diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-05-02 08:08:35 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-05-02 08:08:35 -0700 |
| commit | 9a44485c740e0a15abad363c7d4af9903e050fb5 (patch) | |
| tree | fa81c66df08b44eddfc606505125e9a653324357 | |
| parent | 865db9d21a91cb02a5f77e1b24b5dc5a90424903 (diff) | |
| parent | 53706565bc1df0898f9e65046429129c4822a354 (diff) | |
| download | cryptography-9a44485c740e0a15abad363c7d4af9903e050fb5.tar.gz cryptography-9a44485c740e0a15abad363c7d4af9903e050fb5.tar.bz2 cryptography-9a44485c740e0a15abad363c7d4af9903e050fb5.zip | |
Merge pull request #998 from reaperhulk/dsa-multibackend
DSA sign/verify multibackend
| -rw-r--r-- | CHANGELOG.rst | 4 | ||||
| -rw-r--r-- | cryptography/hazmat/backends/multibackend.py | 25 | ||||
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/dsa.rst | 4 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 39 |
4 files changed, 70 insertions, 2 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index de877503..80ad8729 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -16,6 +16,10 @@ Changelog :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey` and encryption support to :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`. +* Added signature support to + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` + and verification support to + :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`. 0.3 - 2014-03-27 ~~~~~~~~~~~~~~~~ diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 981a60bd..753f4fc6 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -158,6 +158,31 @@ class MultiBackend(object): raise UnsupportedAlgorithm("DSA is not supported by the backend", _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + def create_dsa_verification_ctx(self, public_key, signature, algorithm): + for b in self._filtered_backends(DSABackend): + return b.create_dsa_verification_ctx(public_key, signature, + algorithm) + raise UnsupportedAlgorithm("DSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + + def create_dsa_signature_ctx(self, private_key, algorithm): + for b in self._filtered_backends(DSABackend): + return b.create_dsa_signature_ctx(private_key, algorithm) + raise UnsupportedAlgorithm("DSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + + def dsa_hash_supported(self, algorithm): + for b in self._filtered_backends(DSABackend): + return b.dsa_hash_supported(algorithm) + raise UnsupportedAlgorithm("DSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + + def dsa_parameters_supported(self, p, q, g): + for b in self._filtered_backends(DSABackend): + return b.dsa_parameters_supported(p, q, g) + raise UnsupportedAlgorithm("DSA is not supported by the backend", + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + def cmac_algorithm_supported(self, algorithm): return any( b.cmac_algorithm_supported(algorithm) diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst index 1d58ccef..f7abaf0f 100644 --- a/docs/hazmat/primitives/asymmetric/dsa.rst +++ b/docs/hazmat/primitives/asymmetric/dsa.rst @@ -103,7 +103,7 @@ DSA Sign data which can be verified later by others using the public key. - .. code-block:: pycon + .. doctest:: >>> from cryptography.hazmat.backends import default_backend >>> from cryptography.hazmat.primitives import hashes @@ -167,7 +167,7 @@ DSA Verify data was signed by the private key associated with this public key. - .. code-block:: pycon + .. doctest:: >>> from cryptography.hazmat.backends import default_backend >>> from cryptography.hazmat.primitives import hashes diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index d8c09bd7..fd2a30cd 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -107,6 +107,18 @@ class DummyDSABackend(object): def generate_dsa_private_key(self, parameters): pass + def create_dsa_signature_ctx(self, private_key, algorithm): + pass + + def create_dsa_verification_ctx(self, public_key, signature, algorithm): + pass + + def dsa_hash_supported(self, algorithm): + pass + + def dsa_parameters_supported(self, p, q, g): + pass + @utils.register_interface(CMACBackend) class DummyCMACBackend(object): @@ -227,6 +239,11 @@ class TestMultiBackend(object): parameters = object() backend.generate_dsa_private_key(parameters) + backend.create_dsa_verification_ctx("public_key", "sig", hashes.SHA1()) + backend.create_dsa_signature_ctx("private_key", hashes.SHA1()) + backend.dsa_hash_supported(hashes.SHA1()) + backend.dsa_parameters_supported(1, 2, 3) + backend = MultiBackend([]) with raises_unsupported_algorithm( _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM @@ -238,6 +255,28 @@ class TestMultiBackend(object): ): backend.generate_dsa_private_key(parameters) + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.create_dsa_signature_ctx("private_key", hashes.SHA1()) + + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.create_dsa_verification_ctx( + "public_key", b"sig", hashes.SHA1() + ) + + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.dsa_hash_supported(hashes.SHA1()) + + with raises_unsupported_algorithm( + _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM + ): + backend.dsa_parameters_supported('p', 'q', 'g') + def test_cmac(self): backend = MultiBackend([ DummyCMACBackend([algorithms.AES]) |