diff options
29 files changed, 140 insertions, 154 deletions
@@ -1,15 +1,5 @@ [pytest] addopts = -r s markers = - cipher: this test requires a backend providing CipherBackend - cmac: this test requires a backend providing CMACBackend - dsa: this test requires a backend providing DSABackend - hash: this test requires a backend providing HashBackend - hmac: this test requires a backend providing HMACBackend - pbkdf2hmac: this test requires a backend providing PBKDF2HMACBackend - rsa: this test requires a backend providing RSABackend - traditional_openssl_serialization: this test requires a backend providing TraditionalOpenSSLSerializationBackend - pkcs8_serialization: this test requires a backend providing PKCS8SerializationBackend + requires_backend_interface: this test requires a specific backend interface supported: parametrized test requiring only_if and skip_message - elliptic: this test requires a backend providing EllipticCurveBackend - pem_serialization: this test requires a backend providing PEMSerializationBackend diff --git a/tests/conftest.py b/tests/conftest.py index b7981c9d..7f8e71d5 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -16,13 +16,8 @@ from __future__ import absolute_import, division, print_function import pytest from cryptography.hazmat.backends import _available_backends -from cryptography.hazmat.backends.interfaces import ( - CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, - HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend -) -from .utils import check_backend_support, check_for_iface, select_backends + +from .utils import check_backend_support, select_backends def pytest_generate_tests(metafunc): @@ -35,21 +30,17 @@ def pytest_generate_tests(metafunc): @pytest.mark.trylast def pytest_runtest_setup(item): - check_for_iface("hmac", HMACBackend, item) - check_for_iface("cipher", CipherBackend, item) - check_for_iface("cmac", CMACBackend, item) - check_for_iface("hash", HashBackend, item) - check_for_iface("pbkdf2hmac", PBKDF2HMACBackend, item) - check_for_iface("dsa", DSABackend, item) - check_for_iface("rsa", RSABackend, item) - check_for_iface( - "traditional_openssl_serialization", - TraditionalOpenSSLSerializationBackend, - item - ) - check_for_iface("pkcs8_serialization", PKCS8SerializationBackend, item) - check_for_iface("elliptic", EllipticCurveBackend, item) - check_for_iface("pem_serialization", PEMSerializationBackend, item) + required = item.keywords.get("requires_backend_interface") + if ( + required is not None and + "backend" in item.funcargs and + not isinstance(item.funcargs["backend"], required.kwargs['interface']) + ): + pytest.skip("{0} backend does not support {1}".format( + item.funcargs["backend"], + required.kwargs['interface'].__name__ + )) + check_backend_support(item) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 3bea413a..39708f82 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -24,6 +24,7 @@ import pytest from cryptography import utils from cryptography.exceptions import InternalError, _Reasons +from cryptography.hazmat.backends.interfaces import EllipticCurveBackend from cryptography.hazmat.backends.openssl.backend import ( Backend, backend ) @@ -489,7 +490,7 @@ class TestOpenSSLEllipticCurve(object): _sn_to_elliptic_curve(backend, b"fake") -@pytest.mark.elliptic +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) class TestDeprecatedECBackendMethods(object): def test_elliptic_curve_private_key_from_numbers(self): d = 5634846038258869671139984276180670841223409490498798721258 diff --git a/tests/hazmat/primitives/test_3des.py b/tests/hazmat/primitives/test_3des.py index 65660386..cddacbde 100644 --- a/tests/hazmat/primitives/test_3des.py +++ b/tests/hazmat/primitives/test_3des.py @@ -22,6 +22,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -34,7 +35,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support TripleDES CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestTripleDESModeCBC(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -71,7 +72,7 @@ class TestTripleDESModeCBC(object): ), skip_message="Does not support TripleDES OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestTripleDESModeOFB(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -108,7 +109,7 @@ class TestTripleDESModeOFB(object): ), skip_message="Does not support TripleDES CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestTripleDESModeCFB(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -145,7 +146,7 @@ class TestTripleDESModeCFB(object): ), skip_message="Does not support TripleDES CFB8", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestTripleDESModeCFB8(object): test_KAT = generate_encrypt_test( load_nist_vectors, @@ -182,7 +183,7 @@ class TestTripleDESModeCFB8(object): ), skip_message="Does not support TripleDES ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestTripleDESModeECB(object): test_KAT = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index e8e0eee4..85e5da7a 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, base, modes from .utils import generate_aead_test, generate_encrypt_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support AES CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -63,7 +64,7 @@ class TestAESModeCBC(object): ), skip_message="Does not support AES ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, @@ -96,7 +97,7 @@ class TestAESModeECB(object): ), skip_message="Does not support AES OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -129,7 +130,7 @@ class TestAESModeOFB(object): ), skip_message="Does not support AES CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, @@ -162,7 +163,7 @@ class TestAESModeCFB(object): ), skip_message="Does not support AES CFB8", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeCFB8(object): test_CFB8 = generate_encrypt_test( load_nist_vectors, @@ -195,7 +196,7 @@ class TestAESModeCFB8(object): ), skip_message="Does not support AES CTR", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeCTR(object): test_CTR = generate_encrypt_test( load_nist_vectors, @@ -212,7 +213,7 @@ class TestAESModeCTR(object): ), skip_message="Does not support AES GCM", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeGCM(object): test_GCM = generate_aead_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_arc4.py b/tests/hazmat/primitives/test_arc4.py index 33f7ff09..cd0da910 100644 --- a/tests/hazmat/primitives/test_arc4.py +++ b/tests/hazmat/primitives/test_arc4.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms from .utils import generate_stream_encryption_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support ARC4", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestARC4(object): test_rfc = generate_stream_encryption_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py index 022e3af7..6ee230a7 100644 --- a/tests/hazmat/primitives/test_block.py +++ b/tests/hazmat/primitives/test_block.py @@ -21,6 +21,7 @@ from cryptography import utils from cryptography.exceptions import ( AlreadyFinalized, _Reasons ) +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers import ( Cipher, algorithms, modes @@ -45,7 +46,7 @@ class DummyCipher(object): name = "dummy-cipher" -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCipher(object): def test_creates_encryptor(self, backend): cipher = Cipher( @@ -69,7 +70,7 @@ class TestCipher(object): Cipher(algorithm, mode=None, backend=backend) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCipherContext(object): def test_use_after_finalize(self, backend): cipher = Cipher( @@ -146,7 +147,7 @@ class TestCipherContext(object): ), skip_message="Does not support AES GCM", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAEADCipherContext(object): test_aead_exceptions = generate_aead_exception_test( algorithms.AES, @@ -158,7 +159,7 @@ class TestAEADCipherContext(object): ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestModeValidation(object): def test_cbc(self, backend): with pytest.raises(ValueError): diff --git a/tests/hazmat/primitives/test_blowfish.py b/tests/hazmat/primitives/test_blowfish.py index 2801f430..c072a5cb 100644 --- a/tests/hazmat/primitives/test_blowfish.py +++ b/tests/hazmat/primitives/test_blowfish.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support Blowfish ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestBlowfishModeECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, @@ -47,7 +48,7 @@ class TestBlowfishModeECB(object): ), skip_message="Does not support Blowfish CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestBlowfishModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -64,7 +65,7 @@ class TestBlowfishModeCBC(object): ), skip_message="Does not support Blowfish OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestBlowfishModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -81,7 +82,7 @@ class TestBlowfishModeOFB(object): ), skip_message="Does not support Blowfish CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestBlowfishModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_camellia.py b/tests/hazmat/primitives/test_camellia.py index 25bd0ff9..f544d596 100644 --- a/tests/hazmat/primitives/test_camellia.py +++ b/tests/hazmat/primitives/test_camellia.