diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-03-20 10:52:51 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-03-20 10:52:51 -0700 |
| commit | 23c641dad201446a019d4a5f1181908744fd347a (patch) | |
| tree | f8cf519f89e5e3f6f2acc4cd4586985d0da3fd5b /tests/hazmat/primitives/test_rsa.py | |
| parent | 62e18d7873470517c97c0c37be6bc1a81c304d8a (diff) | |
| parent | 4d8358fb50253bebdf637f517da8ba2406080d3f (diff) | |
| download | cryptography-23c641dad201446a019d4a5f1181908744fd347a.tar.gz cryptography-23c641dad201446a019d4a5f1181908744fd347a.tar.bz2 cryptography-23c641dad201446a019d4a5f1181908744fd347a.zip | |
Merge pull request #826 from reaperhulk/rsa-more-sig-verification
RSA more sig verification
Diffstat (limited to 'tests/hazmat/primitives/test_rsa.py')
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 182 |
1 files changed, 134 insertions, 48 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 67b5b2e0..67189c24 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -27,7 +27,7 @@ from cryptography.exceptions import ( from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import padding, rsa -from .utils import generate_rsa_pss_test +from .utils import generate_rsa_verification_test from ...utils import ( load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file ) @@ -748,89 +748,175 @@ class TestRSAVerification(object): verifier.verify() -@pytest.mark.supported( - only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA1()), - skip_message="Does not support SHA1 with MGF1." -) @pytest.mark.rsa -class TestRSAPSSMGF1VerificationSHA1(object): - test_rsa_pss_mgf1_sha1 = generate_rsa_pss_test( +class TestRSAPSSMGF1Verification(object): + test_rsa_pss_mgf1_sha1 = pytest.mark.supported( + only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA1()), + skip_message="Does not support SHA1 with MGF1." + )(generate_rsa_verification_test( load_rsa_nist_vectors, os.path.join("asymmetric", "RSA", "FIPS_186-2"), [ "SigGenPSS_186-2.rsp", "SigGenPSS_186-3.rsp", + "SigVerPSS_186-3.rsp", ], - hashes.SHA1() - ) - + hashes.SHA1(), + lambda params, hash_alg: padding.PSS( + mgf=padding.MGF1( + algorithm=hash_alg, + salt_length=params["salt_length"] + ) + ) + )) -@pytest.mark.supported( - only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA224()), - skip_message="Does not support SHA224 with MGF1." -) -@pytest.mark.rsa -class TestRSAPSSMGF1VerificationSHA224(object): - test_rsa_pss_mgf1_sha224 = generate_rsa_pss_test( + test_rsa_pss_mgf1_sha224 = pytest.mark.supported( + only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA224()), + skip_message="Does not support SHA224 with MGF1." + )(generate_rsa_verification_test( load_rsa_nist_vectors, os.path.join("asymmetric", "RSA", "FIPS_186-2"), [ "SigGenPSS_186-2.rsp", "SigGenPSS_186-3.rsp", + "SigVerPSS_186-3.rsp", ], - hashes.SHA224() - ) - + hashes.SHA224(), + lambda params, hash_alg: padding.PSS( + mgf=padding.MGF1( + algorithm=hash_alg, + salt_length=params["salt_length"] + ) + ) + )) -@pytest.mark.supported( - only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA256()), - skip_message="Does not support SHA256 with MGF1." -) -@pytest.mark.rsa -class TestRSAPSSMGF1VerificationSHA256(object): - test_rsa_pss_mgf1_sha256 = generate_rsa_pss_test( + test_rsa_pss_mgf1_sha256 = pytest.mark.supported( + only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA256()), + skip_message="Does not support SHA256 with MGF1." + )(generate_rsa_verification_test( load_rsa_nist_vectors, os.path.join("asymmetric", "RSA", "FIPS_186-2"), [ "SigGenPSS_186-2.rsp", "SigGenPSS_186-3.rsp", + "SigVerPSS_186-3.rsp", ], - hashes.SHA256() - ) + hashes.SHA256(), + lambda params, hash_alg: