent"],
+            modulus=private["modulus"]
+        )
         signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
         signer.update(binascii.unhexlify(example["message"]))
         signature = signer.finalize()
-- 
cgit v1.2.3


From 0377f5a78de949f2f1e719ac89cf8b98b910bf81 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 24 Feb 2014 19:04:46 -0600
Subject: rename PKCS1->PKCS1v15 &
 UnsupportedAsymmetricPadding->UnsupportedPadding

---
 tests/hazmat/primitives/test_rsa.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index d190ea95..c66a1581 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -407,7 +407,7 @@ class TestRSASignature(object):
             public_exponent=private["public_exponent"],
             modulus=private["modulus"]
         )
-        signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
+        signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend)
         signer.update(binascii.unhexlify(example["message"]))
         signature = signer.finalize()
         assert binascii.hexlify(signature) == example["signature"]
@@ -418,7 +418,7 @@ class TestRSASignature(object):
             key_size=512,
             backend=backend
         )
-        signer = private_key.signer(padding.PKCS1(), hashes.SHA1(), backend)
+        signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1(), backend)
         signer.update(b"sign me")
         signer.finalize()
         with pytest.raises(exceptions.AlreadyFinalized):
@@ -432,7 +432,7 @@ class TestRSASignature(object):
             key_size=512,
             backend=backend
         )
-        with pytest.raises(exceptions.UnsupportedAsymmetricPadding):
+        with pytest.raises(exceptions.UnsupportedPadding):
             private_key.signer(DummyPadding(), hashes.SHA1(), backend)
 
     def test_padding_incorrect_type(self, backend):
-- 
cgit v1.2.3


From bfba58bf535048d9b29fd2b7b6044695aa02a4c7 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 24 Feb 2014 19:32:57 -0600
Subject: update multibackend with new PKCS1v15 class name

---
 tests/hazmat/backends/test_multibackend.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'tests')

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index e3f83d3a..be1e76e2 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -162,7 +162,7 @@ class TestMultiBackend(object):
             key_size=1024, public_exponent=65537
         )
 
-        backend.create_rsa_signature_ctx("private_key", padding.PKCS1(),
+        backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(),
                                          hashes.MD5())
 
         backend = MultiBackend([])
@@ -170,5 +170,5 @@ class TestMultiBackend(object):
             backend.generate_rsa_private_key(key_size=1024, public_exponent=3)
 
         with pytest.raises(UnsupportedAlgorithm):
-            backend.create_rsa_signature_ctx("private_key", padding.PKCS1(),
+            backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(),
                                              hashes.MD5())
-- 
cgit v1.2.3


From 49e4c9c4f72311070aa444d7c35cfc27453e4ad9 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 24 Feb 2014 21:21:08 -0600
Subject: more kwargs

---
 tests/hazmat/primitives/test_rsa.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index c66a1581..647c51b4 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -436,6 +436,10 @@ class TestRSASignature(object):
             private_key.signer(DummyPadding(), hashes.SHA1(), backend)
 
     def test_padding_incorrect_type(self, backend):
-        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
         with pytest.raises(TypeError):
             private_key.signer("notpadding", hashes.SHA1(), backend)
-- 
cgit v1.2.3