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -32,7 +33,7 @@ from ...utils import ( ), skip_message="Does not support Camellia ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCamelliaModeECB(object): test_ECB = generate_encrypt_test( load_cryptrec_vectors, @@ -53,7 +54,7 @@ class TestCamelliaModeECB(object): ), skip_message="Does not support Camellia CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCamelliaModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -70,7 +71,7 @@ class TestCamelliaModeCBC(object): ), skip_message="Does not support Camellia OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCamelliaModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -87,7 +88,7 @@ class TestCamelliaModeOFB(object): ), skip_message="Does not support Camellia CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCamelliaModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index 60228299..5c354cdd 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support CAST5 ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCAST5ModeECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, @@ -47,7 +48,7 @@ class TestCAST5ModeECB(object): ), skip_message="Does not support CAST5 CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCAST5ModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -64,7 +65,7 @@ class TestCAST5ModeCBC(object): ), skip_message="Does not support CAST5 OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCAST5ModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -81,7 +82,7 @@ class TestCAST5ModeOFB(object): ), skip_message="Does not support CAST5 CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCAST5ModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, @@ -98,7 +99,7 @@ class TestCAST5ModeCFB(object): ), skip_message="Does not support CAST5 CTR", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestCAST5ModeCTR(object): test_CTR = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index 7ec4af68..49e2043e 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -52,7 +52,7 @@ vectors_3des = load_vectors_from_file( fake_key = b"\x00" * 16 -@pytest.mark.cmac +@pytest.mark.requires_backend_interface(interface=CMACBackend) class TestCMAC(object): @pytest.mark.supported( only_if=lambda backend: backend.cmac_algorithm_supported( diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 14b24d69..f0bbf142 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -19,6 +19,7 @@ import os import pytest from cryptography.exceptions import AlreadyFinalized, InvalidSignature +from cryptography.hazmat.backends.interfaces import DSABackend from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import dsa from cryptography.utils import bit_length @@ -32,7 +33,7 @@ from ...utils import ( ) -@pytest.mark.dsa +@pytest.mark.requires_backend_interface(interface=DSABackend) class TestDSA(object): def test_generate_dsa_parameters(self, backend): parameters = dsa.generate_parameters(1024, backend) @@ -530,7 +531,7 @@ class TestDSA(object): ).public_key(backend) -@pytest.mark.dsa +@pytest.mark.requires_backend_interface(interface=DSABackend) class TestDSAVerification(object): _algorithms_dict = { 'SHA1': hashes.SHA1, @@ -594,7 +595,7 @@ class TestDSAVerification(object): verifier.update(b"more data") -@pytest.mark.dsa +@pytest.mark.requires_backend_interface(interface=DSABackend) class TestDSASignature(object): _algorithms_dict = { 'SHA1': hashes.SHA1, diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 1b3bb9b3..decb3716 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -80,7 +80,7 @@ class DeprecatedDummyECBackend(object): return b"public_key" -@pytest.mark.elliptic +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) def test_skip_curve_unsupported(backend): with pytest.raises(pytest.skip.Exception): _skip_curve_unsupported(backend, DummyCurve()) @@ -138,7 +138,7 @@ def test_ec_numbers(): ) -@pytest.mark.elliptic +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) class TestECWithNumbers(object): @pytest.mark.parametrize( ("vector", "hash_type"), @@ -174,7 +174,7 @@ class TestECWithNumbers(object): assert