diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-03-17 20:50:03 -0700 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-03-17 20:50:03 -0700 |
commit | 38c42635490d24d7ee88041b52002156c6f5a676 (patch) | |
tree | 34606dbe780ec7704051f26b0f12ab8755fca812 /tests/hazmat/backends/test_openssl.py | |
parent | 0380374fdae7bd744e46ad526af721fae11aa475 (diff) | |
parent | a38e8e580c09cebcab528be7e806f63539498f94 (diff) | |
download | cryptography-38c42635490d24d7ee88041b52002156c6f5a676.tar.gz cryptography-38c42635490d24d7ee88041b52002156c6f5a676.tar.bz2 cryptography-38c42635490d24d7ee88041b52002156c6f5a676.zip |
Merge pull request #792 from reaperhulk/rsa-pss-verify
RSA PSS Verify
Diffstat (limited to 'tests/hazmat/backends/test_openssl.py')
-rw-r--r-- | tests/hazmat/backends/test_openssl.py | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 599d1531..c5d0a013 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -21,6 +21,7 @@ from cryptography.exceptions import ( ) from cryptography.hazmat.backends.openssl.backend import backend, Backend from cryptography.hazmat.primitives import interfaces, hashes +from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC @@ -137,6 +138,30 @@ class TestOpenSSL(object): with pytest.raises(UnsupportedHash): backend.derive_pbkdf2_hmac(hashes.SHA256(), 10, b"", 1000, b"") + @pytest.mark.skipif( + backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000100f, + reason="Requires an older OpenSSL. Must be < 1.0.1" + ) + def test_non_sha1_pss_mgf1_hash_algorithm_on_old_openssl(self): + private_key = rsa.RSAPrivateKey.generate( + public_exponent=65537, + key_size=512, + backend=backend + ) + public_key = private_key.public_key() + with pytest.raises(UnsupportedHash): + public_key.verifier( + b"sig", + padding.PSS( + mgf=padding.MGF1( + algorithm=hashes.SHA256(), + salt_length=padding.MGF1.MAX_LENGTH + ) + ), + hashes.SHA1(), + backend + ) + # This test is not in the next class because to check if it's really # default we don't want to run the setup_method before it def test_osrandom_engine_is_default(self): |