From 69aeb49a817d9a7437e238fc60b0be14a939be4f Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 30 Oct 2013 11:35:37 -0700 Subject: Reduce the surface of the primitive hash interface. Add more interfaces, drop direct hashlib compatibility. --- tests/hazmat/primitives/test_hashes.py | 14 +++++--------- tests/hazmat/primitives/utils.py | 26 +++++++++++++------------- 2 files changed, 18 insertions(+), 22 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 797fe4ff..c7a18b83 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -27,21 +27,17 @@ from .utils import generate_base_hash_test class TestBaseHash(object): def test_base_hash_reject_unicode(self, backend): - m = hashes.SHA1(backend=backend) + m = hashes.Hash(hashes.SHA1, backend=backend) with pytest.raises(TypeError): m.update(six.u("\u00FC")) - def test_base_hash_hexdigest_string_type(self, backend): - m = hashes.SHA1(backend=backend, data=b"") - assert isinstance(m.hexdigest(), str) - class TestCopyHash(object): def test_copy_backend_object(self): pretend_hashes = pretend.stub(copy_ctx=lambda a: "copiedctx") pretend_backend = pretend.stub(hashes=pretend_hashes) pretend_ctx = pretend.stub() - h = hashes.SHA1(backend=pretend_backend, ctx=pretend_ctx) + h = hashes.Hash(hashes.SHA1, backend=pretend_backend, ctx=pretend_ctx) assert h._backend is pretend_backend assert h.copy()._backend is h._backend @@ -51,7 +47,7 @@ class TestDefaultBackendSHA1(object): """ This test assumes the presence of SHA1 in the default backend. """ - h = hashes.SHA1() + h = hashes.Hash(hashes.SHA1) assert h._backend is _default_backend @@ -90,7 +86,7 @@ class TestSHA384(object): hashes.SHA384, digest_size=48, block_size=128, - only_if=lambda backend: backend.hashes.supported(hashes.SHA384), + only_if=lambda backend: backend.hashes.supported(hashes.SHA384), skip_message="Does not support SHA384", ) @@ -120,7 +116,7 @@ class TestWhirlpool(object): hashes.Whirlpool, digest_size=64, block_size=64, - only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), + only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), skip_message="Does not support Whirlpool", ) diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index c51fef52..c02d1926 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -4,6 +4,7 @@ import os import pytest from cryptography.hazmat.bindings import _ALL_BACKENDS +from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import hmac from cryptography.hazmat.primitives.block import BlockCipher @@ -70,21 +71,19 @@ def hash_test(backend, hash_cls, params, only_if, skip_message): pytest.skip(skip_message) msg = params[0] md = params[1] - m = hash_cls(backend=backend) + m = hashes.Hash(hash_cls, backend=backend) m.update(binascii.unhexlify(msg)) - assert m.hexdigest() == md.replace(" ", "").lower() - digst = hash_cls(backend=backend, data=binascii.unhexlify(msg)).hexdigest() - assert digst == md.replace(" ", "").lower() + assert m.finalize() == binascii.unhexlify(md.replace(" ", "").lower()) -def generate_base_hash_test(hash_cls, digest_size, block_size, +def generate_base_hash_test(algorithm, digest_size, block_size, only_if=None, skip_message=None): def test_base_hash(self): for backend in _ALL_BACKENDS: yield ( base_hash_test, backend, - hash_cls, + algorithm, digest_size, block_size, only_if, @@ -93,13 +92,14 @@ def generate_base_hash_test(hash_cls, digest_size, block_size, return test_base_hash -def base_hash_test(backend, digestmod, digest_size, block_size, only_if, +def base_hash_test(backend, algorithm, digest_size, block_size, only_if, skip_message): if only_if is not None and not only_if(backend): pytest.skip(skip_message) - m = digestmod(backend=backend) - assert m.digest_size == digest_size - assert m.block_size == block_size + + m = hashes.Hash(algorithm, backend=backend) + assert m.algorithm.digest_size == digest_size + assert m.algorithm.block_size == block_size m_copy = m.copy() assert m != m_copy assert m._ctx != m_copy._ctx @@ -120,12 +120,12 @@ def generate_long_string_hash_test(hash_factory, md, only_if=None, return test_long_string_hash -def long_string_hash_test(backend, hash_factory, md, only_if, skip_message): +def long_string_hash_test(backend, algorithm, md, only_if, skip_message): if only_if is not None and not only_if(backend): pytest.skip(skip_message) - m = hash_factory(backend=backend) + m = hashes.Hash(algorithm, backend=backend) m.update(b"a" * 1000000) - assert m.hexdigest() == md.lower() + assert m.finalize() == binascii.unhexlify(md.lower()) def generate_hmac_test(param_loader, path, file_names, digestmod, -- cgit v1.2.3 From 71102d8a98b940d1d70fd47f7d87989c07650ee2 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 30 Oct 2013 15:21:12 -0700 Subject: Fix python3 compatibility and pep8 --- tests/hazmat/primitives/test_hashes.py | 4 ++-- tests/hazmat/primitives/utils.