curve_type().name == priv_num.public_numbers.curve.name -@pytest.mark.elliptic +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) class TestECDSAVectors(object): @pytest.mark.parametrize( ("vector", "hash_type"), diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index ca97fc11..c54a610a 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -17,6 +17,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import HashBackend from cryptography.hazmat.primitives import hashes from .utils import generate_hash_test, generate_long_string_hash_test @@ -27,7 +28,7 @@ from ...utils import load_hash_vectors only_if=lambda backend: backend.hash_supported(hashes.SHA1()), skip_message="Does not support SHA1", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA1(object): test_SHA1 = generate_hash_test( load_hash_vectors, @@ -44,7 +45,7 @@ class TestSHA1(object): only_if=lambda backend: backend.hash_supported(hashes.SHA224()), skip_message="Does not support SHA224", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA224(object): test_SHA224 = generate_hash_test( load_hash_vectors, @@ -61,7 +62,7 @@ class TestSHA224(object): only_if=lambda backend: backend.hash_supported(hashes.SHA256()), skip_message="Does not support SHA256", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA256(object): test_SHA256 = generate_hash_test( load_hash_vectors, @@ -78,7 +79,7 @@ class TestSHA256(object): only_if=lambda backend: backend.hash_supported(hashes.SHA384()), skip_message="Does not support SHA384", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA384(object): test_SHA384 = generate_hash_test( load_hash_vectors, @@ -95,7 +96,7 @@ class TestSHA384(object): only_if=lambda backend: backend.hash_supported(hashes.SHA512()), skip_message="Does not support SHA512", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA512(object): test_SHA512 = generate_hash_test( load_hash_vectors, @@ -112,7 +113,7 @@ class TestSHA512(object): only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()), skip_message="Does not support RIPEMD160", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestRIPEMD160(object): test_RIPEMD160 = generate_hash_test( load_hash_vectors, @@ -133,7 +134,7 @@ class TestRIPEMD160(object): only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()), skip_message="Does not support Whirlpool", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestWhirlpool(object): test_whirlpool = generate_hash_test( load_hash_vectors, @@ -156,7 +157,7 @@ class TestWhirlpool(object): only_if=lambda backend: backend.hash_supported(hashes.MD5()), skip_message="Does not support MD5", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestMD5(object): test_md5 = generate_hash_test( load_hash_vectors, diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index ffd65bde..ba4f53af 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -35,7 +35,7 @@ class UnsupportedDummyHash(object): name = "unsupported-dummy-hash" -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestHashContext(object): def test_hash_reject_unicode(self, backend): m = hashes.Hash(hashes.SHA1(), backend=backend) @@ -81,7 +81,7 @@ class TestHashContext(object): only_if=lambda backend: backend.hash_supported(hashes.SHA1()), skip_message="Does not support SHA1", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA1(object): test_SHA1 = generate_base_hash_test( hashes.SHA1(), @@ -94,7 +94,7 @@ class TestSHA1(object): only_if=lambda backend: backend.hash_supported(hashes.SHA224()), skip_message="Does not support SHA224", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA224(object): test_SHA224 = generate_base_hash_test( hashes.SHA224(), @@ -107,7 +107,7 @@ class TestSHA224(object): only_if=lambda backend: backend.hash_supported(hashes.SHA256()), skip_message="Does not support SHA256", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA256(object): test_SHA256 = generate_base_hash_test( hashes.SHA256(), @@ -120,7 +120,7 @@ class TestSHA256(object): only_if=lambda backend: backend.hash_supported(hashes.SHA384()), skip_message="Does not support SHA384", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA384(object): test_SHA384 = generate_base_hash_test( hashes.SHA384(), @@ -133,7 +133,7 @@ class TestSHA384(object): only_if=lambda backend: backend.hash_supported(hashes.SHA512()), skip_message="Does not support SHA512", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA512(object): test_SHA512 = generate_base_hash_test( hashes.SHA512(), @@ -146,7 +146,7 @@ class TestSHA512(object): only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()), skip_message="Does not support RIPEMD160", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestRIPEMD160(object): test_RIPEMD160 = generate_base_hash_test( hashes.RIPEMD160(), @@ -159,7 +159,7 @@ class TestRIPEMD160(object): only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()), skip_message="Does not support Whirlpool", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestWhirlpool(object): test_Whirlpool = generate_base_hash_test( hashes.Whirlpool(), @@ -172,7 +172,7 @@ class TestWhirlpool(object): only_if=lambda backend: backend.hash_supported(hashes.MD5()), skip_message="Does not support MD5", ) -@pytest.mark.hash +@pytest.mark.requires_backend_interface(interface=HashBackend) class TestMD5(object): test_MD5 = generate_base_hash_test( hashes.MD5(), diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py index 598f09f0..9b5d9638 100644 --- a/tests/hazmat/primitives/test_hkdf.py +++ b/tests/hazmat/primitives/test_hkdf.py @@ -22,13 +22,14 @@ import six from cryptography.exceptions import ( AlreadyFinalized, InvalidKey, _Reasons ) +from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.hkdf import HKDF, HKDFExpand from ...utils import raises_unsupported_algorithm -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDF(object): def test_length_limit(self, backend): big_length = 255 * (hashes.SHA256().digest_size // 8) + 1 @@ -153,7 +154,7 @@ class TestHKDF(object): hkdf.verify(b"foo", six.u("bar")) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDFExpand(object): def test_derive(self, backend): prk = binascii.unhexlify( diff --git a/tests/hazmat/primitives/test_hkdf_vectors.py b/tests/hazmat/primitives/test_hkdf_vectors.py index 1e67234f..f2399a38 100644 --- a/tests/hazmat/primitives/test_hkdf_vectors.py +++ b/tests/hazmat/primitives/test_hkdf_vectors.py @@ -17,6 +17,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from .utils import generate_hkdf_test @@ -27,7 +28,7 @@ from ...utils import load_nist_vectors only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), skip_message="Does not support SHA1." ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDFSHA1(object): test_HKDFSHA1 = generate_hkdf_test( load_nist_vectors, @@ -41,7 +42,7 @@ class TestHKDFSHA1(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA256()), skip_message="Does not support SHA256." ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHKDFSHA256(object): test_HKDFSHA1 = generate_hkdf_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py index dca3eb02..baf8a299 100644 --- a/tests/hazmat/primitives/test_hmac.py +++ b/tests/hazmat/primitives/test_hmac.py @@ -39,14 +39,14 @@ class UnsupportedDummyHash(object): only_if=lambda backend: backend.hmac_supported(hashes.MD5()), skip_message="Does not support MD5", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACCopy(object): test_copy = generate_base_hmac_test( hashes.MD5(), ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMAC(object): def test_hmac_reject_unicode(self, backend): h = hmac.HMAC(b"mykey", hashes.SHA1(), backend=backend) diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py index 2f88fb1d..689628fc 100644 --- a/tests/hazmat/primitives/test_hmac_vectors.py +++ b/tests/hazmat/primitives/test_hmac_vectors.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import pytest +from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from .utils import generate_hmac_test @@ -25,7 +26,7 @@ from ...utils import load_hash_vectors only_if=lambda backend: backend.hmac_supported(hashes.MD5()), skip_message="Does not support MD5", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACMD5(object): test_hmac_md5 = generate_hmac_test( load_hash_vectors, @@ -41,7 +42,7 @@ class TestHMACMD5(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), skip_message="Does not support SHA1", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACSHA1(object): test_hmac_sha1 = generate_hmac_test( load_hash_vectors, @@ -57,7 +58,7 @@ class TestHMACSHA1(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA224()), skip_message="Does not support SHA224", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACSHA224(object): test_hmac_sha224 = generate_hmac_test( load_hash_vectors, @@ -73,7 +74,7 @@ class TestHMACSHA224(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA256()), skip_message="Does