/*
 * caam - Freescale FSL CAAM support for ahash functions of crypto API
 *
 * Copyright (C) 2011-2013 Freescale Semiconductor, Inc.
 *
 * Based on caamalg.c crypto API driver.
 *
 * relationship of digest job descriptor or first job descriptor after init to
 * shared descriptors:
 *
 * ---------------                     ---------------
 * | JobDesc #1  |-------------------->|  ShareDesc  |
 * | *(packet 1) |                     |  (hashKey)  |
 * ---------------                     | (operation) |
 *                                     ---------------
 *
 * relationship of subsequent job descriptors to shared descriptors:
 *
 * ---------------                     ---------------
 * | JobDesc #2  |-------------------->|  ShareDesc  |
 * | *(packet 2) |      |------------->|  (hashKey)  |
 * ---------------      |    |-------->| (operation) |
 *       .              |    |         | (load ctx2) |
 *       .              |    |         ---------------
 * ---------------      |    |
 * | JobDesc #3  |------|    |
 * | *(packet 3) |           |
 * ---------------           |
 *       .                   |
 *       .                   |
 * ---------------           |
 * | JobDesc #4  |------------
 * | *(packet 4) |
 * ---------------
 *
 * The SharedDesc never changes for a connection unless rekeyed, but
 * each packet will likely be in a different place. So all we need
 * to know to process the packet is where the input is, where the
 * output goes, and what context we want to process with. Context is
 * in the SharedDesc, packet references in the JobDesc.
 *
 * So, a job desc looks like:
 *
 * ---------------------
 * | Header            |
 * | ShareDesc Pointer |
 * | SEQ_OUT_PTR       |
 * | (output buffer)   |
 * | (output length)   |
 * | SEQ_IN_PTR        |
 * | (input buffer)    |
 * | (input length)    |
 * ---------------------
 */

#include "compat.h"

#include "regs.h"
#include "intern.h"
#include "desc_constr.h"
#include "jr.h"
#include "error.h"
#include "sg_sw_sec4.h"
#include "key_gen.h"

#define CAAM_CRA_PRIORITY		3000

/* max hash key is max split key size */
#define CAAM_MAX_HASH_KEY_SIZE		(SHA512_DIGEST_SIZE * 2)

#define CAAM_MAX_HASH_BLOCK_SIZE	SHA512_BLOCK_SIZE
#define CAAM_MAX_HASH_DIGEST_SIZE	SHA512_DIGEST_SIZE

/* length of descriptors text */
#define DESC_JOB_IO_LEN			(CAAM_CMD_SZ * 5 + CAAM_PTR_SZ * 3)

#define DESC_AHASH_BASE			(4 * CAAM_CMD_SZ)
#define DESC_AHASH_UPDATE_LEN		(6 * CAAM_CMD_SZ)
#define DESC_AHASH_UPDATE_FIRST_LEN	(DESC_AHASH_BASE + 4 * CAAM_CMD_SZ)
#define DESC_AHASH_FINAL_LEN		(DESC_AHASH_BASE + 5 * CAAM_CMD_SZ)
#define DESC_AHASH_FINUP_LEN		(DESC_AHASH_BASE + 5 * CAAM_CMD_SZ)
#define DESC_AHASH_DIGEST_LEN		(DESC_AHASH_BASE + 4 * CAAM_CMD_SZ)

#define DESC_HASH_MAX_USED_BYTES	(DESC_AHASH_FINAL_LEN + \
					 CAAM_MAX_HASH_KEY_SIZE)
#define DESC_HASH_MAX_USED_LEN		(DESC_HASH_MAX_USED_BYTES / CAAM_CMD_SZ)

/* caam context sizes for hashes: running digest + 8 */
#define HASH_MSG_LEN			8
#define MAX_CTX_LEN			(HASH_MSG_LEN + SHA512_DIGEST_SIZE)

#ifdef DEBUG
/* for print_hex_dumps with line references */
#define xstr(s) str(s)
#define str(s) #s
#define debug(format, arg...) printk(format, arg)
#else
#define debug(format, arg...)
#endif

/* ahash per-session context */
struct caam_hash_ctx {
	struct device *jrdev;
	u32 sh_desc_update[DESC_HASH_MAX_USED_LEN];
	u32 sh_desc_update_first[DESC_HASH_MAX_USED_LEN];
	u32 sh_desc_fin[DESC_HASH_MAX_USED_LEN];
	u32 sh_desc_digest[DESC_HASH_MAX_USED_LEN];
	u32 sh_desc_finup[DESC_HASH_MAX_USED_LEN];
	dma_addr_t sh_desc_update_dma;
	dma_addr_t sh_desc_update_first_dma;
	dma_addr_t sh_desc_fin_dma;
	dma_addr_t sh_desc_digest_dma;
	dma_addr_t sh_desc_finup_dma;
	u32 alg_type;
	u32 alg_op;
	u8 key[CAAM_MAX_HASH_KEY_SIZE];
	dma_addr_t key_dma;
	int ctx_len;
	unsigned int split_key_len;
	unsigned int split_key_pad_len;
};

/* ahash state */
struct caam_hash_state {
	dma_addr_t buf_dma;
	dma_addr_t ctx_dma;
	u8 buf_0[CAAM_MAX_HASH_BLOCK_SIZE] ____cacheline_aligned;
	int buflen_0;
	u8 buf_1[CAAM_MAX_HASH_BLOCK_SIZE] ____cacheline_aligned;
	int buflen_1;
	u8 caam_ctx[MAX_CTX_LEN];
	int (*update)(struct ahash_request *req);
	int (*final)(struct ahash_request *req);
	int (*finup)(struct ahash_request *req);
	int current_buf;
};

/* Common job descriptor seq in/out ptr routines */

/* Map state->caam_ctx, and append seq_out_ptr command that points to it */
static inline void map_seq_out_ptr_ctx(u32 *desc, struct device *jrdev,
				       struct caam_hash_state *state,
				       int ctx_len)
{
	state->ctx_dma = dma_map_single(jrdev, state->caam_ctx,
					ctx_len, DMA_FROM_DEVICE);
	append_seq_out_ptr(desc, state->ctx_dma, ctx_len, 0);
}

/* Map req->result, and append seq_out_ptr command that points to it */
static inline dma_addr_t map_seq_out_ptr_result(u32 *desc, struct device *jrdev,
						u8 *result, int digestsize)
{
	dma_addr_t dst_dma;

	dst_dma = dma_map_single(jrdev, result, digestsize, DMA_FROM_DEVICE);
	append_seq_out_ptr(desc, dst_dma, digestsize, 0);

	return dst_dma;
}

/* Map current buffer in state and put it in link table */
static inline dma_addr_t buf_map_to_sec4_sg(struct device *jrdev,
					    struct sec4_sg_entry *sec4_sg,
					    u8 *buf, int buflen)
{
	dma_addr_t buf_dma;

	buf_dma = dma_map_single(jrdev, buf, buflen, DMA_TO_DEVICE);
	dma_sync_single_for_device(jrdev, buf_dma, buflen, DMA_TO_DEVICE);
	dma_to_sec4_sg_one(sec4_sg, buf_dma, buflen, 0);

	return buf_dma;
}

/* Map req->src and put it in link table */
static inline void src_map_to_sec4_sg(struct device *jrdev,
				      struct scatterlist *src, int src_nents,
				      struct sec4_sg_entry *sec4_sg,
				      bool chained)
{
	dma_map_sg_chained(jrdev, src, src_nents, DMA_TO_DEVICE, chained);
	sg_to_sec4_sg_last(src, src_nents, sec4_sg, 0);
}

/*
 * Only put buffer in link table if it contains data, which is possible,
 * since a buffer has previously been used, and needs to be unmapped,
 */
static inline dma_addr_t
try_buf_map_to_sec4_sg(struct device *jrdev, struct sec4_sg_entry *sec4_sg,
		       u8 *buf, dma_addr_t buf_dma, int buflen,
		       int last_buflen)
{
	if (buf_dma && !dma_mapping_error(jrdev, buf_dma))
		dma_unmap_single(jrdev, buf_dma, last_buflen, DMA_TO_DEVICE);
	if (buflen)
		buf_dma = buf_map_to_sec4_sg(jrdev, sec4_sg, buf, buflen);
	else
		buf_dma = 0;

	return buf_dma;
}

/* Map state->caam_ctx, and add it to link table */
static inline void ctx_map_to_sec4_sg(u32 *desc, struct device *jrdev,
				      struct caam_hash_state *state,
				      int ctx_len,
				      struct sec4_sg_entry *sec4_sg,
				      u32 flag)
{
	state->ctx_dma = dma_map_single(jrdev, state->caam_ctx, ctx_len, flag);
	if ((flag == DMA_TO_DEVICE) || (flag == DMA_BIDIRECTIONAL))
		dma_sync_single_for_device(jrdev, state->ctx_dma, ctx_len,
					   flag);
	dma_to_sec4_sg_one(sec4_sg, state->ctx_dma, ctx_len, 0);
}

/* Common shared descriptor commands */
static inline void append_key_ahash(u32 *desc, struct caam_hash_ctx *ctx)
{
	append_key_as_imm(desc, ctx->key, ctx->split_key_pad_len,
			  ctx->split_key_len, CLASS_2 |
			  KEY_DEST_MDHA_SPLIT | KEY_ENC);
}

/* Append key if it has been set */
static inline void init_sh_desc_key_ahash(u32 *desc, struct caam_hash_ctx *ctx)
{
	u32 *key_jump_cmd;

	init_sh_desc(desc, HDR_SHARE_SERIAL);

	if (ctx->split_key_len) {
		/* Skip if already shared */
		key_jump_cmd = append_jump(desc, JUMP_JSL | JUMP_TEST_ALL |
					   JUMP_COND_SHRD);

		append_key_ahash(desc, ctx);

		set_jump_tgt_here(desc, key_jump_cmd);
	}

	/* Propagate errors from shared to job descriptor */
	append_cmd(desc, SET_OK_NO_PROP_ERRORS | CMD_LOAD);
}

/*
 * For ahash read data from seqin following state->caam_ctx,
 * and write resulting class2 context to seqout, which may be state->caam_ctx
 * or req->result
 */
static inline void ahash_append_load_str(u32 *desc, int digestsize)
{
	/* Calculate remaining bytes to read */
	append_math_add(desc, VARSEQINLEN, SEQINLEN, REG0, CAAM_CMD_SZ);

	/* Read remaining bytes */
	append_seq_fifo_load(desc, 0, FIFOLD_CLASS_CLASS2 | FIFOLD_TYPE_LAST2 |
			     FIFOLD_TYPE_MSG | KEY_VLF);

	/* Store class2 context bytes */
	append_seq_store(desc, digestsize, LDST_CLASS_2_CCB |
			 LDST_SRCDST_BYTE_CONTEXT);
}

/*
 * For ahash update, final and finup, import context, read and write to seqout
 */
static inline void ahash_ctx_data_to_out(u32 *desc, u32 op, u32 state,
					 int digestsize,
					 struct caam_hash_ctx *ctx)
{
	init_sh_desc_key_ahash(desc, ctx);

	/* Import context from software */
	append_cmd(desc, CMD_SEQ_LOAD | LDST_SRCDST_BYTE_CONTEXT |
		   LDST_CLASS_2_CCB | ctx->ctx_len);

	/* Class 2 operation */
	append_operation(desc, op | state | OP_ALG_ENCRYPT);

	/*
	 * Load from buf and/or src and write to req->result or state->context
	 */
	ahash_append_load_str(desc, digestsize);
}

/* For ahash firsts and digest, read and write to seqout */
static inline void ahash_data_to_out(u32 *desc, u32 op, u32 state,
				     int digestsize, struct caam_hash_ctx *ctx)
{
	init_sh_desc_key_ahash(desc, ctx);

	/* Class 2 operation */
	append_operation(desc, op | state | OP_ALG_ENCRYPT);

	/*
	 * Load from buf and/or src and write to req->result or state->context
	 */
	ahash_append_load_str(desc, digestsize);
}

static int ahash_set_sh_desc(struct crypto_ahash *ahash)
{
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	int digestsize = crypto_ahash_digestsize(ahash);
	struct device *jrdev = ctx->jrdev;
	u32 have_key = 0;
	u32 *desc;

	if (ctx->split_key_len)
		have_key = OP_ALG_AAI_HMAC_PRECOMP;

	/* ahash_update shared descriptor */
	desc = ctx->sh_desc_update;

	init_sh_desc(desc, HDR_SHARE_SERIAL);

	/* Import context from software */
	append_cmd(desc, CMD_SEQ_LOAD | LDST_SRCDST_BYTE_CONTEXT |
		   LDST_CLASS_2_CCB | ctx->ctx_len);

	/* Class 2 operation */
	append_operation(desc, ctx->alg_type | OP_ALG_AS_UPDATE |
			 OP_ALG_ENCRYPT);

	/* Load data and write to result or context */
	ahash_append_load_str(desc, ctx->ctx_len);

	ctx->sh_desc_update_dma = dma_map_single(jrdev, desc, desc_bytes(desc),
						 DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->sh_desc_update_dma)) {
		dev_err(jrdev, "unable to map shared descriptor\n");
		return -ENOMEM;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ahash update shdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	/* ahash_update_first shared descriptor */
	desc = ctx->sh_desc_update_first;

	ahash_data_to_out(desc, have_key | ctx->alg_type, OP_ALG_AS_INIT,
			  ctx->ctx_len, ctx);

	ctx->sh_desc_update_first_dma = dma_map_single(jrdev, desc,
						       desc_bytes(desc),
						       DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->sh_desc_update_first_dma)) {
		dev_err(jrdev, "unable to map shared descriptor\n");
		return -ENOMEM;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ahash update first shdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif
	dma_sync_single_for_device(jrdev, ctx->sh_desc_update_first_dma,
				   desc_bytes(desc), DMA_TO_DEVICE);

	/* ahash_final shared descriptor */
	desc = ctx->sh_desc_fin;

	ahash_ctx_data_to_out(desc, have_key | ctx->alg_type,
			      OP_ALG_AS_FINALIZE, digestsize, ctx);

	ctx->sh_desc_fin_dma = dma_map_single(jrdev, desc, desc_bytes(desc),
					      DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->sh_desc_fin_dma)) {
		dev_err(jrdev, "unable to map shared descriptor\n");
		return -ENOMEM;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ahash final shdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc,
		       desc_bytes(desc), 1);
#endif
	dma_sync_single_for_device(jrdev, ctx->sh_desc_fin_dma,
				   desc_bytes(desc), DMA_TO_DEVICE);

	/* ahash_finup shared descriptor */
	desc = ctx->sh_desc_finup;

	ahash_ctx_data_to_out(desc, have_key | ctx->alg_type,
			      OP_ALG_AS_FINALIZE, digestsize, ctx);

	ctx->sh_desc_finup_dma = dma_map_single(jrdev, desc, desc_bytes(desc),
						DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->sh_desc_finup_dma)) {
		dev_err(jrdev, "unable to map shared descriptor\n");
		return -ENOMEM;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ahash finup shdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc,
		       desc_bytes(desc), 1);
#endif
	dma_sync_single_for_device(jrdev, ctx->sh_desc_finup_dma,
				   desc_bytes(desc), DMA_TO_DEVICE);

	/* ahash_digest shared descriptor */
	desc = ctx->sh_desc_digest;

	ahash_data_to_out(desc, have_key | ctx->alg_type, OP_ALG_AS_INITFINAL,
			  digestsize, ctx);

	ctx->sh_desc_digest_dma = dma_map_single(jrdev, desc,
						 desc_bytes(desc),
						 DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->sh_desc_digest_dma)) {
		dev_err(jrdev, "unable to map shared descriptor\n");
		return -ENOMEM;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ahash digest shdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc,
		       desc_bytes(desc), 1);
#endif
	dma_sync_single_for_device(jrdev, ctx->sh_desc_digest_dma,
				   desc_bytes(desc), DMA_TO_DEVICE);

	return 0;
}

static u32 gen_split_hash_key(struct caam_hash_ctx *ctx, const u8 *key_in,
			      u32 keylen)
{
	return gen_split_key(ctx->jrdev, ctx->key, ctx->split_key_len,
			       ctx->split_key_pad_len, key_in, keylen,
			       ctx->alg_op);
}

/* Digest hash size if it is too large */
static u32 hash_digest_key(struct caam_hash_ctx *ctx, const u8 *key_in,
			   u32 *keylen, u8 *key_out, u32 digestsize)
{
	struct device *jrdev = ctx->jrdev;
	u32 *desc;
	struct split_key_result result;
	dma_addr_t src_dma, dst_dma;
	int ret = 0;

	/*
	 * Hashing descriptor is 6 commands (including header), 2 pointers,
	 * and 2 extended lengths
	 */
	desc = kmalloc((CAAM_CMD_SZ * 6 + CAAM_PTR_SZ * 2 +
			CAAM_EXTLEN_SZ * 2),
			GFP_KERNEL | GFP_DMA);

	init_job_desc(desc, 0);

	src_dma = dma_map_single(jrdev, (void *)key_in, *keylen,
				 DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, src_dma)) {
		dev_err(jrdev, "unable to map key input memory\n");
		kfree(desc);
		return -ENOMEM;
	}
	dma_sync_single_for_device(jrdev, src_dma, *keylen, DMA_TO_DEVICE);

	dst_dma = dma_map_single(jrdev, (void *)key_out, digestsize,
				 DMA_FROM_DEVICE);
	if (dma_mapping_error(jrdev, dst_dma)) {
		dev_err(jrdev, "unable to map key output memory\n");
		dma_unmap_single(jrdev, src_dma, *keylen, DMA_TO_DEVICE);
		kfree(desc);
		return -ENOMEM;
	}

	/* Job descriptor to perform unkeyed hash on key_in */
	append_operation(desc, ctx->alg_type | OP_ALG_ENCRYPT |
			 OP_ALG_AS_INITFINAL);
	append_seq_in_ptr(desc, src_dma, *keylen, 0);
	append_seq_fifo_load(desc, *keylen, FIFOLD_CLASS_CLASS2 |
			     FIFOLD_TYPE_LAST2 | FIFOLD_TYPE_MSG);
	append_seq_out_ptr(desc, dst_dma, digestsize, 0);
	append_seq_store(desc, digestsize, LDST_CLASS_2_CCB |
			 LDST_SRCDST_BYTE_CONTEXT);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "key_in@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, key_in, *keylen, 1);
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	result.err = 0;
	init_completion(&result.completion);

	ret = caam_jr_enqueue(jrdev, desc, split_key_done, &result);
	if (!ret) {
		/* in progress */
		wait_for_completion_interruptible(&result.completion);
		ret = result.err;
#ifdef DEBUG
		print_hex_dump(KERN_ERR, "digested key@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, key_in,
			       digestsize, 1);
#endif
	}
	*keylen = digestsize;

	dma_unmap_single(jrdev, src_dma, *keylen, DMA_TO_DEVICE);
	dma_sync_single_for_cpu(jrdev, dst_dma, digestsize, DMA_FROM_DEVICE);
	dma_unmap_single(jrdev, dst_dma, digestsize, DMA_FROM_DEVICE);

	kfree(desc);

	return ret;
}

static int ahash_setkey(struct crypto_ahash *ahash,
			const u8 *key, unsigned int keylen)
{
	/* Sizes for MDHA pads (*not* keys): MD5, SHA1, 224, 256, 384, 512 */
	static const u8 mdpadlen[] = { 16, 20, 32, 32, 64, 64 };
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct device *jrdev = ctx->jrdev;
	int blocksize = crypto_tfm_alg_blocksize(&ahash->base);
	int digestsize = crypto_ahash_digestsize(ahash);
	int ret = 0;
	u8 *hashed_key = NULL;

#ifdef DEBUG
	printk(KERN_ERR "keylen %d\n", keylen);
#endif

	if (keylen > blocksize) {
		hashed_key = kmalloc(sizeof(u8) * digestsize, GFP_KERNEL |
				     GFP_DMA);
		if (!hashed_key)
			return -ENOMEM;
		ret = hash_digest_key(ctx, key, &keylen, hashed_key,
				      digestsize);
		if (ret)
			goto badkey;
		key = hashed_key;
	}

	/* Pick class 2 key length from algorithm submask */
	ctx->split_key_len = mdpadlen[(ctx->alg_op & OP_ALG_ALGSEL_SUBMASK) >>
				      OP_ALG_ALGSEL_SHIFT] * 2;
	ctx->split_key_pad_len = ALIGN(ctx->split_key_len, 16);

#ifdef DEBUG
	printk(KERN_ERR "split_key_len %d split_key_pad_len %d\n",
	       ctx->split_key_len, ctx->split_key_pad_len);
	print_hex_dump(KERN_ERR, "key in @"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
#endif

	ret = gen_split_hash_key(ctx, key, keylen);
	if (ret)
		goto badkey;

	ctx->key_dma = dma_map_single(jrdev, ctx->key, ctx->split_key_pad_len,
				      DMA_TO_DEVICE);
	if (dma_mapping_error(jrdev, ctx->key_dma)) {
		dev_err(jrdev, "unable to map key i/o memory\n");
		return -ENOMEM;
	}

	dma_sync_single_for_device(jrdev, ctx->key_dma, ctx->split_key_pad_len,
				   DMA_TO_DEVICE);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ctx.key@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, ctx->key,
		       ctx->split_key_pad_len, 1);
#endif

	ret = ahash_set_sh_desc(ahash);
	if (ret) {
		dma_unmap_single(jrdev, ctx->key_dma, ctx->split_key_pad_len,
				 DMA_TO_DEVICE);
	}

	kfree(hashed_key);
	return ret;
badkey:
	kfree(hashed_key);
	crypto_ahash_set_flags(ahash, CRYPTO_TFM_RES_BAD_KEY_LEN);
	return -EINVAL;
}

