diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2018-08-05 22:12:28 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-08-06 10:12:28 +0800 |
| commit | 3cd630b325372c3ad05d9fb2ea816db13d9d8584 (patch) | |
| tree | d5a22fcc1727ebdef836e6813c77169a1e48f756 | |
| parent | cdd3585bda2e01fc7245a19ac41fe912d8dc6a3c (diff) | |
| download | cryptography-3cd630b325372c3ad05d9fb2ea816db13d9d8584.tar.gz cryptography-3cd630b325372c3ad05d9fb2ea816db13d9d8584.tar.bz2 cryptography-3cd630b325372c3ad05d9fb2ea816db13d9d8584.zip | |
Refs #4375 -- added ECDH EC point wycheproof tests (#4384)
| -rw-r--r-- | tests/wycheproof/test_ecdh.py | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/tests/wycheproof/test_ecdh.py b/tests/wycheproof/test_ecdh.py index 55be04ee..a0c3f0d9 100644 --- a/tests/wycheproof/test_ecdh.py +++ b/tests/wycheproof/test_ecdh.py @@ -81,3 +81,44 @@ def test_ecdh(backend, wycheproof): else: with pytest.raises(ValueError): private_key.exchange(ec.ECDH(), public_key) + + +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) +@pytest.mark.wycheproof_tests( + "ecdh_secp224r1_ecpoint_test.json", + "ecdh_secp256r1_ecpoint_test.json", + "ecdh_secp384r1_ecpoint_test.json", + "ecdh_secp521r1_ecpoint_test.json", +) +def test_ecdh_ecpoint(backend, wycheproof): + curve = _CURVES[wycheproof.testgroup["curve"]] + _skip_exchange_algorithm_unsupported(backend, ec.ECDH(), curve) + + private_key = ec.derive_private_key( + int(wycheproof.testcase["private"], 16), curve, backend + ) + # We don't support compressed points + if ( + wycheproof.has_flag("CompressedPoint") or + not wycheproof.testcase["public"] + ): + with pytest.raises(ValueError): + ec.EllipticCurvePublicNumbers.from_encoded_point( + curve, binascii.unhexlify(wycheproof.testcase["public"]) + ) + return + + public_numbers = ec.EllipticCurvePublicNumbers.from_encoded_point( + curve, binascii.unhexlify(wycheproof.testcase["public"]) + ) + if wycheproof.testcase["comment"] == "point is not on curve": + assert wycheproof.invalid + with pytest.raises(ValueError): + public_numbers.public_key(backend) + return + + assert wycheproof.valid or wycheproof.acceptable + public_key = public_numbers.public_key(backend) + computed_shared = private_key.exchange(ec.ECDH(), public_key) + expected_shared = binascii.unhexlify(wycheproof.testcase["shared"]) + assert computed_shared == expected_shared |