not support SHA256", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACSHA256(object): test_hmac_sha256 = generate_hmac_test( load_hash_vectors, @@ -89,7 +90,7 @@ class TestHMACSHA256(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA384()), skip_message="Does not support SHA384", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACSHA384(object): test_hmac_sha384 = generate_hmac_test( load_hash_vectors, @@ -105,7 +106,7 @@ class TestHMACSHA384(object): only_if=lambda backend: backend.hmac_supported(hashes.SHA512()), skip_message="Does not support SHA512", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACSHA512(object): test_hmac_sha512 = generate_hmac_test( load_hash_vectors, @@ -121,7 +122,7 @@ class TestHMACSHA512(object): only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160()), skip_message="Does not support RIPEMD160", ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHMACRIPEMD160(object): test_hmac_ripemd160 = generate_hmac_test( load_hash_vectors, diff --git a/tests/hazmat/primitives/test_idea.py b/tests/hazmat/primitives/test_idea.py index de439259..0242dca7 100644 --- a/tests/hazmat/primitives/test_idea.py +++ b/tests/hazmat/primitives/test_idea.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support IDEA ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestIDEAModeECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, @@ -47,7 +48,7 @@ class TestIDEAModeECB(object): ), skip_message="Does not support IDEA CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestIDEAModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -64,7 +65,7 @@ class TestIDEAModeCBC(object): ), skip_message="Does not support IDEA OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestIDEAModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -81,7 +82,7 @@ class TestIDEAModeOFB(object): ), skip_message="Does not support IDEA CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestIDEAModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_pbkdf2hmac_vectors.py b/tests/hazmat/primitives/test_pbkdf2hmac_vectors.py index 149387be..7eed58ad 100644 --- a/tests/hazmat/primitives/test_pbkdf2hmac_vectors.py +++ b/tests/hazmat/primitives/test_pbkdf2hmac_vectors.py @@ -15,6 +15,7 @@ from __future__ import absolute_import, division, print_function import pytest +from cryptography.hazmat.backends.interfaces import PBKDF2HMACBackend from cryptography.hazmat.primitives import hashes from .utils import generate_pbkdf2_test @@ -25,7 +26,7 @@ from ...utils import load_nist_vectors only_if=lambda backend: backend.pbkdf2_hmac_supported(hashes.SHA1()), skip_message="Does not support SHA1 for PBKDF2HMAC", ) -@pytest.mark.pbkdf2hmac +@pytest.mark.requires_backend_interface(interface=PBKDF2HMACBackend) class TestPBKDF2HMACSHA1(object): test_pbkdf2_sha1 = generate_pbkdf2_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index d1583e25..c3551e2b 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -25,6 +25,7 @@ from cryptography import utils from cryptography.exceptions import ( AlreadyFinalized, InvalidSignature, _Reasons ) +from cryptography.hazmat.backends.interfaces import RSABackend from cryptography.hazmat.primitives import hashes, interfaces from cryptography.hazmat.primitives.asymmetric import padding, rsa from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers @@ -85,7 +86,7 @@ def test_modular_inverse(): ) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSA(object): @pytest.mark.parametrize( ("public_exponent", "key_size"), @@ -170,7 +171,7 @@ def test_rsa_generate_invalid_backend(): rsa.generate_private_key(65537, 2048, pretend_backend) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSASignature(object): @pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( @@ -436,7 +437,7 @@ class TestRSASignature(object): signer.finalize() -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAVerification(object): @pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( @@ -772,7 +773,7 @@ class TestRSAVerification(object): verifier.verify() -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAPSSMGF1Verification(object): test_rsa_pss_mgf1_sha1 = pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( @@ -900,7 +901,7 @@ class TestRSAPSSMGF1Verification(object): )) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAPKCS1Verification(object): test_rsa_pkcs1v15_verify_sha1 = pytest.mark.supported( only_if=lambda backend: ( @@ -1050,7 +1051,7 @@ class TestOAEP(object): ) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSADecryption(object): @pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( @@ -1191,7 +1192,7 @@ class TestRSADecryption(object): ) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSAEncryption(object): @pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( @@ -1310,7 +1311,7 @@ class TestRSAEncryption(object): ) -@pytest.mark.rsa +@pytest.mark.requires_backend_interface(interface=RSABackend) class TestRSANumbers(object): def test_rsa_public_numbers(self): public_numbers = rsa.RSAPublicNumbers(e=1, n=15) diff --git a/tests/hazmat/primitives/test_seed.py b/tests/hazmat/primitives/test_seed.py index 35f89e56..884c22f7 100644 --- a/tests/hazmat/primitives/test_seed.py +++ b/tests/hazmat/primitives/test_seed.py @@ -18,6 +18,7 @@ import os import pytest +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes from .utils import generate_encrypt_test @@ -30,7 +31,7 @@ from ...utils import load_nist_vectors ), skip_message="Does not support SEED ECB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestSEEDModeECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, @@ -47,7 +48,7 @@ class TestSEEDModeECB(object): ), skip_message="Does not support SEED CBC", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestSEEDModeCBC(object): test_CBC = generate_encrypt_test( load_nist_vectors, @@ -64,7 +65,7 @@ class TestSEEDModeCBC(object): ), skip_message="Does not support SEED OFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestSEEDModeOFB(object): test_OFB = generate_encrypt_test( load_nist_vectors, @@ -81,7 +82,7 @@ class TestSEEDModeOFB(object): ), skip_message="Does not support SEED CFB", ) -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) class TestSEEDModeCFB(object): test_CFB = generate_encrypt_test( load_nist_vectors, diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py index fc108d27..c2cb1b7a 100644 --- a/tests/hazmat/primitives/test_serialization.py +++ b/tests/hazmat/primitives/test_serialization.py @@ -20,6 +20,10 @@ import textwrap import pytest from cryptography.exceptions import _Reasons +from cryptography.hazmat.backends.interfaces import ( + EllipticCurveBackend, PEMSerializationBackend, PKCS8SerializationBackend, + TraditionalOpenSSLSerializationBackend +) from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.serialization import ( @@ -33,7 +37,7 @@ from .utils import _check_rsa_private_numbers, load_vectors_from_file from ...utils import raises_unsupported_algorithm -@pytest.mark.pem_serialization +@pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) class TestPEMSerialization(object): def test_load_pem_rsa_private_key(self, backend): key = load_vectors_from_file( @@ -67,7 +71,7 @@ class TestPEMSerialization(object): ("ec_private_key_encrypted.pem", b"123456"), ] ) - @pytest.mark.elliptic + @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) def test_load_pem_ec_private_key(self, key_file, password, backend): _skip_curve_unsupported(backend, ec.SECP256R1()) key = load_vectors_from_file( @@ -121,7 +125,7 @@ class TestPEMSerialization(object): assert key assert isinstance(key, interfaces.DSAPublicKey) - @pytest.mark.elliptic + @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) def test_load_ec_public_key(self, backend): _skip_curve_unsupported(backend, ec.SECP256R1()) key = load_vectors_from_file( @@ -138,7 +142,9 @@ class TestPEMSerialization(object): assert key.curve.key_size == 256 -@pytest.mark.traditional_openssl_serialization +@pytest.mark.requires_backend_interface( + interface=TraditionalOpenSSLSerializationBackend +) class TestTraditionalOpenSSLSerialization(object): @pytest.mark.parametrize( ("key_file", "password"), @@ -360,7 +366,7 @@ class TestTraditionalOpenSSLSerialization(object): ) -@pytest.mark.pkcs8_serialization +@pytest.mark.requires_backend_interface(interface=PKCS8SerializationBackend) class TestPKCS8Serialization(object): @pytest.mark.parametrize( ("key_file", "password"), @@ -401,7 +407,7 @@ class TestPKCS8Serialization(object): ("ec_private_key_encrypted.pem", b"123456"), ] ) - @pytest.mark.elliptic + @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) def test_load_pem_ec_private_key(self, key_file, password, backend): _skip_curve_unsupported(backend, ec.SECP256R1()) key = load_vectors_from_file( diff --git a/tests/hazmat/primitives/twofactor/test_hotp.py b/tests/hazmat/primitives/twofactor/test_hotp.py index 