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index c7a18b83..43a0f448 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -86,7 +86,7 @@ class TestSHA384(object): hashes.SHA384, digest_size=48, block_size=128, - only_if=lambda backend: backend.hashes.supported(hashes.SHA384), + only_if=lambda backend: backend.hashes.supported(hashes.SHA384), skip_message="Does not support SHA384", ) @@ -116,7 +116,7 @@ class TestWhirlpool(object): hashes.Whirlpool, digest_size=64, block_size=64, - only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), + only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), skip_message="Does not support Whirlpool", ) diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index c02d1926..9ae8d217 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -125,7 +125,7 @@ def long_string_hash_test(backend, algorithm, md, only_if, skip_message): pytest.skip(skip_message) m = hashes.Hash(algorithm, backend=backend) m.update(b"a" * 1000000) - assert m.finalize() == binascii.unhexlify(md.lower()) + assert m.finalize() == binascii.unhexlify(md.lower().encode('ascii')) def generate_hmac_test(param_loader, path, file_names, digestmod, -- cgit v1.2.3 From b7c46effc66d0181dec1090ada7d6864a84540d8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 30 Oct 2013 14:45:43 -0500 Subject: blowfish support + test vectors Vectors sourced from https://www.schneier.com/code/vectors.txt but reformatted to comply with our NIST loader --- tests/hazmat/primitives/test_blowfish.py | 56 ++++ .../primitives/vectors/ciphers/Blowfish/bf-cbc.txt | 11 + .../primitives/vectors/ciphers/Blowfish/bf-cfb.txt | 10 + .../primitives/vectors/ciphers/Blowfish/bf-ecb.txt | 298 +++++++++++++++++++++ .../primitives/vectors/ciphers/Blowfish/bf-ofb.txt | 10 + 5 files changed, 385 insertions(+) create mode 100644 tests/hazmat/primitives/test_blowfish.py create mode 100644 tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cbc.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cfb.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ecb.txt create mode 100644 tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ofb.txt (limited to 'tests') diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py new file mode 100644 index 00000000..64ce5175 --- /dev/null +++ b/tests/hazmat/primitives/test_blowfish.py @@ -0,0 +1,56 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import binascii +import os + +from cryptography.hazmat.primitives.block import ciphers, modes + +from .utils import generate_encrypt_test +from ...utils import load_nist_vectors_from_file + + +class TestBlowfish(object): + test_ECB = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("ciphers", "Blowfish"), + ["bf-ecb.txt"], + lambda key: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key: modes.ECB(), + ) + + test_CBC = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("ciphers", "Blowfish"), + ["bf-cbc.txt"], + lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: modes.CBC(binascii.unhexlify(iv)), + ) + + test_OFB = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("ciphers", "Blowfish"), + ["bf-ofb.txt"], + lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: modes.OFB(binascii.unhexlify(iv)), + ) + + test_CFB = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("ciphers", "Blowfish"), + ["bf-cfb.txt"], + lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), + lambda key, iv: modes.CFB(binascii.unhexlify(iv)), + ) diff --git a/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cbc.txt b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cbc.txt new file mode 100644 index 00000000..184d9565 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cbc.txt @@ -0,0 +1,11 @@ +# Reformatted from https://www.schneier.com/code/vectors.txt +# to look like the NIST vectors + +[ENCRYPT] + +COUNT = 0 +KEY = 0123456789ABCDEFF0E1D2C3B4A59687 +IV = FEDCBA9876543210 +# this pt is implicitly padded with null bytes for CBC +PLAINTEXT = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +CIPHERTEXT = 6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC diff --git a/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cfb.txt b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cfb.txt new file mode 100644 index 00000000..8a326f50 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-cfb.txt @@ -0,0 +1,10 @@ +# Reformatted from https://www.schneier.com/code/vectors.txt +# to look like the NIST vectors + +[ENCRYPT] + +COUNT = 0 +KEY = 0123456789ABCDEFF0E1D2C3B4A59687 +IV = FEDCBA9876543210 +PLAINTEXT = 37363534333231204E6F77206973207468652074696D6520666F722000 +CIPHERTEXT = E73214A2822139CAF26ECF6D2EB9E76E3DA3DE04D1517200519D57A6C3 diff --git