From 38df44151cdc6591385c4ec1691e782d05c8aec7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stanis=C5=82aw=20Pitucha?= <stanislaw.pitucha@hp.com>
Date: Wed, 12 Aug 2015 15:30:25 +1000
Subject: Enforce signature type in ECDSA and add tests

Ensure that ECDSA signatures are bytes to match RSA/DSA and add tests
for all three.
---
 tests/hazmat/primitives/test_dsa.py |  5 +++++
 tests/hazmat/primitives/test_ec.py  |  9 +++++++++
 tests/hazmat/primitives/test_rsa.py | 17 +++++++++++++++++
 3 files changed, 31 insertions(+)

(limited to 'tests')

diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index b6b0de94..53e41883 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -583,6 +583,11 @@ class TestDSAVerification(object):
         with pytest.raises(InvalidSignature):
             verifier.verify()
 
+    def test_signature_not_bytes(self, backend):
+        public_key = DSA_KEY_1024.public_numbers.public_key(backend)
+        with pytest.raises(TypeError):
+            public_key.verifier(1234, hashes.SHA1())
+
     def test_use_after_finalize(self, backend):
         public_key = DSA_KEY_1024.public_numbers.public_key(backend)
         verifier = public_key.verifier(b'fakesig', hashes.SHA1())
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 20465a2d..f2e340be 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -710,3 +710,12 @@ class TestEllipticCurvePEMPublicKeySerialization(object):
             key.public_bytes(
                 serialization.Encoding.PEM, serialization.PublicFormat.PKCS1
             )
+
+
+@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
+class TestECDSAVerification(object):
+    def test_signature_not_bytes(self, backend):
+        key = ec.generate_private_key(ec.SECP192R1(), backend)
+        public_key = key.public_key()
+        with pytest.raises(TypeError):
+            public_key.verifier(1234, ec.ECDSA(hashes.SHA256()))
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 0c5f7042..0b83fd65 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -679,6 +679,23 @@ class TestRSAVerification(object):
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING):
             public_key.verifier(b"sig", DummyPadding(), hashes.SHA1())
 
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.rsa_padding_supported(
+            padding.PKCS1v15()
+        ),
+        skip_message="Does not support PKCS1v1.5."
+    )
+    def test_signature_not_bytes(self, backend):
+        public_key = RSA_KEY_512.public_numbers.public_key(backend)
+        signature = 1234
+
+        with pytest.raises(TypeError):
+            public_key.verifier(
+                signature,
+                padding.PKCS1v15(),
+                hashes.SHA1()
+            )
+
     def test_padding_incorrect_type(self, backend):
         private_key = RSA_KEY_512.private_key(backend)
         public_key = private_key.public_key()
-- 
cgit v1.2.3