/*
 * ahash_edesc - s/w-extended ahash descriptor
 * @dst_dma: physical mapped address of req->result
 * @sec4_sg_dma: physical mapped address of h/w link table
 * @chained: if source is chained
 * @src_nents: number of segments in input scatterlist
 * @sec4_sg_bytes: length of dma mapped sec4_sg space
 * @sec4_sg: pointer to h/w link table
 * @hw_desc: the h/w job descriptor followed by any referenced link tables
 */
struct ahash_edesc {
	dma_addr_t dst_dma;
	dma_addr_t sec4_sg_dma;
	bool chained;
	int src_nents;
	int sec4_sg_bytes;
	struct sec4_sg_entry *sec4_sg;
	u32 hw_desc[0];
};

static inline void ahash_unmap(struct device *dev,
			struct ahash_edesc *edesc,
			struct ahash_request *req, int dst_len)
{
	if (edesc->src_nents)
		dma_unmap_sg_chained(dev, req->src, edesc->src_nents,
				     DMA_TO_DEVICE, edesc->chained);
	if (edesc->dst_dma) {
		dma_sync_single_for_cpu(dev, edesc->dst_dma, dst_len,
					DMA_FROM_DEVICE);
		dma_unmap_single(dev, edesc->dst_dma, dst_len, DMA_FROM_DEVICE);
	}

	if (edesc->sec4_sg_bytes)
		dma_unmap_single(dev, edesc->sec4_sg_dma,
				 edesc->sec4_sg_bytes, DMA_TO_DEVICE);
}

static inline void ahash_unmap_ctx(struct device *dev,
			struct ahash_edesc *edesc,
			struct ahash_request *req, int dst_len, u32 flag)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);

	if (state->ctx_dma) {
		if ((flag == DMA_FROM_DEVICE) || (flag == DMA_BIDIRECTIONAL))
			dma_sync_single_for_cpu(dev, state->ctx_dma,
						ctx->ctx_len, flag);
		dma_unmap_single(dev, state->ctx_dma, ctx->ctx_len, flag);
	}
	ahash_unmap(dev, edesc, req, dst_len);
}

static void ahash_done(struct device *jrdev, u32 *desc, u32 err,
		       void *context)
{
	struct ahash_request *req = context;
	struct ahash_edesc *edesc;
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	int digestsize = crypto_ahash_digestsize(ahash);
#ifdef DEBUG
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);

	dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
#endif

	edesc = (struct ahash_edesc *)((char *)desc -
		 offsetof(struct ahash_edesc, hw_desc));
	if (err) {
		char tmp[CAAM_ERROR_STR_MAX];

		dev_err(jrdev, "%08x: %s\n", err, caam_jr_strstatus(tmp, err));
	}

	ahash_unmap(jrdev, edesc, req, digestsize);
	kfree(edesc);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ctx@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, state->caam_ctx,
		       ctx->ctx_len, 1);
	if (req->result)
		print_hex_dump(KERN_ERR, "result@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, req->result,
			       digestsize, 1);
#endif

	req->base.complete(&req->base, err);
}

static void ahash_done_bi(struct device *jrdev, u32 *desc, u32 err,
			    void *context)
{
	struct ahash_request *req = context;
	struct ahash_edesc *edesc;
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
#ifdef DEBUG
	struct caam_hash_state *state = ahash_request_ctx(req);
	int digestsize = crypto_ahash_digestsize(ahash);

	dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
#endif

	edesc = (struct ahash_edesc *)((char *)desc -
		 offsetof(struct ahash_edesc, hw_desc));
	if (err) {
		char tmp[CAAM_ERROR_STR_MAX];

		dev_err(jrdev, "%08x: %s\n", err, caam_jr_strstatus(tmp, err));
	}

	ahash_unmap_ctx(jrdev, edesc, req, ctx->ctx_len, DMA_BIDIRECTIONAL);
	kfree(edesc);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ctx@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, state->caam_ctx,
		       ctx->ctx_len, 1);
	if (req->result)
		print_hex_dump(KERN_ERR, "result@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, req->result,
			       digestsize, 1);
#endif

	req->base.complete(&req->base, err);
}

static void ahash_done_ctx_src(struct device *jrdev, u32 *desc, u32 err,
			       void *context)
{
	struct ahash_request *req = context;
	struct ahash_edesc *edesc;
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	int digestsize = crypto_ahash_digestsize(ahash);
#ifdef DEBUG
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);

	dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
#endif

	edesc = (struct ahash_edesc *)((char *)desc -
		 offsetof(struct ahash_edesc, hw_desc));
	if (err) {
		char tmp[CAAM_ERROR_STR_MAX];

		dev_err(jrdev, "%08x: %s\n", err, caam_jr_strstatus(tmp, err));
	}

	ahash_unmap_ctx(jrdev, edesc, req, digestsize, DMA_FROM_DEVICE);
	kfree(edesc);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ctx@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, state->caam_ctx,
		       ctx->ctx_len, 1);
	if (req->result)
		print_hex_dump(KERN_ERR, "result@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, req->result,
			       digestsize, 1);
#endif

	req->base.complete(&req->base, err);
}

static void ahash_done_ctx_dst(struct device *jrdev, u32 *desc, u32 err,
			       void *context)
{
	struct ahash_request *req = context;
	struct ahash_edesc *edesc;
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
#ifdef DEBUG
	struct caam_hash_state *state = ahash_request_ctx(req);
	int digestsize = crypto_ahash_digestsize(ahash);

	dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err);
#endif

	edesc = (struct ahash_edesc *)((char *)desc -
		 offsetof(struct ahash_edesc, hw_desc));
	if (err) {
		char tmp[CAAM_ERROR_STR_MAX];

		dev_err(jrdev, "%08x: %s\n", err, caam_jr_strstatus(tmp, err));
	}

	ahash_unmap_ctx(jrdev, edesc, req, ctx->ctx_len, DMA_TO_DEVICE);
	kfree(edesc);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "ctx@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, state->caam_ctx,
		       ctx->ctx_len, 1);
	if (req->result)
		print_hex_dump(KERN_ERR, "result@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, req->result,
			       digestsize, 1);
#endif

	req->base.complete(&req->base, err);
}

/* submit update job descriptor */
static int ahash_update_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int *buflen = state->current_buf ? &state->buflen_1 : &state->buflen_0;
	u8 *next_buf = state->current_buf ? state->buf_0 : state->buf_1;
	int *next_buflen = state->current_buf ? &state->buflen_0 :
			   &state->buflen_1, last_buflen;
	int in_len = *buflen + req->nbytes, to_hash;
	u32 *sh_desc = ctx->sh_desc_update, *desc = NULL;
	dma_addr_t ptr = ctx->sh_desc_update_dma;
	int src_nents, sec4_sg_bytes, sec4_sg_src_index;
	struct ahash_edesc *edesc;
	bool chained = false;
	int ret = 0;
	int sh_len;

	last_buflen = *next_buflen;
	*next_buflen = in_len & (crypto_tfm_alg_blocksize(&ahash->base) - 1);
	to_hash = in_len - *next_buflen;

	if (to_hash) {
		src_nents = __sg_count(req->src, req->nbytes - (*next_buflen),
				       &chained);
		sec4_sg_src_index = 1 + (*buflen ? 1 : 0);
		sec4_sg_bytes = (sec4_sg_src_index + src_nents) *
				 sizeof(struct sec4_sg_entry);

		/*
		 * allocate space for base edesc and hw desc commands,
		 * link tables
		 */
		edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
				sec4_sg_bytes, GFP_DMA | flags);
		if (!edesc) {
			dev_err(jrdev,
				"could not allocate extended descriptor\n");
			return -ENOMEM;
		}

		edesc->src_nents = src_nents;
		edesc->chained = chained;
		edesc->sec4_sg_bytes = sec4_sg_bytes;
		edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
				 DESC_JOB_IO_LEN;
		edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
						     sec4_sg_bytes,
						     DMA_TO_DEVICE);

		ctx_map_to_sec4_sg(desc, jrdev, state, ctx->ctx_len,
				   edesc->sec4_sg, DMA_BIDIRECTIONAL);

		state->buf_dma = try_buf_map_to_sec4_sg(jrdev,
							edesc->sec4_sg + 1,
							buf, state->buf_dma,
							*buflen, last_buflen);

		if (src_nents) {
			src_map_to_sec4_sg(jrdev, req->src, src_nents,
					   edesc->sec4_sg + sec4_sg_src_index,
					   chained);
			if (*next_buflen) {
				sg_copy_part(next_buf, req->src, to_hash -
					     *buflen, req->nbytes);
				state->current_buf = !state->current_buf;
			}
		} else {
			(edesc->sec4_sg + sec4_sg_src_index - 1)->len |=
							SEC4_SG_LEN_FIN;
		}

		sh_len = desc_len(sh_desc);
		desc = edesc->hw_desc;
		init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER |
				     HDR_REVERSE);

		append_seq_in_ptr(desc, edesc->sec4_sg_dma, ctx->ctx_len +
				       to_hash, LDST_SGF);

		append_seq_out_ptr(desc, state->ctx_dma, ctx->ctx_len, 0);

		dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma,
					   sec4_sg_bytes, DMA_TO_DEVICE);

#ifdef DEBUG
		print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, desc,
			       desc_bytes(desc), 1);
#endif

		ret = caam_jr_enqueue(jrdev, desc, ahash_done_bi, req);
		if (!ret) {
			ret = -EINPROGRESS;
		} else {
			ahash_unmap_ctx(jrdev, edesc, req, ctx->ctx_len,
					   DMA_BIDIRECTIONAL);
			kfree(edesc);
		}
	} else if (*next_buflen) {
		sg_copy(buf + *buflen, req->src, req->nbytes);
		*buflen = *next_buflen;
		*next_buflen = last_buflen;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "buf@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, buf, *buflen, 1);
	print_hex_dump(KERN_ERR, "next buf@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, next_buf,
		       *next_buflen, 1);
#endif

	return ret;
}

static int ahash_final_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int buflen = state->current_buf ? state->buflen_1 : state->buflen_0;
	int last_buflen = state->current_buf ? state->buflen_0 :
			  state->buflen_1;
	u32 *sh_desc = ctx->sh_desc_fin, *desc;
	dma_addr_t ptr = ctx->sh_desc_fin_dma;
	int sec4_sg_bytes;
	int digestsize = crypto_ahash_digestsize(ahash);
	struct ahash_edesc *edesc;
	int ret = 0;
	int sh_len;

	sec4_sg_bytes = (1 + (buflen ? 1 : 0)) * sizeof(struct sec4_sg_entry);

	/* allocate space for base edesc and hw desc commands, link tables */
	edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
			sec4_sg_bytes, GFP_DMA | flags);
	if (!edesc) {
		dev_err(jrdev, "could not allocate extended descriptor\n");
		return -ENOMEM;
	}

	sh_len = desc_len(sh_desc);
	desc = edesc->hw_desc;
	init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER | HDR_REVERSE);

	edesc->sec4_sg_bytes = sec4_sg_bytes;
	edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
			 DESC_JOB_IO_LEN;
	edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
					    sec4_sg_bytes, DMA_TO_DEVICE);
	edesc->src_nents = 0;

	ctx_map_to_sec4_sg(desc, jrdev, state, ctx->ctx_len, edesc->sec4_sg,
			   DMA_TO_DEVICE);

	state->buf_dma = try_buf_map_to_sec4_sg(jrdev, edesc->sec4_sg + 1,
						buf, state->buf_dma, buflen,
						last_buflen);
	(edesc->sec4_sg + sec4_sg_bytes - 1)->len |= SEC4_SG_LEN_FIN;

	append_seq_in_ptr(desc, edesc->sec4_sg_dma, ctx->ctx_len + buflen,
			  LDST_SGF);

	edesc->dst_dma = map_seq_out_ptr_result(desc, jrdev, req->result,
						digestsize);

	dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma, sec4_sg_bytes,
				   DMA_TO_DEVICE);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	ret = caam_jr_enqueue(jrdev, desc, ahash_done_ctx_src, req);
	if (!ret) {
		ret = -EINPROGRESS;
	} else {
		ahash_unmap_ctx(jrdev, edesc, req, digestsize, DMA_FROM_DEVICE);
		kfree(edesc);
	}

	return ret;
}

static int ahash_finup_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int buflen = state->current_buf ? state->buflen_1 : state->buflen_0;
	int last_buflen = state->current_buf ? state->buflen_0 :
			  state->buflen_1;
	u32 *sh_desc = ctx->sh_desc_finup, *desc;
	dma_addr_t ptr = ctx->sh_desc_finup_dma;
	int sec4_sg_bytes, sec4_sg_src_index;
	int src_nents;
	int digestsize = crypto_ahash_digestsize(ahash);
	struct ahash_edesc *edesc;
	bool chained = false;
	int ret = 0;
	int sh_len;

	src_nents = __sg_count(req->src, req->nbytes, &chained);
	sec4_sg_src_index = 1 + (buflen ? 1 : 0);
	sec4_sg_bytes = (sec4_sg_src_index + src_nents) *
			 sizeof(struct sec4_sg_entry);

	/* allocate space for base edesc and hw desc commands, link tables */
	edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
			sec4_sg_bytes, GFP_DMA | flags);
	if (!edesc) {
		dev_err(jrdev, "could not allocate extended descriptor\n");
		return -ENOMEM;
	}

	sh_len = desc_len(sh_desc);
	desc = edesc->hw_desc;
	init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER | HDR_REVERSE);

	edesc->src_nents = src_nents;
	edesc->chained = chained;
	edesc->sec4_sg_bytes = sec4_sg_bytes;
	edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
			 DESC_JOB_IO_LEN;
	edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
					    sec4_sg_bytes, DMA_TO_DEVICE);

	ctx_map_to_sec4_sg(desc, jrdev, state, ctx->ctx_len, edesc->sec4_sg,
			   DMA_TO_DEVICE);

	state->buf_dma = try_buf_map_to_sec4_sg(jrdev, edesc->sec4_sg + 1,
						buf, state->buf_dma, buflen,
						last_buflen);

	src_map_to_sec4_sg(jrdev, req->src, src_nents, edesc->sec4_sg +
			   sec4_sg_src_index, chained);

	append_seq_in_ptr(desc, edesc->sec4_sg_dma, ctx->ctx_len +
			       buflen + req->nbytes, LDST_SGF);

	edesc->dst_dma = map_seq_out_ptr_result(desc, jrdev, req->result,
						digestsize);

	dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma, sec4_sg_bytes,
				   DMA_TO_DEVICE);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	ret = caam_jr_enqueue(jrdev, desc, ahash_done_ctx_src, req);
	if (!ret) {
		ret = -EINPROGRESS;
	} else {
		ahash_unmap_ctx(jrdev, edesc, req, digestsize, DMA_FROM_DEVICE);
		kfree(edesc);
	}

	return ret;
}

static int ahash_digest(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u32 *sh_desc = ctx->sh_desc_digest, *desc;
	dma_addr_t ptr = ctx->sh_desc_digest_dma;
	int digestsize = crypto_ahash_digestsize(ahash);
	int src_nents, sec4_sg_bytes;
	dma_addr_t src_dma;
	struct ahash_edesc *edesc;
	bool chained = false;
	int ret = 0;
	u32 options;
	int sh_len;

	src_nents = sg_count(req->src, req->nbytes, &chained);
	dma_map_sg_chained(jrdev, req->src, src_nents ? : 1, DMA_TO_DEVICE,
			   chained);
	sec4_sg_bytes = src_nents * sizeof(struct sec4_sg_entry);

	/* allocate space for base edesc and hw desc commands, link tables */
	edesc = kzalloc(sizeof(struct ahash_edesc) + sec4_sg_bytes +
			DESC_JOB_IO_LEN, GFP_DMA | flags);
	if (!edesc) {
		dev_err(jrdev, "could not allocate extended descriptor\n");
		return -ENOMEM;
	}
	edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
			  DESC_JOB_IO_LEN;
	edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
					    sec4_sg_bytes, DMA_TO_DEVICE);
	edesc->sec4_sg_bytes = sec4_sg_bytes;
	edesc->src_nents = src_nents;
	edesc->chained = chained;

	sh_len = desc_len(sh_desc);
	desc = edesc->hw_desc;
	init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER | HDR_REVERSE);

	if (src_nents) {
		sg_to_sec4_sg_last(req->src, src_nents, edesc->sec4_sg, 0);
		src_dma = edesc->sec4_sg_dma;
		options = LDST_SGF;
	} else {
		src_dma = sg_dma_address(req->src);
		options = 0;
	}
	append_seq_in_ptr(desc, src_dma, req->nbytes, options);

	dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma,
				   edesc->sec4_sg_bytes, DMA_TO_DEVICE);

	edesc->dst_dma = map_seq_out_ptr_result(desc, jrdev, req->result,
						digestsize);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	ret = caam_jr_enqueue(jrdev, desc, ahash_done, req);
	if (!ret) {
		ret = -EINPROGRESS;
	} else {
		ahash_unmap(jrdev, edesc, req, digestsize);
		kfree(edesc);
	}

	return ret;
}

/* submit ahash final if it the first job descriptor */
static int ahash_final_no_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int buflen = state->current_buf ? state->buflen_1 : state->buflen_0;
	u32 *sh_desc = ctx->sh_desc_digest, *desc;
	dma_addr_t ptr = ctx->sh_desc_digest_dma;
	int digestsize = crypto_ahash_digestsize(ahash);
	struct ahash_edesc *edesc;
	int ret = 0;
	int sh_len;

	/* allocate space for base edesc and hw desc commands, link tables */
	edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN,
			GFP_DMA | flags);
	if (!edesc) {
		dev_err(jrdev, "could not allocate extended descriptor\n");
		return -ENOMEM;
	}

	sh_len = desc_len(sh_desc);
	desc = edesc->hw_desc;
	init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER | HDR_REVERSE);

	state->buf_dma = dma_map_single(jrdev, buf, buflen, DMA_TO_DEVICE);

	append_seq_in_ptr(desc, state->buf_dma, buflen, 0);

	edesc->dst_dma = map_seq_out_ptr_result(desc, jrdev, req->result,
						digestsize);
	edesc->src_nents = 0;

	dma_sync_single_for_device(jrdev, state->buf_dma, buflen,
				   DMA_TO_DEVICE);
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	ret = caam_jr_enqueue(jrdev, desc, ahash_done, req);
	if (!ret) {
		ret = -EINPROGRESS;
	} else {
		ahash_unmap(jrdev, edesc, req, digestsize);
		kfree(edesc);
	}

	return ret;
}

/* submit ahash update if it the first job descriptor after update */
static int ahash_update_no_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int *buflen = state->current_buf ? &state->buflen_1 : &state->buflen_0;
	u8 *next_buf = state->current_buf ? state->buf_0 : state->buf_1;
	int *next_buflen = state->current_buf ? &state->buflen_0 :
			   &state->buflen_1;
	int in_len = *buflen + req->nbytes, to_hash;
	int sec4_sg_bytes, src_nents;
	struct ahash_edesc *edesc;
	u32 *desc, *sh_desc = ctx->sh_desc_update_first;
	dma_addr_t ptr = ctx->sh_desc_update_first_dma;
	bool chained = false;
	int ret = 0;
	int sh_len;

	*next_buflen = in_len & (crypto_tfm_alg_blocksize(&ahash->base) - 1);
	to_hash = in_len - *next_buflen;

	if (to_hash) {
		src_nents = __sg_count(req->src, req->nbytes - (*next_buflen),
				       &chained);
		sec4_sg_bytes = (1 + src_nents) *
				sizeof(struct sec4_sg_entry);

		/*
		 * allocate space for base edesc and hw desc commands,
		 * link tables
		 */
		edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
				sec4_sg_bytes, GFP_DMA | flags);
		if (!edesc) {
			dev_err(jrdev,
				"could not allocate extended descriptor\n");
			return -ENOMEM;
		}

		edesc->src_nents = src_nents;
		edesc->chained = chained;
		edesc->sec4_sg_bytes = sec4_sg_bytes;
		edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
				 DESC_JOB_IO_LEN;
		edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
						    sec4_sg_bytes,
						    DMA_TO_DEVICE);

		state->buf_dma = buf_map_to_sec4_sg(jrdev, edesc->sec4_sg,
						    buf, *buflen);
		src_map_to_sec4_sg(jrdev, req->src, src_nents,
				   edesc->sec4_sg + 1, chained);
		if (*next_buflen) {
			sg_copy_part(next_buf, req->src, to_hash - *buflen,
				    req->nbytes);
			state->current_buf = !state->current_buf;
		}

		sh_len = desc_len(sh_desc);
		desc = edesc->hw_desc;
		init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER |
				     HDR_REVERSE);

		append_seq_in_ptr(desc, edesc->sec4_sg_dma, to_hash, LDST_SGF);

		map_seq_out_ptr_ctx(desc, jrdev, state, ctx->ctx_len);

		dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma,
					   sec4_sg_bytes, DMA_TO_DEVICE);
#ifdef DEBUG
		print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, desc,
			       desc_bytes(desc), 1);
#endif

		ret = caam_jr_enqueue(jrdev, desc, ahash_done_ctx_dst, req);
		if (!ret) {
			ret = -EINPROGRESS;
			state->update = ahash_update_ctx;
			state->finup = ahash_finup_ctx;
			state->final = ahash_final_ctx;
		} else {
			ahash_unmap_ctx(jrdev, edesc, req, ctx->ctx_len,
					DMA_TO_DEVICE);
			kfree(edesc);
		}
	} else if (*next_buflen) {
		sg_copy(buf + *buflen, req->src, req->nbytes);
		*buflen = *next_buflen;
		*next_buflen = 0;
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "buf@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, buf, *buflen, 1);
	print_hex_dump(KERN_ERR, "next buf@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, next_buf,
		       *next_buflen, 1);
#endif

	return ret;
}

/* submit ahash finup if it the first job descriptor after update */
static int ahash_finup_no_ctx(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *buf = state->current_buf ? state->buf_1 : state->buf_0;
	int buflen = state->current_buf ? state->buflen_1 : state->buflen_0;
	int last_buflen = state->current_buf ? state->buflen_0 :
			  state->buflen_1;
	u32 *sh_desc = ctx->sh_desc_digest, *desc;
	dma_addr_t ptr = ctx->sh_desc_digest_dma;
	int sec4_sg_bytes, sec4_sg_src_index, src_nents;
	int digestsize = crypto_ahash_digestsize(ahash);
	struct ahash_edesc *edesc;
	bool chained = false;
	int sh_len;
	int ret = 0;

	src_nents = __sg_count(req->src, req->nbytes, &chained);
	sec4_sg_src_index = 2;
	sec4_sg_bytes = (sec4_sg_src_index + src_nents) *
			 sizeof(struct sec4_sg_entry);

	/* allocate space for base edesc and hw desc commands, link tables */
	edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
			sec4_sg_bytes, GFP_DMA | flags);
	if (!edesc) {
		dev_err(jrdev, "could not allocate extended descriptor\n");
		return -ENOMEM;
	}

	sh_len = desc_len(sh_desc);
	desc = edesc->hw_desc;
	init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER | HDR_REVERSE);

	edesc->src_nents = src_nents;
	edesc->chained = chained;
	edesc->sec4_sg_bytes = sec4_sg_bytes;
	edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
			 DESC_JOB_IO_LEN;
	edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
					    sec4_sg_bytes, DMA_TO_DEVICE);

	state->buf_dma = try_buf_map_to_sec4_sg(jrdev, edesc->sec4_sg, buf,
						state->buf_dma, buflen,
						last_buflen);

	src_map_to_sec4_sg(jrdev, req->src, src_nents, edesc->sec4_sg + 1,
			   chained);

	append_seq_in_ptr(desc, edesc->sec4_sg_dma, buflen +
			       req->nbytes, LDST_SGF);

	edesc->dst_dma = map_seq_out_ptr_result(desc, jrdev, req->result,
						digestsize);

	dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma, sec4_sg_bytes,
				   DMA_TO_DEVICE);

#ifdef DEBUG
	print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, desc, desc_bytes(desc), 1);
#endif

	ret = caam_jr_enqueue(jrdev, desc, ahash_done, req);
	if (!ret) {
		ret = -EINPROGRESS;
	} else {
		ahash_unmap(jrdev, edesc, req, digestsize);
		kfree(edesc);
	}

	return ret;
}

/* submit first update job descriptor after init */
static int ahash_update_first(struct ahash_request *req)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);
	struct device *jrdev = ctx->jrdev;
	gfp_t flags = (req->base.flags & (CRYPTO_TFM_REQ_MAY_BACKLOG |
		       CRYPTO_TFM_REQ_MAY_SLEEP)) ? GFP_KERNEL : GFP_ATOMIC;
	u8 *next_buf = state->buf_0 + state->current_buf *
		       CAAM_MAX_HASH_BLOCK_SIZE;
	int *next_buflen = &state->buflen_0 + state->current_buf;
	int to_hash;
	u32 *sh_desc = ctx->sh_desc_update_first, *desc;
	dma_addr_t ptr = ctx->sh_desc_update_first_dma;
	int sec4_sg_bytes, src_nents;
	dma_addr_t src_dma;
	u32 options;
	struct ahash_edesc *edesc;
	bool chained = false;
	int ret = 0;
	int sh_len;

	*next_buflen = req->nbytes & (crypto_tfm_alg_blocksize(&ahash->base) -
				      1);
	to_hash = req->nbytes - *next_buflen;

	if (to_hash) {
		src_nents = sg_count(req->src, req->nbytes - (*next_buflen),
				     &chained);
		dma_map_sg_chained(jrdev, req->src, src_nents ? : 1,
				   DMA_TO_DEVICE, chained);
		sec4_sg_bytes = src_nents * sizeof(struct sec4_sg_entry);

