Merge pull request #962 from reaperhulk/rsa-enc

RSA encryption support
author: Alex Gaynor <alex.gaynor@gmail.com> 2014-04-26 22:10:34 -0700
committer: Alex Gaynor <alex.gaynor@gmail.com> 2014-04-26 22:10:34 -0700
commit: db1524b8db4959f25c880f871ea0d2ddb137ec58 (patch)
tree: c9df839f820b8a09ef4394d3ff3b894af46d2dd0 /tests/hazmat/primitives/test_rsa.py
parent: b30402c6b5ad6aa3625fcfbd9e7cb7998670d2f4 (diff)
parent: 857c0e9c18206c35958a4ad573e7c36a743daabd (diff)
download: cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.gz
cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.bz2
cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.zip
1 files changed, 119 insertions, 1 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 34b80cc3..38a5d0af 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -1260,7 +1260,7 @@ class TestRSADecryption(object):
             backend=backend
         )
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING):
-            private_key.decrypt(b"somedata", DummyPadding(), backend)
+            private_key.decrypt(b"0" * 64, DummyPadding(), backend)
 
     def test_decrypt_invalid_decrypt(self, backend):
         private_key = rsa.RSAPrivateKey.generate(
@@ -1355,6 +1355,124 @@ class TestRSADecryption(object):
         )
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
             private_key.decrypt(
+                b"0" * 64,
+                padding.OAEP(
+                    mgf=DummyMGF(),
+                    algorithm=hashes.SHA1(),
+                    label=None
+                ),
+                backend
+            )
+
+
+@pytest.mark.rsa
+class TestRSAEncryption(object):
+    @pytest.mark.parametrize(
+        ("key_size", "pad"),
+        itertools.product(
+            (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
+            (
+                padding.OAEP(
+                    mgf=padding.MGF1(algorithm=hashes.SHA1()),
+                    algorithm=hashes.SHA1(),
+                    label=None
+                ),
+                padding.PKCS1v15()
+            )
+        )
+    )
+    def test_rsa_encrypt(self, key_size, pad, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=key_size,
+            backend=backend
+        )
+        pt = b"encrypt me!"
+        public_key = private_key.public_key()
+        ct = public_key.encrypt(
+            pt,
+            pad,
+            backend
+        )
+        assert ct != pt
+        assert len(ct) == math.ceil(public_key.key_size / 8.0)
+        recovered_pt = private_key.decrypt(
+            ct,
+            pad,
+            backend
+        )
+        assert recovered_pt == pt
+
+    @pytest.mark.parametrize(
+        ("key_size", "pad"),
+        itertools.product(
+            (1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1536, 2048),
+            (
+                padding.OAEP(
+                    mgf=padding.MGF1(algorithm=hashes.SHA1()),
+                    algorithm=hashes.SHA1(),
+                    label=None
+                ),
+                padding.PKCS1v15()
+            )
+        )
+    )
+    def test_rsa_encrypt_key_too_small(self, key_size, pad, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=key_size,
+            backend=backend
+        )
+        public_key = private_key.public_key()
+        # Slightly smaller than the key size but not enough for padding.
+        with pytest.raises(ValueError):
+            public_key.encrypt(
+                b"\x00" * (key_size // 8 - 1),
+                pad,
+                backend
+            )
+
+        # Larger than the key size.
+        with pytest.raises(ValueError):
+            public_key.encrypt(
+                b"\x00" * (key_size // 8 + 5),
+                pad,
+                backend
+            )
+
+    def test_rsa_encrypt_invalid_backend(self, backend):
+        pretend_backend = object()
+        private_key = rsa.RSAPrivateKey.generate(65537, 512, backend)
+        public_key = private_key.public_key()
+
+        with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE):
+            public_key.encrypt(
+                b"irrelevant",
+                padding.PKCS1v15(),
+                pretend_backend
+            )
+
+    def test_unsupported_padding(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
+        public_key = private_key.public_key()
+
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING):
+            public_key.encrypt(b"somedata", DummyPadding(), backend)
+
+    def test_unsupported_oaep_mgf(self, backend):
+        private_key = rsa.RSAPrivateKey.generate(
+            public_exponent=65537,
+            key_size=512,
+            backend=backend
+        )
+        public_key = private_key.public_key()
+
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
+            public_key.encrypt(
                 b"ciphertext",
                 padding.OAEP(
                     mgf=DummyMGF(),
author	Alex Gaynor <alex.gaynor@gmail.com>	2014-04-26 22:10:34 -0700
committer	Alex Gaynor <alex.gaynor@gmail.com>	2014-04-26 22:10:34 -0700
commit	db1524b8db4959f25c880f871ea0d2ddb137ec58 (patch)
tree	c9df839f820b8a09ef4394d3ff3b894af46d2dd0 /tests/hazmat/primitives/test_rsa.py
parent	b30402c6b5ad6aa3625fcfbd9e7cb7998670d2f4 (diff)
parent	857c0e9c18206c35958a4ad573e7c36a743daabd (diff)
download	cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.gz cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.bz2 cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.zip