From b5bb0653b934bdf5fbf93dc1e5491e78f5c71467 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Wed, 16 Apr 2014 21:42:11 +0800 Subject: Added CMAC tests --- tests/hazmat/primitives/test_cmac.py | 172 +++++++++++++++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 tests/hazmat/primitives/test_cmac.py (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py new file mode 100644 index 00000000..d61ce5a3 --- /dev/null +++ b/tests/hazmat/primitives/test_cmac.py @@ -0,0 +1,172 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import binascii + +import pretend + +import pytest + +import six + +from cryptography import utils +from cryptography.exceptions import ( + AlreadyFinalized, InvalidSignature, _Reasons +) +from cryptography.hazmat.backends.interfaces import CMACBackend +from cryptography.hazmat.primitives.ciphers.algorithms import ( + AES, ARC4, TripleDES +) +from cryptography.hazmat.primitives.cmac import CMAC + +from tests.utils import ( + load_vectors_from_file, load_nist_vectors, raises_unsupported_algorithm +) + +vectors_aes128 = load_vectors_from_file( + "CMAC/nist-800-38b-aes128.txt", load_nist_vectors) + +vectors_aes192 = load_vectors_from_file( + "CMAC/nist-800-38b-aes192.txt", load_nist_vectors) + +vectors_aes256 = load_vectors_from_file( + "CMAC/nist-800-38b-aes256.txt", load_nist_vectors) + +vectors_aes = vectors_aes128 + vectors_aes192 + vectors_aes256 + +vectors_3des = load_vectors_from_file( + "CMAC/nist-800-38b-3des.txt", load_nist_vectors) + + +@pytest.mark.supported( + only_if=lambda backend: backend.cmac_supported(), + skip_message="Does not support CMAC." +) +@pytest.mark.cmac +class TestCMAC(object): + @pytest.mark.parametrize("params", vectors_aes) + def test_aes_generate(self, backend, params): + key = params["key"] + message = params["message"] + output = params["output"] + + cmac = CMAC(AES(binascii.unhexlify(key)), backend) + cmac.update(binascii.unhexlify(message)) + assert binascii.hexlify(cmac.finalize()) == output + + @pytest.mark.parametrize("params", vectors_aes) + def test_aes_verify(self, backend, params): + key = params["key"] + message = params["message"] + output = params["output"] + + cmac = CMAC(AES(binascii.unhexlify(key)), backend) + cmac.update(binascii.unhexlify(message)) + assert cmac.verify(binascii.unhexlify(output)) is None + + @pytest.mark.parametrize("params", vectors_3des) + def test_3des_generate(self, backend, params): + key1 = params["key1"] + key2 = params["key2"] + key3 = params["key3"] + + if key1 == key3: + key = key1 + key2 + else: + key = key1 + key2 + key3 + + message = params["message"] + output = params["output"] + + cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend) + cmac.update(binascii.unhexlify(message)) + assert binascii.hexlify(cmac.finalize()) == output + + @pytest.mark.parametrize("params", vectors_3des) + def test_3des_verify(self, backend, params): + key1 = params["key1"] + key2 = params["key2"] + key3 = params["key3"] + + if key1 == key3: + key = key1 + key2 + else: + key = key1 + key2 + key3 + + message = params["message"] + output = params["output"] + + cmac = CMAC(TripleDES(binascii.unhexlify(key)), backend) + cmac.update(binascii.unhexlify(message)) + assert cmac.verify(binascii.unhexlify(output)) is None + + def test_invalid_verify(self, backend): + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend) + cmac.update(b"6bc1bee22e409f96e93d7e117393172a") + + with pytest.raises(InvalidSignature): + cmac.verify(b"foobar") + + def test_invalid_algorithm(self, backend): + key = b"0102030405" + with pytest.raises(TypeError): + CMAC(ARC4(key), backend) + + def test_raises_after_finalize(self, backend): + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend) + cmac.finalize() + + with pytest.raises(AlreadyFinalized): + cmac.update(b"foo") + + with pytest.raises(AlreadyFinalized): + cmac.copy() + + with pytest.raises(AlreadyFinalized): + cmac.finalize() + + def test_verify_reject_unicode(self, backend): + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend) + + with pytest.raises(TypeError): + cmac.update(six.u('')) + + with pytest.raises(TypeError): + cmac.verify(six.u('')) + + def test_copy(self, backend): + @utils.register_interface(CMACBackend) + class PretendBackend(object): + pass + + pretend_backend = PretendBackend() + copied_ctx = pretend.stub() + pretend_ctx = pretend.stub(copy=lambda: copied_ctx) + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend=pretend_backend, ctx=pretend_ctx) + + assert cmac._backend is pretend_backend + assert