		/*
		 * allocate space for base edesc and hw desc commands,
		 * link tables
		 */
		edesc = kzalloc(sizeof(struct ahash_edesc) + DESC_JOB_IO_LEN +
				sec4_sg_bytes, GFP_DMA | flags);
		if (!edesc) {
			dev_err(jrdev,
				"could not allocate extended descriptor\n");
			return -ENOMEM;
		}

		edesc->src_nents = src_nents;
		edesc->chained = chained;
		edesc->sec4_sg_bytes = sec4_sg_bytes;
		edesc->sec4_sg = (void *)edesc + sizeof(struct ahash_edesc) +
				 DESC_JOB_IO_LEN;
		edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg,
						    sec4_sg_bytes,
						    DMA_TO_DEVICE);

		if (src_nents) {
			sg_to_sec4_sg_last(req->src, src_nents,
					   edesc->sec4_sg, 0);
			src_dma = edesc->sec4_sg_dma;
			options = LDST_SGF;
		} else {
			src_dma = sg_dma_address(req->src);
			options = 0;
		}

		if (*next_buflen)
			sg_copy_part(next_buf, req->src, to_hash, req->nbytes);

		sh_len = desc_len(sh_desc);
		desc = edesc->hw_desc;
		init_job_desc_shared(desc, ptr, sh_len, HDR_SHARE_DEFER |
				     HDR_REVERSE);

		append_seq_in_ptr(desc, src_dma, to_hash, options);

		map_seq_out_ptr_ctx(desc, jrdev, state, ctx->ctx_len);

		dma_sync_single_for_device(jrdev, edesc->sec4_sg_dma,
					   sec4_sg_bytes, DMA_TO_DEVICE);
#ifdef DEBUG
		print_hex_dump(KERN_ERR, "jobdesc@"xstr(__LINE__)": ",
			       DUMP_PREFIX_ADDRESS, 16, 4, desc,
			       desc_bytes(desc), 1);
#endif

		ret = caam_jr_enqueue(jrdev, desc, ahash_done_ctx_dst,
				      req);
		if (!ret) {
			ret = -EINPROGRESS;
			state->update = ahash_update_ctx;
			state->finup = ahash_finup_ctx;
			state->final = ahash_final_ctx;
		} else {
			ahash_unmap_ctx(jrdev, edesc, req, ctx->ctx_len,
					DMA_TO_DEVICE);
			kfree(edesc);
		}
	} else if (*next_buflen) {
		state->update = ahash_update_no_ctx;
		state->finup = ahash_finup_no_ctx;
		state->final = ahash_final_no_ctx;
		sg_copy(next_buf, req->src, req->nbytes);
	}
#ifdef DEBUG
	print_hex_dump(KERN_ERR, "next buf@"xstr(__LINE__)": ",
		       DUMP_PREFIX_ADDRESS, 16, 4, next_buf,
		       *next_buflen, 1);
#endif

	return ret;
}

static int ahash_finup_first(struct ahash_request *req)
{
	return ahash_digest(req);
}

static int ahash_init(struct ahash_request *req)
{
	struct caam_hash_state *state = ahash_request_ctx(req);

	memset(state, 0, sizeof(struct caam_hash_state));

	state->update = ahash_update_first;
	state->finup = ahash_finup_first;
	state->final = ahash_final_no_ctx;

	return 0;
}

static int ahash_update(struct ahash_request *req)
{
	struct caam_hash_state *state = ahash_request_ctx(req);

	return state->update(req);
}

static int ahash_finup(struct ahash_request *req)
{
	struct caam_hash_state *state = ahash_request_ctx(req);

	return state->finup(req);
}

static int ahash_final(struct ahash_request *req)
{
	struct caam_hash_state *state = ahash_request_ctx(req);

	return state->final(req);
}

static int ahash_export(struct ahash_request *req, void *out)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);

	memcpy(out, ctx, sizeof(struct caam_hash_ctx));
	memcpy(out + sizeof(struct caam_hash_ctx), state,
	       sizeof(struct caam_hash_state));
	return 0;
}

static int ahash_import(struct ahash_request *req, const void *in)
{
	struct crypto_ahash *ahash = crypto_ahash_reqtfm(req);
	struct caam_hash_ctx *ctx = crypto_ahash_ctx(ahash);
	struct caam_hash_state *state = ahash_request_ctx(req);

	memcpy(ctx, in, sizeof(struct caam_hash_ctx));
	memcpy(state, in + sizeof(struct caam_hash_ctx),
	       sizeof(struct caam_hash_state));
	return 0;
}

struct caam_hash_template {
	char name[CRYPTO_MAX_ALG_NAME];
	char driver_name[CRYPTO_MAX_ALG_NAME];
	char hmac_name[CRYPTO_MAX_ALG_NAME];
	char hmac_driver_name[CRYPTO_MAX_ALG_NAME];
	unsigned int blocksize;
	struct ahash_alg template_ahash;
	u32 alg_type;
	u32 alg_op;
};

/* ahash descriptors */
static struct caam_hash_template driver_hash[] = {
	{
		.name = "sha1",
		.driver_name = "sha1-caam",
		.hmac_name = "hmac(sha1)",
		.hmac_driver_name = "hmac-sha1-caam",
		.blocksize = SHA1_BLOCK_SIZE,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = SHA1_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_SHA1,
		.alg_op = OP_ALG_ALGSEL_SHA1 | OP_ALG_AAI_HMAC,
	}, {
		.name = "sha224",
		.driver_name = "sha224-caam",
		.hmac_name = "hmac(sha224)",
		.hmac_driver_name = "hmac-sha224-caam",
		.blocksize = SHA224_BLOCK_SIZE,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = SHA224_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_SHA224,
		.alg_op = OP_ALG_ALGSEL_SHA224 | OP_ALG_AAI_HMAC,
	}, {
		.name = "sha256",
		.driver_name = "sha256-caam",
		.hmac_name = "hmac(sha256)",
		.hmac_driver_name = "hmac-sha256-caam",
		.blocksize = SHA256_BLOCK_SIZE,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = SHA256_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_SHA256,
		.alg_op = OP_ALG_ALGSEL_SHA256 | OP_ALG_AAI_HMAC,
	}, {
		.name = "sha384",
		.driver_name = "sha384-caam",
		.hmac_name = "hmac(sha384)",
		.hmac_driver_name = "hmac-sha384-caam",
		.blocksize = SHA384_BLOCK_SIZE,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = SHA384_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_SHA384,
		.alg_op = OP_ALG_ALGSEL_SHA384 | OP_ALG_AAI_HMAC,
	}, {
		.name = "sha512",
		.driver_name = "sha512-caam",
		.hmac_name = "hmac(sha512)",
		.hmac_driver_name = "hmac-sha512-caam",
		.blocksize = SHA512_BLOCK_SIZE,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = SHA512_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_SHA512,
		.alg_op = OP_ALG_ALGSEL_SHA512 | OP_ALG_AAI_HMAC,
	}, {
		.name = "md5",
		.driver_name = "md5-caam",
		.hmac_name = "hmac(md5)",
		.hmac_driver_name = "hmac-md5-caam",
		.blocksize = MD5_BLOCK_WORDS * 4,
		.template_ahash = {
			.init = ahash_init,
			.update = ahash_update,
			.final = ahash_final,
			.finup = ahash_finup,
			.digest = ahash_digest,
			.export = ahash_export,
			.import = ahash_import,
			.setkey = ahash_setkey,
			.halg = {
				.digestsize = MD5_DIGEST_SIZE,
				},
			},
		.alg_type = OP_ALG_ALGSEL_MD5,
		.alg_op = OP_ALG_ALGSEL_MD5 | OP_ALG_AAI_HMAC,
	},
};

struct caam_hash_alg {
	struct list_head entry;
	struct device *ctrldev;
	int alg_type;
	int alg_op;
	struct ahash_alg ahash_alg;
};

static int caam_hash_cra_init(struct crypto_tfm *tfm)
{
	struct crypto_ahash *ahash = __crypto_ahash_cast(tfm);
	struct crypto_alg *base = tfm->__crt_alg;
	struct hash_alg_common *halg =
		 container_of(base, struct hash_alg_common, base);
	struct ahash_alg *alg =
		 container_of(halg, struct ahash_alg, halg);
	struct caam_hash_alg *caam_hash =
		 container_of(alg, struct caam_hash_alg, ahash_alg);
	struct caam_hash_ctx *ctx = crypto_tfm_ctx(tfm);
	struct caam_drv_private *priv = dev_get_drvdata(caam_hash->ctrldev);
	/* Sizes for MDHA running digests: MD5, SHA1, 224, 256, 384, 512 */
	static const u8 runninglen[] = { HASH_MSG_LEN + MD5_DIGEST_SIZE,
					 HASH_MSG_LEN + SHA1_DIGEST_SIZE,
					 HASH_MSG_LEN + 32,
					 HASH_MSG_LEN + SHA256_DIGEST_SIZE,
					 HASH_MSG_LEN + 64,
					 HASH_MSG_LEN + SHA512_DIGEST_SIZE };
	int tgt_jr = atomic_inc_return(&priv->tfm_count);
	int ret = 0;

	/*
	 * distribute tfms across job rings to ensure in-order
	 * crypto request processing per tfm
	 */
	ctx->jrdev = priv->jrdev[tgt_jr % priv->total_jobrs];

	/* copy descriptor header template value */
	ctx->alg_type = OP_TYPE_CLASS2_ALG | caam_hash->alg_type;
	ctx->alg_op = OP_TYPE_CLASS2_ALG | caam_hash->alg_op;

	ctx->ctx_len = runninglen[(ctx->alg_op & OP_ALG_ALGSEL_SUBMASK) >>
				  OP_ALG_ALGSEL_SHIFT];

	crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm),
				 sizeof(struct caam_hash_state));

	ret = ahash_set_sh_desc(ahash);

	return ret;
}

static void caam_hash_cra_exit(struct crypto_tfm *tfm)
{
	struct caam_hash_ctx *ctx = crypto_tfm_ctx(tfm);

	if (ctx->sh_desc_update_dma &&
	    !dma_mapping_error(ctx->jrdev, ctx->sh_desc_update_dma))
		dma_unmap_single(ctx->jrdev, ctx->sh_desc_update_dma,
				 desc_bytes(ctx->sh_desc_update),
				 DMA_TO_DEVICE);
	if (ctx->sh_desc_update_first_dma &&
	    !dma_mapping_error(ctx->jrdev, ctx->sh_desc_update_first_dma))
		dma_unmap_single(ctx->jrdev, ctx->sh_desc_update_first_dma,
				 desc_bytes(ctx->sh_desc_update_first),
				 DMA_TO_DEVICE);
	if (ctx->sh_desc_fin_dma &&
	    !dma_mapping_error(ctx->jrdev, ctx->sh_desc_fin_dma))
		dma_unmap_single(ctx->jrdev, ctx->sh_desc_fin_dma,
				 desc_bytes(ctx->sh_desc_fin), DMA_TO_DEVICE);
	if (ctx->sh_desc_digest_dma &&
	    !dma_mapping_error(ctx->jrdev, ctx->sh_desc_digest_dma))
		dma_unmap_single(ctx->jrdev, ctx->sh_desc_digest_dma,
				 desc_bytes(ctx->sh_desc_digest),
				 DMA_TO_DEVICE);
	if (ctx->sh_desc_finup_dma &&
	    !dma_mapping_error(ctx->jrdev, ctx->sh_desc_finup_dma))
		dma_unmap_single(ctx->jrdev, ctx->sh_desc_finup_dma,
				 desc_bytes(ctx->sh_desc_finup), DMA_TO_DEVICE);
}

static struct caam_hash_alg *
caam_hash_alloc(struct device *ctrldev, struct caam_hash_template *template,
		bool keyed)
{
	struct caam_hash_alg *t_alg;
	struct ahash_alg *halg;
	struct crypto_alg *alg;

	t_alg = kzalloc(sizeof(struct caam_hash_alg), GFP_KERNEL);
	if (!t_alg) {
		dev_err(ctrldev, "failed to allocate t_alg\n");
		return ERR_PTR(-ENOMEM);
	}

	t_alg->ahash_alg = template->template_ahash;
	halg = &t_alg->ahash_alg;
	alg = &halg->halg.base;

	if (keyed) {
		snprintf(alg->cra_name, CRYPTO_MAX_ALG_NAME, "%s",
			 template->hmac_name);
		snprintf(alg->cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s",
			 template->hmac_driver_name);
	} else {
		snprintf(alg->cra_name, CRYPTO_MAX_ALG_NAME, "%s",
			 template->name);
		snprintf(alg->cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s",
			 template->driver_name);
	}
	alg->cra_module = THIS_MODULE;
	alg->cra_init = caam_hash_cra_init;
	alg->cra_exit = caam_hash_cra_exit;
	alg->cra_ctxsize = sizeof(struct caam_hash_ctx);
	alg->cra_priority = CAAM_CRA_PRIORITY;
	alg->cra_blocksize = template->blocksize;
	alg->cra_alignmask = 0;
	alg->cra_flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_TYPE_AHASH;
	alg->cra_type = &crypto_ahash_type;

	t_alg->alg_type = template->alg_type;
	t_alg->alg_op = template->alg_op;
	t_alg->ctrldev = ctrldev;

	return t_alg;
}

int caam_algapi_hash_startup(struct platform_device *pdev)
{
	struct device *ctrldev;
	struct caam_drv_private *priv;
	int i = 0, err = 0, md_limit = 0, md_inst;
	u64 cha_inst;

	ctrldev = &pdev->dev;
	priv = dev_get_drvdata(ctrldev);

	INIT_LIST_HEAD(&priv->hash_list);

	atomic_set(&priv->tfm_count, -1);

	/* register algorithms the device supports */
	cha_inst = rd_reg64(&priv->ctrl->perfmon.cha_num);
	md_inst = (cha_inst & CHA_ID_MD_MASK) >> CHA_ID_MD_SHIFT;
	if (md_inst) {
		md_limit = SHA512_DIGEST_SIZE;
		if ((rd_reg64(&priv->ctrl->perfmon.cha_id) & CHA_ID_MD_MASK)
		     == CHA_ID_MD_LP256) /* LP256 limits digest size */
			md_limit = SHA256_DIGEST_SIZE;
	}

	for (i = 0; i < ARRAY_SIZE(driver_hash); i++) {
		struct caam_hash_alg *t_alg;

		/* If no MD instantiated, or MD too small, skip */
		if ((!md_inst) ||
		    (driver_hash[i].template_ahash.halg.digestsize >
		     md_limit))
			continue;

		/* register hmac version */
		t_alg = caam_hash_alloc(ctrldev, &driver_hash[i], true);
		if (IS_ERR(t_alg)) {
			err = PTR_ERR(t_alg);
			dev_warn(ctrldev, "%s alg allocation failed\n",
				 driver_hash[i].driver_name);
			continue;
		}

		err = crypto_register_ahash(&t_alg->ahash_alg);
		if (err) {
			dev_warn(ctrldev, "%s alg registration failed\n",
				t_alg->ahash_alg.halg.base.cra_driver_name);
			kfree(t_alg);
		} else
			list_add_tail(&t_alg->entry, &priv->hash_list);

		/* register unkeyed version */
		t_alg = caam_hash_alloc(ctrldev, &driver_hash[i], false);
		if (IS_ERR(t_alg)) {
			err = PTR_ERR(t_alg);
			dev_warn(ctrldev, "%s alg allocation failed\n",
				 driver_hash[i].driver_name);
			continue;
		}

		err = crypto_register_ahash(&t_alg->ahash_alg);
		if (err) {
			dev_warn(ctrldev, "%s alg registration failed\n",
				t_alg->ahash_alg.halg.base.cra_driver_name);
			kfree(t_alg);
		} else
			list_add_tail(&t_alg->entry, &priv->hash_list);
	}

	return err;
}

void caam_algapi_hash_shutdown(struct platform_device *pdev)
{
	struct device *ctrldev;
	struct caam_drv_private *priv;
	struct caam_hash_alg *t_alg, *n;

	ctrldev = &pdev->dev;
	priv = dev_get_drvdata(ctrldev);

	if (!priv->hash_list.next)
		return;

	list_for_each_entry_safe(t_alg, n, &priv->hash_list, entry) {
		crypto_unregister_ahash(&t_alg->ahash_alg);
		list_del(&t_alg->entry);
		kfree(t_alg);
	}
}

#ifdef CONFIG_OF
static void __exit caam_algapi_hash_exit(void)
{
	struct device_node *dev_node;
	struct platform_device *pdev;

	dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec-v4.0");
	if (!dev_node) {
		dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec4.0");
		if (!dev_node)
			return;
	}

	pdev = of_find_device_by_node(dev_node);
	if (!pdev)
		return;

	of_node_put(dev_node);
}

static int __init caam_algapi_hash_init(void)
{
	struct device_node *dev_node;
	struct platform_device *pdev;
	int err = 0;

	dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec-v4.0");
	if (!dev_node) {
		dev_node = of_find_compatible_node(NULL, NULL, "fsl,sec4.0");
		if (!dev_node)
			return -ENODEV;
	}

	pdev = of_find_device_by_node(dev_node);
	if (!pdev)
		return -ENODEV;

	of_node_put(dev_node);

	return caam_algapi_hash_startup(pdev);
}

module_init(caam_algapi_hash_init);
module_exit(caam_algapi_hash_exit);

