diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-03 21:59:29 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-03 21:59:29 -0600 |
| commit | e4acd5d922bd66dfa4f27782c0913550085a6929 (patch) | |
| tree | 8922ec5e4e3f150883a89cf54c00264c1fd5be46 /tests/hazmat/primitives/utils.py | |
| parent | e035ba978bf81c9dc17c33d7a8c6d61082ac4292 (diff) | |
| parent | ba5fcd97baf193259a156caa5b5cbc107ee46794 (diff) | |
| download | cryptography-e4acd5d922bd66dfa4f27782c0913550085a6929.tar.gz cryptography-e4acd5d922bd66dfa4f27782c0913550085a6929.tar.bz2 cryptography-e4acd5d922bd66dfa4f27782c0913550085a6929.zip | |
Merge branch 'master' into urandom-engine
* master: (66 commits)
Chanloge + versionadded
Added an example usage
Typo fix
Added to toctree
Rename and document
Linkify the things we have that others don't
add HKDF to changelog
Strings have quote marks at both ends.
HKDF example.
Properly mark all test cases as dependant on HMAC.
Remove language about the separate stages of HKDF until we expose multiple stages of HKDF.
Don't forget InvalidKey.
Fix typo
Import exception classes instead of the exceptions module.
Lose the bit about passwords.
https a bunch of links.
Pseudorandom is a word.
Backtick the entire equation.
Clarify salt language and link to the paper in addition to the RFC.
Don't expose extract and expand on this class yet because we don't know how best to expose verify functionality, continue testing the stages using the private methods.
...
Conflicts:
docs/hazmat/backends/openssl.rst
Diffstat (limited to 'tests/hazmat/primitives/utils.py')
| -rw-r--r-- | tests/hazmat/primitives/utils.py | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 6b1d055d..5a8dc3ab 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -1,11 +1,15 @@ import binascii import os +import itertools + import pytest from cryptography.hazmat.primitives import hashes, hmac from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.primitives.ciphers import Cipher +from cryptography.hazmat.primitives.kdf.hkdf import HKDF + from cryptography.exceptions import ( AlreadyFinalized, NotYetFinalized, AlreadyUpdated, InvalidTag, ) @@ -297,3 +301,60 @@ def aead_tag_exception_test(backend, cipher_factory, mode_factory): ) with pytest.raises(ValueError): cipher.encryptor() + + +def hkdf_derive_test(backend, algorithm, params): + hkdf = HKDF( + algorithm, + int(params["l"]), + salt=binascii.unhexlify(params["salt"]) or None, + info=binascii.unhexlify(params["info"]) or None, + backend=backend + ) + + okm = hkdf.derive(binascii.unhexlify(params["ikm"])) + + assert okm == binascii.unhexlify(params["okm"]) + + +def hkdf_extract_test(backend, algorithm, params): + hkdf = HKDF( + algorithm, + int(params["l"]), + salt=binascii.unhexlify(params["salt"]) or None, + info=binascii.unhexlify(params["info"]) or None, + backend=backend + ) + + prk = hkdf._extract(binascii.unhexlify(params["ikm"])) + + assert prk == binascii.unhexlify(params["prk"]) + + +def hkdf_expand_test(backend, algorithm, params): + hkdf = HKDF( + algorithm, + int(params["l"]), + salt=binascii.unhexlify(params["salt"]) or None, + info=binascii.unhexlify(params["info"]) or None, + backend=backend + ) + + okm = hkdf._expand(binascii.unhexlify(params["prk"])) + + assert okm == binascii.unhexlify(params["okm"]) + + +def generate_hkdf_test(param_loader, path, file_names, algorithm): + all_params = _load_all_params(path, file_names, param_loader) + + all_tests = [hkdf_extract_test, hkdf_expand_test, hkdf_derive_test] + + @pytest.mark.parametrize( + ("params", "hkdf_test"), + itertools.product(all_params, all_tests) + ) + def test_hkdf(self, backend, params, hkdf_test): + hkdf_test(backend, algorithm, params) + + return test_hkdf |