a/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ecb.txt b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ecb.txt new file mode 100644 index 00000000..bb18a5a3 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ecb.txt @@ -0,0 +1,298 @@ +# Reformatted from https://www.schneier.com/code/vectors.txt +# to look like the NIST vectors + +[ENCRYPT] + +COUNT = 0 +KEY = 0000000000000000 +PLAINTEXT = 0000000000000000 +CIPHERTEXT = 4EF997456198DD78 + +COUNT = 1 +KEY = FFFFFFFFFFFFFFFF +PLAINTEXT = FFFFFFFFFFFFFFFF +CIPHERTEXT = 51866FD5B85ECB8A + +COUNT = 2 +KEY = 3000000000000000 +PLAINTEXT = 1000000000000001 +CIPHERTEXT = 7D856F9A613063F2 + +COUNT = 3 +KEY = 1111111111111111 +PLAINTEXT = 1111111111111111 +CIPHERTEXT = 2466DD878B963C9D + +COUNT = 4 +KEY = 0123456789ABCDEF +PLAINTEXT = 1111111111111111 +CIPHERTEXT = 61F9C3802281B096 + +COUNT = 5 +KEY = 1111111111111111 +PLAINTEXT = 0123456789ABCDEF +CIPHERTEXT = 7D0CC630AFDA1EC7 + +COUNT = 6 +KEY = 0000000000000000 +PLAINTEXT = 0000000000000000 +CIPHERTEXT = 4EF997456198DD78 + +COUNT = 7 +KEY = FEDCBA9876543210 +PLAINTEXT = 0123456789ABCDEF +CIPHERTEXT = 0ACEAB0FC6A0A28D + +COUNT = 8 +KEY = 7CA110454A1A6E57 +PLAINTEXT = 01A1D6D039776742 +CIPHERTEXT = 59C68245EB05282B + +COUNT = 9 +KEY = 0131D9619DC1376E +PLAINTEXT = 5CD54CA83DEF57DA +CIPHERTEXT = B1B8CC0B250F09A0 + +COUNT = 10 +KEY = 07A1133E4A0B2686 +PLAINTEXT = 0248D43806F67172 +CIPHERTEXT = 1730E5778BEA1DA4 + +COUNT = 11 +KEY = 3849674C2602319E +PLAINTEXT = 51454B582DDF440A +CIPHERTEXT = A25E7856CF2651EB + +COUNT = 12 +KEY = 04B915BA43FEB5B6 +PLAINTEXT = 42FD443059577FA2 +CIPHERTEXT = 353882B109CE8F1A + +COUNT = 13 +KEY = 0113B970FD34F2CE +PLAINTEXT = 059B5E0851CF143A +CIPHERTEXT = 48F4D0884C379918 + +COUNT = 14 +KEY = 0170F175468FB5E6 +PLAINTEXT = 0756D8E0774761D2 +CIPHERTEXT = 432193B78951FC98 + +COUNT = 15 +KEY = 43297FAD38E373FE +PLAINTEXT = 762514B829BF486A +CIPHERTEXT = 13F04154D69D1AE5 + +COUNT = 16 +KEY = 07A7137045DA2A16 +PLAINTEXT = 3BDD119049372802 +CIPHERTEXT = 2EEDDA93FFD39C79 + +COUNT = 17 +KEY = 04689104C2FD3B2F +PLAINTEXT = 26955F6835AF609A +CIPHERTEXT = D887E0393C2DA6E3 + +COUNT = 18 +KEY = 37D06BB516CB7546 +PLAINTEXT = 164D5E404F275232 +CIPHERTEXT = 5F99D04F5B163969 + +COUNT = 19 +KEY = 1F08260D1AC2465E +PLAINTEXT = 6B056E18759F5CCA +CIPHERTEXT = 4A057A3B24D3977B + +COUNT = 20 +KEY = 584023641ABA6176 +PLAINTEXT = 004BD6EF09176062 +CIPHERTEXT = 452031C1E4FADA8E + +COUNT = 21 +KEY = 025816164629B007 +PLAINTEXT = 480D39006EE762F2 +CIPHERTEXT = 7555AE39F59B87BD + +COUNT = 22 +KEY = 49793EBC79B3258F +PLAINTEXT = 437540C8698F3CFA +CIPHERTEXT = 53C55F9CB49FC019 + +COUNT = 23 +KEY = 4FB05E1515AB73A7 +PLAINTEXT = 072D43A077075292 +CIPHERTEXT = 7A8E7BFA937E89A3 + +COUNT = 24 +KEY = 49E95D6D4CA229BF +PLAINTEXT = 02FE55778117F12A +CIPHERTEXT = CF9C5D7A4986ADB5 + +COUNT = 25 +KEY = 018310DC409B26D6 +PLAINTEXT = 1D9D5C5018F728C2 +CIPHERTEXT = D1ABB290658BC778 + +COUNT = 26 +KEY = 1C587F1C13924FEF +PLAINTEXT = 305532286D6F295A +CIPHERTEXT = 55CB3774D13EF201 + +COUNT = 27 +KEY = 0101010101010101 +PLAINTEXT = 0123456789ABCDEF +CIPHERTEXT = FA34EC4847B268B2 + +COUNT = 28 +KEY = 1F1F1F1F0E0E0E0E +PLAINTEXT = 0123456789ABCDEF +CIPHERTEXT = A790795108EA3CAE + +COUNT = 29 +KEY = E0FEE0FEF1FEF1FE +PLAINTEXT = 0123456789ABCDEF +CIPHERTEXT = C39E072D9FAC631D + +COUNT = 30 +KEY = 0000000000000000 +PLAINTEXT = FFFFFFFFFFFFFFFF +CIPHERTEXT = 014933E0CDAFF6E4 + +COUNT = 31 +KEY = FFFFFFFFFFFFFFFF +PLAINTEXT = 0000000000000000 +CIPHERTEXT = F21E9A77B71C49BC + +COUNT = 32 +KEY = 0123456789ABCDEF +PLAINTEXT = 0000000000000000 +CIPHERTEXT = 245946885754369A + +COUNT = 33 +KEY = FEDCBA9876543210 +PLAINTEXT = FFFFFFFFFFFFFFFF +CIPHERTEXT = 6B5C5A9C5D9E0A5A + +# Blowfish is specified for key lengths 32-448 bit +# This an 8-bit key +# COUNT = 34 +# KEY = F0 +# PLAINTEXT = FEDCBA9876543210 +# CIPHERTEXT = F9AD597C49DB005E + +# This a 16-bit key +# COUNT = 35 +# KEY = F0E1 +# PLAINTEXT = FEDCBA9876543210 +# CIPHERTEXT = E91D21C1D961A6D6 + +# This a 24-bit key +# COUNT = 36 +# KEY = F0E1D2 +# PLAINTEXT = FEDCBA9876543210 +# CIPHERTEXT = E9C2B70A1BC65CF3 + +COUNT = 37 +KEY = F0E1D2C3 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = BE1E639408640F05 + +COUNT = 38 +KEY = F0E1D2C3B4 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = B39E44481BDB1E6E + +COUNT = 39 +KEY = F0E1D2C3B4A5 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 9457AA83B1928C0D + +COUNT = 40 +KEY = F0E1D2C3B4A596 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 8BB77032F960629D + +COUNT = 41 +KEY = F0E1D2C3B4A59687 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = E87A244E2CC85E82 + +COUNT = 42 +KEY = F0E1D2C3B4A5968778 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 15750E7A4F4EC577 + +COUNT = 43 +KEY = F0E1D2C3B4A596877869 