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("FSL CAAM support for ahash functions of crypto API");
MODULE_AUTHOR("Freescale Semiconductor - NMG");
#endif
/a>
<a id='n1577' href='#n1577'>1577</a>
<a id='n1578' href='#n1578'>1578</a>
<a id='n1579' href='#n1579'>1579</a>
<a id='n1580' href='#n1580'>1580</a>
<a id='n1581' href='#n1581'>1581</a>
<a id='n1582' href='#n1582'>1582</a>
<a id='n1583' href='#n1583'>1583</a>
<a id='n1584' href='#n1584'>1584</a>
<a id='n1585' href='#n1585'>1585</a>
<a id='n1586' href='#n1586'>1586</a>
<a id='n1587' href='#n1587'>1587</a>
<a id='n1588' href='#n1588'>1588</a>
<a id='n1589' href='#n1589'>1589</a>
<a id='n1590' href='#n1590'>1590</a>
<a id='n1591' href='#n1591'>1591</a>
<a id='n1592' href='#n1592'>1592</a>
<a id='n1593' href='#n1593'>1593</a>
<a id='n1594' href='#n1594'>1594</a>
<a id='n1595' href='#n1595'>1595</a>
<a id='n1596' href='#n1596'>1596</a>
<a id='n1597' href='#n1597'>1597</a>
<a id='n1598' href='#n1598'>1598</a>
<a id='n1599' href='#n1599'>1599</a>
<a id='n1600' href='#n1600'>1600</a>
<a id='n1601' href='#n1601'>1601</a>
<a id='n1602' href='#n1602'>1602</a>
<a id='n1603' href='#n1603'>1603</a>
<a id='n1604' href='#n1604'>1604</a>
<a id='n1605' href='#n1605'>1605</a>
<a id='n1606' href='#n1606'>1606</a>
<a id='n1607' href='#n1607'>1607</a>
<a id='n1608' href='#n1608'>1608</a>
<a id='n1609' href='#n1609'>1609</a>
<a id='n1610' href='#n1610'>1610</a>
<a id='n1611' href='#n1611'>1611</a>
<a id='n1612' href='#n1612'>1612</a>
<a id='n1613' href='#n1613'>1613</a>
<a id='n1614' href='#n1614'>1614</a>
<a id='n1615' href='#n1615'>1615</a>
<a id='n1616' href='#n1616'>1616</a>
<a id='n1617' href='#n1617'>1617</a>
<a id='n1618' href='#n1618'>1618</a>
<a id='n1619' href='#n1619'>1619</a>
<a id='n1620' href='#n1620'>1620</a>
<a id='n1621' href='#n1621'>1621</a>
<a id='n1622' href='#n1622'>1622</a>
<a id='n1623' href='#n1623'>1623</a>
<a id='n1624' href='#n1624'>1624</a>
<a id='n1625' href='#n1625'>1625</a>
<a id='n1626' href='#n1626'>1626</a>
<a id='n1627' href='#n1627'>1627</a>
<a id='n1628' href='#n1628'>1628</a>
<a id='n1629' href='#n1629'>1629</a>
<a id='n1630' href='#n1630'>1630</a>
<a id='n1631' href='#n1631'>1631</a>
<a id='n1632' href='#n1632'>1632</a>
<a id='n1633' href='#n1633'>1633</a>
<a id='n1634' href='#n1634'>1634</a>
<a id='n1635' href='#n1635'>1635</a>
<a id='n1636' href='#n1636'>1636</a>
<a id='n1637' href='#n1637'>1637</a>
<a id='n1638' href='#n1638'>1638</a>
<a id='n1639' href='#n1639'>1639</a>
<a id='n1640' href='#n1640'>1640</a>
<a id='n1641' href='#n1641'>1641</a>
<a id='n1642' href='#n1642'>1642</a>
<a id='n1643' href='#n1643'>1643</a>
<a id='n1644' href='#n1644'>1644</a>
<a id='n1645' href='#n1645'>1645</a>
<a id='n1646' href='#n1646'>1646</a>
<a id='n1647' href='#n1647'>1647</a>
<a id='n1648' href='#n1648'>1648</a>
<a id='n1649' href='#n1649'>1649</a>
<a id='n1650' href='#n1650'>1650</a>
<a id='n1651' href='#n1651'>1651</a>
<a id='n1652' href='#n1652'>1652</a>
<a id='n1653' href='#n1653'>1653</a>
<a id='n1654' href='#n1654'>1654</a>
<a id='n1655' href='#n1655'>1655</a>
<a id='n1656' href='#n1656'>1656</a>
<a id='n1657' href='#n1657'>1657</a>
<a id='n1658' href='#n1658'>1658</a>
<a id='n1659' href='#n1659'>1659</a>
<a id='n1660' href='#n1660'>1660</a>
<a id='n1661' href='#n1661'>1661</a>
<a id='n1662' href='#n1662'>1662</a>
<a id='n1663' href='#n1663'>1663</a>
<a id='n1664' href='#n1664'>1664</a>
<a id='n1665' href='#n1665'>1665</a>
<a id='n1666' href='#n1666'>1666</a>
<a id='n1667' href='#n1667'>1667</a>
<a id='n1668' href='#n1668'>1668</a>
<a id='n1669' href='#n1669'>1669</a>
<a id='n1670' href='#n1670'>1670</a>
<a id='n1671' href='#n1671'>1671</a>
<a id='n1672' href='#n1672'>1672</a>
<a id='n1673' href='#n1673'>1673</a>
<a id='n1674' href='#n1674'>1674</a>
<a id='n1675' href='#n1675'>1675</a>
<a id='n1676' href='#n1676'>1676</a>
<a id='n1677' href='#n1677'>1677</a>
<a id='n1678' href='#n1678'>1678</a>
<a id='n1679' href='#n1679'>1679</a>
<a id='n1680' href='#n1680'>1680</a>
<a id='n1681' href='#n1681'>1681</a>
<a id='n1682' href='#n1682'>1682</a>
<a id='n1683' href='#n1683'>1683</a>
<a id='n1684' href='#n1684'>1684</a>
<a id='n1685' href='#n1685'>1685</a>
<a id='n1686' href='#n1686'>1686</a>
<a id='n1687' href='#n1687'>1687</a>
<a id='n1688' href='#n1688'>1688</a>
<a id='n1689' href='#n1689'>1689</a>
<a id='n1690' href='#n1690'>1690</a>
<a id='n1691' href='#n1691'>1691</a>
<a id='n1692' href='#n1692'>1692</a>
<a id='n1693' href='#n1693'>1693</a>
<a id='n1694' href='#n1694'>1694</a>
<a id='n1695' href='#n1695'>1695</a>
<a id='n1696' href='#n1696'>1696</a>
<a id='n1697' href='#n1697'>1697</a>
<a id='n1698' href='#n1698'>1698</a>
<a id='n1699' href='#n1699'>1699</a>
<a id='n1700' href='#n1700'>1700</a>
<a id='n1701' href='#n1701'>1701</a>
<a id='n1702' href='#n1702'>1702</a>
<a id='n1703' href='#n1703'>1703</a>
<a id='n1704' href='#n1704'>1704</a>
<a id='n1705' href='#n1705'>1705</a>
<a id='n1706' href='#n1706'>1706</a>
<a id='n1707' href='#n1707'>1707</a>
<a id='n1708' href='#n1708'>1708</a>
<a id='n1709' href='#n1709'>1709</a>
<a id='n1710' href='#n1710'>1710</a>
<a id='n1711' href='#n1711'>1711</a>
<a id='n1712' href='#n1712'>1712</a>
<a id='n1713' href='#n1713'>1713</a>
<a id='n1714' href='#n1714'>1714</a>
<a id='n1715' href='#n1715'>1715</a>
<a id='n1716' href='#n1716'>1716</a>
<a id='n1717' href='#n1717'>1717</a>
<a id='n1718' href='#n1718'>1718</a>
<a id='n1719' href='#n1719'>1719</a>
<a id='n1720' href='#n1720'>1720</a>
<a id='n1721' href='#n1721'>1721</a>
<a id='n1722' href='#n1722'>1722</a>
<a id='n1723' href='#n1723'>1723</a>
<a id='n1724' href='#n1724'>1724</a>
<a id='n1725' href='#n1725'>1725</a>
<a id='n1726' href='#n1726'>1726</a>
<a id='n1727' href='#n1727'>1727</a>
<a id='n1728' href='#n1728'>1728</a>
<a id='n1729' href='#n1729'>1729</a>
<a id='n1730' href='#n1730'>1730</a>
<a id='n1731' href='#n1731'>1731</a>
<a id='n1732' href='#n1732'>1732</a>
<a id='n1733' href='#n1733'>1733</a>
<a id='n1734' href='#n1734'>1734</a>
<a id='n1735' href='#n1735'>1735</a>
<a id='n1736' href='#n1736'>1736</a>
<a id='n1737' href='#n1737'>1737</a>
<a id='n1738' href='#n1738'>1738</a>
<a id='n1739' href='#n1739'>1739</a>
<a id='n1740' href='#n1740'>1740</a>
<a id='n1741' href='#n1741'>1741</a>
<a id='n1742' href='#n1742'>1742</a>
<a id='n1743' href='#n1743'>1743</a>
<a id='n1744' href='#n1744'>1744</a>
<a id='n1745' href='#n1745'>1745</a>
<a id='n1746' href='#n1746'>1746</a>
<a id='n1747' href='#n1747'>1747</a>
<a id='n1748' href='#n1748'>1748</a>
<a id='n1749' href='#n1749'>1749</a>
<a id='n1750' href='#n1750'>1750</a>
<a id='n1751' href='#n1751'>1751</a>
<a id='n1752' href='#n1752'>1752</a>
<a id='n1753' href='#n1753'>1753</a>
<a id='n1754' href='#n1754'>1754</a>
<a id='n1755' href='#n1755'>1755</a>
<a id='n1756' href='#n1756'>1756</a>
<a id='n1757' href='#n1757'>1757</a>
<a id='n1758' href='#n1758'>1758</a>
<a id='n1759' href='#n1759'>1759</a>
<a id='n1760' href='#n1760'>1760</a>
<a id='n1761' href='#n1761'>1761</a>
<a id='n1762' href='#n1762'>1762</a>
<a id='n1763' href='#n1763'>1763</a>
<a id='n1764' href='#n1764'>1764</a>
<a id='n1765' href='#n1765'>1765</a>
<a id='n1766' href='#n1766'>1766</a>
<a id='n1767' href='#n1767'>1767</a>
<a id='n1768' href='#n1768'>1768</a>
<a id='n1769' href='#n1769'>1769</a>
<a id='n1770' href='#n1770'>1770</a>
<a id='n1771' href='#n1771'>1771</a>
<a id='n1772' href='#n1772'>1772</a>
<a id='n1773' href='#n1773'>1773</a>
<a id='n1774' href='#n1774'>1774</a>
<a id='n1775' href='#n1775'>1775</a>
<a id='n1776' href='#n1776'>1776</a>
<a id='n1777' href='#n1777'>1777</a>
<a id='n1778' href='#n1778'>1778</a>
<a id='n1779' href='#n1779'>1779</a>
<a id='n1780' href='#n1780'>1780</a>
<a id='n1781' href='#n1781'>1781</a>
<a id='n1782' href='#n1782'>1782</a>
<a id='n1783' href='#n1783'>1783</a>
<a id='n1784' href='#n1784'>1784</a>
<a id='n1785' href='#n1785'>1785</a>
<a id='n1786' href='#n1786'>1786</a>
<a id='n1787' href='#n1787'>1787</a>
<a id='n1788' href='#n1788'>1788</a>
<a id='n1789' href='#n1789'>1789</a>
<a id='n1790' href='#n1790'>1790</a>
<a id='n1791' href='#n1791'>1791</a>
<a id='n1792' href='#n1792'>1792</a>
<a id='n1793' href='#n1793'>1793</a>
<a id='n1794' href='#n1794'>1794</a>
<a id='n1795' href='#n1795'>1795</a>
<a id='n1796' href='#n1796'>1796</a>
<a id='n1797' href='#n1797'>1797</a>
<a id='n1798' href='#n1798'>1798</a>
<a id='n1799' href='#n1799'>1799</a>
<a id='n1800' href='#n1800'>1800</a>
<a id='n1801' href='#n1801'>1801</a>
<a id='n1802' href='#n1802'>1802</a>
<a id='n1803' href='#n1803'>1803</a>
<a id='n1804' href='#n1804'>1804</a>
<a id='n1805' href='#n1805'>1805</a>
<a id='n1806' href='#n1806'>1806</a>
<a id='n1807' href='#n1807'>1807</a>
<a id='n1808' href='#n1808'>1808</a>
<a id='n1809' href='#n1809'>1809</a>
<a id='n1810' href='#n1810'>1810</a>
<a id='n1811' href='#n1811'>1811</a>
<a id='n1812' href='#n1812'>1812</a>
<a id='n1813' href='#n1813'>1813</a>
<a id='n1814' href='#n1814'>1814</a>
<a id='n1815' href='#n1815'>1815</a>
<a id='n1816' href='#n1816'>1816</a>
<a id='n1817' href='#n1817'>1817</a>
<a id='n1818' href='#n1818'>1818</a>
<a id='n1819' href='#n1819'>1819</a>
<a id='n1820' href='#n1820'>1820</a>
<a id='n1821' href='#n1821'>1821</a>
<a id='n1822' href='#n1822'>1822</a>
<a id='n1823' href='#n1823'>1823</a>
<a id='n1824' href='#n1824'>1824</a>
<a id='n1825' href='#n1825'>1825</a>
<a id='n1826' href='#n1826'>1826</a>
<a id='n1827' href='#n1827'>1827</a>
<a id='n1828' href='#n1828'>1828</a>
<a id='n1829' href='#n1829'>1829</a>
<a id='n1830' href='#n1830'>1830</a>
<a id='n1831' href='#n1831'>1831</a>
<a id='n1832' href='#n1832'>1832</a>
<a id='n1833' href='#n1833'>1833</a>
<a id='n1834' href='#n1834'>1834</a>
<a id='n1835' href='#n1835'>1835</a>
<a id='n1836' href='#n1836'>1836</a>
<a id='n1837' href='#n1837'>1837</a>
<a id='n1838' href='#n1838'>1838</a>
<a id='n1839' href='#n1839'>1839</a>
<a id='n1840' href='#n1840'>1840</a>
<a id='n1841' href='#n1841'>1841</a>
<a id='n1842' href='#n1842'>1842</a>
<a id='n1843' href='#n1843'>1843</a>
<a id='n1844' href='#n1844'>1844</a>
<a id='n1845' href='#n1845'>1845</a>
<a id='n1846' href='#n1846'>1846</a>
<a id='n1847' href='#n1847'>1847</a>
<a id='n1848' href='#n1848'>1848</a>
<a id='n1849' href='#n1849'>1849</a>
<a id='n1850' href='#n1850'>1850</a>
<a id='n1851' href='#n1851'>1851</a>
<a id='n1852' href='#n1852'>1852</a>
<a id='n1853' href='#n1853'>1853</a>
<a id='n1854' href='#n1854'>1854</a>
<a id='n1855' href='#n1855'>1855</a>
<a id='n1856' href='#n1856'>1856</a>
<a id='n1857' href='#n1857'>1857</a>
<a id='n1858' href='#n1858'>1858</a>
<a id='n1859' href='#n1859'>1859</a>
<a id='n1860' href='#n1860'>1860</a>
<a id='n1861' href='#n1861'>1861</a>
<a id='n1862' href='#n1862'>1862</a>
<a id='n1863' href='#n1863'>1863</a>
<a id='n1864' href='#n1864'>1864</a>
<a id='n1865' href='#n1865'>1865</a>
<a id='n1866' href='#n1866'>1866</a>
<a id='n1867' href='#n1867'>1867</a>
<a id='n1868' href='#n1868'>1868</a>
<a id='n1869' href='#n1869'>1869</a>
<a id='n1870' href='#n1870'>1870</a>
<a id='n1871' href='#n1871'>1871</a>
<a id='n1872' href='#n1872'>1872</a>
<a id='n1873' href='#n1873'>1873</a>
<a id='n1874' href='#n1874'>1874</a>
<a id='n1875' href='#n1875'>1875</a>
<a id='n1876' href='#n1876'>1876</a>
<a id='n1877' href='#n1877'>1877</a>
<a id='n1878' href='#n1878'>1878</a>
<a id='n1879' href='#n1879'>1879</a>
<a id='n1880' href='#n1880'>1880</a>
<a id='n1881' href='#n1881'>1881</a>
<a id='n1882' href='#n1882'>1882</a>
<a id='n1883' href='#n1883'>1883</a>
<a id='n1884' href='#n1884'>1884</a>
<a id='n1885' href='#n1885'>1885</a>
<a id='n1886' href='#n1886'>1886</a>
<a id='n1887' href='#n1887'>1887</a>
<a id='n1888' href='#n1888'>1888</a>
<a id='n1889' href='#n1889'>1889</a>
<a id='n1890' href='#n1890'>1890</a>
<a id='n1891' href='#n1891'>1891</a>
<a id='n1892' href='#n1892'>1892</a>
<a id='n1893' href='#n1893'>1893</a>
<a id='n1894' href='#n1894'>1894</a>
<a id='n1895' href='#n1895'>1895</a>
<a id='n1896' href='#n1896'>1896</a>
<a id='n1897' href='#n1897'>1897</a>
<a id='n1898' href='#n1898'>1898</a>
<a id='n1899' href='#n1899'>1899</a>
<a id='n1900' href='#n1900'>1900</a>
<a id='n1901' href='#n1901'>1901</a>
<a id='n1902' href='#n1902'>1902</a>
<a id='n1903' href='#n1903'>1903</a>
<a id='n1904' href='#n1904'>1904</a>
<a id='n1905' href='#n1905'>1905</a>
<a id='n1906' href='#n1906'>1906</a>
<a id='n1907' href='#n1907'>1907</a>
<a id='n1908' href='#n1908'>1908</a>
<a id='n1909' href='#n1909'>1909</a>
<a id='n1910' href='#n1910'>1910</a>
<a id='n1911' href='#n1911'>1911</a>
<a id='n1912' href='#n1912'>1912</a>
<a id='n1913' href='#n1913'>1913</a>
<a id='n1914' href='#n1914'>1914</a>
<a id='n1915' href='#n1915'>1915</a>
<a id='n1916' href='#n1916'>1916</a>
<a id='n1917' href='#n1917'>1917</a>
<a id='n1918' href='#n1918'>1918</a>
<a id='n1919' href='#n1919'>1919</a>
<a id='n1920' href='#n1920'>1920</a>
<a id='n1921' href='#n1921'>1921</a>
<a id='n1922' href='#n1922'>1922</a>
<a id='n1923' href='#n1923'>1923</a>
<a id='n1924' href='#n1924'>1924</a>
<a id='n1925' href='#n1925'>1925</a>
<a id='n1926' href='#n1926'>1926</a>
<a id='n1927' href='#n1927'>1927</a>
<a id='n1928' href='#n1928'>1928</a>
<a id='n1929' href='#n1929'>1929</a>
<a id='n1930' href='#n1930'>1930</a>
<a id='n1931' href='#n1931'>1931</a>
<a id='n1932' href='#n1932'>1932</a>
<a id='n1933' href='#n1933'>1933</a>
<a id='n1934' href='#n1934'>1934</a>
<a id='n1935' href='#n1935'>1935</a>
<a id='n1936' href='#n1936'>1936</a>
<a id='n1937' href='#n1937'>1937</a>
<a id='n1938' href='#n1938'>1938</a>
<a id='n1939' href='#n1939'>1939</a>
<a id='n1940' href='#n1940'>1940</a>
<a id='n1941' href='#n1941'>1941</a>
<a id='n1942' href='#n1942'>1942</a>
<a id='n1943' href='#n1943'>1943</a>
<a id='n1944' href='#n1944'>1944</a>
<a id='n1945' href='#n1945'>1945</a>
<a id='n1946' href='#n1946'>1946</a>
<a id='n1947' href='#n1947'>1947</a>
<a id='n1948' href='#n1948'>1948</a>
<a id='n1949' href='#n1949'>1949</a>
<a id='n1950' href='#n1950'>1950</a>
<a id='n1951' href='#n1951'>1951</a>
<a id='n1952' href='#n1952'>1952</a>
<a id='n1953' href='#n1953'>1953</a>
<a id='n1954' href='#n1954'>1954</a>
<a id='n1955' href='#n1955'>1955</a>
<a id='n1956' href='#n1956'>1956</a>
<a id='n1957' href='#n1957'>1957</a>
<a id='n1958' href='#n1958'>1958</a>
<a id='n1959' href='#n1959'>1959</a>
<a id='n1960' href='#n1960'>1960</a>
<a id='n1961' href='#n1961'>1961</a>
<a id='n1962' href='#n1962'>1962</a>
<a id='n1963' href='#n1963'>1963</a>
<a id='n1964' href='#n1964'>1964</a>
<a id='n1965' href='#n1965'>1965</a>
<a id='n1966' href='#n1966'>1966</a>
<a id='n1967' href='#n1967'>1967</a>
<a id='n1968' href='#n1968'>1968</a>
<a id='n1969' href='#n1969'>1969</a>
<a id='n1970' href='#n1970'>1970</a>
<a id='n1971' href='#n1971'>1971</a>
<a id='n1972' href='#n1972'>1972</a>
<a id='n1973' href='#n1973'>1973</a>
<a id='n1974' href='#n1974'>1974</a>
<a id='n1975' href='#n1975'>1975</a>
<a id='n1976' href='#n1976'>1976</a>
<a id='n1977' href='#n1977'>1977</a>
<a id='n1978' href='#n1978'>1978</a>
<a id='n1979' href='#n1979'>1979</a>
<a id='n1980' href='#n1980'>1980</a>
<a id='n1981' href='#n1981'>1981</a>
<a id='n1982' href='#n1982'>1982</a>
<a id='n1983' href='#n1983'>1983</a>
<a id='n1984' href='#n1984'>1984</a>
<a id='n1985' href='#n1985'>1985</a>
<a id='n1986' href='#n1986'>1986</a>
<a id='n1987' href='#n1987'>1987</a>
<a id='n1988' href='#n1988'>1988</a>
<a id='n1989' href='#n1989'>1989</a>
<a id='n1990' href='#n1990'>1990</a>
<a id='n1991' href='#n1991'>1991</a>
<a id='n1992' href='#n1992'>1992</a>
<a id='n1993' href='#n1993'>1993</a>
<a id='n1994' href='#n1994'>1994</a>
<a id='n1995' href='#n1995'>1995</a>
<a id='n1996' href='#n1996'>1996</a>
<a id='n1997' href='#n1997'>1997</a>
<a id='n1998' href='#n1998'>1998</a>
<a id='n1999' href='#n1999'>1999</a>
<a id='n2000' href='#n2000'>2000</a>
<a id='n2001' href='#n2001'>2001</a>
<a id='n2002' href='#n2002'>2002</a>
<a id='n2003' href='#n2003'>2003</a>
<a id='n2004' href='#n2004'>2004</a>
<a id='n2005' href='#n2005'>2005</a>
<a id='n2006' href='#n2006'>2006</a>
<a id='n2007' href='#n2007'>2007</a>
<a id='n2008' href='#n2008'>2008</a>
<a id='n2009' href='#n2009'>2009</a>
<a id='n2010' href='#n2010'>2010</a>
<a id='n2011' href='#n2011'>2011</a>
<a id='n2012' href='#n2012'>2012</a>
<a id='n2013' href='#n2013'>2013</a>
<a id='n2014' href='#n2014'>2014</a>
<a id='n2015' href='#n2015'>2015</a>
<a id='n2016' href='#n2016'>2016</a>
<a id='n2017' href='#n2017'>2017</a>
<a id='n2018' href='#n2018'>2018</a>
<a id='n2019' href='#n2019'>2019</a>
<a id='n2020' href='#n2020'>2020</a>
<a id='n2021' href='#n2021'>2021</a>
<a id='n2022' href='#n2022'>2022</a>
<a id='n2023' href='#n2023'>2023</a>
<a id='n2024' href='#n2024'>2024</a>
<a id='n2025' href='#n2025'>2025</a>
<a id='n2026' href='#n2026'>2026</a>
<a id='n2027' href='#n2027'>2027</a>
<a id='n2028' href='#n2028'>2028</a>
<a id='n2029' href='#n2029'>2029</a>
<a id='n2030' href='#n2030'>2030</a>
<a id='n2031' href='#n2031'>2031</a>
<a id='n2032' href='#n2032'>2032</a>
<a id='n2033' href='#n2033'>2033</a>
<a id='n2034' href='#n2034'>2034</a>
<a id='n2035' href='#n2035'>2035</a>
<a id='n2036' href='#n2036'>2036</a>
<a id='n2037' href='#n2037'>2037</a>
<a id='n2038' href='#n2038'>2038</a>
<a id='n2039' href='#n2039'>2039</a>
<a id='n2040' href='#n2040'>2040</a>
<a id='n2041' href='#n2041'>2041</a>
<a id='n2042' href='#n2042'>2042</a>
<a id='n2043' href='#n2043'>2043</a>
<a id='n2044' href='#n2044'>2044</a>
<a id='n2045' href='#n2045'>2045</a>
<a id='n2046' href='#n2046'>2046</a>
<a id='n2047' href='#n2047'>2047</a>
<a id='n2048' href='#n2048'>2048</a>
<a id='n2049' href='#n2049'>2049</a>
<a id='n2050' href='#n2050'>2050</a>
<a id='n2051' href='#n2051'>2051</a>
<a id='n2052' href='#n2052'>2052</a>
<a id='n2053' href='#n2053'>2053</a>
<a id='n2054' href='#n2054'>2054</a>
<a id='n2055' href='#n2055'>2055</a>
<a id='n2056' href='#n2056'>2056</a>
<a id='n2057' href='#n2057'>2057</a>
<a id='n2058' href='#n2058'>2058</a>
<a id='n2059' href='#n2059'>2059</a>
<a id='n2060' href='#n2060'>2060</a>
<a id='n2061' href='#n2061'>2061</a>
<a id='n2062' href='#n2062'>2062</a>
<a id='n2063' href='#n2063'>2063</a>
<a id='n2064' href='#n2064'>2064</a>
<a id='n2065' href='#n2065'>2065</a>
<a id='n2066' href='#n2066'>2066</a>
<a id='n2067' href='#n2067'>2067</a>
<a id='n2068' href='#n2068'>2068</a>
<a id='n2069' href='#n2069'>2069</a>
<a id='n2070' href='#n2070'>2070</a>
<a id='n2071' href='#n2071'>2071</a>
<a id='n2072' href='#n2072'>2072</a>
<a id='n2073' href='#n2073'>2073</a>
<a id='n2074' href='#n2074'>2074</a>
<a id='n2075' href='#n2075'>2075</a>
<a id='n2076' href='#n2076'>2076</a>
<a id='n2077' href='#n2077'>2077</a>
<a id='n2078' href='#n2078'>2078</a>
<a id='n2079' href='#n2079'>2079</a>
<a id='n2080' href='#n2080'>2080</a>
<a id='n2081' href='#n2081'>2081</a>
<a id='n2082' href='#n2082'>2082</a>
<a id='n2083' href='#n2083'>2083</a>
<a id='n2084' href='#n2084'>2084</a>
<a id='n2085' href='#n2085'>2085</a>
<a id='n2086' href='#n2086'>2086</a>
<a id='n2087' href='#n2087'>2087</a>
<a id='n2088' href='#n2088'>2088</a>
<a id='n2089' href='#n2089'>2089</a>
<a id='n2090' href='#n2090'>2090</a>
<a id='n2091' href='#n2091'>2091</a>
<a id='n2092' href='#n2092'>2092</a>
<a id='n2093' href='#n2093'>2093</a>
<a id='n2094' href='#n2094'>2094</a>
<a id='n2095' href='#n2095'>2095</a>
<a id='n2096' href='#n2096'>2096</a>
<a id='n2097' href='#n2097'>2097</a>
<a id='n2098' href='#n2098'>2098</a>
<a id='n2099' href='#n2099'>2099</a>
<a id='n2100' href='#n2100'>2100</a>
<a id='n2101' href='#n2101'>2101</a>
<a id='n2102' href='#n2102'>2102</a>
<a id='n2103' href='#n2103'>2103</a>
<a id='n2104' href='#n2104'>2104</a>
<a id='n2105' href='#n2105'>2105</a>
<a id='n2106' href='#n2106'>2106</a>
<a id='n2107' href='#n2107'>2107</a>
<a id='n2108' href='#n2108'>2108</a>
<a id='n2109' href='#n2109'>2109</a>
<a id='n2110' href='#n2110'>2110</a>
<a id='n2111' href='#n2111'>2111</a>
<a id='n2112' href='#n2112'>2112</a>
<a id='n2113' href='#n2113'>2113</a>
<a id='n2114' href='#n2114'>2114</a>
<a id='n2115' href='#n2115'>2115</a>
<a id='n2116' href='#n2116'>2116</a>
<a id='n2117' href='#n2117'>2117</a>
<a id='n2118' href='#n2118'>2118</a>
<a id='n2119' href='#n2119'>2119</a>
<a id='n2120' href='#n2120'>2120</a>
<a id='n2121' href='#n2121'>2121</a>
<a id='n2122' href='#n2122'>2122</a>
<a id='n2123' href='#n2123'>2123</a>
<a id='n2124' href='#n2124'>2124</a>
<a id='n2125' href='#n2125'>2125</a>
<a id='n2126' href='#n2126'>2126</a>
<a id='n2127' href='#n2127'>2127</a>
<a id='n2128' href='#n2128'>2128</a>
<a id='n2129' href='#n2129'>2129</a>
<a id='n2130' href='#n2130'>2130</a>
<a id='n2131' href='#n2131'>2131</a>
<a id='n2132' href='#n2132'>2132</a>
<a id='n2133' href='#n2133'>2133</a>
<a id='n2134' href='#n2134'>2134</a>
<a id='n2135' href='#n2135'>2135</a>
<a id='n2136' href='#n2136'>2136</a>
<a id='n2137' href='#n2137'>2137</a>
<a id='n2138' href='#n2138'>2138</a>
<a id='n2139' href='#n2139'>2139</a>
<a id='n2140' href='#n2140'>2140</a>
<a id='n2141' href='#n2141'>2141</a>
<a id='n2142' href='#n2142'>2142</a>
<a id='n2143' href='#n2143'>2143</a>
<a id='n2144' href='#n2144'>2144</a>
<a id='n2145' href='#n2145'>2145</a>
<a id='n2146' href='#n2146'>2146</a>
<a id='n2147' href='#n2147'>2147</a>
<a id='n2148' href='#n2148'>2148</a>
<a id='n2149' href='#n2149'>2149</a>
<a id='n2150' href='#n2150'>2150</a>
<a id='n2151' href='#n2151'>2151</a>
<a id='n2152' href='#n2152'>2152</a>
<a id='n2153' href='#n2153'>2153</a>
<a id='n2154' href='#n2154'>2154</a>
<a id='n2155' href='#n2155'>2155</a>
<a id='n2156' href='#n2156'>2156</a>
<a id='n2157' href='#n2157'>2157</a>
<a id='n2158' href='#n2158'>2158</a>
<a id='n2159' href='#n2159'>2159</a>
<a id='n2160' href='#n2160'>2160</a>
<a id='n2161' href='#n2161'>2161</a>
<a id='n2162' href='#n2162'>2162</a>
<a id='n2163' href='#n2163'>2163</a>
<a id='n2164' href='#n2164'>2164</a>
<a id='n2165' href='#n2165'>2165</a>
<a id='n2166' href='#n2166'>2166</a>
<a id='n2167' href='#n2167'>2167</a>
<a id='n2168' href='#n2168'>2168</a>
<a id='n2169' href='#n2169'>2169</a>
<a id='n2170' href='#n2170'>2170</a>
<a id='n2171' href='#n2171'>2171</a>
<a id='n2172' href='#n2172'>2172</a>
<a id='n2173' href='#n2173'>2173</a>
<a id='n2174' href='#n2174'>2174</a>
<a id='n2175' href='#n2175'>2175</a>
<a id='n2176' href='#n2176'>2176</a>
<a id='n2177' href='#n2177'>2177</a>
<a id='n2178' href='#n2178'>2178</a>
<a id='n2179' href='#n2179'>2179</a>
<a id='n2180' href='#n2180'>2180</a>
<a id='n2181' href='#n2181'>2181</a>
<a id='n2182' href='#n2182'>2182</a>
<a id='n2183' href='#n2183'>2183</a>
<a id='n2184' href='#n2184'>2184</a>
<a id='n2185' href='#n2185'>2185</a>
<a id='n2186' href='#n2186'>2186</a>
<a id='n2187' href='#n2187'>2187</a>
<a id='n2188' href='#n2188'>2188</a>
<a id='n2189' href='#n2189'>2189</a>
<a id='n2190' href='#n2190'>2190</a>
<a id='n2191' href='#n2191'>2191</a>
<a id='n2192' href='#n2192'>2192</a>
<a id='n2193' href='#n2193'>2193</a>
<a id='n2194' href='#n2194'>2194</a>
<a id='n2195' href='#n2195'>2195</a>
<a id='n2196' href='#n2196'>2196</a>
<a id='n2197' href='#n2197'>2197</a>
<a id='n2198' href='#n2198'>2198</a>
<a id='n2199' href='#n2199'>2199</a>
<a id='n2200' href='#n2200'>2200</a>
<a id='n2201' href='#n2201'>2201</a>
<a id='n2202' href='#n2202'>2202</a>
<a id='n2203' href='#n2203'>2203</a>
<a id='n2204' href='#n2204'>2204</a>
<a id='n2205' href='#n2205'>2205</a>
<a id='n2206' href='#n2206'>2206</a>
<a id='n2207' href='#n2207'>2207</a>
<a id='n2208' href='#n2208'>2208</a>
<a id='n2209' href='#n2209'>2209</a>
<a id='n2210' href='#n2210'>2210</a>
<a id='n2211' href='#n2211'>2211</a>
<a id='n2212' href='#n2212'>2212</a>
<a id='n2213' href='#n2213'>2213</a>
<a id='n2214' href='#n2214'>2214</a>
<a id='n2215' href='#n2215'>2215</a>
<a id='n2216' href='#n2216'>2216</a>
<a id='n2217' href='#n2217'>2217</a>
<a id='n2218' href='#n2218'>2218</a>
<a id='n2219' href='#n2219'>2219</a>
<a id='n2220' href='#n2220'>2220</a>
<a id='n2221' href='#n2221'>2221</a>
<a id='n2222' href='#n2222'>2222</a>
<a id='n2223' href='#n2223'>2223</a>
<a id='n2224' href='#n2224'>2224</a>
<a id='n2225' href='#n2225'>2225</a>
<a id='n2226' href='#n2226'>2226</a>
<a id='n2227' href='#n2227'>2227</a>
<a id='n2228' href='#n2228'>2228</a>
<a id='n2229' href='#n2229'>2229</a>
<a id='n2230' href='#n2230'>2230</a>
<a id='n2231' href='#n2231'>2231</a>
<a id='n2232' href='#n2232'>2232</a>
<a id='n2233' href='#n2233'>2233</a>
<a id='n2234' href='#n2234'>2234</a>
<a id='n2235' href='#n2235'>2235</a>
<a id='n2236' href='#n2236'>2236</a>
<a id='n2237' href='#n2237'>2237</a>
<a id='n2238' href='#n2238'>2238</a>
<a id='n2239' href='#n2239'>2239</a>
<a id='n2240' href='#n2240'>2240</a>
<a id='n2241' href='#n2241'>2241</a>
<a id='n2242' href='#n2242'>2242</a>
<a id='n2243' href='#n2243'>2243</a>
<a id='n2244' href='#n2244'>2244</a>
<a id='n2245' href='#n2245'>2245</a>
<a id='n2246' href='#n2246'>2246</a>
<a id='n2247' href='#n2247'>2247</a>
<a id='n2248' href='#n2248'>2248</a>
<a id='n2249' href='#n2249'>2249</a>
<a id='n2250' href='#n2250'>2250</a>
<a id='n2251' href='#n2251'>2251</a>
<a id='n2252' href='#n2252'>2252</a>
<a id='n2253' href='#n2253'>2253</a>
<a id='n2254' href='#n2254'>2254</a>
<a id='n2255' href='#n2255'>2255</a>
<a id='n2256' href='#n2256'>2256</a>
<a id='n2257' href='#n2257'>2257</a>
<a id='n2258' href='#n2258'>2258</a>
<a id='n2259' href='#n2259'>2259</a>
<a id='n2260' href='#n2260'>2260</a>
<a id='n2261' href='#n2261'>2261</a>
<a id='n2262' href='#n2262'>2262</a>
<a id='n2263' href='#n2263'>2263</a>
<a id='n2264' href='#n2264'>2264</a>
<a id='n2265' href='#n2265'>2265</a>
<a id='n2266' href='#n2266'>2266</a>
<a id='n2267' href='#n2267'>2267</a>
<a id='n2268' href='#n2268'>2268</a>
<a id='n2269' href='#n2269'>2269</a>
<a id='n2270' href='#n2270'>2270</a>
<a id='n2271' href='#n2271'>2271</a>
<a id='n2272' href='#n2272'>2272</a>
<a id='n2273' href='#n2273'>2273</a>
<a id='n2274' href='#n2274'>2274</a>
<a id='n2275' href='#n2275'>2275</a>
<a id='n2276' href='#n2276'>2276</a>
<a id='n2277' href='#n2277'>2277</a>
<a id='n2278' href='#n2278'>2278</a>
<a id='n2279' href='#n2279'>2279</a>
<a id='n2280' href='#n2280'>2280</a>
<a id='n2281' href='#n2281'>2281</a>
<a id='n2282' href='#n2282'>2282</a>
<a id='n2283' href='#n2283'>2283</a>
<a id='n2284' href='#n2284'>2284</a>
<a id='n2285' href='#n2285'>2285</a>
<a id='n2286' href='#n2286'>2286</a>
<a id='n2287' href='#n2287'>2287</a>
<a id='n2288' href='#n2288'>2288</a>
<a id='n2289' href='#n2289'>2289</a>
<a id='n2290' href='#n2290'>2290</a>
<a id='n2291' href='#n2291'>2291</a>
<a id='n2292' href='#n2292'>2292</a>
<a id='n2293' href='#n2293'>2293</a>
<a id='n2294' href='#n2294'>2294</a>
<a id='n2295' href='#n2295'>2295</a>
<a id='n2296' href='#n2296'>2296</a>
<a id='n2297' href='#n2297'>2297</a>
<a id='n2298' href='#n2298'>2298</a>
<a id='n2299' href='#n2299'>2299</a>
<a id='n2300' href='#n2300'>2300</a>
<a id='n2301' href='#n2301'>2301</a>
<a id='n2302' href='#n2302'>2302</a>
<a id='n2303' href='#n2303'>2303</a>
<a id='n2304' href='#n2304'>2304</a>
<a id='n2305' href='#n2305'>2305</a>
<a id='n2306' href='#n2306'>2306</a>
<a id='n2307' href='#n2307'>2307</a>
<a id='n2308' href='#n2308'>2308</a>
<a id='n2309' href='#n2309'>2309</a>
<a id='n2310' href='#n2310'>2310</a>
<a id='n2311' href='#n2311'>2311</a>
<a id='n2312' href='#n2312'>2312</a>
<a id='n2313' href='#n2313'>2313</a>
<a id='n2314' href='#n2314'>2314</a>
<a id='n2315' href='#n2315'>2315</a>
<a id='n2316' href='#n2316'>2316</a>
<a id='n2317' href='#n2317'>2317</a>
<a id='n2318' href='#n2318'>2318</a>
<a id='n2319' href='#n2319'>2319</a>
<a id='n2320' href='#n2320'>2320</a>
<a id='n2321' href='#n2321'>2321</a>
<a id='n2322' href='#n2322'>2322</a>
<a id='n2323' href='#n2323'>2323</a>
<a id='n2324' href='#n2324'>2324</a>
<a id='n2325' href='#n2325'>2325</a>
<a id='n2326' href='#n2326'>2326</a>
<a id='n2327' href='#n2327'>2327</a>
<a id='n2328' href='#n2328'>2328</a>
<a id='n2329' href='#n2329'>2329</a>
<a id='n2330' href='#n2330'>2330</a>
<a id='n2331' href='#n2331'>2331</a>
<a id='n2332' href='#n2332'>2332</a>
<a id='n2333' href='#n2333'>2333</a>
<a id='n2334' href='#n2334'>2334</a>
<a id='n2335' href='#n2335'>2335</a>
<a id='n2336' href='#n2336'>2336</a>
<a id='n2337' href='#n2337'>2337</a>
<a id='n2338' href='#n2338'>2338</a>
<a id='n2339' href='#n2339'>2339</a>
<a id='n2340' href='#n2340'>2340</a>
<a id='n2341' href='#n2341'>2341</a>
<a id='n2342' href='#n2342'>2342</a>
<a id='n2343' href='#n2343'>2343</a>
<a id='n2344' href='#n2344'>2344</a>
<a id='n2345' href='#n2345'>2345</a>
<a id='n2346' href='#n2346'>2346</a>
<a id='n2347' href='#n2347'>2347</a>
<a id='n2348' href='#n2348'>2348</a>
<a id='n2349' href='#n2349'>2349</a>
<a id='n2350' href='#n2350'>2350</a>
<a id='n2351' href='#n2351'>2351</a>
<a id='n2352' href='#n2352'>2352</a>
<a id='n2353' href='#n2353'>2353</a>
<a id='n2354' href='#n2354'>2354</a>
<a id='n2355' href='#n2355'>2355</a>
<a id='n2356' href='#n2356'>2356</a>
<a id='n2357' href='#n2357'>2357</a>
<a id='n2358' href='#n2358'>2358</a>
<a id='n2359' href='#n2359'>2359</a>
<a id='n2360' href='#n2360'>2360</a>
<a id='n2361' href='#n2361'>2361</a>
<a id='n2362' href='#n2362'>2362</a>
<a id='n2363' href='#n2363'>2363</a>
<a id='n2364' href='#n2364'>2364</a>
<a id='n2365' href='#n2365'>2365</a>
<a id='n2366' href='#n2366'>2366</a>
<a id='n2367' href='#n2367'>2367</a>
<a id='n2368' href='#n2368'>2368</a>
<a id='n2369' href='#n2369'>2369</a>
<a id='n2370' href='#n2370'>2370</a>
<a id='n2371' href='#n2371'>2371</a>
<a id='n2372' href='#n2372'>2372</a>
<a id='n2373' href='#n2373'>2373</a>
<a id='n2374' href='#n2374'>2374</a>
<a id='n2375' href='#n2375'>2375</a>
<a id='n2376' href='#n2376'>2376</a>
<a id='n2377' href='#n2377'>2377</a>
<a id='n2378' href='#n2378'>2378</a>
<a id='n2379' href='#n2379'>2379</a>
<a id='n2380' href='#n2380'>2380</a>
<a id='n2381' href='#n2381'>2381</a>
<a id='n2382' href='#n2382'>2382</a>
<a id='n2383' href='#n2383'>2383</a>
<a id='n2384' href='#n2384'>2384</a>
<a id='n2385' href='#n2385'>2385</a>
<a id='n2386' href='#n2386'>2386</a>
<a id='n2387' href='#n2387'>2387</a>
<a id='n2388' href='#n2388'>2388</a>
<a id='n2389' href='#n2389'>2389</a>
<a id='n2390' href='#n2390'>2390</a>
<a id='n2391' href='#n2391'>2391</a>
<a id='n2392' href='#n2392'>2392</a>
<a id='n2393' href='#n2393'>2393</a>
<a id='n2394' href='#n2394'>2394</a>
<a id='n2395' href='#n2395'>2395</a>
<a id='n2396' href='#n2396'>2396</a>
<a id='n2397' href='#n2397'>2397</a>
<a id='n2398' href='#n2398'>2398</a>
<a id='n2399' href='#n2399'>2399</a>
<a id='n2400' href='#n2400'>2400</a>
<a id='n2401' href='#n2401'>2401</a>
<a id='n2402' href='#n2402'>2402</a>
<a id='n2403' href='#n2403'>2403</a>
<a id='n2404' href='#n2404'>2404</a>
<a id='n2405' href='#n2405'>2405</a>
<a id='n2406' href='#n2406'>2406</a>
<a id='n2407' href='#n2407'>2407</a>
<a id='n2408' href='#n2408'>2408</a>
<a id='n2409' href='#n2409'>2409</a>
<a id='n2410' href='#n2410'>2410</a>
<a id='n2411' href='#n2411'>2411</a>
<a id='n2412' href='#n2412'>2412</a>
<a id='n2413' href='#n2413'>2413</a>
<a id='n2414' href='#n2414'>2414</a>
<a id='n2415' href='#n2415'>2415</a>
<a id='n2416' href='#n2416'>2416</a>
<a id='n2417' href='#n2417'>2417</a>
<a id='n2418' href='#n2418'>2418</a>
<a id='n2419' href='#n2419'>2419</a>
<a id='n2420' href='#n2420'>2420</a>
<a id='n2421' href='#n2421'>2421</a>
<a id='n2422' href='#n2422'>2422</a>
<a id='n2423' href='#n2423'>2423</a>
<a id='n2424' href='#n2424'>2424</a>
<a id='n2425' href='#n2425'>2425</a>
<a id='n2426' href='#n2426'>2426</a>
<a id='n2427' href='#n2427'>2427</a>
<a id='n2428' href='#n2428'>2428</a>
<a id='n2429' href='#n2429'>2429</a>
<a id='n2430' href='#n2430'>2430</a>
<a id='n2431' href='#n2431'>2431</a>
<a id='n2432' href='#n2432'>2432</a>
<a id='n2433' href='#n2433'>2433</a>
<a id='n2434' href='#n2434'>2434</a>
<a id='n2435' href='#n2435'>2435</a>
<a id='n2436' href='#n2436'>2436</a>
<a id='n2437' href='#n2437'>2437</a>
<a id='n2438' href='#n2438'>2438</a>
<a id='n2439' href='#n2439'>2439</a>
<a id='n2440' href='#n2440'>2440</a>
<a id='n2441' href='#n2441'>2441</a>
<a id='n2442' href='#n2442'>2442</a>
<a id='n2443' href='#n2443'>2443</a>
<a id='n2444' href='#n2444'>2444</a>
<a id='n2445' href='#n2445'>2445</a>
<a id='n2446' href='#n2446'>2446</a>
<a id='n2447' href='#n2447'>2447</a>
<a id='n2448' href='#n2448'>2448</a>
<a id='n2449' href='#n2449'>2449</a>
<a id='n2450' href='#n2450'>2450</a>
<a id='n2451' href='#n2451'>2451</a>
<a id='n2452' href='#n2452'>2452</a>
<a id='n2453' href='#n2453'>2453</a>
<a id='n2454' href='#n2454'>2454</a>
<a id='n2455' href='#n2455'>2455</a>
<a id='n2456' href='#n2456'>2456</a>
<a id='n2457' href='#n2457'>2457</a>
<a id='n2458' href='#n2458'>2458</a>
<a id='n2459' href='#n2459'>2459</a>
<a id='n2460' href='#n2460'>2460</a>
<a id='n2461' href='#n2461'>2461</a>
<a id='n2462' href='#n2462'>2462</a>
<a id='n2463' href='#n2463'>2463</a>
<a id='n2464' href='#n2464'>2464</a>
<a id='n2465' href='#n2465'>2465</a>
<a id='n2466' href='#n2466'>2466</a>
<a id='n2467' href='#n2467'>2467</a>
<a id='n2468' href='#n2468'>2468</a>
<a id='n2469' href='#n2469'>2469</a>
<a id='n2470' href='#n2470'>2470</a>
<a id='n2471' href='#n2471'>2471</a>
<a id='n2472' href='#n2472'>2472</a>
<a id='n2473' href='#n2473'>2473</a>
<a id='n2474' href='#n2474'>2474</a>
<a id='n2475' href='#n2475'>2475</a>
<a id='n2476' href='#n2476'>2476</a>
<a id='n2477' href='#n2477'>2477</a>
<a id='n2478' href='#n2478'>2478</a>
<a id='n2479' href='#n2479'>2479</a>
<a id='n2480' href='#n2480'>2480</a>
<a id='n2481' href='#n2481'>2481</a>
<a id='n2482' href='#n2482'>2482</a>
<a id='n2483' href='#n2483'>2483</a>
<a id='n2484' href='#n2484'>2484</a>
<a id='n2485' href='#n2485'>2485</a>
<a id='n2486' href='#n2486'>2486</a>
<a id='n2487' href='#n2487'>2487</a>
<a id='n2488' href='#n2488'>2488</a>
<a id='n2489' href='#n2489'>2489</a>
<a id='n2490' href='#n2490'>2490</a>
<a id='n2491' href='#n2491'>2491</a>
<a id='n2492' href='#n2492'>2492</a>
<a id='n2493' href='#n2493'>2493</a>
</pre></td>
<td class='lines'><pre><code><style>pre { line-height: 125%; margin: 0; }
td.linenos pre { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
span.linenos { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
td.linenos pre.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight { background: #ffffff; }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="c1"># This file is dual licensed under the terms of the Apache License, Version</span>
<span class="c1"># 2.0, and the BSD License. See the LICENSE file in the root of this repository</span>
<span class="c1"># for complete details.</span>

