From 230457a605999bbdd49df7592290956d80863f3c Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Sun, 30 Mar 2014 02:35:13 +0200 Subject: Add DSA private key api, docs and tests --- tests/hazmat/primitives/test_dsa.py | 292 +++++++++++++++++++++++++++++++++++- 1 file changed, 290 insertions(+), 2 deletions(-) (limited to 'tests/hazmat/primitives/test_dsa.py') diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index fe610ef3..2a2b9bda 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -19,6 +19,40 @@ import pytest from cryptography.hazmat.primitives.asymmetric import dsa +def _check_dsa_private_key(skey): + assert skey + assert skey.x + assert skey.y + assert skey.key_size + + skey_parameters = skey.parameters() + assert skey_parameters + assert skey_parameters.modulus + assert skey_parameters.subgroup_order + assert skey_parameters.generator + assert skey_parameters.modulus == skey_parameters.p + assert skey_parameters.subgroup_order == skey_parameters.q + assert skey_parameters.generator == skey_parameters.g + + pkey = skey.public_key() + assert pkey + assert skey.y == pkey.y + assert skey.key_size == pkey.key_size + + pkey_parameters = pkey.parameters() + assert pkey_parameters + assert pkey_parameters.modulus + assert pkey_parameters.subgroup_order + assert pkey_parameters.generator + assert pkey_parameters.modulus == pkey_parameters.p + assert pkey_parameters.subgroup_order == pkey_parameters.q + assert pkey_parameters.generator == pkey_parameters.g + + assert skey_parameters.modulus == pkey_parameters.modulus + assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order + assert skey_parameters.generator == pkey_parameters.generator + + class TestDSA(object): _parameters_1024 = { 'p': 'd38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d4b725ef341eabb47' @@ -127,6 +161,10 @@ class TestDSA(object): with pytest.raises(TypeError): dsa.DSAParameters(None, None, None) + def test_invalid_private_key_argument_types(self): + with pytest.raises(TypeError): + dsa.DSAPrivateKey(None, None, None, None, None) + def test_invalid_public_key_argument_types(self): with pytest.raises(TypeError): dsa.DSAPublicKey(None, None, None, None) @@ -145,6 +183,36 @@ class TestDSA(object): assert parameters.subgroup_order == parameters.q assert parameters.generator == parameters.g + pub_key = dsa.DSAPublicKey( + modulus=int(self._parameters_1024["p"], 16), + subgroup_order=int(self._parameters_1024["q"], 16), + generator=int(self._parameters_1024["g"], 16), + y=int(self._parameters_1024["y"], 16) + ) + assert pub_key + assert pub_key.key_size + assert pub_key.y + pub_key_parameters = pub_key.parameters() + assert pub_key_parameters + assert pub_key_parameters.modulus + assert pub_key_parameters.subgroup_order + assert pub_key_parameters.generator + + skey = dsa.DSAPrivateKey( + modulus=int(self._parameters_1024["p"], 16), + subgroup_order=int(self._parameters_1024["q"], 16), + generator=int(self._parameters_1024["g"], 16), + x=int(self._parameters_1024["x"], 16), + y=int(self._parameters_1024["y"], 16) + ) + assert skey + _check_dsa_private_key(skey) + skey_parameters = skey.parameters() + assert skey_parameters + assert skey_parameters.modulus + assert skey_parameters.subgroup_order + assert skey_parameters.generator + pkey = dsa.DSAPublicKey( modulus=int(self._parameters_1024["p"], 16), subgroup_order=int(self._parameters_1024["q"], 16), @@ -152,14 +220,33 @@ class TestDSA(object): y=int(self._parameters_1024["y"], 16) ) assert pkey - assert pkey.key_size - assert pkey.y pkey_parameters = pkey.parameters() assert pkey_parameters assert pkey_parameters.modulus assert pkey_parameters.subgroup_order assert pkey_parameters.generator + pkey2 = skey.public_key() + assert pkey2 + pkey2_parameters = pkey.parameters() + assert pkey2_parameters + assert pkey2_parameters.modulus + assert pkey2_parameters.subgroup_order + assert pkey2_parameters.generator + + assert skey_parameters.modulus == pkey_parameters.modulus + assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order + assert skey_parameters.generator == pkey_parameters.generator + assert skey.y == pkey.y + assert skey.key_size == pkey.key_size + + assert pkey_parameters.modulus == pkey2_parameters.modulus + assert pkey_parameters.subgroup_order == \ + pkey2_parameters.subgroup_order + assert pkey_parameters.generator == pkey2_parameters.generator + assert pkey.y == pkey2.y + assert pkey.key_size == pkey2.key_size + def