diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 13 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 41 |
2 files changed, 53 insertions, 1 deletions
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 016da0fc..86404fe9 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -21,7 +21,7 @@ from cryptography.exceptions import ( ) from cryptography.hazmat.backends.openssl.backend import Backend, backend from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import padding, rsa +from cryptography.hazmat.primitives.asymmetric import dsa, padding, rsa from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC @@ -192,6 +192,17 @@ class TestOpenSSL(object): res = backend._lib.ENGINE_free(e) assert res == 1 + @pytest.mark.skipif( + backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000000f, + reason="Requires an older OpenSSL. Must be < 1.0.0" + ) + def test_large_key_size_on_old_openssl(self): + with pytest.raises(ValueError): + dsa.DSAParameters.generate(2048, backend=backend) + + with pytest.raises(ValueError): + dsa.DSAParameters.generate(3072, backend=backend) + class TestOpenSSLRandomEngine(object): def teardown_method(self, method): diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 2a2b9bda..6503b9d4 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -14,10 +14,18 @@ from __future__ import absolute_import, division, print_function +import os + import pytest from cryptography.hazmat.primitives.asymmetric import dsa +from cryptography.utils import bit_length + +from ...utils import ( + load_vectors_from_file, load_fips_dsa_key_pair_vectors +) + def _check_dsa_private_key(skey): assert skey @@ -157,6 +165,39 @@ class TestDSA(object): 'f90f7dff6d2bae' } + def test_generate_dsa_parameters(self, backend): + parameters = dsa.DSAParameters.generate(1024, backend) + assert bit_length(parameters.p) == 1024 + if backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000000fL: + parameters = dsa.DSAParameters.generate(2048, backend) + assert bit_length(parameters.p) == 2048 + parameters = dsa.DSAParameters.generate(3072, backend) + assert bit_length(parameters.p) == 3072 + + @pytest.mark.parametrize( + "vector", + load_vectors_from_file( + os.path.join( + "asymmetric", "DSA", "FIPS_186-3", "KeyPair.rsp"), + load_fips_dsa_key_pair_vectors + ) + ) + def test_generate_dsa_keys(self, vector, backend): + class Object(object): + pass + parameters = Object() + parameters.p = vector['p'] + parameters.q = vector['q'] + parameters.g = vector['g'] + skey = dsa.DSAPrivateKey.generate(parameters, backend) + + skey_parameters = skey.parameters() + assert skey_parameters.p == vector['p'] + assert skey_parameters.q == vector['q'] + assert skey_parameters.g == vector['g'] + assert skey.key_size == bit_length(vector['p']) + assert skey.y == pow(skey_parameters.g, skey.x, skey_parameters.p) + def test_invalid_parameters_argument_types(self): with pytest.raises(TypeError): dsa.DSAParameters(None, None, None) |