<span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="n">absolute_import</span><span class="p">,</span> <span class="n">division</span><span class="p">,</span> <span class="n">print_function</span>

<span class="kn">import</span> <span class="nn">binascii</span>
<span class="kn">import</span> <span class="nn">itertools</span>
<span class="kn">import</span> <span class="nn">math</span>
<span class="kn">import</span> <span class="nn">os</span>

<span class="kn">import</span> <span class="nn">pytest</span>

<span class="kn">from</span> <span class="nn">cryptography.exceptions</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">AlreadyFinalized</span><span class="p">,</span> <span class="n">InvalidSignature</span><span class="p">,</span> <span class="n">_Reasons</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">cryptography.hazmat.backends.interfaces</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">PEMSerializationBackend</span><span class="p">,</span> <span class="n">RSABackend</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">cryptography.hazmat.primitives</span> <span class="kn">import</span> <span class="n">hashes</span><span class="p">,</span> <span class="n">serialization</span>
<span class="kn">from</span> <span class="nn">cryptography.hazmat.primitives.asymmetric</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">padding</span><span class="p">,</span> <span class="n">rsa</span><span class="p">,</span> <span class="n">utils</span> <span class="k">as</span> <span class="n">asym_utils</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">cryptography.hazmat.primitives.asymmetric.rsa</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">RSAPrivateNumbers</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">cryptography.utils</span> <span class="kn">import</span> <span class="n">CryptographyDeprecationWarning</span>

<span class="kn">from</span> <span class="nn">.fixtures_rsa</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">RSA_KEY_1024</span><span class="p">,</span> <span class="n">RSA_KEY_1025</span><span class="p">,</span> <span class="n">RSA_KEY_1026</span><span class="p">,</span> <span class="n">RSA_KEY_1027</span><span class="p">,</span> <span class="n">RSA_KEY_1028</span><span class="p">,</span>
    <span class="n">RSA_KEY_1029</span><span class="p">,</span> <span class="n">RSA_KEY_1030</span><span class="p">,</span> <span class="n">RSA_KEY_1031</span><span class="p">,</span> <span class="n">RSA_KEY_1536</span><span class="p">,</span> <span class="n">RSA_KEY_2048</span><span class="p">,</span>
    <span class="n">RSA_KEY_2048_ALT</span><span class="p">,</span> <span class="n">RSA_KEY_512</span><span class="p">,</span> <span class="n">RSA_KEY_512_ALT</span><span class="p">,</span> <span class="n">RSA_KEY_522</span><span class="p">,</span> <span class="n">RSA_KEY_599</span><span class="p">,</span>
    <span class="n">RSA_KEY_745</span><span class="p">,</span> <span class="n">RSA_KEY_768</span><span class="p">,</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">.utils</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">_check_rsa_private_numbers</span><span class="p">,</span> <span class="n">generate_rsa_verification_test</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">...doubles</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">DummyAsymmetricPadding</span><span class="p">,</span> <span class="n">DummyHashAlgorithm</span><span class="p">,</span> <span class="n">DummyKeySerializationEncryption</span>
<span class="p">)</span>
<span class="kn">from</span> <span class="nn">...utils</span> <span class="kn">import</span> <span class="p">(</span>
    <span class="n">load_nist_vectors</span><span class="p">,</span> <span class="n">load_pkcs1_vectors</span><span class="p">,</span> <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
    <span class="n">load_vectors_from_file</span><span class="p">,</span> <span class="n">raises_unsupported_algorithm</span>
<span class="p">)</span>


<span class="k">class</span> <span class="nc">DummyMGF</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="n">_salt_length</span> <span class="o">=</span> <span class="mi">0</span>


<span class="k">def</span> <span class="nf">_check_rsa_private_numbers_if_serializable</span><span class="p">(</span><span class="n">key</span><span class="p">):</span>
    <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateKeyWithSerialization</span><span class="p">):</span>
        <span class="n">_check_rsa_private_numbers</span><span class="p">(</span><span class="n">key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">())</span>