test_invalid_parameters_values(self): # Test a modulus < 1024 bits in length with pytest.raises(ValueError): @@ -265,6 +352,207 @@ class TestDSA(object): generator=2 ** 1200 ) + def test_invalid_dsa_private_key_arguments(self): + # Test a modulus < 1024 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=2 ** 1000, + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test a modulus < 2048 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=2 ** 2000, + subgroup_order=int(self._parameters_2048['q'], 16), + generator=int(self._parameters_2048['g'], 16), + x=int(self._parameters_2048['x'], 16), + y=int(self._parameters_2048['y'], 16) + ) + + # Test a modulus < 3072 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=2 ** 3000, + subgroup_order=int(self._parameters_3072['q'], 16), + generator=int(self._parameters_3072['g'], 16), + x=int(self._parameters_3072['x'], 16), + y=int(self._parameters_3072['y'], 16) + ) + + # Test a modulus > 3072 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=2 ** 3100, + subgroup_order=int(self._parameters_3072['q'], 16), + generator=int(self._parameters_3072['g'], 16), + x=int(self._parameters_3072['x'], 16), + y=int(self._parameters_3072['y'], 16) + ) + + # Test a subgroup_order < 160 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=2 ** 150, + generator=int(self._parameters_1024['g'], 16), + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test a subgroup_order < 256 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_2048['p'], 16), + subgroup_order=2 ** 250, + generator=int(self._parameters_2048['g'], 16), + x=int(self._parameters_2048['x'], 16), + y=int(self._parameters_2048['y'], 16) + ) + + # Test a subgroup_order > 256 bits in length + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_3072['p'], 16), + subgroup_order=2 ** 260, + generator=int(self._parameters_3072['g'], 16), + x=int(self._parameters_3072['x'], 16), + y=int(self._parameters_3072['y'], 16) + ) + + # Test a modulus, subgroup_order pair of (1024, 256) bit lengths + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_2048['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test a modulus, subgroup_order pair of (2048, 160) bit lengths + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_2048['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_2048['g'], 16), + x=int(self._parameters_2048['x'], 16), + y=int(self._parameters_2048['y'], 16) + ) + + # Test a modulus, subgroup_order pair of (3072, 160) bit lengths + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_3072['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_3072['g'], 16), + x=int(self._parameters_3072['x'], 16), + y=int(self._parameters_3072['y'], 16) + ) + + # Test a generator < 1 + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=0, + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test a generator = 1 + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=1, + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test a generator > modulus + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=2 ** 1200, + x=int(self._parameters_1024['x'], 16), + y=int(self._parameters_1024['y'], 16) + ) + + # Test x = 0 + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=0, + y=int(self._parameters_1024['y'], 16) + ) + + # Test x < 0 + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=-2, + y=int(self._parameters_1024['y'], 16) + ) + + # Test x = subgroup_order + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=2 ** 159, + y=int(self._parameters_1024['y'], 16) + ) + + # Test x > subgroup_order + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=2 ** 200, + y=int(self._parameters_1024['y'], 16) + ) + + # Test y != (generator ** x) % modulus + with pytest.raises(ValueError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=int(self._parameters_1024['x'], 16), + y=2 ** 100 + ) + + # Test a non-integer y value + with pytest.raises(TypeError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=int(self._parameters_1024['x'], 16), + y=None + ) + + # Test a non-integer x value + with pytest.raises(TypeError): + dsa.DSAPrivateKey( + modulus=int(self._parameters_1024['p'], 16), + subgroup_order=int(self._parameters_1024['q'], 16), + generator=int(self._parameters_1024['g'], 16), + x=None, + y=int(self._parameters_1024['x'], 16) + ) + def test_invalid_dsa_public_key_arguments(self): # Test a modulus < 1024 bits in length with pytest.raises(ValueError): -- cgit v1.2.3