cmac.copy()._backend is pretend_backend + + +def test_invalid_backend(): + key = b"2b7e151628aed2a6abf7158809cf4f3c" + pretend_backend = object() + + with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE): + CMAC(AES(key), pretend_backend) -- cgit v1.2.3 From 78f6f333742883f334cb4ff859e6f0633babc242 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Thu, 17 Apr 2014 17:15:02 +0800 Subject: Updated tests --- tests/hazmat/primitives/test_cmac.py | 74 +++++++++++++++++++++++++----------- 1 file changed, 51 insertions(+), 23 deletions(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index d61ce5a3..80a9e7a6 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -49,13 +49,14 @@ vectors_aes = vectors_aes128 + vectors_aes192 + vectors_aes256 vectors_3des = load_vectors_from_file( "CMAC/nist-800-38b-3des.txt", load_nist_vectors) +fake_key = "AAAAAAAAAAAAAAAA" -@pytest.mark.supported( - only_if=lambda backend: backend.cmac_supported(), - skip_message="Does not support CMAC." -) @pytest.mark.cmac class TestCMAC(object): + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + skip_message="Does not support CMAC." + ) @pytest.mark.parametrize("params", vectors_aes) def test_aes_generate(self, backend, params): key = params["key"] @@ -66,6 +67,10 @@ class TestCMAC(object): cmac.update(binascii.unhexlify(message)) assert binascii.hexlify(cmac.finalize()) == output + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + skip_message="Does not support CMAC." + ) @pytest.mark.parametrize("params", vectors_aes) def test_aes_verify(self, backend, params): key = params["key"] @@ -76,16 +81,18 @@ class TestCMAC(object): cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported( + TripleDES(fake_key)), + skip_message="Does not support CMAC." + ) @pytest.mark.parametrize("params", vectors_3des) def test_3des_generate(self, backend, params): key1 = params["key1"] key2 = params["key2"] key3 = params["key3"] - if key1 == key3: - key = key1 + key2 - else: - key = key1 + key2 + key3 + key = key1 + key2 + key3 message = params["message"] output = params["output"] @@ -94,16 +101,18 @@ class TestCMAC(object): cmac.update(binascii.unhexlify(message)) assert binascii.hexlify(cmac.finalize()) == output + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported( + TripleDES(fake_key)), + skip_message="Does not support CMAC." + ) @pytest.mark.parametrize("params", vectors_3des) def test_3des_verify(self, backend, params): key1 = params["key1"] key2 = params["key2"] key3 = params["key3"] - if key1 == key3: - key = key1 + key2 - else: - key = key1 + key2 + key3 + key = key1 + key2 + key3 message = params["message"] output = params["output"] @@ -112,6 +121,11 @@ class TestCMAC(object): cmac.update(binascii.unhexlify(message)) assert cmac.verify(binascii.unhexlify(output)) is None + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), + skip_message="Does not support CMAC." + ) def test_invalid_verify(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) @@ -120,11 +134,20 @@ class TestCMAC(object): with pytest.raises(InvalidSignature): cmac.verify(b"foobar") + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + ARC4(fake_key), None), + skip_message="Does not support CMAC." + ) def test_invalid_algorithm(self, backend): key = b"0102030405" with pytest.raises(TypeError): CMAC(ARC4(key), backend) + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + skip_message="Does not support CMAC." + ) def test_raises_after_finalize(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) @@ -139,6 +162,10 @@ class TestCMAC(object): with pytest.raises(AlreadyFinalized): cmac.finalize() + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + skip_message="Does not support CMAC." + ) def test_verify_reject_unicode(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) @@ -149,19 +176,20 @@ class TestCMAC(object): with pytest.raises(TypeError): cmac.verify(six.u('')) - def test_copy(self, backend): - @utils.register_interface(CMACBackend) - class PretendBackend(object): - pass - pretend_backend = PretendBackend() - copied_ctx = pretend.stub() - pretend_ctx = pretend.stub(copy=lambda: copied_ctx) - key = b"2b7e151628aed2a6abf7158809cf4f3c" - cmac = CMAC(AES(key), backend=pretend_backend, ctx=pretend_ctx) +def test_copy(): + @utils.register_interface(CMACBackend) + class PretendBackend(object): + pass + + pretend_backend = PretendBackend() + copied_ctx = pretend.stub() + pretend_ctx = pretend.stub(copy=lambda: copied_ctx) + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend=pretend_backend, ctx=pretend_ctx) - assert cmac._backend is pretend_backend - assert cmac.copy()._backend is pretend_backend + assert cmac._backend is pretend_backend + assert cmac.copy()._backend is pretend_backend def test_invalid_backend(): -- cgit v1.2.3 From 2124324a4aa678dc885ac20c5ac203663ac5f966 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Thu, 17 Apr 2014 17:36:31 +0800 Subject: Fixed pep8 error --- tests/hazmat/primitives/test_cmac.