<span class="k">def</span> <span class="nf">test_check_rsa_private_numbers_if_serializable</span><span class="p">():</span>
    <span class="n">_check_rsa_private_numbers_if_serializable</span><span class="p">(</span><span class="s2">&quot;notserializable&quot;</span><span class="p">)</span>


<span class="k">def</span> <span class="nf">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">vectors</span><span class="p">):</span>
    <span class="n">flattened_vectors</span> <span class="o">=</span> <span class="p">[]</span>
    <span class="k">for</span> <span class="n">vector</span> <span class="ow">in</span> <span class="n">vectors</span><span class="p">:</span>
        <span class="n">examples</span> <span class="o">=</span> <span class="n">vector</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s2">&quot;examples&quot;</span><span class="p">)</span>
        <span class="k">for</span> <span class="n">example</span> <span class="ow">in</span> <span class="n">examples</span><span class="p">:</span>
            <span class="n">merged_vector</span> <span class="o">=</span> <span class="p">(</span><span class="n">vector</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="n">vector</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span> <span class="n">example</span><span class="p">)</span>
            <span class="n">flattened_vectors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">merged_vector</span><span class="p">)</span>

    <span class="k">return</span> <span class="n">flattened_vectors</span>


<span class="k">def</span> <span class="nf">_build_oaep_sha2_vectors</span><span class="p">():</span>
    <span class="n">base_path</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;oaep-custom&quot;</span><span class="p">)</span>
    <span class="n">vectors</span> <span class="o">=</span> <span class="p">[]</span>
    <span class="n">hashalgs</span> <span class="o">=</span> <span class="p">[</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
    <span class="p">]</span>
    <span class="k">for</span> <span class="n">mgf1alg</span><span class="p">,</span> <span class="n">oaepalg</span> <span class="ow">in</span> <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span><span class="n">hashalgs</span><span class="p">,</span> <span class="n">hashalgs</span><span class="p">):</span>
        <span class="k">if</span> <span class="n">mgf1alg</span><span class="o">.</span><span class="n">name</span> <span class="o">==</span> <span class="s2">&quot;sha1&quot;</span> <span class="ow">and</span> <span class="n">oaepalg</span><span class="o">.</span><span class="n">name</span> <span class="o">==</span> <span class="s2">&quot;sha1&quot;</span><span class="p">:</span>
            <span class="c1"># We need to generate the cartesian product of the permutations</span>
            <span class="c1"># of all the SHAs above, but SHA1/SHA1 is something we already</span>
            <span class="c1"># tested previously and thus did not generate custom vectors for.</span>
            <span class="k">continue</span>

        <span class="n">examples</span> <span class="o">=</span> <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span>
            <span class="n">load_vectors_from_file</span><span class="p">(</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                    <span class="n">base_path</span><span class="p">,</span>
                    <span class="s2">&quot;oaep-</span><span class="si">{0}</span><span class="s2">-</span><span class="si">{1}</span><span class="s2">.txt&quot;</span><span class="o">.</span><span class="n">format</span><span class="p">(</span>
                        <span class="n">mgf1alg</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">oaepalg</span><span class="o">.</span><span class="n">name</span>
                    <span class="p">)</span>
                <span class="p">),</span>
                <span class="n">load_pkcs1_vectors</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="c1"># We&#39;ve loaded the files, but the loaders don&#39;t give us any information</span>
        <span class="c1"># about the mgf1 or oaep hash algorithms. We know this info so we&#39;ll</span>
        <span class="c1"># just add that to the end of the tuple</span>
        <span class="k">for</span> <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">vector</span> <span class="ow">in</span> <span class="n">examples</span><span class="p">:</span>
            <span class="n">vectors</span><span class="o">.</span><span class="n">append</span><span class="p">((</span><span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">vector</span><span class="p">,</span> <span class="n">mgf1alg</span><span class="p">,</span> <span class="n">oaepalg</span><span class="p">))</span>
    <span class="k">return</span> <span class="n">vectors</span>


<span class="k">def</span> <span class="nf">_skip_pss_hash_algorithm_unsupported</span><span class="p">(</span><span class="n">backend</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">):</span>
    <span class="k">if</span> <span class="ow">not</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
        <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hash_alg</span><span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
        <span class="p">)</span>
    <span class="p">):</span>
        <span class="n">pytest</span><span class="o">.</span><span class="n">skip</span><span class="p">(</span>
            <span class="s2">&quot;Does not support </span><span class="si">{0}</span><span class="s2"> in MGF1 using PSS.&quot;</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="n">hash_alg</span><span class="o">.</span><span class="n">name</span><span class="p">)</span>
        <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">def</span> <span class="nf">test_skip_pss_hash_algorithm_unsupported</span><span class="p">(</span><span class="n">backend</span><span class="p">):</span>
    <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">pytest</span><span class="o">.</span><span class="n">skip</span><span class="o">.</span><span class="n">Exception</span><span class="p">):</span>
        <span class="n">_skip_pss_hash_algorithm_unsupported</span><span class="p">(</span><span class="n">backend</span><span class="p">,</span> <span class="n">DummyHashAlgorithm</span><span class="p">())</span>


<span class="k">def</span> <span class="nf">test_modular_inverse</span><span class="p">():</span>
    <span class="n">p</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span>
        <span class="s2">&quot;d1f9f6c09fd3d38987f7970247b85a6da84907753d42ec52bc23b745093f4fff5cff3&quot;</span>
        <span class="s2">&quot;617ce43d00121a9accc0051f519c76e08cf02fc18acfe4c9e6aea18da470a2b611d2e&quot;</span>
        <span class="s2">&quot;56a7b35caa2c0239bc041a53cc5875ca0b668ae6377d4b23e932d8c995fd1e58ecfd8&quot;</span>
        <span class="s2">&quot;c4b73259c0d8a54d691cca3f6fb85c8a5c1baf588e898d481&quot;</span><span class="p">,</span> <span class="mi">16</span>
    <span class="p">)</span>
    <span class="n">q</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span>
        <span class="s2">&quot;d1519255eb8f678c86cfd06802d1fbef8b664441ac46b73d33d13a8404580a33a8e74&quot;</span>
        <span class="s2">&quot;cb2ea2e2963125b3d454d7a922cef24dd13e55f989cbabf64255a736671f4629a47b5&quot;</span>
        <span class="s2">&quot;b2347cfcd669133088d1c159518531025297c2d67c9da856a12e80222cd03b4c6ec0f&quot;</span>
        <span class="s2">&quot;86c957cb7bb8de7a127b645ec9e820aa94581e4762e209f01&quot;</span><span class="p">,</span> <span class="mi">16</span>
    <span class="p">)</span>
    <span class="k">assert</span> <span class="n">rsa</span><span class="o">.</span><span class="n">_modinv</span><span class="p">(</span><span class="n">q</span><span class="p">,</span> <span class="n">p</span><span class="p">)</span> <span class="o">==</span> <span class="nb">int</span><span class="p">(</span>
        <span class="s2">&quot;0275e06afa722999315f8f322275483e15e2fb46d827b17800f99110b269a6732748f&quot;</span>
        <span class="s2">&quot;624a382fa2ed1ec68c99f7fc56fb60e76eea51614881f497ba7034c17dde955f92f15&quot;</span>
        <span class="s2">&quot;772f8b2b41f3e56d88b1e096cdd293eba4eae1e82db815e0fadea0c4ec971bc6fd875&quot;</span>
        <span class="s2">&quot;c20e67e48c31a611e98d32c6213ae4c4d7b53023b2f80c538&quot;</span><span class="p">,</span> <span class="mi">16</span>
    <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSA</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">,</span> <span class="s2">&quot;key_size&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span>
            <span class="p">(</span><span class="mi">3</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">65537</span><span class="p">),</span>
            <span class="p">(</span><span class="mi">1024</span><span class="p">,</span> <span class="mi">1025</span><span class="p">,</span> <span class="mi">1026</span><span class="p">,</span> <span class="mi">1027</span><span class="p">,</span> <span class="mi">1028</span><span class="p">,</span> <span class="mi">1029</span><span class="p">,</span> <span class="mi">1030</span><span class="p">,</span> <span class="mi">1031</span><span class="p">,</span> <span class="mi">1536</span><span class="p">,</span> <span class="mi">2048</span><span class="p">)</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_generate_rsa_keys</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">,</span> <span class="n">public_exponent</span><span class="p">,</span> <span class="n">key_size</span><span class="p">):</span>
        <span class="n">skey</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="n">public_exponent</span><span class="p">,</span> <span class="n">key_size</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">skey</span><span class="o">.</span><span class="n">key_size</span> <span class="o">==</span> <span class="n">key_size</span>

        <span class="n">_check_rsa_private_numbers_if_serializable</span><span class="p">(</span><span class="n">skey</span><span class="p">)</span>
        <span class="n">pkey</span> <span class="o">=</span> <span class="n">skey</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">pkey</span><span class="o">.</span><span class="n">public_numbers</span><span class="p">(),</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_generate_bad_public_exponent</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="n">public_exponent</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                                     <span class="n">key_size</span><span class="o">=</span><span class="mi">2048</span><span class="p">,</span>
                                     <span class="n">backend</span><span class="o">=</span><span class="n">backend</span><span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="n">public_exponent</span><span class="o">=</span><span class="mi">4</span><span class="p">,</span>
                                     <span class="n">key_size</span><span class="o">=</span><span class="mi">2048</span><span class="p">,</span>
                                     <span class="n">backend</span><span class="o">=</span><span class="n">backend</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_cant_generate_insecure_tiny_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="n">public_exponent</span><span class="o">=</span><span class="mi">65537</span><span class="p">,</span>
                                     <span class="n">key_size</span><span class="o">=</span><span class="mi">511</span><span class="p">,</span>
                                     <span class="n">backend</span><span class="o">=</span><span class="n">backend</span><span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="n">public_exponent</span><span class="o">=</span><span class="mi">65537</span><span class="p">,</span>
                                     <span class="n">key_size</span><span class="o">=</span><span class="mi">256</span><span class="p">,</span>
                                     <span class="n">backend</span><span class="o">=</span><span class="n">backend</span><span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;pkcs1_example&quot;</span><span class="p">,</span>
        <span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs-1v2-1d2-vec&quot;</span><span class="p">,</span> <span class="s2">&quot;pss-vect.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_load_pss_vect_example_keys</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pkcs1_example</span><span class="p">):</span>
        <span class="n">secret</span><span class="p">,</span> <span class="n">public</span> <span class="o">=</span> <span class="n">pkcs1_example</span>

        <span class="n">private_num</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">secret</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="n">_check_rsa_private_numbers</span><span class="p">(</span><span class="n">private_num</span><span class="p">)</span>

        <span class="n">public_num</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">e</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
            <span class="n">n</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">public_num</span>

        <span class="n">public_num2</span> <span class="o">=</span> <span class="n">private_num</span><span class="o">.</span><span class="n">public_numbers</span>
        <span class="k">assert</span> <span class="n">public_num2</span>

        <span class="k">assert</span> <span class="n">public_num</span><span class="o">.</span><span class="n">n</span> <span class="o">==</span> <span class="n">public_num2</span><span class="o">.</span><span class="n">n</span>
        <span class="k">assert</span> <span class="n">public_num</span><span class="o">.</span><span class="n">e</span> <span class="o">==</span> <span class="n">public_num2</span><span class="o">.</span><span class="n">e</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;vector&quot;</span><span class="p">,</span>
        <span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;oaep-label.txt&quot;</span><span class="p">),</span>
            <span class="n">load_nist_vectors</span><span class="p">)</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;label&quot;</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support RSA OAEP labels&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_oaep_label_decrypt</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">vector</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_private_key</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">vector</span><span class="p">[</span><span class="s2">&quot;key&quot;</span><span class="p">]),</span> <span class="kc">None</span><span class="p">,</span> <span class="n">backend</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">vector</span><span class="p">[</span><span class="s2">&quot;oaepdigest&quot;</span><span class="p">]</span> <span class="o">==</span> <span class="sa">b</span><span class="s2">&quot;SHA512&quot;</span>
        <span class="n">decrypted</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">vector</span><span class="p">[</span><span class="s2">&quot;input&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">vector</span><span class="p">[</span><span class="s2">&quot;oaeplabel&quot;</span><span class="p">])</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">vector</span><span class="p">[</span><span class="s2">&quot;output&quot;</span><span class="p">][</span><span class="mi">1</span><span class="p">:</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span> <span class="o">==</span> <span class="n">decrypted</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span> <span class="s2">&quot;label&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">(</span><span class="sa">b</span><span class="s2">&quot;amazing encrypted msg&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;some label&quot;</span><span class="p">),</span>
            <span class="p">(</span><span class="sa">b</span><span class="s2">&quot;amazing encrypted msg&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;&quot;</span><span class="p">),</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;label&quot;</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support RSA OAEP labels&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_oaep_label_roundtrip</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">msg</span><span class="p">,</span> <span class="n">label</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
            <span class="n">msg</span><span class="p">,</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="n">label</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="n">pt</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
            <span class="n">ct</span><span class="p">,</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="n">label</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">pt</span> <span class="o">==</span> <span class="n">msg</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;enclabel&quot;</span><span class="p">,</span> <span class="s2">&quot;declabel&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">(</span><span class="sa">b</span><span class="s2">&quot;label1&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;label2&quot;</span><span class="p">),</span>
            <span class="p">(</span><span class="sa">b</span><span class="s2">&quot;label3&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;&quot;</span><span class="p">),</span>
            <span class="p">(</span><span class="sa">b</span><span class="s2">&quot;&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;label4&quot;</span><span class="p">),</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;label&quot;</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support RSA OAEP labels&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_oaep_wrong_label</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">enclabel</span><span class="p">,</span> <span class="n">declabel</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">msg</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;test&quot;</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
            <span class="n">msg</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="n">enclabel</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="n">ct</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="n">declabel</span>
                <span class="p">)</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="ow">not</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;label&quot;</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Requires backend without RSA OAEP label support&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_unsupported_oaep_label_decrypt</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_PADDING</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;0&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;label&quot;</span>
                <span class="p">)</span>
            <span class="p">)</span>


<span class="k">def</span> <span class="nf">test_rsa_generate_invalid_backend</span><span class="p">():</span>
    <span class="n">pretend_backend</span> <span class="o">=</span> <span class="nb">object</span><span class="p">()</span>

    <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">BACKEND_MISSING_INTERFACE</span><span class="p">):</span>
        <span class="n">rsa</span><span class="o">.</span><span class="n">generate_private_key</span><span class="p">(</span><span class="mi">65537</span><span class="p">,</span> <span class="mi">2048</span><span class="p">,</span> <span class="n">pretend_backend</span><span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSASignature</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;pkcs1_example&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs1v15sign-vectors.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pkcs1v15_signing</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pkcs1_example</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">pkcs1_example</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">binascii</span><span class="o">.</span><span class="n">hexlify</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span> <span class="o">==</span> <span class="n">example</span><span class="p">[</span><span class="s2">&quot;signature&quot;</span><span class="p">]</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;pkcs1_example&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs-1v2-1d2-vec&quot;</span><span class="p">,</span> <span class="s2">&quot;pss-vect.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_signing</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pkcs1_example</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">pkcs1_example</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">e</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
            <span class="n">n</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span> <span class="o">==</span> <span class="n">math</span><span class="o">.</span><span class="n">ceil</span><span class="p">(</span><span class="n">private_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">/</span> <span class="mf">8.0</span><span class="p">)</span>
        <span class="c1"># PSS signatures contain randomness so we can&#39;t do an exact</span>
        <span class="c1"># signature check. Instead we&#39;ll verify that the signature created</span>
        <span class="c1"># successfully verifies.</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
            <span class="n">signature</span><span class="p">,</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
        <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;hash_alg&quot;</span><span class="p">,</span>
        <span class="p">[</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()]</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_signing_sha2</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">_skip_pss_hash_algorithm_unsupported</span><span class="p">(</span><span class="n">backend</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">)</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_768</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">pss</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hash_alg</span><span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
        <span class="p">)</span>
        <span class="n">msg</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;testing signature&quot;</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">pss</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">)</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">msg</span><span class="p">,</span> <span class="n">pss</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">)</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA512.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_minimum_key_size_for_digest</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_522</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;no failure&quot;</span><span class="p">,</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()</span>
        <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA512.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_signing_digest_too_large_for_key_size</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_signing_salt_length_too_long</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;failure coming&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="mi">1000000</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_use_after_finalize</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">warns</span><span class="p">(</span><span class="n">CryptographyDeprecationWarning</span><span class="p">):</span>
            <span class="n">signer</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">signer</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="n">signer</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">)</span>
        <span class="n">signer</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">AlreadyFinalized</span><span class="p">):</span>
            <span class="n">signer</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">AlreadyFinalized</span><span class="p">):</span>
            <span class="n">signer</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;more data&quot;</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_unsupported_padding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_PADDING</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span> <span class="n">DummyAsymmetricPadding</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>

    <span class="k">def</span> <span class="nf">test_padding_incorrect_type</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span> <span class="s2">&quot;notpadding&quot;</span><span class="p">,</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_unsupported_pss_mgf</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_MGF</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">DummyMGF</span><span class="p">(),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pkcs1_digest_too_large_for_key_size</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_599</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;failure coming&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pkcs1_minimum_key_size</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_745</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;no failure&quot;</span><span class="p">,</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()</span>
        <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_sign</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">pkcs</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="n">algorithm</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">algorithm</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">algorithm</span><span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_prehashed_sign</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">h</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">Hash</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">message</span><span class="p">)</span>
        <span class="n">digest</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="n">pss</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="n">prehashed_alg</span> <span class="o">=</span> <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">digest</span><span class="p">,</span> <span class="n">pss</span><span class="p">,</span> <span class="n">prehashed_alg</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">pss</span><span class="p">,</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_prehashed_digest_mismatch</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">h</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">Hash</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">message</span><span class="p">)</span>
        <span class="n">digest</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="n">pss</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="n">prehashed_alg</span> <span class="o">=</span> <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">digest</span><span class="p">,</span> <span class="n">pss</span><span class="p">,</span> <span class="n">prehashed_alg</span><span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_prehashed_unsupported_in_signer_ctx</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">),</span> \
                <span class="n">pytest</span><span class="o">.</span><span class="n">warns</span><span class="p">(</span><span class="n">CryptographyDeprecationWarning</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">signer</span><span class="p">(</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_prehashed_unsupported_in_verifier_ctx</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">),</span> \
                <span class="n">pytest</span><span class="o">.</span><span class="n">warns</span><span class="p">(</span><span class="n">CryptographyDeprecationWarning</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verifier</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;0&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
            <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAVerification</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;pkcs1_example&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs1v15sign-vectors.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pkcs1v15_verification</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pkcs1_example</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">pkcs1_example</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">e</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
            <span class="n">n</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;signature&quot;</span><span class="p">]),</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_pkcs1v15_signature_wrong_data</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;incorrect data&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_invalid_signature_sequence_removed</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">        This test comes from wycheproof</span>
<span class="sd">        &quot;&quot;&quot;</span>
        <span class="n">key_der</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;30820122300d06092a864886f70d01010105000382010f003082010a02820101&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;00a2b451a07d0aa5f96e455671513550514a8a5b462ebef717094fa1fee82224&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;e637f9746d3f7cafd31878d80325b6ef5a1700f65903b469429e89d6eac88450&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;97b5ab393189db92512ed8a7711a1253facd20f79c15e8247f3d3e42e46e48c9&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;8e254a2fe9765313a03eff8f17e1a029397a1fa26a8dce26f490ed81299615d9&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;814c22da610428e09c7d9658594266f5c021d0fceca08d945a12be82de4d1ece&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;6b4c03145b5d3495d4ed5411eb878daf05fd7afc3e09ada0f1126422f590975a&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;1969816f48698bcbba1b4d9cae79d460d8f9f85e7975005d9bc22c4e5ac0f7c1&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;a45d12569a62807d3b9a02e5a530e773066f453d1f5b4c2e9cf7820283f742b9&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;d50203010001&quot;</span>
        <span class="p">)</span>
        <span class="n">sig</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;498209f59a0679a1f926eccf3056da2cba553d7ab3064e7c41ad1d739f038249&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;f02f5ad12ee246073d101bc3cdb563e8b6be61562056422b7e6c16ad53deb12a&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;f5de744197753a35859833f41bb59c6597f3980132b7478fd0b95fd27dfad64a&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;20fd5c25312bbd41a85286cd2a83c8df5efa0779158d01b0747ff165b055eb28&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;80ea27095700a295593196d8c5922cf6aa9d7e29b5056db5ded5eb20aeb31b89&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;42e26b15a5188a4934cd7e39cfe379a197f49a204343a493452deebca436ee61&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;4f4daf989e355544489f7e69ffa8ccc6a1e81cf0ab33c3e6d7591091485a6a31&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;bda3b33946490057b9a3003d3fd9daf7c4778b43fd46144d945d815f12628ff4&quot;</span>
        <span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_public_key</span><span class="p">(</span><span class="n">key_der</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">sig</span><span class="p">,</span>
                <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;313233343030&quot;</span><span class="p">),</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_pkcs1v15_signature_wrong_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">private_key2</span> <span class="o">=</span> <span class="n">RSA_KEY_512_ALT</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key2</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">msg</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span> <span class="n">msg</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="mi">20</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;pkcs1_example&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs-1v2-1d2-vec&quot;</span><span class="p">,</span> <span class="s2">&quot;pss-vect.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_verification</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pkcs1_example</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">pkcs1_example</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">e</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
            <span class="n">n</span><span class="o">=</span><span class="n">public</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;signature&quot;</span><span class="p">]),</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="mi">20</span>
            <span class="p">),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_pss_signature_wrong_data</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">n</span><span class="o">=</span><span class="nb">int</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;dffc2137d5e810cde9e4b4612f5796447218bab913b3fa98bdf7982e4fa6&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;ec4d6653ef2b29fb1642b095befcbea6decc178fb4bed243d3c3592c6854&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;6af2d3f3&quot;</span><span class="p">,</span> <span class="mi">16</span>
            <span class="p">),</span>
            <span class="n">e</span><span class="o">=</span><span class="mi">65537</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;0e68c3649df91c5bc3665f96e157efa75b71934aaa514d91e94ca8418d100f45&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;6f05288e58525f99666bab052adcffdf7186eb40f583bd38d98c97d3d524808b&quot;</span>
        <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;incorrect data&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_pss_signature_wrong_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;3a1880165014ba6eb53cc1449d13e5132ebcc0cfd9ade6d7a2494a0503bd0826&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;f8a46c431e0d7be0ca3e453f8b2b009e2733764da7927cc6dbe7a021437a242e&quot;</span>
        <span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">n</span><span class="o">=</span><span class="nb">int</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;030d3581e13522e1&quot;</span><span class="p">,</span> <span class="mi">16</span>
            <span class="p">),</span>
            <span class="n">e</span><span class="o">=</span><span class="mi">65537</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_pss_signature_data_too_large_for_modulus</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;cb43bde4f7ab89eb4a79c6e8dd67e0d1af60715da64429d90c716a490b799c29&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;194cf8046509c6ed851052367a74e2e92d9b38947ed74332acb115a03fcc0222&quot;</span>
        <span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">n</span><span class="o">=</span><span class="nb">int</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;030d3581e13522&quot;</span><span class="p">,</span> <span class="mi">16</span>
            <span class="p">),</span>
            <span class="n">e</span><span class="o">=</span><span class="mi">65537</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_use_after_finalize</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">warns</span><span class="p">(</span><span class="n">CryptographyDeprecationWarning</span><span class="p">):</span>
            <span class="n">verifier</span> <span class="o">=</span> <span class="n">public_key</span><span class="o">.</span><span class="n">verifier</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>
        <span class="n">verifier</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">)</span>
        <span class="n">verifier</span><span class="o">.</span><span class="n">verify</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">AlreadyFinalized</span><span class="p">):</span>
            <span class="n">verifier</span><span class="o">.</span><span class="n">verify</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">AlreadyFinalized</span><span class="p">):</span>
            <span class="n">verifier</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;more data&quot;</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_unsupported_padding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_PADDING</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;sig&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span> <span class="n">DummyAsymmetricPadding</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_signature_not_bytes</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">public_numbers</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="mi">1234</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">),</span> \
                <span class="n">pytest</span><span class="o">.</span><span class="n">warns</span><span class="p">(</span><span class="n">CryptographyDeprecationWarning</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verifier</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">(),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_padding_incorrect_type</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;sig&quot;</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span> <span class="s2">&quot;notpadding&quot;</span><span class="p">,</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span> <span class="n">salt_length</span><span class="o">=</span><span class="mi">0</span><span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_unsupported_pss_mgf</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_MGF</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;sig&quot;</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;msg&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">DummyMGF</span><span class="p">(),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA512.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_verify_digest_too_large_for_key_size</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd&quot;</span>
        <span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;msg doesn&#39;t matter&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_pss_verify_salt_length_too_long</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd&quot;</span>
        <span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
            <span class="n">n</span><span class="o">=</span><span class="nb">int</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;d309e4612809437548b747d7f9eb9cd3340f54fe42bb3f84a36933b0839c&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;11b0c8b7f67e11f7252370161e31159c49c784d4bc41c42a78ce0f0b40a3&quot;</span>
                <span class="sa">b</span><span class="s2">&quot;ca8ffb91&quot;</span><span class="p">,</span> <span class="mi">16</span>
            <span class="p">),</span>
            <span class="n">e</span><span class="o">=</span><span class="mi">65537</span>
        <span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="n">InvalidSignature</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span>
                <span class="n">signature</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;sign me&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                        <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="p">),</span>
                    <span class="n">salt_length</span><span class="o">=</span><span class="mi">1000000</span>
                <span class="p">),</span>
                <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_verify</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">pkcs</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="n">algorithm</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">algorithm</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">algorithm</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_prehashed_verify</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">h</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">Hash</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">message</span><span class="p">)</span>
        <span class="n">digest</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="n">prehashed_alg</span> <span class="o">=</span> <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="n">pkcs</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="n">signature</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">digest</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">prehashed_alg</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_prehashed_digest_mismatch</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">message</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;one little message&quot;</span>
        <span class="n">h</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">Hash</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">h</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">message</span><span class="p">)</span>
        <span class="n">data</span> <span class="o">=</span> <span class="n">h</span><span class="o">.</span><span class="n">finalize</span><span class="p">()</span>
        <span class="n">prehashed_alg</span> <span class="o">=</span> <span class="n">asym_utils</span><span class="o">.</span><span class="n">Prehashed</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">())</span>
        <span class="n">pkcs</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x00</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span> <span class="n">data</span><span class="p">,</span> <span class="n">pkcs</span><span class="p">,</span> <span class="n">prehashed_alg</span><span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAPSSMGF1Verification</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="n">test_rsa_pss_mgf1_sha1</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS using MGF1 with SHA1.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGenPSS_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGenPSS_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVerPSS_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
            <span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">params</span><span class="p">[</span><span class="s2">&quot;salt_length&quot;</span><span class="p">]</span>
        <span class="p">)</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pss_mgf1_sha224</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS using MGF1 with SHA224.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGenPSS_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGenPSS_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVerPSS_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
            <span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">params</span><span class="p">[</span><span class="s2">&quot;salt_length&quot;</span><span class="p">]</span>
        <span class="p">)</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pss_mgf1_sha256</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS using MGF1 with SHA256.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGenPSS_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGenPSS_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVerPSS_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
            <span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">params</span><span class="p">[</span><span class="s2">&quot;salt_length&quot;</span><span class="p">]</span>
        <span class="p">)</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pss_mgf1_sha384</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS using MGF1 with SHA384.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGenPSS_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGenPSS_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVerPSS_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
            <span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">params</span><span class="p">[</span><span class="s2">&quot;salt_length&quot;</span><span class="p">]</span>
        <span class="p">)</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pss_mgf1_sha512</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">()),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PSS using MGF1 with SHA512.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGenPSS_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGenPSS_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVerPSS_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
            <span class="p">),</span>
            <span class="n">salt_length</span><span class="o">=</span><span class="n">params</span><span class="p">[</span><span class="s2">&quot;salt_length&quot;</span><span class="p">]</span>
        <span class="p">)</span>
    <span class="p">))</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAPKCS1Verification</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="n">test_rsa_pkcs1v15_verify_sha1</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA1 and PKCS1v1.5.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGen15_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGen15_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVer15_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pkcs1v15_verify_sha224</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA224 and PKCS1v1.5.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGen15_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGen15_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVer15_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pkcs1v15_verify_sha256</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA256 and PKCS1v1.5.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGen15_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGen15_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVer15_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pkcs1v15_verify_sha384</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA384 and PKCS1v1.5.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGen15_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGen15_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVer15_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
    <span class="p">))</span>

