From ebb04592d2286118d3368d939d8a53a4a42be59d Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 12 Apr 2020 10:58:07 -0400 Subject: Refs #5075 -- use hkdf_*.json from wycheproof (#5190) --- tests/utils.py | 14 +++++++----- tests/wycheproof/test_hkdf.py | 50 ++++++++++++++++++++++++++++++++++++++++++ tests/wycheproof/test_utils.py | 4 ++-- 3 files changed, 61 insertions(+), 7 deletions(-) create mode 100644 tests/wycheproof/test_hkdf.py diff --git a/tests/utils.py b/tests/utils.py index 7e79830b..401b4e33 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -886,13 +886,17 @@ def load_nist_ccm_vectors(vector_data): class WycheproofTest(object): - def __init__(self, testgroup, testcase): + def __init__(self, testfiledata, testgroup, testcase): + self.testfiledata = testfiledata self.testgroup = testgroup self.testcase = testcase def __repr__(self): - return "".format( - self.testgroup, self.testcase, self.testcase["tcId"], + return "".format( + self.testfiledata, + self.testgroup, + self.testcase, + self.testcase["tcId"], ) @property @@ -922,7 +926,7 @@ def load_wycheproof_tests(wycheproof, test_file): path = os.path.join(wycheproof, "testvectors", test_file) with open(path) as f: data = json.load(f) - for group in data["testGroups"]: + for group in data.pop("testGroups"): cases = group.pop("tests") for c in cases: - yield WycheproofTest(group, c) + yield WycheproofTest(data, group, c) diff --git a/tests/wycheproof/test_hkdf.py b/tests/wycheproof/test_hkdf.py new file mode 100644 index 00000000..7038d623 --- /dev/null +++ b/tests/wycheproof/test_hkdf.py @@ -0,0 +1,50 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +import binascii + +import pytest + +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.kdf.hkdf import HKDF + + +_HASH_ALGORITHMS = { + "HKDF-SHA-1": hashes.SHA1(), + "HKDF-SHA-256": hashes.SHA256(), + "HKDF-SHA-384": hashes.SHA384(), + "HKDF-SHA-512": hashes.SHA512(), +} + + +@pytest.mark.wycheproof_tests( + "hkdf_sha1_test.json", + "hkdf_sha256_test.json", + "hkdf_sha384_test.json", + "hkdf_sha512_test.json", +) +def test_hkdf(backend, wycheproof): + hash_algo = _HASH_ALGORITHMS[wycheproof.testfiledata["algorithm"]] + if wycheproof.invalid: + with pytest.raises(ValueError): + HKDF( + algorithm=hash_algo, + length=wycheproof.testcase["size"], + salt=binascii.unhexlify(wycheproof.testcase["salt"]), + info=binascii.unhexlify(wycheproof.testcase["info"]), + backend=backend + ) + return + + h = HKDF( + algorithm=hash_algo, + length=wycheproof.testcase["size"], + salt=binascii.unhexlify(wycheproof.testcase["salt"]), + info=binascii.unhexlify(wycheproof.testcase["info"]), + backend=backend + ) + result = h.derive(binascii.unhexlify(wycheproof.testcase["ikm"])) + assert result == binascii.unhexlify(wycheproof.testcase["okm"]) diff --git a/tests/wycheproof/test_utils.py b/tests/wycheproof/test_utils.py index 82c0a359..2cf3be08 100644 --- a/tests/wycheproof/test_utils.py +++ b/tests/wycheproof/test_utils.py @@ -10,8 +10,8 @@ from ..utils import WycheproofTest, skip_if_wycheproof_none def test_wycheproof_test_repr(): - wycheproof = WycheproofTest({}, {"tcId": 3}) - assert repr(wycheproof) == "" + wycheproof = WycheproofTest({}, {}, {"tcId": 3}) + assert repr(wycheproof) == "" def test_skip_if_wycheproof_none(): -- cgit v1.2.3