From c423f635d16443b0ca7c9fea280575b9035328d0 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 8 Feb 2014 21:40:06 -0600 Subject: add cbc, cfb, ofb support to CAST5 (aka CAST128) for openssl & cc fixes #393 --- .../hazmat/backends/commoncrypto/backend.py | 18 +++++--- cryptography/hazmat/backends/openssl/backend.py | 11 +++-- tests/hazmat/primitives/test_cast5.py | 53 +++++++++++++++++++++- 3 files changed, 70 insertions(+), 12 deletions(-) diff --git a/cryptography/hazmat/backends/commoncrypto/backend.py b/cryptography/hazmat/backends/commoncrypto/backend.py index 523aac82..5c08a356 100644 --- a/cryptography/hazmat/backends/commoncrypto/backend.py +++ b/cryptography/hazmat/backends/commoncrypto/backend.py @@ -198,12 +198,18 @@ class Backend(object): mode_cls, mode_const ) - self._register_cipher_adapter( - CAST5, - self._lib.kCCAlgorithmCAST, - ECB, - self._lib.kCCModeECB - ) + for mode_cls, mode_const in [ + (CBC, self._lib.kCCModeCBC), + (ECB, self._lib.kCCModeECB), + (CFB, self._lib.kCCModeCFB), + (OFB, self._lib.kCCModeOFB) + ]: + self._register_cipher_adapter( + CAST5, + self._lib.kCCAlgorithmCAST, + mode_cls, + mode_const + ) self._register_cipher_adapter( ARC4, self._lib.kCCAlgorithmRC4, diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 0e5e92a5..ef34cb43 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -153,11 +153,12 @@ class Backend(object): mode_cls, GetCipherByName("bf-{mode.name}") ) - self.register_cipher_adapter( - CAST5, - ECB, - GetCipherByName("cast5-{mode.name}") - ) + for mode_cls in [CBC, CFB, OFB, ECB]: + self.register_cipher_adapter( + CAST5, + mode_cls, + GetCipherByName("cast5-{mode.name}") + ) self.register_cipher_adapter( ARC4, type(None), diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py index d65a86b2..682b4496 100644 --- a/tests/hazmat/primitives/test_cast5.py +++ b/tests/hazmat/primitives/test_cast5.py @@ -31,7 +31,7 @@ from ...utils import load_nist_vectors skip_message="Does not support CAST5 ECB", ) @pytest.mark.cipher -class TestCAST5(object): +class TestCAST5_ECB(object): test_ECB = generate_encrypt_test( load_nist_vectors, os.path.join("ciphers", "CAST5"), @@ -39,3 +39,54 @@ class TestCAST5(object): lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), lambda **kwargs: modes.ECB(), ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.CAST5("\x00" * 16), modes.CBC("\x00" * 8) + ), + skip_message="Does not support CAST5 CBC", +) +@pytest.mark.cipher +class TestCAST5_CBC(object): + test_CBC = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "CAST5"), + ["cast5-cbc.txt"], + lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv)) + ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.CAST5("\x00" * 16), modes.OFB("\x00" * 8) + ), + skip_message="Does not support CAST5 OFB", +) +@pytest.mark.cipher +class TestCAST5_OFB(object): + test_OFB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "CAST5"), + ["cast5-ofb.txt"], + lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv)) + ) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.CAST5("\x00" * 16), modes.CFB("\x00" * 8) + ), + skip_message="Does not support CAST5 CFB", +) +@pytest.mark.cipher +class TestCAST5_CFB(object): + test_CFB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "CAST5"), + ["cast5-cfb.txt"], + lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), + lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv)) + ) -- cgit v1.2.3