    <span class="n">test_rsa_pkcs1v15_verify_sha512</span> <span class="o">=</span> <span class="n">pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="p">(</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">hash_supported</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">())</span> <span class="ow">and</span>
            <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support SHA512 and PKCS1v1.5.&quot;</span>
    <span class="p">)(</span><span class="n">generate_rsa_verification_test</span><span class="p">(</span>
        <span class="n">load_rsa_nist_vectors</span><span class="p">,</span>
        <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;FIPS_186-2&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="s2">&quot;SigGen15_186-2.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigGen15_186-3.rsp&quot;</span><span class="p">,</span>
            <span class="s2">&quot;SigVer15_186-3.rsp&quot;</span><span class="p">,</span>
        <span class="p">],</span>
        <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
        <span class="k">lambda</span> <span class="n">params</span><span class="p">,</span> <span class="n">hash_alg</span><span class="p">:</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
    <span class="p">))</span>


<span class="k">class</span> <span class="nc">TestPSS</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="k">def</span> <span class="nf">test_calculate_max_pss_salt_length</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">calculate_max_pss_salt_length</span><span class="p">(</span><span class="nb">object</span><span class="p">(),</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">())</span>

    <span class="k">def</span> <span class="nf">test_invalid_salt_length_not_integer</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                    <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
                <span class="p">),</span>
                <span class="n">salt_length</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;not_a_length&quot;</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_invalid_salt_length_negative_integer</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span>
                    <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
                <span class="p">),</span>
                <span class="n">salt_length</span><span class="o">=-</span><span class="mi">1</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_valid_pss_parameters</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">algorithm</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="n">salt_length</span> <span class="o">=</span> <span class="n">algorithm</span><span class="o">.</span><span class="n">digest_size</span>
        <span class="n">mgf</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="p">)</span>
        <span class="n">pss</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">mgf</span><span class="p">,</span> <span class="n">salt_length</span><span class="o">=</span><span class="n">salt_length</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">pss</span><span class="o">.</span><span class="n">_mgf</span> <span class="o">==</span> <span class="n">mgf</span>
        <span class="k">assert</span> <span class="n">pss</span><span class="o">.</span><span class="n">_salt_length</span> <span class="o">==</span> <span class="n">salt_length</span>

    <span class="k">def</span> <span class="nf">test_valid_pss_parameters_maximum</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">algorithm</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="n">mgf</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="p">)</span>
        <span class="n">pss</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="p">(</span><span class="n">mgf</span><span class="o">=</span><span class="n">mgf</span><span class="p">,</span> <span class="n">salt_length</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">pss</span><span class="o">.</span><span class="n">_mgf</span> <span class="o">==</span> <span class="n">mgf</span>
        <span class="k">assert</span> <span class="n">pss</span><span class="o">.</span><span class="n">_salt_length</span> <span class="o">==</span> <span class="n">padding</span><span class="o">.</span><span class="n">PSS</span><span class="o">.</span><span class="n">MAX_LENGTH</span>


<span class="k">class</span> <span class="nc">TestMGF1</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="k">def</span> <span class="nf">test_invalid_hash_algorithm</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;not_a_hash&quot;</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_valid_mgf1_parameters</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">algorithm</span> <span class="o">=</span> <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()</span>
        <span class="n">mgf</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">mgf</span><span class="o">.</span><span class="n">_algorithm</span> <span class="o">==</span> <span class="n">algorithm</span>


<span class="k">class</span> <span class="nc">TestOAEP</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="k">def</span> <span class="nf">test_invalid_algorithm</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">mgf</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">())</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">mgf</span><span class="p">,</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="sa">b</span><span class="s2">&quot;&quot;</span><span class="p">,</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSADecryption</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;vector&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs1v15crypt-vectors.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_pkcs1v15_vectors</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">vector</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">vector</span>
        <span class="n">skey</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">ciphertext</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;encryption&quot;</span><span class="p">])</span>
        <span class="k">assert</span> <span class="nb">len</span><span class="p">(</span><span class="n">ciphertext</span><span class="p">)</span> <span class="o">==</span> <span class="n">math</span><span class="o">.</span><span class="n">ceil</span><span class="p">(</span><span class="n">skey</span><span class="o">.</span><span class="n">key_size</span> <span class="o">/</span> <span class="mf">8.0</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="n">skey</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">ciphertext</span><span class="p">,</span> <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">())</span>
        <span class="k">assert</span> <span class="n">message</span> <span class="o">==</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">])</span>

    <span class="k">def</span> <span class="nf">test_unsupported_padding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_PADDING</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;0&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span> <span class="n">DummyAsymmetricPadding</span><span class="p">())</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_invalid_decrypt</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x00</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_ciphertext_too_large</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x00</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="mi">65</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_ciphertext_too_small</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;50b4c14136bd198c2f3c3ed243fce036e168d56517984a263cd66492b80804f1&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;69d210f2b9bdfb48b12f9ea05009c77da257cc600ccefe3a6283789d8ea0&quot;</span>
        <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="n">ct</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;vector&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs-1v2-1d2-vec&quot;</span><span class="p">,</span> <span class="s2">&quot;oaep-vect.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_oaep_vectors</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">vector</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">vector</span>
        <span class="n">skey</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="n">skey</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;encryption&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">message</span> <span class="o">==</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">])</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP using SHA224 MGF1 and SHA224 hash.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;vector&quot;</span><span class="p">,</span>
        <span class="n">_build_oaep_sha2_vectors</span><span class="p">()</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_decrypt_oaep_sha2_vectors</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">vector</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span><span class="p">,</span> <span class="n">mgf1_alg</span><span class="p">,</span> <span class="n">hash_alg</span> <span class="o">=</span> <span class="n">vector</span>
        <span class="n">skey</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span>
            <span class="n">q</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">],</span>
            <span class="n">d</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">],</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmp1&quot;</span><span class="p">],</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;dmq1&quot;</span><span class="p">],</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;iqmp&quot;</span><span class="p">],</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                <span class="n">e</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
                <span class="n">n</span><span class="o">=</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">]</span>
            <span class="p">)</span>
        <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">message</span> <span class="o">=</span> <span class="n">skey</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
            <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;encryption&quot;</span><span class="p">]),</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">mgf1_alg</span><span class="p">),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hash_alg</span><span class="p">,</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">message</span> <span class="o">==</span> <span class="n">binascii</span><span class="o">.</span><span class="n">unhexlify</span><span class="p">(</span><span class="n">example</span><span class="p">[</span><span class="s2">&quot;message&quot;</span><span class="p">])</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_oaep_decryption</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="c1"># More recent versions of OpenSSL may raise RSA_R_OAEP_DECODING_ERROR</span>
        <span class="c1"># This test triggers it and confirms that we properly handle it. Other</span>
        <span class="c1"># backends should also return the proper ValueError.</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="n">ciphertext</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
            <span class="sa">b</span><span class="s1">&#39;secure data&#39;</span><span class="p">,</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">)</span>

        <span class="n">private_key_alt</span> <span class="o">=</span> <span class="n">RSA_KEY_512_ALT</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">private_key_alt</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="n">ciphertext</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">)</span>
            <span class="p">)</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP.&quot;</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_invalid_oaep_decryption_data_to_large_for_modulus</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048_ALT</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="n">ciphertext</span> <span class="o">=</span> <span class="p">(</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\xb1</span><span class="s1">ph</span><span class="se">\xc0\x0b\x1a</span><span class="s1">|</span><span class="se">\xe6\xda\xea\xb5\xd7</span><span class="s1">%</span><span class="se">\x94\x07\xf9</span><span class="s1">6</span><span class="se">\xfb\x96</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\x11\x9b\xdc</span><span class="s1">4</span><span class="se">\xea</span><span class="s1">.-</span><span class="se">\x91\x80\x13</span><span class="s1">S</span><span class="se">\x94\x04</span><span class="s1">m</span><span class="se">\xe9\xc5</span><span class="s1">/F</span><span class="se">\x1b\x9b</span><span class="s1">:</span><span class="se">\\</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\x1d\x04\x16</span><span class="s1">ML</span><span class="se">\xae\xb3</span><span class="s1">2J</span><span class="se">\x01</span><span class="s1">yuA</span><span class="se">\xbb\x83\x1c\x8f\xf6\xa5\xdb</span><span class="s1">p</span><span class="se">\xcd</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\n</span><span class="s1">x</span><span class="se">\xc7\xf6\x15\xb2</span><span class="s1">/</span><span class="se">\xdc</span><span class="s1">H</span><span class="se">\xae\xe7\x13\x13</span><span class="s1">by</span><span class="se">\r</span><span class="s1">4t</span><span class="se">\x99\x0f</span><span class="s1">c</span><span class="se">\x1f\xc1</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\x1c\xb1\xdd\xc5\x08\xd1\xee\xa1</span><span class="s1">XQ</span><span class="se">\xb8</span><span class="s1">H@L5v</span><span class="se">\xc3\xaf\xf2\r\x97</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\xed\xaa\xe7\xf1\xd4</span><span class="s1">xai</span><span class="se">\xd3\x83\xd9\xaa</span><span class="s1">9</span><span class="se">\xbf</span><span class="s1">x</span><span class="se">\xe1\x87</span><span class="s1">F </span><span class="se">\x01\xff</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;L</span><span class="se">\xcc</span><span class="s1">v}ae</span><span class="se">\xb3\xfa\xf2</span><span class="s1">B</span><span class="se">\xb8\xf9\x04</span><span class="s1">H</span><span class="se">\x94\x85\xcb\x86\xbb\\</span><span class="s1">ghx!W31&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\xc7</span><span class="s1">;t</span><span class="se">\n</span><span class="s1">a_E</span><span class="se">\xc2\x16\xb0</span><span class="s1">;</span><span class="se">\xa1\x18\t\x1b\xe1\xdb\x80</span><span class="s1">&gt;)</span><span class="se">\x15\xc6\x12</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\xcb\xee</span><span class="s1">g`</span><span class="se">\x8b\x9b\x1b\x05</span><span class="s1">y4</span><span class="se">\xb0\x84</span><span class="s1">M6</span><span class="se">\xcd\xa1\x82</span><span class="s1">7o</span><span class="se">\xfd\x96\xba</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;Z#</span><span class="se">\x8d\xae\x01\xc9\xf2\xb6\xde\x89</span><span class="s1">{8&amp;eQ</span><span class="se">\x1e</span><span class="s1">8</span><span class="se">\x03\x01</span><span class="s1">#?</span><span class="se">\xb6</span><span class="s1">6</span><span class="se">\\</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\xad</span><span class="s1">.</span><span class="se">\xe9\xfa</span><span class="s1">!</span><span class="se">\x95</span><span class="s1"> c{</span><span class="se">\xca</span><span class="s1">z</span><span class="se">\xe0</span><span class="s1">*</span><span class="se">\t</span><span class="s1">P</span><span class="se">\r\x91\x9a</span><span class="s1">)B</span><span class="se">\xb5\xad</span><span class="s1">N</span><span class="se">\xf4</span><span class="s1">$</span><span class="se">\x83</span><span class="s1">&#39;</span>
            <span class="sa">b</span><span class="s1">&#39;</span><span class="se">\t\xb5</span><span class="s1">u</span><span class="se">\xab\x19\x99</span><span class="s1">&#39;</span>
        <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="n">ciphertext</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">)</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_unsupported_oaep_mgf</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_MGF</span><span class="p">):</span>
            <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;0&quot;</span> <span class="o">*</span> <span class="mi">64</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">DummyMGF</span><span class="p">(),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">)</span>
            <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAEncryption</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;key_data&quot;</span><span class="p">,</span> <span class="s2">&quot;pad&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span>
            <span class="p">(</span><span class="n">RSA_KEY_1024</span><span class="p">,</span> <span class="n">RSA_KEY_1025</span><span class="p">,</span> <span class="n">RSA_KEY_1026</span><span class="p">,</span> <span class="n">RSA_KEY_1027</span><span class="p">,</span>
             <span class="n">RSA_KEY_1028</span><span class="p">,</span> <span class="n">RSA_KEY_1029</span><span class="p">,</span> <span class="n">RSA_KEY_1030</span><span class="p">,</span> <span class="n">RSA_KEY_1031</span><span class="p">,</span>
             <span class="n">RSA_KEY_1536</span><span class="p">,</span> <span class="n">RSA_KEY_2048</span><span class="p">),</span>
            <span class="p">[</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">)</span>
            <span class="p">]</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_rsa_encrypt_oaep</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_data</span><span class="p">,</span> <span class="n">pad</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">key_data</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">pt</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;encrypt me!&quot;</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span><span class="n">pt</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">ct</span> <span class="o">!=</span> <span class="n">pt</span>
        <span class="k">assert</span> <span class="nb">len</span><span class="p">(</span><span class="n">ct</span><span class="p">)</span> <span class="o">==</span> <span class="n">math</span><span class="o">.</span><span class="n">ceil</span><span class="p">(</span><span class="n">public_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">/</span> <span class="mf">8.0</span><span class="p">)</span>
        <span class="n">recovered_pt</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">ct</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">recovered_pt</span> <span class="o">==</span> <span class="n">pt</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">()),</span>
                <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
                <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support OAEP using SHA256 MGF1 and SHA512 hash.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;mgf1hash&quot;</span><span class="p">,</span> <span class="s2">&quot;oaephash&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">([</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
        <span class="p">],</span> <span class="p">[</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA224</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA256</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA384</span><span class="p">(),</span>
            <span class="n">hashes</span><span class="o">.</span><span class="n">SHA512</span><span class="p">(),</span>
        <span class="p">])</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_rsa_encrypt_oaep_sha2</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">mgf1hash</span><span class="p">,</span> <span class="n">oaephash</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">pad</span> <span class="o">=</span> <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
            <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">mgf1hash</span><span class="p">),</span>
            <span class="n">algorithm</span><span class="o">=</span><span class="n">oaephash</span><span class="p">,</span>
            <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
        <span class="p">)</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">pt</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;encrypt me using sha2 hashes!&quot;</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span><span class="n">pt</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">ct</span> <span class="o">!=</span> <span class="n">pt</span>
        <span class="k">assert</span> <span class="nb">len</span><span class="p">(</span><span class="n">ct</span><span class="p">)</span> <span class="o">==</span> <span class="n">math</span><span class="o">.</span><span class="n">ceil</span><span class="p">(</span><span class="n">public_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">/</span> <span class="mf">8.0</span><span class="p">)</span>
        <span class="n">recovered_pt</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">ct</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">recovered_pt</span> <span class="o">==</span> <span class="n">pt</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">supported</span><span class="p">(</span>
        <span class="n">only_if</span><span class="o">=</span><span class="k">lambda</span> <span class="n">backend</span><span class="p">:</span> <span class="n">backend</span><span class="o">.</span><span class="n">rsa_padding_supported</span><span class="p">(</span>
            <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
        <span class="p">),</span>
        <span class="n">skip_message</span><span class="o">=</span><span class="s2">&quot;Does not support PKCS1v1.5.&quot;</span>
    <span class="p">)</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;key_data&quot;</span><span class="p">,</span> <span class="s2">&quot;pad&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span>
            <span class="p">(</span><span class="n">RSA_KEY_1024</span><span class="p">,</span> <span class="n">RSA_KEY_1025</span><span class="p">,</span> <span class="n">RSA_KEY_1026</span><span class="p">,</span> <span class="n">RSA_KEY_1027</span><span class="p">,</span>
             <span class="n">RSA_KEY_1028</span><span class="p">,</span> <span class="n">RSA_KEY_1029</span><span class="p">,</span> <span class="n">RSA_KEY_1030</span><span class="p">,</span> <span class="n">RSA_KEY_1031</span><span class="p">,</span>
             <span class="n">RSA_KEY_1536</span><span class="p">,</span> <span class="n">RSA_KEY_2048</span><span class="p">),</span>
            <span class="p">[</span><span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()]</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_rsa_encrypt_pkcs1v15</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_data</span><span class="p">,</span> <span class="n">pad</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">key_data</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">pt</span> <span class="o">=</span> <span class="sa">b</span><span class="s2">&quot;encrypt me!&quot;</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="n">ct</span> <span class="o">=</span> <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span><span class="n">pt</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">ct</span> <span class="o">!=</span> <span class="n">pt</span>
        <span class="k">assert</span> <span class="nb">len</span><span class="p">(</span><span class="n">ct</span><span class="p">)</span> <span class="o">==</span> <span class="n">math</span><span class="o">.</span><span class="n">ceil</span><span class="p">(</span><span class="n">public_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">/</span> <span class="mf">8.0</span><span class="p">)</span>
        <span class="n">recovered_pt</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">ct</span><span class="p">,</span> <span class="n">pad</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">recovered_pt</span> <span class="o">==</span> <span class="n">pt</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;key_data&quot;</span><span class="p">,</span> <span class="s2">&quot;pad&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span>
            <span class="p">(</span><span class="n">RSA_KEY_1024</span><span class="p">,</span> <span class="n">RSA_KEY_1025</span><span class="p">,</span> <span class="n">RSA_KEY_1026</span><span class="p">,</span> <span class="n">RSA_KEY_1027</span><span class="p">,</span>
             <span class="n">RSA_KEY_1028</span><span class="p">,</span> <span class="n">RSA_KEY_1029</span><span class="p">,</span> <span class="n">RSA_KEY_1030</span><span class="p">,</span> <span class="n">RSA_KEY_1031</span><span class="p">,</span>
             <span class="n">RSA_KEY_1536</span><span class="p">,</span> <span class="n">RSA_KEY_2048</span><span class="p">),</span>
            <span class="p">(</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">padding</span><span class="o">.</span><span class="n">MGF1</span><span class="p">(</span><span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">()),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">),</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">PKCS1v15</span><span class="p">()</span>
            <span class="p">)</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_rsa_encrypt_key_too_small</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_data</span><span class="p">,</span> <span class="n">pad</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">key_data</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="c1"># Slightly smaller than the key size but not enough for padding.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x00</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="p">(</span><span class="n">private_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">//</span> <span class="mi">8</span> <span class="o">-</span> <span class="mi">1</span><span class="p">),</span>
                <span class="n">pad</span>
            <span class="p">)</span>

        <span class="c1"># Larger than the key size.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x00</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="p">(</span><span class="n">private_key</span><span class="o">.</span><span class="n">key_size</span> <span class="o">//</span> <span class="mi">8</span> <span class="o">+</span> <span class="mi">5</span><span class="p">),</span>
                <span class="n">pad</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_unsupported_padding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>

        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_PADDING</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;somedata&quot;</span><span class="p">,</span> <span class="n">DummyAsymmetricPadding</span><span class="p">())</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;somedata&quot;</span><span class="p">,</span> <span class="n">padding</span><span class="o">=</span><span class="nb">object</span><span class="p">())</span>

