diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-05-01 15:34:42 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-05-01 20:29:56 -0500 |
commit | 0b3ff3b09b71f93ec278e0da73d27b5976241721 (patch) | |
tree | 67f5c9a72068b36617e945733cfd032ec35672e7 /tests | |
parent | 8c977a3bac7476b1d8a59c42bc96cf7ad08f430e (diff) | |
download | cryptography-0b3ff3b09b71f93ec278e0da73d27b5976241721.tar.gz cryptography-0b3ff3b09b71f93ec278e0da73d27b5976241721.tar.bz2 cryptography-0b3ff3b09b71f93ec278e0da73d27b5976241721.zip |
DSA signing support (this is mostly skeuomorf's work, credit to him)
Diffstat (limited to 'tests')
-rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 4c3cd58a..1bfea2e3 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -798,6 +798,60 @@ class TestDSAVerification(object): public_key.verifier(b"sig", hashes.SHA1(), pretend_backend) +@pytest.mark.dsa +class TestDSASignature(object): + _algorithms_dict = { + 'SHA1': hashes.SHA1, + 'SHA224': hashes.SHA224, + 'SHA256': hashes.SHA256, + 'SHA384': hashes.SHA384, + 'SHA512': hashes.SHA512} + + @pytest.mark.parametrize( + "vector", + load_vectors_from_file( + os.path.join( + "asymmetric", "DSA", "FIPS_186-3", "SigGen.txt"), + load_fips_dsa_sig_vectors + ) + ) + def test_dsa_signing(self, vector, backend): + digest_algorithm = vector['digest_algorithm'].replace("-", "") + algorithm = self._algorithms_dict[digest_algorithm] + if ( + not backend.dsa_parameters_supported( + vector['p'], vector['q'], vector['g'] + ) or not backend.dsa_hash_supported(algorithm) + ): + pytest.skip( + "{0} does not support the provided parameters".format(backend) + ) + + private_key = dsa.DSAPrivateKey( + vector['p'], vector['q'], vector['g'], vector['x'], vector['y'] + ) + signer = private_key.signer(algorithm(), backend) + signer.update(vector['msg']) + signature = signer.finalize() + assert signature + + public_key = private_key.public_key() + verifier = public_key.verifier(signature, algorithm(), backend) + verifier.update(vector['msg']) + verifier.verify() + + def test_use_after_finalize(self, backend): + parameters = dsa.DSAParameters.generate(1024, backend) + private_key = dsa.DSAPrivateKey.generate(parameters, backend) + signer = private_key.signer(hashes.SHA1(), backend) + signer.update(b"data") + signer.finalize() + with pytest.raises(AlreadyFinalized): + signer.finalize() + with pytest.raises(AlreadyFinalized): + signer.update(b"more data") + + def test_dsa_generate_invalid_backend(): pretend_backend = object() |