padding.PSS( + mgf=padding.MGF1( + algorithm=hash_alg, + salt_length=params["salt_length"] + ) + ) + )) + test_rsa_pss_mgf1_sha384 = pytest.mark.supported( + only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA384()), + skip_message="Does not support SHA384 with MGF1." + )(generate_rsa_verification_test( + load_rsa_nist_vectors, + os.path.join("asymmetric", "RSA", "FIPS_186-2"), + [ + "SigGenPSS_186-2.rsp", + "SigGenPSS_186-3.rsp", + "SigVerPSS_186-3.rsp", + ], + hashes.SHA384(), + lambda params, hash_alg: padding.PSS( + mgf=padding.MGF1( + algorithm=hash_alg, + salt_length=params["salt_length"] + ) + ) + )) -@pytest.mark.supported( - only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA384()), - skip_message="Does not support SHA384 with MGF1." -) -@pytest.mark.rsa -class TestRSAPSSMGF1VerificationSHA384(object): - test_rsa_pss_mgf1_sha384 = generate_rsa_pss_test( + test_rsa_pss_mgf1_sha512 = pytest.mark.supported( + only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA512()), + skip_message="Does not support SHA512 with MGF1." + )(generate_rsa_verification_test( load_rsa_nist_vectors, os.path.join("asymmetric", "RSA", "FIPS_186-2"), [ "SigGenPSS_186-2.rsp", "SigGenPSS_186-3.rsp", + "SigVerPSS_186-3.rsp", ], - hashes.SHA384() - ) + hashes.SHA512(), + lambda params, hash_alg: padding.PSS( + mgf=padding.MGF1( + algorithm=hash_alg, + salt_length=params["salt_length"] + ) + ) + )) -@pytest.mark.supported( - only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA512()), - skip_message="Does not support SHA512 with MGF1." -) @pytest.mark.rsa -class TestRSAPSSMGF1VerificationSHA512(object): - test_rsa_pss_mgf1_sha512 = generate_rsa_pss_test( +class TestRSAPKCS1Verification(object): + test_rsa_pkcs1v15_verify_sha1 = pytest.mark.supported( + only_if=lambda backend: backend.hash_supported(hashes.SHA1()), + skip_message="Does not support SHA1." + )(generate_rsa_verification_test( load_rsa_nist_vectors, os.path.join("asymmetric", "RSA", "FIPS_186-2"), [ - "SigGenPSS_186-2.rsp", - "SigGenPSS_186-3.rsp", + "SigVer15_186-3.rsp", ], - hashes.SHA512() - ) + hashes.SHA1(), + lambda params, hash_alg: padding.PKCS1v15() + )) + + test_rsa_pkcs1v15_verify_sha224 = pytest.mark.supported( + only_if=lambda backend: backend.hash_supported(hashes.SHA224()), + skip_message="Does not support SHA224." + )(generate_rsa_verification_test( + load_rsa_nist_vectors, + os.path.join("asymmetric", "RSA", "FIPS_186-2"), + [ + "SigVer15_186-3.rsp", + ], + hashes.SHA224(), + lambda params, hash_alg: padding.PKCS1v15() + )) + + test_rsa_pkcs1v15_verify_sha256 = pytest.mark.supported( + only_if=lambda backend: backend.hash_supported(hashes.SHA256()), + skip_message="Does not support SHA256." + )(generate_rsa_verification_test( + load_rsa_nist_vectors, + os.path.join("asymmetric", "RSA", "FIPS_186-2"), + [ + "SigVer15_186-3.rsp", + ], + hashes.SHA256(), + lambda params, hash_alg: padding.PKCS1v15() + )) + + test_rsa_pkcs1v15_verify_sha384 = pytest.mark.supported( + only_if=lambda backend: backend.hash_supported(hashes.SHA384()), + skip_message="Does not support SHA384." + )(generate_rsa_verification_test( + load_rsa_nist_vectors, + os.path.join("asymmetric", "RSA", "FIPS_186-2"), + [ + "SigVer15_186-3.rsp", + ], + hashes.SHA384(), + lambda params, hash_alg: padding.PKCS1v15() + )) + + test_rsa_pkcs1v15_verify_sha512 = pytest.mark.supported( + only_if=lambda backend: backend.hash_supported(hashes.SHA512()), + skip_message="Does not support SHA512." + )(generate_rsa_verification_test( + load_rsa_nist_vectors, + os.path.join("asymmetric", "RSA", "FIPS_186-2"), + [ + "SigVer15_186-3.rsp", + ], + hashes.SHA512(), + lambda params, hash_alg: padding.PKCS1v15() + )) class TestMGF1(object): |