803f96f3..92078e61 100644 --- a/tests/hazmat/primitives/twofactor/test_hotp.py +++ b/tests/hazmat/primitives/twofactor/test_hotp.py @@ -18,6 +18,7 @@ import os import pytest from cryptography.exceptions import InvalidToken, _Reasons +from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.hashes import MD5, SHA1 from cryptography.hazmat.primitives.twofactor.hotp import HOTP @@ -34,7 +35,7 @@ vectors = load_vectors_from_file( only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), skip_message="Does not support HMAC-SHA1." ) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestHOTP(object): def test_invalid_key_length(self, backend): secret = os.urandom(10) diff --git a/tests/hazmat/primitives/twofactor/test_totp.py b/tests/hazmat/primitives/twofactor/test_totp.py index 518d3ce8..6ad70ae1 100644 --- a/tests/hazmat/primitives/twofactor/test_totp.py +++ b/tests/hazmat/primitives/twofactor/test_totp.py @@ -16,6 +16,7 @@ from __future__ import absolute_import, division, print_function import pytest from cryptography.exceptions import InvalidToken, _Reasons +from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.twofactor.totp import TOTP @@ -27,7 +28,7 @@ vectors = load_vectors_from_file( "twofactor/rfc-6238.txt", load_nist_vectors) -@pytest.mark.hmac +@pytest.mark.requires_backend_interface(interface=HMACBackend) class TestTOTP(object): @pytest.mark.supported( only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), diff --git a/tests/test_fernet.py b/tests/test_fernet.py index 5c630b9e..813ad88f 100644 --- a/tests/test_fernet.py +++ b/tests/test_fernet.py @@ -26,6 +26,7 @@ import six from cryptography.fernet import Fernet, InvalidToken, MultiFernet from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.backends.interfaces import CipherBackend from cryptography.hazmat.primitives.ciphers import algorithms, modes import cryptography_vectors @@ -46,7 +47,7 @@ def test_default_backend(): assert f._backend is default_backend() -@pytest.mark.cipher +@pytest.mark.requires_backend_interface(interface=CipherBackend) @pytest.mark.supported( only_if=lambda backend: backend.cipher_supported( algorithms.AES("\x00" * 32), modes.CBC("\x00" * 16) diff --git a/tests/test_utils.py b/tests/test_utils.py index da3b1a2a..6c8d088b 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -27,12 +27,12 @@ from cryptography.exceptions import UnsupportedAlgorithm, _Reasons import cryptography_vectors from .utils import ( - check_backend_support, check_for_iface, der_encode_dsa_signature, - load_cryptrec_vectors, load_fips_dsa_key_pair_vectors, - load_fips_dsa_sig_vectors, load_fips_ecdsa_key_pair_vectors, - load_fips_ecdsa_signing_vectors, load_hash_vectors, load_kasvs_dh_vectors, - load_nist_vectors, load_pkcs1_vectors, load_rsa_nist_vectors, - load_vectors_from_file, raises_unsupported_algorithm, select_backends + check_backend_support, der_encode_dsa_signature, load_cryptrec_vectors, + load_fips_dsa_key_pair_vectors, load_fips_dsa_sig_vectors, + load_fips_ecdsa_key_pair_vectors, load_fips_ecdsa_signing_vectors, + load_hash_vectors, load_kasvs_dh_vectors, load_nist_vectors, + load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file, + raises_unsupported_algorithm, select_backends ) @@ -82,19 +82,6 @@ def test_select_two_backends(): assert selected_backends == [b1, b2] -def test_check_for_iface(): - item = pretend.stub(keywords=["fake_name"], funcargs={"backend": True}) - with pytest.raises(pytest.skip.Exception) as exc_info: - check_for_iface("fake_name", FakeInterface, item) - assert exc_info.value.args[0] == "True backend does not support fake_name" - - item = pretend.stub( - keywords=["fake_name"], - funcargs={"backend": FakeInterface()} - ) - check_for_iface("fake_name", FakeInterface, item) - - def test_check_backend_support_skip(): supported = pretend.stub( kwargs={"only_if": lambda backend: False, "skip_message": "Nope"} diff --git a/tests/utils.py b/tests/utils.py index 5557ea85..bc5bc1ea 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -55,14 +55,6 @@ def select_backends(names, backend_list): ) -def check_for_iface(name, iface, item): - if name in item.keywords and "backend" in item.funcargs: - if not isinstance(item.funcargs["backend"], iface): - pytest.skip("{0} backend does not support {1}".format( - item.funcargs["backend"], name - )) - - def check_backend_support(item): supported = item.keywords.get("supported") if supported and "backend" in item.funcargs: |