From 7721785f388fbbfa3072e600931eefbf019442b7 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 27 Dec 2015 23:14:17 -0600 Subject: move test --- tests/hazmat/backends/test_openssl.py | 30 +--------------------------- tests/hazmat/primitives/test_rsa.py | 37 +++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 29 deletions(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 665504b4..ad2daf7d 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -30,9 +30,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR, Mode from ..primitives.fixtures_dsa import DSA_KEY_2048 -from ..primitives.fixtures_rsa import ( - RSA_KEY_2048, RSA_KEY_512, RSA_KEY_512_ALT -) +from ..primitives.fixtures_rsa import RSA_KEY_2048, RSA_KEY_512 from ..primitives.test_ec import _skip_curve_unsupported from ...utils import load_vectors_from_file, raises_unsupported_algorithm @@ -458,32 +456,6 @@ class TestOpenSSLRSA(object): ) ) - def test_invalid_oaep_decryption(self): - # More recent versions of OpenSSL may raise RSA_R_OAEP_DECODING_ERROR - # This test triggers it and confirms that we properly handle it. - private_key = RSA_KEY_512.private_key(backend) - - ciphertext = private_key.public_key().encrypt( - b'secure data', - padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.SHA1()), - algorithm=hashes.SHA1(), - label=None - ) - ) - - private_key_alt = RSA_KEY_512_ALT.private_key(backend) - - with pytest.raises(ValueError): - private_key_alt.decrypt( - ciphertext, - padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.SHA1()), - algorithm=hashes.SHA1(), - label=None - ) - ) - @pytest.mark.skipif( backend._lib.OPENSSL_VERSION_NUMBER <= 0x10001000, diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 0b83fd65..b6213d6d 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1194,6 +1194,43 @@ class TestRSADecryption(object): ) assert message == binascii.unhexlify(example["message"]) + @pytest.mark.supported( + only_if=lambda backend: backend.rsa_padding_supported( + padding.OAEP( + mgf=padding.MGF1(algorithm=hashes.SHA1()), + algorithm=hashes.SHA1(), + label=None + ) + ), + skip_message="Does not support OAEP." + ) + def test_invalid_oaep_decryption(self, backend): + # More recent versions of OpenSSL may raise RSA_R_OAEP_DECODING_ERROR + # This test triggers it and confirms that we properly handle it. Other + # backends should also return the proper ValueError. + private_key = RSA_KEY_512.private_key(backend) + + ciphertext = private_key.public_key().encrypt( + b'secure data', + padding.OAEP( + mgf=padding.MGF1(algorithm=hashes.SHA1()), + algorithm=hashes.SHA1(), + label=None + ) + ) + + private_key_alt = RSA_KEY_512_ALT.private_key(backend) + + with pytest.raises(ValueError): + private_key_alt.decrypt( + ciphertext, + padding.OAEP( + mgf=padding.MGF1(algorithm=hashes.SHA1()), + algorithm=hashes.SHA1(), + label=None + ) + ) + def test_unsupported_oaep_mgf(self, backend): private_key = RSA_KEY_512.private_key(backend) with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF): -- cgit v1.2.3