diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2020-04-04 17:08:08 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-04 16:08:08 -0500 |
commit | aece5b3d47282beed31f7119e273b65816a0cf93 (patch) | |
tree | d72e5ebfee8297197f1321b6d066d8d2061244f2 /tests/hazmat | |
parent | e687b8f7f40e30ef88e9de889c55cd7fdec99762 (diff) | |
download | cryptography-aece5b3d47282beed31f7119e273b65816a0cf93.tar.gz cryptography-aece5b3d47282beed31f7119e273b65816a0cf93.tar.bz2 cryptography-aece5b3d47282beed31f7119e273b65816a0cf93.zip |
Drop support for OpenSSL 1.0.1 (#5178)
Diffstat (limited to 'tests/hazmat')
-rw-r--r-- | tests/hazmat/bindings/test_openssl.py | 14 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_aes.py | 72 |
2 files changed, 16 insertions, 70 deletions
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index e9bcc18e..29a1c459 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -4,14 +4,11 @@ from __future__ import absolute_import, division, print_function -import pretend - import pytest from cryptography.exceptions import InternalError from cryptography.hazmat.bindings.openssl.binding import ( - Binding, _consume_errors, _openssl_assert, _verify_openssl_version, - _verify_package_version + Binding, _consume_errors, _openssl_assert, _verify_package_version ) @@ -125,12 +122,3 @@ class TestOpenSSL(object): def test_version_mismatch(self): with pytest.raises(ImportError): _verify_package_version("nottherightversion") - - def test_verify_openssl_version(self, monkeypatch): - monkeypatch.delenv("CRYPTOGRAPHY_ALLOW_OPENSSL_101", raising=False) - lib = pretend.stub( - CRYPTOGRAPHY_OPENSSL_LESS_THAN_102=True, - CRYPTOGRAPHY_IS_LIBRESSL=False - ) - with pytest.raises(RuntimeError): - _verify_openssl_version(lib) diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index f1d434f1..d99ba406 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -352,25 +352,14 @@ class TestAESModeGCM(object): encryptor.authenticate_additional_data(aad) encryptor.finalize() - if ( - backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and - not backend._lib.CRYPTOGRAPHY_IS_LIBRESSL - ): - with pytest.raises(NotImplementedError): - decryptor = base.Cipher( - algorithms.AES(key), - modes.GCM(iv), - backend=backend - ).decryptor() - else: - decryptor = base.Cipher( - algorithms.AES(key), - modes.GCM(iv), - backend=backend - ).decryptor() - decryptor.authenticate_additional_data(aad) - with pytest.raises(ValueError): - decryptor.finalize() + decryptor = base.Cipher( + algorithms.AES(key), + modes.GCM(iv), + backend=backend + ).decryptor() + decryptor.authenticate_additional_data(aad) + with pytest.raises(ValueError): + decryptor.finalize() def test_gcm_tag_decrypt_mode(self, backend): key = binascii.unhexlify(b"5211242698bed4774a090620a6ca56f3") @@ -408,46 +397,15 @@ class TestAESModeGCM(object): encryptor.finalize() tag = encryptor.tag - if ( - backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and - not backend._lib.CRYPTOGRAPHY_IS_LIBRESSL - ): - with pytest.raises(NotImplementedError): - decryptor = base.Cipher( - algorithms.AES(key), - modes.GCM(iv), - backend=backend - ).decryptor() - decryptor = base.Cipher( - algorithms.AES(key), - modes.GCM(iv, tag=encryptor.tag), - backend=backend - ).decryptor() - else: - decryptor = base.Cipher( - algorithms.AES(key), - modes.GCM(iv), - backend=backend - ).decryptor() + decryptor = base.Cipher( + algorithms.AES(key), + modes.GCM(iv), + backend=backend + ).decryptor() decryptor.authenticate_additional_data(aad) - if ( - backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and - not backend._lib.CRYPTOGRAPHY_IS_LIBRESSL - ): - with pytest.raises(NotImplementedError): - decryptor.finalize_with_tag(tag) - decryptor.finalize() - else: - decryptor.finalize_with_tag(tag) - - @pytest.mark.supported( - only_if=lambda backend: ( - not backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 or - backend._lib.CRYPTOGRAPHY_IS_LIBRESSL - ), - skip_message="Not supported on OpenSSL 1.0.1", - ) + decryptor.finalize_with_tag(tag) + def test_gcm_tag_decrypt_finalize_tag_length(self, backend): decryptor = base.Cipher( algorithms.AES(b"0" * 16), |