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 122BA70B3AB64AE0 + +COUNT = 44 +KEY = F0E1D2C3B4A5968778695A +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 3A833C9AFFC537F6 + +COUNT = 45 +KEY = F0E1D2C3B4A5968778695A4B +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 9409DA87A90F6BF2 + +COUNT = 46 +KEY = F0E1D2C3B4A5968778695A4B3C +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 884F80625060B8B4 + +COUNT = 47 +KEY = F0E1D2C3B4A5968778695A4B3C2D +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 1F85031C19E11968 + +COUNT = 48 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 79D9373A714CA34F + +COUNT = 49 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 93142887EE3BE15C + +COUNT = 50 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F00 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 03429E838CE2D14B + +COUNT = 51 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F0011 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = A4299E27469FF67B + +COUNT = 52 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F001122 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = AFD5AED1C1BC96A8 + +COUNT = 53 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F00112233 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 10851C0E3858DA9F + +COUNT = 54 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F0011223344 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = E6F51ED79B9DB21F + +COUNT = 55 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F001122334455 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 64A6E14AFD36B46F + +COUNT = 56 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F00112233445566 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 80C7D7D45A5479AD + +COUNT = 57 +KEY = F0E1D2C3B4A5968778695A4B3C2D1E0F0011223344556677 +PLAINTEXT = FEDCBA9876543210 +CIPHERTEXT = 05044B62FA52D080 diff --git a/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ofb.txt b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ofb.txt new file mode 100644 index 00000000..21a74218 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/Blowfish/bf-ofb.txt @@ -0,0 +1,10 @@ +# Reformatted from https://www.schneier.com/code/vectors.txt +# to look like the NIST vectors + +[ENCRYPT] + +COUNT = 0 +KEY = 0123456789ABCDEFF0E1D2C3B4A59687 +IV = FEDCBA9876543210 +PLAINTEXT = 37363534333231204E6F77206973207468652074696D6520666F722000 +CIPHERTEXT = E73214A2822139CA62B343CC5B65587310DD908D0C241B2263C2CF80DA -- cgit v1.2.3 From 6b7610d240b99c93c3f41fa4868eb0bcc3fa8a2b Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 30 Oct 2013 15:08:00 -0500 Subject: add blowfish cipher key_size tests --- tests/hazmat/primitives/test_ciphers.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index 26b297a2..2a20eb7a 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -18,7 +18,7 @@ import binascii import pytest from cryptography.hazmat.primitives.block.ciphers import ( - AES, Camellia, TripleDES, + AES, Camellia, TripleDES, Blowfish ) @@ -65,3 +65,16 @@ class TestTripleDES(object): def test_invalid_key_size(self): with pytest.raises(ValueError): TripleDES(binascii.unhexlify(b"0" * 12)) + + +class TestBlowfish(object): + @pytest.mark.parametrize(("key", "keysize"), [ + (b"0" * (keysize // 4), keysize) for keysize in range(32, 449, 8) + ]) + def test_key_size(self, key, keysize): + cipher = Blowfish(binascii.unhexlify(key)) + assert cipher.key_size == keysize + + def test_invalid_key_size(self): + with pytest.raises(ValueError): + Blowfish(binascii.unhexlify(b"0" * 6)) -- cgit v1.2.3 From c3d029f2de71f74efe8ab6caf6ea9604a83a0531 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 31 Oct 2013 14:06:14 -0700 Subject: Fix python3 compat for the hash_test. --- tests/hazmat/primitives/utils.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 9ae8d217..f5629561 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -73,7 +73,8 @@ def hash_test(backend, hash_cls, params, only_if, skip_message): md = params[1] m = hashes.Hash(hash_cls, backend=backend) m.update(binascii.unhexlify(msg)) - assert m.finalize() == binascii.unhexlify(md.replace(" ", "").lower()) + expected_md = md.replace(" ", "").lower().encode("ascii") + assert m.finalize() == binascii.unhexlify(expected_md) def generate_base_hash_test(algorithm, digest_size, block_size, @@ -125,7 +126,7 @@ def long_string_hash_test(backend, algorithm, md, only_if, skip_message): pytest.skip(skip_message) m = hashes.Hash(algorithm, backend=backend) m.update(b"a" * 1000000) - assert m.finalize() == binascii.unhexlify(md.lower().encode('ascii')) + assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) def generate_hmac_test(param_loader, path, file_names, digestmod, -- cgit v1.2.3 From bb0d3f0f2d064f4674793f2e0d8e9a3f04ad3ef1 Mon Sep 17 