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index 80a9e7a6..a1c24ada 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -51,10 +51,12 @@ vectors_3des = load_vectors_from_file( fake_key = "AAAAAAAAAAAAAAAA" + @pytest.mark.cmac class TestCMAC(object): @pytest.mark.supported( - only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), skip_message="Does not support CMAC." ) @pytest.mark.parametrize("params", vectors_aes) @@ -68,7 +70,8 @@ class TestCMAC(object): assert binascii.hexlify(cmac.finalize()) == output @pytest.mark.supported( - only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), skip_message="Does not support CMAC." ) @pytest.mark.parametrize("params", vectors_aes) @@ -145,7 +148,8 @@ class TestCMAC(object): CMAC(ARC4(key), backend) @pytest.mark.supported( - only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), skip_message="Does not support CMAC." ) def test_raises_after_finalize(self, backend): @@ -163,7 +167,8 @@ class TestCMAC(object): cmac.finalize() @pytest.mark.supported( - only_if=lambda backend: backend.cmac_algorithm_supported(AES(fake_key)), + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), skip_message="Does not support CMAC." ) def test_verify_reject_unicode(self, backend): -- cgit v1.2.3 From 458cfd5df6902f4ee427fa0ca0eb67a8031b204c Mon Sep 17 00:00:00 2001 From: Ayrx Date: Mon, 21 Apr 2014 11:40:47 +0800 Subject: Changed stub keys and ivs to use null bytes --- tests/hazmat/primitives/test_cmac.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index a1c24ada..dd7f9df4 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -49,7 +49,7 @@ vectors_aes = vectors_aes128 + vectors_aes192 + vectors_aes256 vectors_3des = load_vectors_from_file( "CMAC/nist-800-38b-3des.txt", load_nist_vectors) -fake_key = "AAAAAAAAAAAAAAAA" +fake_key = b"\x00" * 16 @pytest.mark.cmac -- cgit v1.2.3 From 3f695110b27afc05f0a9e9e6dc0bfd6e67501418 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Mon, 21 Apr 2014 19:12:03 +0800 Subject: Fix pep8 errors --- tests/hazmat/primitives/test_cmac.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index dd7f9df4..25568114 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -32,7 +32,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import ( from cryptography.hazmat.primitives.cmac import CMAC from tests.utils import ( - load_vectors_from_file, load_nist_vectors, raises_unsupported_algorithm + load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm ) vectors_aes128 = load_vectors_from_file( -- cgit v1.2.3 From 3881917b59c49ab1616b61a696a74aa195c710e0 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 12:00:43 +0800 Subject: Added more copy() tests --- tests/hazmat/primitives/test_cmac.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index 25568114..f47f2c13 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -181,6 +181,13 @@ class TestCMAC(object): with pytest.raises(TypeError): cmac.verify(six.u('')) + def test_copy_with_backend(self, backend): + key = b"2b7e151628aed2a6abf7158809cf4f3c" + cmac = CMAC(AES(key), backend) + cmac.update(b"6bc1bee22e409f96e93d7e117393172a") + copy_cmac = cmac.copy() + assert cmac.finalize() == copy_cmac.finalize() + def test_copy(): @utils.register_interface(CMACBackend) -- cgit v1.2.3 From 9a97cb93205b5785423bac9cae9288310f3b0c5a Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 22 Apr 2014 12:55:48 +0800 Subject: Added test skip for test_copy_with_backend() --- tests/hazmat/primitives/test_cmac.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_cmac.py b/tests/hazmat/primitives/test_cmac.py index f47f2c13..7ec4af68 100644 --- a/tests/hazmat/primitives/test_cmac.py +++ b/tests/hazmat/primitives/test_cmac.py @@ -181,6 +181,11 @@ class TestCMAC(object): with pytest.raises(TypeError): cmac.verify(six.u('')) + @pytest.mark.supported( + only_if=lambda backend: backend.cmac_algorithm_supported( + AES(fake_key)), + skip_message="Does not support CMAC." + ) def test_copy_with_backend(self, backend): key = b"2b7e151628aed2a6abf7158809cf4f3c" cmac = CMAC(AES(key), backend) -- cgit v1.2.3