From eb5e0ae4c3f97925ba9787fa1b6a30b7b68b5056 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Wed, 28 Oct 2015 23:18:43 -0400 Subject: Error cleanly if the public and private keys to an ECDH key exchange are on different curves --- tests/hazmat/primitives/test_ec.py | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) (limited to 'tests/hazmat') diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index d420e9c9..d086e999 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -844,7 +844,7 @@ class TestECDSAVerification(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) -class TestECDHVectors(object): +class TestECDH(object): @pytest.mark.parametrize( "vector", load_vectors_from_file( @@ -916,3 +916,29 @@ class TestECDHVectors(object): exceptions._Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM ): key.exchange(None, key.public_key()) + + def test_exchange_non_matching_curve(self, backend): + _skip_curve_unsupported(backend, ec.SECP256R1()) + _skip_curve_unsupported(backend, ec.SECP384R1()) + + key = load_vectors_from_file( + os.path.join( + "asymmetric", "PKCS8", "ec_private_key.pem"), + lambda pemfile: serialization.load_pem_private_key( + pemfile.read().encode(), None, backend + ) + ) + public_key = ec.EllipticCurvePublicNumbers( + int( + "3411592940847846511444973873421894778212895963519463384397662" + "6983900466205627792914181900767401599528349662185720855" + ), + int( + "3632819834244394334395622140197408878581471655319641017478501" + "4862750487889436098934993486739984469019130932307943998" + ), + ec.SECP384R1(), + ).public_key(backend) + + with pytest.raises(ValueError): + key.exchange(ec.ECDH(), public_key) -- cgit v1.2.3