00:00:00 2001 From: David Reid Date: Thu, 31 Oct 2013 15:22:49 -0700 Subject: Enforce that Hash takes a HashAlgorithm instance. --- tests/hazmat/primitives/test_hash_vectors.py | 20 ++++++++-------- tests/hazmat/primitives/test_hashes.py | 35 ++++++++++++++-------------- tests/hazmat/primitives/utils.py | 4 ++-- 3 files changed, 30 insertions(+), 29 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index 5c3e72d4..fca839c7 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -29,7 +29,7 @@ class TestSHA1(object): "SHA1LongMsg.rsp", "SHA1ShortMsg.rsp", ], - hashes.SHA1, + hashes.SHA1(), only_if=lambda backend: backend.hashes.supported(hashes.SHA1), skip_message="Does not support SHA1", ) @@ -43,7 +43,7 @@ class TestSHA224(object): "SHA224LongMsg.rsp", "SHA224ShortMsg.rsp", ], - hashes.SHA224, + hashes.SHA224(), only_if=lambda backend: backend.hashes.supported(hashes.SHA224), skip_message="Does not support SHA224", ) @@ -57,7 +57,7 @@ class TestSHA256(object): "SHA256LongMsg.rsp", "SHA256ShortMsg.rsp", ], - hashes.SHA256, + hashes.SHA256(), only_if=lambda backend: backend.hashes.supported(hashes.SHA256), skip_message="Does not support SHA256", ) @@ -71,7 +71,7 @@ class TestSHA384(object): "SHA384LongMsg.rsp", "SHA384ShortMsg.rsp", ], - hashes.SHA384, + hashes.SHA384(), only_if=lambda backend: backend.hashes.supported(hashes.SHA384), skip_message="Does not support SHA384", ) @@ -85,7 +85,7 @@ class TestSHA512(object): "SHA512LongMsg.rsp", "SHA512ShortMsg.rsp", ], - hashes.SHA512, + hashes.SHA512(), only_if=lambda backend: backend.hashes.supported(hashes.SHA512), skip_message="Does not support SHA512", ) @@ -98,13 +98,13 @@ class TestRIPEMD160(object): [ "ripevectors.txt", ], - hashes.RIPEMD160, + hashes.RIPEMD160(), only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160), skip_message="Does not support RIPEMD160", ) test_RIPEMD160_long_string = generate_long_string_hash_test( - hashes.RIPEMD160, + hashes.RIPEMD160(), "52783243c1697bdbe16d37f97f68f08325dc1528", only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160), skip_message="Does not support RIPEMD160", @@ -118,13 +118,13 @@ class TestWhirlpool(object): [ "iso-test-vectors.txt", ], - hashes.Whirlpool, + hashes.Whirlpool(), only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), skip_message="Does not support Whirlpool", ) test_whirlpool_long_string = generate_long_string_hash_test( - hashes.Whirlpool, + hashes.Whirlpool(), ("0c99005beb57eff50a7cf005560ddf5d29057fd86b2" "0bfd62deca0f1ccea4af51fc15490eddc47af32bb2b" "66c34ff9ad8c6008ad677f77126953b226e4ed8b01"), @@ -140,7 +140,7 @@ class TestMD5(object): [ "rfc-1321.txt", ], - hashes.MD5, + hashes.MD5(), only_if=lambda backend: backend.hashes.supported(hashes.MD5), skip_message="Does not support MD5", ) diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 43a0f448..07ab2489 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -25,35 +25,36 @@ from cryptography.hazmat.primitives import hashes from .utils import generate_base_hash_test -class TestBaseHash(object): - def test_base_hash_reject_unicode(self, backend): - m = hashes.Hash(hashes.SHA1, backend=backend) +class TestHashContext(object): + def test_hash_reject_unicode(self, backend): + m = hashes.Hash(hashes.SHA1(), backend=backend) with pytest.raises(TypeError): m.update(six.u("\u00FC")) - -class TestCopyHash(object): def test_copy_backend_object(self): pretend_hashes = pretend.stub(copy_ctx=lambda a: "copiedctx") pretend_backend = pretend.stub(hashes=pretend_hashes) pretend_ctx = pretend.stub() - h = hashes.Hash(hashes.SHA1, backend=pretend_backend, ctx=pretend_ctx) + h = hashes.Hash(hashes.SHA1(), backend=pretend_backend, + ctx=pretend_ctx) assert h._backend is pretend_backend assert h.copy()._backend is h._backend - -class TestDefaultBackendSHA1(object): def test_default_backend_creation(self): """ This test assumes the presence of SHA1 in the default backend. """ - h = hashes.Hash(hashes.SHA1) + h = hashes.Hash(hashes.SHA1()) assert h._backend is _default_backend + def test_hash_algorithm_instance(self): + with pytest.raises(TypeError): + hashes.Hash(hashes.SHA1) + class TestSHA1(object): test_SHA1 = generate_base_hash_test( - hashes.SHA1, + hashes.SHA1(), digest_size=20, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.SHA1), @@ -63,7 +64,7 @@ class TestSHA1(object): class TestSHA224(object): test_SHA224 = generate_base_hash_test( - hashes.SHA224, + hashes.SHA224(), digest_size=28, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.SHA224), @@ -73,7 +74,7 @@ class TestSHA224(object): class TestSHA256(object): test_SHA256 = generate_base_hash_test( - hashes.SHA256, + hashes.SHA256(), digest_size=32, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.SHA256), @@ -83,7 +84,7 @@ class TestSHA256(object): class