    <span class="k">def</span> <span class="nf">test_unsupported_oaep_mgf</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_512</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>

        <span class="k">with</span> <span class="n">raises_unsupported_algorithm</span><span class="p">(</span><span class="n">_Reasons</span><span class="o">.</span><span class="n">UNSUPPORTED_MGF</span><span class="p">):</span>
            <span class="n">public_key</span><span class="o">.</span><span class="n">encrypt</span><span class="p">(</span>
                <span class="sa">b</span><span class="s2">&quot;ciphertext&quot;</span><span class="p">,</span>
                <span class="n">padding</span><span class="o">.</span><span class="n">OAEP</span><span class="p">(</span>
                    <span class="n">mgf</span><span class="o">=</span><span class="n">DummyMGF</span><span class="p">(),</span>
                    <span class="n">algorithm</span><span class="o">=</span><span class="n">hashes</span><span class="o">.</span><span class="n">SHA1</span><span class="p">(),</span>
                    <span class="n">label</span><span class="o">=</span><span class="kc">None</span>
                <span class="p">)</span>
            <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSANumbers</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="k">def</span> <span class="nf">test_rsa_public_numbers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">public_numbers</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">public_numbers</span><span class="o">.</span><span class="n">e</span> <span class="o">==</span> <span class="mi">1</span>
        <span class="k">assert</span> <span class="n">public_numbers</span><span class="o">.</span><span class="n">n</span> <span class="o">==</span> <span class="mi">15</span>

    <span class="k">def</span> <span class="nf">test_rsa_private_numbers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">public_numbers</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span>
        <span class="n">private_numbers</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
            <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
            <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
            <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
            <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
            <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
            <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
        <span class="p">)</span>

        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">p</span> <span class="o">==</span> <span class="mi">3</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">q</span> <span class="o">==</span> <span class="mi">5</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">d</span> <span class="o">==</span> <span class="mi">1</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">dmp1</span> <span class="o">==</span> <span class="mi">1</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">dmq1</span> <span class="o">==</span> <span class="mi">1</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">iqmp</span> <span class="o">==</span> <span class="mi">2</span>
        <span class="k">assert</span> <span class="n">private_numbers</span><span class="o">.</span><span class="n">public_numbers</span> <span class="o">==</span> <span class="n">public_numbers</span>

    <span class="k">def</span> <span class="nf">test_rsa_private_numbers_create_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">private_key</span> <span class="o">=</span> <span class="n">RSA_KEY_1024</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">private_key</span>

    <span class="k">def</span> <span class="nf">test_rsa_public_numbers_create_key</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">public_key</span> <span class="o">=</span> <span class="n">RSA_KEY_1024</span><span class="o">.</span><span class="n">public_numbers</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">public_key</span>

    <span class="k">def</span> <span class="nf">test_public_numbers_invalid_types</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="kc">None</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_numbers_invalid_types</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">public_numbers</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">public_numbers</span>
            <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="kc">None</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_invalid_public_numbers_argument_values</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="c1"># Start with public_exponent=7, modulus=15. Then change one value at a</span>
        <span class="c1"># time to test the bounds.</span>

        <span class="c1"># Test a modulus &lt; 3.</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">2</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent &lt; 3</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent &gt; modulus</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">17</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent that is not odd.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="n">e</span><span class="o">=</span><span class="mi">14</span><span class="p">,</span> <span class="n">n</span><span class="o">=</span><span class="mi">15</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_invalid_private_numbers_argument_values</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="c1"># Start with p=3, q=11, private_exponent=3, public_exponent=7,</span>
        <span class="c1"># modulus=33, dmp1=1, dmq1=3, iqmp=2. Then change one value at</span>
        <span class="c1"># a time to test the bounds.</span>

        <span class="c1"># Test a modulus &lt; 3.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">2</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a modulus != p * q.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">35</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a p &gt; modulus.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">37</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a q &gt; modulus.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">37</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a dmp1 &gt; modulus.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">35</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a dmq1 &gt; modulus.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">35</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test an iqmp &gt; modulus.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">35</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a private_exponent &gt; modulus</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">37</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent &lt; 3</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent &gt; modulus</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">35</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">65537</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a public_exponent that is not odd.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">6</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a dmp1 that is not odd.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

        <span class="c1"># Test a dmq1 that is not odd.</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">RSAPrivateNumbers</span><span class="p">(</span>
                <span class="n">p</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">q</span><span class="o">=</span><span class="mi">11</span><span class="p">,</span>
                <span class="n">d</span><span class="o">=</span><span class="mi">3</span><span class="p">,</span>
                <span class="n">dmp1</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span>
                <span class="n">dmq1</span><span class="o">=</span><span class="mi">4</span><span class="p">,</span>
                <span class="n">iqmp</span><span class="o">=</span><span class="mi">2</span><span class="p">,</span>
                <span class="n">public_numbers</span><span class="o">=</span><span class="n">rsa</span><span class="o">.</span><span class="n">RSAPublicNumbers</span><span class="p">(</span>
                    <span class="n">e</span><span class="o">=</span><span class="mi">7</span><span class="p">,</span>
                    <span class="n">n</span><span class="o">=</span><span class="mi">33</span>
                <span class="p">)</span>
            <span class="p">)</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_public_number_repr</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">num</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">1</span><span class="p">)</span>
        <span class="k">assert</span> <span class="nb">repr</span><span class="p">(</span><span class="n">num</span><span class="p">)</span> <span class="o">==</span> <span class="s2">&quot;&lt;RSAPublicNumbers(e=1, n=1)&gt;&quot;</span>


<span class="k">class</span> <span class="nc">TestRSANumbersEquality</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="k">def</span> <span class="nf">test_public_numbers_eq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">num</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="n">num2</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">==</span> <span class="n">num2</span>

    <span class="k">def</span> <span class="nf">test_public_numbers_ne</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">num</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">2</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">3</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="nb">object</span><span class="p">()</span>

    <span class="k">def</span> <span class="nf">test_private_numbers_eq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">pub</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="n">num</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">pub</span><span class="p">)</span>
        <span class="n">pub2</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="n">num2</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">pub2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">==</span> <span class="n">num2</span>

    <span class="k">def</span> <span class="nf">test_private_numbers_ne</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">pub</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="n">num</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">pub</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">7</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">2</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">2</span><span class="p">,</span> <span class="mi">2</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span>
            <span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">3</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">num</span> <span class="o">!=</span> <span class="nb">object</span><span class="p">()</span>

    <span class="k">def</span> <span class="nf">test_public_numbers_hash</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">pub1</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">3</span><span class="p">,</span> <span class="mi">17</span><span class="p">)</span>
        <span class="n">pub2</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">3</span><span class="p">,</span> <span class="mi">17</span><span class="p">)</span>
        <span class="n">pub3</span> <span class="o">=</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">7</span><span class="p">,</span> <span class="mi">21</span><span class="p">)</span>

        <span class="k">assert</span> <span class="nb">hash</span><span class="p">(</span><span class="n">pub1</span><span class="p">)</span> <span class="o">==</span> <span class="nb">hash</span><span class="p">(</span><span class="n">pub2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="nb">hash</span><span class="p">(</span><span class="n">pub1</span><span class="p">)</span> <span class="o">!=</span> <span class="nb">hash</span><span class="p">(</span><span class="n">pub3</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_numbers_hash</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="n">priv1</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">))</span>
        <span class="n">priv2</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">))</span>
        <span class="n">priv3</span> <span class="o">=</span> <span class="n">RSAPrivateNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">2</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">4</span><span class="p">,</span> <span class="mi">5</span><span class="p">,</span> <span class="mi">6</span><span class="p">,</span> <span class="n">RSAPublicNumbers</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="mi">3</span><span class="p">))</span>

        <span class="k">assert</span> <span class="nb">hash</span><span class="p">(</span><span class="n">priv1</span><span class="p">)</span> <span class="o">==</span> <span class="nb">hash</span><span class="p">(</span><span class="n">priv2</span><span class="p">)</span>
        <span class="k">assert</span> <span class="nb">hash</span><span class="p">(</span><span class="n">priv1</span><span class="p">)</span> <span class="o">!=</span> <span class="nb">hash</span><span class="p">(</span><span class="n">priv3</span><span class="p">)</span>


<span class="k">class</span> <span class="nc">TestRSAPrimeFactorRecovery</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="s2">&quot;vector&quot;</span><span class="p">,</span>
        <span class="n">_flatten_pkcs1_examples</span><span class="p">(</span><span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;RSA&quot;</span><span class="p">,</span> <span class="s2">&quot;pkcs1v15crypt-vectors.txt&quot;</span><span class="p">),</span>
            <span class="n">load_pkcs1_vectors</span>
        <span class="p">))</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_recover_prime_factors</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">vector</span><span class="p">):</span>
        <span class="n">private</span><span class="p">,</span> <span class="n">public</span><span class="p">,</span> <span class="n">example</span> <span class="o">=</span> <span class="n">vector</span>
        <span class="n">p</span><span class="p">,</span> <span class="n">q</span> <span class="o">=</span> <span class="n">rsa</span><span class="o">.</span><span class="n">rsa_recover_prime_factors</span><span class="p">(</span>
            <span class="n">private</span><span class="p">[</span><span class="s2">&quot;modulus&quot;</span><span class="p">],</span>
            <span class="n">private</span><span class="p">[</span><span class="s2">&quot;public_exponent&quot;</span><span class="p">],</span>
            <span class="n">private</span><span class="p">[</span><span class="s2">&quot;private_exponent&quot;</span><span class="p">]</span>
        <span class="p">)</span>
        <span class="c1"># Unfortunately there is no convention on which prime should be p</span>
        <span class="c1"># and which one q. The function we use always makes p &gt; q, but the</span>
        <span class="c1"># NIST vectors are not so consistent. Accordingly, we verify we&#39;ve</span>
        <span class="c1"># recovered the proper (p, q) by sorting them and asserting on that.</span>
        <span class="k">assert</span> <span class="nb">sorted</span><span class="p">([</span><span class="n">p</span><span class="p">,</span> <span class="n">q</span><span class="p">])</span> <span class="o">==</span> <span class="nb">sorted</span><span class="p">([</span><span class="n">private</span><span class="p">[</span><span class="s2">&quot;p&quot;</span><span class="p">],</span> <span class="n">private</span><span class="p">[</span><span class="s2">&quot;q&quot;</span><span class="p">]])</span>
        <span class="k">assert</span> <span class="n">p</span> <span class="o">&gt;</span> <span class="n">q</span>

    <span class="k">def</span> <span class="nf">test_invalid_recover_prime_factors</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">rsa</span><span class="o">.</span><span class="n">rsa_recover_prime_factors</span><span class="p">(</span><span class="mi">34</span><span class="p">,</span> <span class="mi">3</span><span class="p">,</span> <span class="mi">7</span><span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">PEMSerializationBackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAPrivateKeySerialization</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;fmt&quot;</span><span class="p">,</span> <span class="s2">&quot;password&quot;</span><span class="p">),</span>
        <span class="n">itertools</span><span class="o">.</span><span class="n">product</span><span class="p">(</span>
            <span class="p">[</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span>
            <span class="p">],</span>
            <span class="p">[</span>
                <span class="sa">b</span><span class="s2">&quot;s&quot;</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;longerpassword&quot;</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;!*$&amp;(@#$*&amp;($T@%_somesymbols&quot;</span><span class="p">,</span>
                <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x01</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span>
            <span class="p">]</span>
        <span class="p">)</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_private_bytes_encrypted_pem</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">,</span> <span class="n">fmt</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">serialized</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
            <span class="n">fmt</span><span class="p">,</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">BestAvailableEncryption</span><span class="p">(</span><span class="n">password</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="n">loaded_key</span> <span class="o">=</span> <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_private_key</span><span class="p">(</span>
            <span class="n">serialized</span><span class="p">,</span> <span class="n">password</span><span class="p">,</span> <span class="n">backend</span>
        <span class="p">)</span>
        <span class="n">loaded_priv_num</span> <span class="o">=</span> <span class="n">loaded_key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="n">priv_num</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="k">assert</span> <span class="n">loaded_priv_num</span> <span class="o">==</span> <span class="n">priv_num</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;fmt&quot;</span><span class="p">,</span> <span class="s2">&quot;password&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">[</span><span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;s&quot;</span><span class="p">],</span>
            <span class="p">[</span><span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;longerpassword&quot;</span><span class="p">],</span>
            <span class="p">[</span><span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;!*$&amp;(@#$*&amp;($T@%_somesymbol&quot;</span><span class="p">],</span>
            <span class="p">[</span><span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span> <span class="sa">b</span><span class="s2">&quot;</span><span class="se">\x01</span><span class="s2">&quot;</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">]</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_private_bytes_encrypted_der</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">,</span> <span class="n">fmt</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">serialized</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
            <span class="n">fmt</span><span class="p">,</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">BestAvailableEncryption</span><span class="p">(</span><span class="n">password</span><span class="p">)</span>
        <span class="p">)</span>
        <span class="n">loaded_key</span> <span class="o">=</span> <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_private_key</span><span class="p">(</span>
            <span class="n">serialized</span><span class="p">,</span> <span class="n">password</span><span class="p">,</span> <span class="n">backend</span>
        <span class="p">)</span>
        <span class="n">loaded_priv_num</span> <span class="o">=</span> <span class="n">loaded_key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="n">priv_num</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="k">assert</span> <span class="n">loaded_priv_num</span> <span class="o">==</span> <span class="n">priv_num</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;encoding&quot;</span><span class="p">,</span> <span class="s2">&quot;fmt&quot;</span><span class="p">,</span> <span class="s2">&quot;loader_func&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">[</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_private_key</span>
            <span class="p">],</span>
            <span class="p">[</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_private_key</span>
            <span class="p">],</span>
            <span class="p">[</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_private_key</span>
            <span class="p">],</span>
            <span class="p">[</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_private_key</span>
            <span class="p">],</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_private_bytes_unencrypted</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">,</span> <span class="n">encoding</span><span class="p">,</span> <span class="n">fmt</span><span class="p">,</span>
                                       <span class="n">loader_func</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="n">serialized</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
            <span class="n">encoding</span><span class="p">,</span> <span class="n">fmt</span><span class="p">,</span> <span class="n">serialization</span><span class="o">.</span><span class="n">NoEncryption</span><span class="p">()</span>
        <span class="p">)</span>
        <span class="n">loaded_key</span> <span class="o">=</span> <span class="n">loader_func</span><span class="p">(</span><span class="n">serialized</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">loaded_priv_num</span> <span class="o">=</span> <span class="n">loaded_key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="n">priv_num</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_numbers</span><span class="p">()</span>
        <span class="k">assert</span> <span class="n">loaded_priv_num</span> <span class="o">==</span> <span class="n">priv_num</span>

    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;key_path&quot;</span><span class="p">,</span> <span class="s2">&quot;encoding&quot;</span><span class="p">,</span> <span class="s2">&quot;loader_func&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">[</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                    <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span>
                    <span class="s2">&quot;Traditional_OpenSSL_Serialization&quot;</span><span class="p">,</span>
                    <span class="s2">&quot;testrsa.pem&quot;</span>
                <span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_private_key</span>
            <span class="p">],</span>
            <span class="p">[</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;DER_Serialization&quot;</span><span class="p">,</span> <span class="s2">&quot;testrsa.der&quot;</span><span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_private_key</span>
            <span class="p">],</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_private_bytes_traditional_openssl_unencrypted</span><span class="p">(</span>
        <span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">,</span> <span class="n">key_path</span><span class="p">,</span> <span class="n">encoding</span><span class="p">,</span> <span class="n">loader_func</span>
    <span class="p">):</span>
        <span class="n">key_bytes</span> <span class="o">=</span> <span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">key_path</span><span class="p">,</span> <span class="k">lambda</span> <span class="n">pemfile</span><span class="p">:</span> <span class="n">pemfile</span><span class="o">.</span><span class="n">read</span><span class="p">(),</span> <span class="n">mode</span><span class="o">=</span><span class="s2">&quot;rb&quot;</span>
        <span class="p">)</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">loader_func</span><span class="p">(</span><span class="n">key_bytes</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">serialized</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
            <span class="n">encoding</span><span class="p">,</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">NoEncryption</span><span class="p">()</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">serialized</span> <span class="o">==</span> <span class="n">key_bytes</span>

    <span class="k">def</span> <span class="nf">test_private_bytes_traditional_der_encrypted_invalid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">BestAvailableEncryption</span><span class="p">(</span><span class="sa">b</span><span class="s2">&quot;password&quot;</span><span class="p">)</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_bytes_invalid_encoding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
                <span class="s2">&quot;notencoding&quot;</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">PKCS8</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">NoEncryption</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_bytes_invalid_format</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="s2">&quot;invalidformat&quot;</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">NoEncryption</span><span class="p">()</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_bytes_invalid_encryption_algorithm</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="s2">&quot;notanencalg&quot;</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_private_bytes_unsupported_encryption_type</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">private_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PrivateFormat</span><span class="o">.</span><span class="n">TraditionalOpenSSL</span><span class="p">,</span>
                <span class="n">DummyKeySerializationEncryption</span><span class="p">()</span>
            <span class="p">)</span>


<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">RSABackend</span><span class="p">)</span>
<span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">requires_backend_interface</span><span class="p">(</span><span class="n">interface</span><span class="o">=</span><span class="n">PEMSerializationBackend</span><span class="p">)</span>
<span class="k">class</span> <span class="nc">TestRSAPEMPublicKeySerialization</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
    <span class="nd">@pytest</span><span class="o">.</span><span class="n">mark</span><span class="o">.</span><span class="n">parametrize</span><span class="p">(</span>
        <span class="p">(</span><span class="s2">&quot;key_path&quot;</span><span class="p">,</span> <span class="s2">&quot;loader_func&quot;</span><span class="p">,</span> <span class="s2">&quot;encoding&quot;</span><span class="p">,</span> <span class="s2">&quot;format&quot;</span><span class="p">),</span>
        <span class="p">[</span>
            <span class="p">(</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;public&quot;</span><span class="p">,</span> <span class="s2">&quot;PKCS1&quot;</span><span class="p">,</span> <span class="s2">&quot;rsa.pub.pem&quot;</span><span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_public_key</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">PKCS1</span><span class="p">,</span>
            <span class="p">),</span> <span class="p">(</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;public&quot;</span><span class="p">,</span> <span class="s2">&quot;PKCS1&quot;</span><span class="p">,</span> <span class="s2">&quot;rsa.pub.der&quot;</span><span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_public_key</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">PKCS1</span><span class="p">,</span>
            <span class="p">),</span> <span class="p">(</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;PKCS8&quot;</span><span class="p">,</span> <span class="s2">&quot;unenc-rsa-pkcs8.pub.pem&quot;</span><span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_public_key</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">SubjectPublicKeyInfo</span><span class="p">,</span>
            <span class="p">),</span> <span class="p">(</span>
                <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span>
                    <span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span>
                    <span class="s2">&quot;DER_Serialization&quot;</span><span class="p">,</span>
                    <span class="s2">&quot;unenc-rsa-pkcs8.pub.der&quot;</span>
                <span class="p">),</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">load_der_public_key</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">SubjectPublicKeyInfo</span><span class="p">,</span>
            <span class="p">)</span>
        <span class="p">]</span>
    <span class="p">)</span>
    <span class="k">def</span> <span class="nf">test_public_bytes_match</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_path</span><span class="p">,</span> <span class="n">loader_func</span><span class="p">,</span> <span class="n">encoding</span><span class="p">,</span> <span class="nb">format</span><span class="p">,</span>
                                <span class="n">backend</span><span class="p">):</span>
        <span class="n">key_bytes</span> <span class="o">=</span> <span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">key_path</span><span class="p">,</span> <span class="k">lambda</span> <span class="n">pemfile</span><span class="p">:</span> <span class="n">pemfile</span><span class="o">.</span><span class="n">read</span><span class="p">(),</span> <span class="n">mode</span><span class="o">=</span><span class="s2">&quot;rb&quot;</span>
        <span class="p">)</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">loader_func</span><span class="p">(</span><span class="n">key_bytes</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>
        <span class="n">serialized</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span><span class="n">encoding</span><span class="p">,</span> <span class="nb">format</span><span class="p">)</span>
        <span class="k">assert</span> <span class="n">serialized</span> <span class="o">==</span> <span class="n">key_bytes</span>

    <span class="k">def</span> <span class="nf">test_public_bytes_openssh</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key_bytes</span> <span class="o">=</span> <span class="n">load_vectors_from_file</span><span class="p">(</span>
            <span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="s2">&quot;asymmetric&quot;</span><span class="p">,</span> <span class="s2">&quot;public&quot;</span><span class="p">,</span> <span class="s2">&quot;PKCS1&quot;</span><span class="p">,</span> <span class="s2">&quot;rsa.pub.pem&quot;</span><span class="p">),</span>
            <span class="k">lambda</span> <span class="n">pemfile</span><span class="p">:</span> <span class="n">pemfile</span><span class="o">.</span><span class="n">read</span><span class="p">(),</span> <span class="n">mode</span><span class="o">=</span><span class="s2">&quot;rb&quot;</span>
        <span class="p">)</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">serialization</span><span class="o">.</span><span class="n">load_pem_public_key</span><span class="p">(</span><span class="n">key_bytes</span><span class="p">,</span> <span class="n">backend</span><span class="p">)</span>

        <span class="n">ssh_bytes</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span>
            <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">OpenSSH</span><span class="p">,</span> <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">OpenSSH</span>
        <span class="p">)</span>
        <span class="k">assert</span> <span class="n">ssh_bytes</span> <span class="o">==</span> <span class="p">(</span>
            <span class="sa">b</span><span class="s2">&quot;ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC7JHoJfg6yNzLMOWet8Z49a4KD&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;0dCspMAYvo2YAMB7/wdEycocujbhJ2n/seONi+5XqTqqFkM5VBl8rmkkFPZk/7x0&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;xmdsTPECSWnHK+HhoaNDFPR3j8jQhVo1laxiqcEhAHegi5cwtFosuJAvSKAFKEvy&quot;</span>
            <span class="sa">b</span><span class="s2">&quot;D43si00DQnXWrYHAEQ==&quot;</span>
        <span class="p">)</span>

        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span> <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">OpenSSH</span>
            <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">DER</span><span class="p">,</span> <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">OpenSSH</span>
            <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">OpenSSH</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">PKCS1</span><span class="p">,</span>
            <span class="p">)</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">OpenSSH</span><span class="p">,</span>
                <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">SubjectPublicKeyInfo</span><span class="p">,</span>
            <span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_public_bytes_invalid_encoding</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span><span class="s2">&quot;notencoding&quot;</span><span class="p">,</span> <span class="n">serialization</span><span class="o">.</span><span class="n">PublicFormat</span><span class="o">.</span><span class="n">PKCS1</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test_public_bytes_invalid_format</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">backend</span><span class="p">):</span>
        <span class="n">key</span> <span class="o">=</span> <span class="n">RSA_KEY_2048</span><span class="o">.</span><span class="n">private_key</span><span class="p">(</span><span class="n">backend</span><span class="p">)</span><span class="o">.</span><span class="n">public_key</span><span class="p">()</span>
        <span class="k">with</span> <span class="n">pytest</span><span class="o">.</span><span class="n">raises</span><span class="p">(</span><span class="ne">TypeError</span><span class="p">):</span>
            <span class="n">key</span><span class="o">.</span><span class="n">public_bytes</span><span class="p">(</span><span class="n">serialization</span><span class="o">.</span><span class="n">Encoding</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span> <span class="s2">&quot;invalidformat&quot;</span><span class="p">)</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2025-11-10 21:19:27 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>