From 26d959668ff0a651b7637d0bad11854cc6788ee2 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 17:01:31 +0800 Subject: Added CMACBackend to multibackend --- cryptography/hazmat/backends/multibackend.py | 13 +++++++++++-- docs/hazmat/primitives/mac/cmac.rst | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 86cded85..b9388346 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -16,11 +16,12 @@ from __future__ import absolute_import, division, print_function from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( - CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend, - RSABackend + CMACBackend, CipherBackend, DSABackend, HMACBackend, HashBackend, + PBKDF2HMACBackend, RSABackend ) +@utils.register_interface(CMACBackend) @utils.register_interface(CipherBackend) @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @@ -156,3 +157,11 @@ class MultiBackend(object): return b.generate_dsa_private_key(parameters) raise UnsupportedAlgorithm("DSA is not supported by the backend", _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) + + def cmac_algorithm_supported(self, algorithm): + for b in self._filtered_backends(CMACBackend): + return b.cmac_algorithm_supported(algorithm) + + def create_cmac_ctx(self, algorithm): + for b in self._filtered_backends(CMACBackend): + return b.create_cmac_ctx(algorithm) diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst index 8b88a3ce..69706bb7 100644 --- a/docs/hazmat/primitives/mac/cmac.rst +++ b/docs/hazmat/primitives/mac/cmac.rst @@ -22,7 +22,7 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`. CMAC objects take a :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm` provider. - .. code-block:: pycon + .. doctest:: >>> from cryptography.hazmat.backends import default_backend >>> from cryptography.hazmat.primitives import cmac -- cgit v1.2.3 From 771fc77eb3f3e0d43471c6bde39a194bb17affbb Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 18:05:04 +0800 Subject: Added tests for multibackend --- cryptography/hazmat/backends/multibackend.py | 12 +++++++--- tests/hazmat/backends/test_multibackend.py | 36 +++++++++++++++++++++++++--- 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index b9388346..24a7a357 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -159,9 +159,15 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM) def cmac_algorithm_supported(self, algorithm): - for b in self._filtered_backends(CMACBackend): - return b.cmac_algorithm_supported(algorithm) + return any( + b.cmac_algorithm_supported(algorithm) + for b in self._filtered_backends(CMACBackend) + ) def create_cmac_ctx(self, algorithm): for b in self._filtered_backends(CMACBackend): - return b.create_cmac_ctx(algorithm) + try: + return b.create_cmac_ctx(algorithm) + except UnsupportedAlgorithm: + pass + raise UnsupportedAlgorithm("This backend does not support CMAC") diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index f46009d4..2fa9f758 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -13,16 +13,18 @@ from __future__ import absolute_import, division, print_function +import pytest + from cryptography import utils from cryptography.exceptions import ( UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import ( - CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend, - RSABackend + CMACBackend, CipherBackend, DSABackend, HMACBackend, HashBackend, + PBKDF2HMACBackend, RSABackend ) from cryptography.hazmat.backends.multibackend import MultiBackend -from cryptography.hazmat.primitives import hashes, hmac +from cryptography.hazmat.primitives import cmac, hashes, hmac from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes @@ -108,6 +110,19 @@ class DummyDSABackend(object): pass +@utils.register_interface(CMACBackend) +class DummyCMACBackend(object): + def __init__(self, supported_algorithms): + self._algorithms = supported_algorithms + + def cmac_algorithm_supported(self, algorithm): + return type(algorithm) in self._algorithms + + def create_cmac_ctx(self, algorithm): + if not self.cmac_algorithm_supported(algorithm): + raise UnsupportedAlgorithm("") + + class TestMultiBackend(object): def test_ciphers(self): backend = MultiBackend([ @@ -224,3 +239,18 @@ class TestMultiBackend(object): _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM ): backend.generate_dsa_private_key(parameters) + + def test_cmac(self): + backend = MultiBackend([ + DummyCMACBackend([algorithms.AES]) + ]) + + fake_key = b"\x00" * 16 + + assert backend.cmac_algorithm_supported( + algorithms.AES(fake_key)) is True + + cmac.CMAC(algorithms.AES(fake_key), backend) + + with pytest.raises(UnsupportedAlgorithm): + cmac.CMAC(algorithms.TripleDES(fake_key), backend) -- cgit v1.2.3 From bafbc3385e4fb3c048b3daa61ff2807a88f5b2e1 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 19:31:26 +0800 Subject: Added _REASON --- cryptography/hazmat/backends/multibackend.py | 3 ++- tests/hazmat/backends/test_multibackend.py | 6 ++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 24a7a357..981a60bd 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -170,4 +170,5 @@ class MultiBackend(object): return b.create_cmac_ctx(algorithm) except UnsupportedAlgorithm: pass - raise UnsupportedAlgorithm("This backend does not support CMAC") + raise UnsupportedAlgorithm("This backend does not support CMAC", + _Reasons.UNSUPPORTED_CIPHER) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 2fa9f758..d8c09bd7 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -13,8 +13,6 @@ from __future__ import absolute_import, division, print_function -import pytest - from cryptography import utils from cryptography.exceptions import ( UnsupportedAlgorithm, _Reasons @@ -120,7 +118,7 @@ class DummyCMACBackend(object): def create_cmac_ctx(self, algorithm): if not self.cmac_algorithm_supported(algorithm): - raise UnsupportedAlgorithm("") + raise UnsupportedAlgorithm("", _Reasons.UNSUPPORTED_CIPHER) class TestMultiBackend(object): @@ -252,5 +250,5 @@ class TestMultiBackend(object): cmac.CMAC(algorithms.AES(fake_key), backend) - with pytest.raises(UnsupportedAlgorithm): + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): cmac.CMAC(algorithms.TripleDES(fake_key), backend) -- cgit v1.2.3 From 9bea9373efcddd390aa2d2f63d8690d6d3ceca14 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 21:00:34 +0800 Subject: Added changelog and versionadded for CMAC --- CHANGELOG.rst | 2 ++ docs/hazmat/primitives/mac/cmac.rst | 2 ++ 2 files changed, 4 insertions(+) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 9e89e563..106e0ab2 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -11,6 +11,8 @@ Changelog to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will be removed from ``MGF1`` in two releases per our :doc:`/api-stability` policy. +* Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`. + 0.3 - 2014-03-27 ~~~~~~~~~~~~~~~~ diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst index 69706bb7..a6b048b5 100644 --- a/docs/hazmat/primitives/mac/cmac.rst +++ b/docs/hazmat/primitives/mac/cmac.rst @@ -19,6 +19,8 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`. .. class:: CMAC(algorithm, backend) + .. versionadded:: 0.4 + CMAC objects take a :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm` provider. -- cgit v1.2.3