TestSHA384(object): test_SHA384 = generate_base_hash_test( - hashes.SHA384, + hashes.SHA384(), digest_size=48, block_size=128, only_if=lambda backend: backend.hashes.supported(hashes.SHA384), @@ -93,7 +94,7 @@ class TestSHA384(object): class TestSHA512(object): test_SHA512 = generate_base_hash_test( - hashes.SHA512, + hashes.SHA512(), digest_size=64, block_size=128, only_if=lambda backend: backend.hashes.supported(hashes.SHA512), @@ -103,7 +104,7 @@ class TestSHA512(object): class TestRIPEMD160(object): test_RIPEMD160 = generate_base_hash_test( - hashes.RIPEMD160, + hashes.RIPEMD160(), digest_size=20, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160), @@ -113,7 +114,7 @@ class TestRIPEMD160(object): class TestWhirlpool(object): test_Whirlpool = generate_base_hash_test( - hashes.Whirlpool, + hashes.Whirlpool(), digest_size=64, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.Whirlpool), @@ -123,7 +124,7 @@ class TestWhirlpool(object): class TestMD5(object): test_MD5 = generate_base_hash_test( - hashes.MD5, + hashes.MD5(), digest_size=16, block_size=64, only_if=lambda backend: backend.hashes.supported(hashes.MD5), diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index f5629561..efc5fbf0 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -66,12 +66,12 @@ def generate_hash_test(param_loader, path, file_names, hash_cls, return test_hash -def hash_test(backend, hash_cls, params, only_if, skip_message): +def hash_test(backend, algorithm, params, only_if, skip_message): if only_if is not None and not only_if(backend): pytest.skip(skip_message) msg = params[0] md = params[1] - m = hashes.Hash(hash_cls, backend=backend) + m = hashes.Hash(algorithm, backend=backend) m.update(binascii.unhexlify(msg)) expected_md = md.replace(" ", "").lower().encode("ascii") assert m.finalize() == binascii.unhexlify(expected_md) -- cgit v1.2.3 From b47f6e1a9f8389224b80b5c3489bafa9e0b57273 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 30 Oct 2013 16:47:06 -0500 Subject: CAST5 support + ECB vectors --- tests/hazmat/primitives/test_cast5.py | 38 ++++++++++++++++++++++ tests/hazmat/primitives/test_ciphers.py | 15 ++++++++- .../primitives/vectors/ciphers/CAST5/cast5-ecb.txt | 19 +++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 tests/hazmat/primitives/test_cast5.py create mode 100644 tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ecb.txt (limited to 'tests') diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py new file mode 100644 index 00000000..bd861150 --- /dev/null +++ b/tests/hazmat/primitives/test_cast5.py @@ -0,0 +1,38 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import binascii +import os + +from cryptography.hazmat.primitives.block import ciphers, modes + +from .utils import generate_encrypt_test +from ...utils import load_nist_vectors_from_file + + +class TestCAST5(object): + test_ECB = generate_encrypt_test( + lambda path: load_nist_vectors_from_file(path, "ENCRYPT"), + os.path.join("ciphers", "CAST5"), + [ + "cast5-ecb.txt", + ], + lambda key: ciphers.CAST5(binascii.unhexlify((key))), + lambda key: modes.ECB(), + only_if=lambda backend: backend.ciphers.supported( + ciphers.CAST5("\x00" * 16), modes.ECB() + ), + skip_message="Does not support CAST5 ECB", + ) diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index 2a20eb7a..d3870a0b 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -18,7 +18,7 @@ import binascii import pytest from cryptography.hazmat.primitives.block.ciphers import ( - AES, Camellia, TripleDES, Blowfish + AES, Camellia, TripleDES, Blowfish, CAST5 ) @@ -78,3 +78,16 @@ class TestBlowfish(object): def test_invalid_key_size(self): with pytest.raises(ValueError): Blowfish(binascii.unhexlify(b"0" * 6)) + + +class TestCAST5(object): + @pytest.mark.parametrize(("key", "keysize"), [ + (b"0" * (keysize // 4), keysize) for keysize in range(40, 129, 8) + ]) + def test_key_size(self, key, keysize): + cipher = CAST5(binascii.unhexlify(key)) + assert cipher.key_size == keysize + + def test_invalid_key_size(self): + with pytest.raises(ValueError): + CAST5(binascii.unhexlify(b"0" * 34)) diff --git a/tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ecb.txt b/tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ecb.txt new file mode 100644 index 00000000..04c78615 --- /dev/null +++ b/tests/hazmat/primitives/vectors/ciphers/CAST5/cast5-ecb.txt @@ -0,0 +1,19 @@ +# CAST5 (CAST128) ECB vectors from RFC 2144 +[ENCRYPT] +# 128-bit key +COUNT = 0 +key = 0123456712345678234567893456789A +plaintext = 0123456789ABCDEF +ciphertext = 238B4FE5847E44B2 + +# 80-bit key +COUNT = 1 +key = 01234567123456782345 +plaintext = 0123456789ABCDEF +ciphertext = EB6A711A2C02271B + +# 40-bit key +COUNT = 2 +key = 0123456712 +plaintext = 0123456789ABCDEF +ciphertext = 7AC816D16E9B302E -- cgit v1.2.3 From d09f3e1448ee593cff51e9d9f6a923b273b83b4a Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 31 Oct 2013 18:46:44 -0500 Subject: add skipif checks for blowfish --- tests/hazmat/primitives/test_blowfish.