diff options
| -rw-r--r-- | docs/hazmat/primitives/key-derivation-functions.rst | 4 | ||||
| -rw-r--r-- | pytest.ini | 2 | ||||
| -rw-r--r-- | tests/conftest.py | 4 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_pbkdf2.py | 20 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_pbkdf2_vectors.py | 8 | ||||
| -rw-r--r-- | tests/hazmat/primitives/utils.py | 4 |
6 files changed, 21 insertions, 21 deletions
diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst index 661b4611..4cb67701 100644 --- a/docs/hazmat/primitives/key-derivation-functions.rst +++ b/docs/hazmat/primitives/key-derivation-functions.rst @@ -29,7 +29,7 @@ using a pseudo-random function (PRF). ... algorithm=hashes.SHA256(), ... length=32, ... salt=salt, - ... iterations=50000, + ... iterations=100000, ... backend=backend ... ) >>> key = kdf.derive(b"my great password") @@ -38,7 +38,7 @@ using a pseudo-random function (PRF). ... algorithm=hashes.SHA256(), ... length=32, ... salt=salt, - ... iterations=50000, + ... iterations=100000, ... backend=backend ... ) >>> kdf.verify(b"my great password", key) @@ -4,5 +4,5 @@ markers = cipher: this test requires a backend providing CipherBackend hash: this test requires a backend providing HashBackend hmac: this test requires a backend providing HMACBackend - pbkdf2: this test requires a backend providing PBKDF2Backend + pbkdf2hmac: this test requires a backend providing PBKDF2HMACBackend supported: parametrized test requiring only_if and skip_message diff --git a/tests/conftest.py b/tests/conftest.py index 7370294f..ecad1b23 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -2,7 +2,7 @@ import pytest from cryptography.hazmat.backends import _ALL_BACKENDS from cryptography.hazmat.backends.interfaces import ( - HMACBackend, CipherBackend, HashBackend, PBKDF2Backend + HMACBackend, CipherBackend, HashBackend, PBKDF2HMACBackend ) from .utils import check_for_iface, check_backend_support, select_backends @@ -21,7 +21,7 @@ def pytest_runtest_setup(item): check_for_iface("hmac", HMACBackend, item) check_for_iface("cipher", CipherBackend, item) check_for_iface("hash", HashBackend, item) - check_for_iface("pbkdf2", PBKDF2Backend, item) + check_for_iface("pbkdf2hmac", PBKDF2HMACBackend, item) check_backend_support(item) diff --git a/tests/hazmat/primitives/test_pbkdf2.py b/tests/hazmat/primitives/test_pbkdf2.py index 4d15d7a7..41123557 100644 --- a/tests/hazmat/primitives/test_pbkdf2.py +++ b/tests/hazmat/primitives/test_pbkdf2.py @@ -20,40 +20,40 @@ from cryptography.exceptions import ( InvalidKey, UnsupportedAlgorithm, AlreadyFinalized ) from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2 +from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.backends import default_backend @utils.register_interface(interfaces.HashAlgorithm) -class UnsupportedDummyHash(object): - name = "unsupported-dummy-hash" +class DummyHash(object): + name = "dummy-hash" -class TestPBKDF2(object): +class TestPBKDF2HMAC(object): def test_already_finalized(self): - kdf = PBKDF2(hashes.SHA1(), 20, b"salt", 10, default_backend()) + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) kdf.derive(b"password") with pytest.raises(AlreadyFinalized): kdf.derive(b"password2") - kdf = PBKDF2(hashes.SHA1(), 20, b"salt", 10, default_backend()) + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) key = kdf.derive(b"password") with pytest.raises(AlreadyFinalized): kdf.verify(b"password", key) - kdf = PBKDF2(hashes.SHA1(), 20, b"salt", 10, default_backend()) + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) kdf.verify(b"password", key) with pytest.raises(AlreadyFinalized): kdf.verify(b"password", key) def test_unsupported_algorithm(self): with pytest.raises(UnsupportedAlgorithm): - PBKDF2(UnsupportedDummyHash(), 20, b"salt", 10, default_backend()) + PBKDF2HMAC(DummyHash(), 20, b"salt", 10, default_backend()) def test_invalid_key(self): - kdf = PBKDF2(hashes.SHA1(), 20, b"salt", 10, default_backend()) + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) key = kdf.derive(b"password") - kdf = PBKDF2(hashes.SHA1(), 20, b"salt", 10, default_backend()) + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) with pytest.raises(InvalidKey): kdf.verify(b"password2", key) diff --git a/tests/hazmat/primitives/test_pbkdf2_vectors.py b/tests/hazmat/primitives/test_pbkdf2_vectors.py index e6e3935f..cbd4cc9d 100644 --- a/tests/hazmat/primitives/test_pbkdf2_vectors.py +++ b/tests/hazmat/primitives/test_pbkdf2_vectors.py @@ -22,11 +22,11 @@ from ...utils import load_nist_vectors @pytest.mark.supported( - only_if=lambda backend: backend.pbkdf2_hash_supported(hashes.SHA1()), - skip_message="Does not support SHA1 for PBKDF2", + only_if=lambda backend: backend.pbkdf2_hmac_supported(hashes.SHA1()), + skip_message="Does not support SHA1 for PBKDF2HMAC", ) -@pytest.mark.pbkdf2 -class TestPBKDF2_SHA1(object): +@pytest.mark.pbkdf2hmac +class TestPBKDF2HMAC_SHA1(object): test_pbkdf2_sha1 = generate_pbkdf2_test( load_nist_vectors, "KDF", diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 3a1d6d88..6b1d055d 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -4,7 +4,7 @@ import os import pytest from cryptography.hazmat.primitives import hashes, hmac -from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2 +from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.exceptions import ( AlreadyFinalized, NotYetFinalized, AlreadyUpdated, InvalidTag, @@ -225,7 +225,7 @@ def pbkdf2_test(backend, algorithm, params): # Password and salt can contain \0, which should be loaded as a null char. # The NIST loader loads them as literal strings so we replace with the # proper value. - kdf = PBKDF2( + kdf = PBKDF2HMAC( algorithm, int(params["length"]), params["salt"], |