add FIPS 186-2/3 signature verification tests for RSA PKCSv15 and PSS

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-03-18 07:54:34 -0400
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-03-19 18:32:30 -0400
commit: 49c8e2146492e83315145f803dfb0b746203e8e4 (patch)
tree: 1ba15a8ccd0c6fee963f893cabd750a61df6c705
parent: 62e18d7873470517c97c0c37be6bc1a81c304d8a (diff)
download: cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.tar.gz
cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.tar.bz2
cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.zip
2 files changed, 127 insertions, 22 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 67b5b2e0..ae0b4538 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -27,7 +27,7 @@ from cryptography.exceptions import (
 from cryptography.hazmat.primitives import hashes, interfaces
 from cryptography.hazmat.primitives.asymmetric import padding, rsa
 
-from .utils import generate_rsa_pss_test
+from .utils import generate_rsa_signature_test
 from ...utils import (
     load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file
 )
@@ -754,14 +754,16 @@ class TestRSAVerification(object):
 )
 @pytest.mark.rsa
 class TestRSAPSSMGF1VerificationSHA1(object):
-    test_rsa_pss_mgf1_sha1 = generate_rsa_pss_test(
+    test_rsa_pss_mgf1_sha1 = generate_rsa_signature_test(
         load_rsa_nist_vectors,
         os.path.join("asymmetric", "RSA", "FIPS_186-2"),
         [
             "SigGenPSS_186-2.rsp",
             "SigGenPSS_186-3.rsp",
+            "SigVerPSS_186-3.rsp",
         ],
-        hashes.SHA1()
+        hashes.SHA1(),
+        padding.PSS
     )
 
 
@@ -771,14 +773,16 @@ class TestRSAPSSMGF1VerificationSHA1(object):
 )
 @pytest.mark.rsa
 class TestRSAPSSMGF1VerificationSHA224(object):
-    test_rsa_pss_mgf1_sha224 = generate_rsa_pss_test(
+    test_rsa_pss_mgf1_sha224 = generate_rsa_signature_test(
         load_rsa_nist_vectors,
         os.path.join("asymmetric", "RSA", "FIPS_186-2"),
         [
             "SigGenPSS_186-2.rsp",
             "SigGenPSS_186-3.rsp",
+            "SigVerPSS_186-3.rsp",
         ],
-        hashes.SHA224()
+        hashes.SHA224(),
+        padding.PSS
     )
 
 
@@ -788,14 +792,16 @@ class TestRSAPSSMGF1VerificationSHA224(object):
 )
 @pytest.mark.rsa
 class TestRSAPSSMGF1VerificationSHA256(object):
-    test_rsa_pss_mgf1_sha256 = generate_rsa_pss_test(
+    test_rsa_pss_mgf1_sha256 = generate_rsa_signature_test(
         load_rsa_nist_vectors,
         os.path.join("asymmetric", "RSA", "FIPS_186-2"),
         [
             "SigGenPSS_186-2.rsp",
             "SigGenPSS_186-3.rsp",
+            "SigVerPSS_186-3.rsp",
         ],
-        hashes.SHA256()
+        hashes.SHA256(),
+        padding.PSS
     )
 
 
@@ -805,14 +811,16 @@ class TestRSAPSSMGF1VerificationSHA256(object):
 )
 @pytest.mark.rsa
 class TestRSAPSSMGF1VerificationSHA384(object):
-    test_rsa_pss_mgf1_sha384 = generate_rsa_pss_test(
+    test_rsa_pss_mgf1_sha384 = generate_rsa_signature_test(
         load_rsa_nist_vectors,
         os.path.join("asymmetric", "RSA", "FIPS_186-2"),
         [
             "SigGenPSS_186-2.rsp",
             "SigGenPSS_186-3.rsp",
+            "SigVerPSS_186-3.rsp",
         ],
-        hashes.SHA384()
+        hashes.SHA384(),
+        padding.PSS
     )
 