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index 64ce5175..cd5e03a4 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -29,6 +29,10 @@ class TestBlowfish(object): ["bf-ecb.txt"], lambda key: ciphers.Blowfish(binascii.unhexlify(key)), lambda key: modes.ECB(), + only_if=lambda backend: backend.ciphers.supported( + ciphers.Blowfish("\x00" * 56), modes.ECB() + ), + skip_message="Does not support Blowfish ECB", ) test_CBC = generate_encrypt_test( @@ -37,6 +41,10 @@ class TestBlowfish(object): ["bf-cbc.txt"], lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CBC(binascii.unhexlify(iv)), + only_if=lambda backend: backend.ciphers.supported( + ciphers.Blowfish("\x00" * 56), modes.CBC("\x00" * 8) + ), + skip_message="Does not support Blowfish CBC", ) test_OFB = generate_encrypt_test( @@ -45,6 +53,10 @@ class TestBlowfish(object): ["bf-ofb.txt"], lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.OFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.ciphers.supported( + ciphers.Blowfish("\x00" * 56), modes.OFB("\x00" * 8) + ), + skip_message="Does not support Blowfish OFB", ) test_CFB = generate_encrypt_test( @@ -53,4 +65,8 @@ class TestBlowfish(object): ["bf-cfb.txt"], lambda key, iv: ciphers.Blowfish(binascii.unhexlify(key)), lambda key, iv: modes.CFB(binascii.unhexlify(iv)), + only_if=lambda backend: backend.ciphers.supported( + ciphers.Blowfish("\x00" * 56), modes.CFB("\x00" * 8) + ), + skip_message="Does not support Blowfish CFB", ) -- cgit v1.2.3 From e3960f62df56bd8931f758026738812bce3c45f2 Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 1 Nov 2013 14:52:16 -0700 Subject: Strip down the HMAC interface to be HashContext. --- tests/hazmat/primitives/test_hmac.py | 15 ++------------- tests/hazmat/primitives/utils.py | 17 +++++++---------- 2 files changed, 9 insertions(+), 23 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 42726a7c..43909024 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -32,26 +32,15 @@ class TestHMAC(object): ) def test_hmac_reject_unicode(self, backend): - h = hmac.HMAC(key=b"mykey", digestmod=hashes.SHA1, backend=backend) + h = hmac.HMAC(b"mykey", hashes.SHA1, backend=backend) with pytest.raises(TypeError): h.update(six.u("\u00FC")) - def test_base_hash_hexdigest_string_type(self, backend): - h = hmac.HMAC(key=b"mykey", digestmod=hashes.SHA1, backend=backend, - msg=b"") - assert isinstance(h.hexdigest(), str) - - def test_hmac_no_digestmod(self): - with pytest.raises(TypeError): - hmac.HMAC(key=b"shortkey") - - -class TestCopyHMAC(object): def test_copy_backend_object(self): pretend_hmac = pretend.stub(copy_ctx=lambda a: True) pretend_backend = pretend.stub(hmacs=pretend_hmac) pretend_ctx = pretend.stub() - h = hmac.HMAC(b"key", digestmod=hashes.SHA1, backend=pretend_backend, + h = hmac.HMAC(b"key", hashes.SHA1, backend=pretend_backend, ctx=pretend_ctx) assert h._backend is pretend_backend assert h.copy()._backend is pretend_backend diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index efc5fbf0..1dfad6e5 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -129,7 +129,7 @@ def long_string_hash_test(backend, algorithm, md, only_if, skip_message): assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) -def generate_hmac_test(param_loader, path, file_names, digestmod, +def generate_hmac_test(param_loader, path, file_names, algorithm, only_if=None, skip_message=None): def test_hmac(self): for backend in _ALL_BACKENDS: @@ -138,7 +138,7 @@ def generate_hmac_test(param_loader, path, file_names, digestmod, yield ( hmac_test, backend, - digestmod, + algorithm, params, only_if, skip_message @@ -146,18 +146,15 @@ def generate_hmac_test(param_loader, path, file_names, digestmod, return test_hmac -def hmac_test(backend, digestmod, params, only_if, skip_message): +def hmac_test(backend, algorithm, params, only_if, skip_message): if only_if is not None and not only_if(backend): pytest.skip(skip_message) msg = params[0] md = params[1] key = params[2] - h = hmac.HMAC(binascii.unhexlify(key), digestmod=digestmod) + h = hmac.HMAC(binascii.unhexlify(key), algorithm) h.update(binascii.unhexlify(msg)) - assert h.hexdigest() == md - digest = hmac.HMAC(binascii.unhexlify(key), digestmod=digestmod, - msg=binascii.unhexlify(msg)).hexdigest() - assert digest == md + assert h.finalize() == binascii.unhexlify(md) def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None): @@ -173,11 +170,11 @@ def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None): return test_base_hmac -def base_hmac_test(backend, digestmod, only_if, skip_message): +def