From 7ca0e46d82606b8a12ff323181065a00885d39dc Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Tue, 17 Jul 2018 22:40:02 +0800
Subject: add chacha20poly1305 wycheproof tests (#4345)

* add chacha20poly1305 wycheproof tests

* flake8

* review
---
 tests/wycheproof/test_chacha20poly1305.py | 47 +++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 tests/wycheproof/test_chacha20poly1305.py

(limited to 'tests/wycheproof/test_chacha20poly1305.py')

diff --git a/tests/wycheproof/test_chacha20poly1305.py b/tests/wycheproof/test_chacha20poly1305.py
new file mode 100644
index 00000000..deef5a0a
--- /dev/null
+++ b/tests/wycheproof/test_chacha20poly1305.py
@@ -0,0 +1,47 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+
+import pytest
+
+from cryptography.exceptions import InvalidTag
+from cryptography.hazmat.backends.interfaces import CipherBackend
+from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305
+
+from ..hazmat.primitives.test_aead import _aead_supported
+
+
+@pytest.mark.skipif(
+    not _aead_supported(ChaCha20Poly1305),
+    reason="Requires OpenSSL with ChaCha20Poly1305 support"
+)
+@pytest.mark.requires_backend_interface(interface=CipherBackend)
+@pytest.mark.wycheproof_tests("chacha20_poly1305_test.json")
+def test_chacha2poly1305(wycheproof):
+    key = binascii.unhexlify(wycheproof.testcase["key"])
+    iv = binascii.unhexlify(wycheproof.testcase["iv"])
+    aad = binascii.unhexlify(wycheproof.testcase["aad"])
+    msg = binascii.unhexlify(wycheproof.testcase["msg"])
+    ct = binascii.unhexlify(wycheproof.testcase["ct"])
+    tag = binascii.unhexlify(wycheproof.testcase["tag"])
+
+    if wycheproof.valid:
+        chacha = ChaCha20Poly1305(key)
+        computed_ct = chacha.encrypt(iv, msg, aad)
+        assert computed_ct == ct + tag
+        computed_msg = chacha.decrypt(iv, ct + tag, aad)
+        assert computed_msg == msg
+    elif len(iv) != 12:
+        chacha = ChaCha20Poly1305(key)
+        with pytest.raises(ValueError):
+            chacha.encrypt(iv, msg, aad)
+        with pytest.raises(ValueError):
+            chacha.decrypt(iv, ct + tag, aad)
+    else:
+        chacha = ChaCha20Poly1305(key)
+        with pytest.raises(InvalidTag):
+            chacha.decrypt(iv, msg + tag, aad)
-- 
cgit v1.2.3