 
@@ -822,14 +830,101 @@ class TestRSAPSSMGF1VerificationSHA384(object):
 )
 @pytest.mark.rsa
 class TestRSAPSSMGF1VerificationSHA512(object):
-    test_rsa_pss_mgf1_sha512 = generate_rsa_pss_test(
+    test_rsa_pss_mgf1_sha512 = generate_rsa_signature_test(
         load_rsa_nist_vectors,
         os.path.join("asymmetric", "RSA", "FIPS_186-2"),
         [
             "SigGenPSS_186-2.rsp",
             "SigGenPSS_186-3.rsp",
+            "SigVerPSS_186-3.rsp",
         ],
-        hashes.SHA512()
+        hashes.SHA512(),
+        padding.PSS
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
+    skip_message="Does not support SHA1",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA1Verification(object):
+    test_rsa_pkcs1v15_verify_sha1 = generate_rsa_signature_test(
+        load_rsa_nist_vectors,
+        os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+        [
+            "SigVer15_186-3.rsp",
+        ],
+        hashes.SHA1(),
+        padding.PKCS1v15
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
+    skip_message="Does not support SHA224",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA224Verification(object):
+    test_rsa_pkcs1v15_verify_sha224 = generate_rsa_signature_test(
+        load_rsa_nist_vectors,
+        os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+        [
+            "SigVer15_186-3.rsp",
+        ],
+        hashes.SHA224(),
+        padding.PKCS1v15
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
+    skip_message="Does not support SHA256",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA256Verification(object):
+    test_rsa_pkcs1v15_verify_sha256 = generate_rsa_signature_test(
+        load_rsa_nist_vectors,
+        os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+        [
+            "SigVer15_186-3.rsp",
+        ],
+        hashes.SHA256(),
+        padding.PKCS1v15
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
+    skip_message="Does not support SHA384",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA384Verification(object):
+    test_rsa_pkcs1v15_verify_sha384 = generate_rsa_signature_test(
+        load_rsa_nist_vectors,
+        os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+        [
+            "SigVer15_186-3.rsp",
+        ],
+        hashes.SHA384(),
+        padding.PKCS1v15
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+    skip_message="Does not support SHA512",
+)
+@pytest.mark.rsa
+class TestRSAPKCS1SHA512Verification(object):
+    test_rsa_pkcs1v15_verify_sha512 = generate_rsa_signature_test(
+        load_rsa_nist_vectors,
+        os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+        [
+            "SigVer15_186-3.rsp",
+        ],
+        hashes.SHA512(),
+        padding.PKCS1v15
     )
 
 
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index a29ef70e..5db9a193 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -20,7 +20,8 @@ import os
 import pytest
 
 from cryptography.exceptions import (
-    AlreadyFinalized, AlreadyUpdated, InvalidTag, NotYetFinalized
+    AlreadyFinalized, AlreadyUpdated, InvalidSignature, InvalidTag,
+    NotYetFinalized
 )
 from cryptography.hazmat.primitives import hashes, hmac
 from cryptography.hazmat.primitives.asymmetric import padding, rsa
@@ -374,33 +375,42 @@ def generate_hkdf_test(param_loader, path, file_names, algorithm):
     return test_hkdf
 
 
-def generate_rsa_pss_test(param_loader, path, file_names, hash_alg):
+def generate_rsa_signature_test(param_loader, path, file_names, hash_alg,
+                                pad_cls):
     all_params = _load_all_params(path, file_names, param_loader)
     all_params = [i for i in all_params
                   if i["algorithm"] == hash_alg.name.upper()]
 
     @pytest.mark.parametrize("params", all_params)
-    def test_rsa_pss(self, backend, params):
-        rsa_pss_test(backend, params, hash_alg)
+    def test_rsa_signature(self, backend, params):
+        rsa_signature_test(backend, params, hash_alg, pad_cls)
 
-    return test_rsa_pss
+    return test_rsa_signature
 
 
-def rsa_pss_test(backend, params, hash_alg):
+def rsa_signature_test(backend, params, hash_alg, pad_cls):
     public_key = rsa.RSAPublicKey(
         public_exponent=params["public_exponent"],
         modulus=params["modulus"]
     )
-    verifier = public_key.verifier(
-        binascii.unhexlify(params["s"]),
-        padding.PSS(
+    if pad_cls is padding.PKCS1v15:
+        pad = padding.PKCS1v15()
+    else:
+        pad = padding.PSS(
             mgf=padding.MGF1(
                 algorithm=hash_alg,
                 salt_length=params["salt_length"]
             )
-        ),
+        )
+    verifier = public_key.verifier(
+        binascii.unhexlify(params["s"]),
+        pad,
         hash_alg,
         backend
     )
     verifier.update(binascii.unhexlify(params["msg"]))
-    verifier.verify()
+    if params["fail"]:
+        with pytest.raises(InvalidSignature):
+            verifier.verify()
+    else:
+        verifier.verify()
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-03-18 07:54:34 -0400
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-03-19 18:32:30 -0400
commit	49c8e2146492e83315145f803dfb0b746203e8e4 (patch)
tree	1ba15a8ccd0c6fee963f893cabd750a61df6c705
parent	62e18d7873470517c97c0c37be6bc1a81c304d8a (diff)
download	cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.tar.gz cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.tar.bz2 cryptography-49c8e2146492e83315145f803dfb0b746203e8e4.zip