base_hmac_test(backend, algorithm, only_if, skip_message): if only_if is not None and not only_if(backend): pytest.skip(skip_message) key = b"ab" - h = hmac.HMAC(binascii.unhexlify(key), digestmod=digestmod) + h = hmac.HMAC(binascii.unhexlify(key), algorithm) h_copy = h.copy() assert h != h_copy assert h._ctx != h_copy._ctx -- cgit v1.2.3 From b864db11a3577ff6b117f6ce73e43f3c1e7b3e84 Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 1 Nov 2013 15:11:45 -0700 Subject: Enforce HMAC taking an instance of HashAlgorithm --- tests/hazmat/primitives/test_hmac.py | 10 +++++++--- tests/hazmat/primitives/test_hmac_vectors.py | 14 +++++++------- 2 files changed, 14 insertions(+), 10 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index 43909024..bbaabb22 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -26,13 +26,13 @@ from .utils import generate_base_hmac_test class TestHMAC(object): test_copy = generate_base_hmac_test( - hashes.MD5, + hashes.MD5(), only_if=lambda backend: backend.hashes.supported(hashes.MD5), skip_message="Does not support MD5", ) def test_hmac_reject_unicode(self, backend): - h = hmac.HMAC(b"mykey", hashes.SHA1, backend=backend) + h = hmac.HMAC(b"mykey", hashes.SHA1(), backend=backend) with pytest.raises(TypeError): h.update(six.u("\u00FC")) @@ -40,7 +40,11 @@ class TestHMAC(object): pretend_hmac = pretend.stub(copy_ctx=lambda a: True) pretend_backend = pretend.stub(hmacs=pretend_hmac) pretend_ctx = pretend.stub() - h = hmac.HMAC(b"key", hashes.SHA1, backend=pretend_backend, + h = hmac.HMAC(b"key", hashes.SHA1(), backend=pretend_backend, ctx=pretend_ctx) assert h._backend is pretend_backend assert h.copy()._backend is pretend_backend + + def test_hmac_algorithm_instance(self): + with pytest.raises(TypeError): + hmac.HMAC(hashes.SHA1) diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py index 27b45012..52d592b6 100644 --- a/tests/hazmat/primitives/test_hmac_vectors.py +++ b/tests/hazmat/primitives/test_hmac_vectors.py @@ -26,7 +26,7 @@ class TestHMAC_MD5(object): [ "rfc-2202-md5.txt", ], - hashes.MD5, + hashes.MD5(), only_if=lambda backend: backend.hashes.supported(hashes.MD5), skip_message="Does not support MD5", ) @@ -39,7 +39,7 @@ class TestHMAC_SHA1(object): [ "rfc-2202-sha1.txt", ], - hashes.SHA1, + hashes.SHA1(), only_if=lambda backend: backend.hashes.supported(hashes.SHA1), skip_message="Does not support SHA1", ) @@ -52,7 +52,7 @@ class TestHMAC_SHA224(object): [ "rfc-4231-sha224.txt", ], - hashes.SHA224, + hashes.SHA224(), only_if=lambda backend: backend.hashes.supported(hashes.SHA224), skip_message="Does not support SHA224", ) @@ -65,7 +65,7 @@ class TestHMAC_SHA256(object): [ "rfc-4231-sha256.txt", ], - hashes.SHA256, + hashes.SHA256(), only_if=lambda backend: backend.hashes.supported(hashes.SHA256), skip_message="Does not support SHA256", ) @@ -78,7 +78,7 @@ class TestHMAC_SHA384(object): [ "rfc-4231-sha384.txt", ], - hashes.SHA384, + hashes.SHA384(), only_if=lambda backend: backend.hashes.supported(hashes.SHA384), skip_message="Does not support SHA384", ) @@ -91,7 +91,7 @@ class TestHMAC_SHA512(object): [ "rfc-4231-sha512.txt", ], - hashes.SHA512, + hashes.SHA512(), only_if=lambda backend: backend.hashes.supported(hashes.SHA512), skip_message="Does not support SHA512", ) @@ -104,7 +104,7 @@ class TestHMAC_RIPEMD160(object): [ "rfc-2286-ripemd160.txt", ], - hashes.RIPEMD160, + hashes.RIPEMD160(), only_if=lambda backend: backend.hashes.supported(hashes.RIPEMD160), skip_message="Does not support RIPEMD160", ) -- cgit v1.2.3 From 87744771e7ef142bf97b46c399421a504a4ce4ad Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 1 Nov 2013 15:50:39 -0700 Subject: TypeErrors are pretty cool, there are lot of reasons you get them. --- tests/hazmat/primitives/test_hmac.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index bbaabb22..a44838cf 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -47,4 +47,4 @@ class TestHMAC(object): def test_hmac_algorithm_instance(self): with pytest.raises(TypeError): - hmac.HMAC(hashes.SHA1) + hmac.HMAC(b"key", hashes.SHA1) -- cgit v1.2.3 From 753ae19feaf33e4328a707d5588797c2a800c0c7 Mon Sep 17 00:00:00 2001 From: David Reid Date: Fri, 1 Nov 2013 16:28:41 -0700 Subject: Encode Reasons. --- tests/hazmat/primitives/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 1dfad6e5..b4a8a3e6 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -154,7 +154,7 @@ def hmac_test(backend, algorithm, params, only_if, skip_message): key = params[2] h = hmac.HMAC(binascii.unhexlify(key), algorithm) h.update(binascii.unhexlify(msg)) - assert h.finalize() == binascii.unhexlify(md) + assert h.finalize() == binascii.unhexlify(md.encode("ascii")) def generate_base_hmac_test(hash_cls, only_if=None, skip_message=None): -- cgit v1.2.3