diff options
| -rw-r--r-- | cryptography/hazmat/backends/commoncrypto/backend.py | 8 | ||||
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 7 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/ciphers/algorithms.py | 15 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_cast5.py | 41 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_ciphers.py | 15 |
5 files changed, 83 insertions, 3 deletions
diff --git a/cryptography/hazmat/backends/commoncrypto/backend.py b/cryptography/hazmat/backends/commoncrypto/backend.py index e5d4ee00..523aac82 100644 --- a/cryptography/hazmat/backends/commoncrypto/backend.py +++ b/cryptography/hazmat/backends/commoncrypto/backend.py @@ -25,7 +25,7 @@ from cryptography.hazmat.backends.interfaces import ( from cryptography.hazmat.bindings.commoncrypto.binding import Binding from cryptography.hazmat.primitives import interfaces, constant_time from cryptography.hazmat.primitives.ciphers.algorithms import ( - AES, Blowfish, TripleDES, ARC4 + AES, Blowfish, TripleDES, ARC4, CAST5 ) from cryptography.hazmat.primitives.ciphers.modes import ( CBC, CTR, ECB, OFB, CFB, GCM @@ -199,6 +199,12 @@ class Backend(object): mode_const ) self._register_cipher_adapter( + CAST5, + self._lib.kCCAlgorithmCAST, + ECB, + self._lib.kCCModeECB + ) + self._register_cipher_adapter( ARC4, self._lib.kCCAlgorithmRC4, type(None), diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index fc3c3bda..0e5e92a5 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -26,7 +26,7 @@ from cryptography.hazmat.bindings.openssl.binding import Binding from cryptography.hazmat.primitives import interfaces, hashes from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.ciphers.algorithms import ( - AES, Blowfish, Camellia, TripleDES, ARC4, + AES, Blowfish, Camellia, TripleDES, ARC4, CAST5 ) from cryptography.hazmat.primitives.ciphers.modes import ( CBC, CTR, ECB, OFB, CFB, GCM, @@ -154,6 +154,11 @@ class Backend(object): GetCipherByName("bf-{mode.name}") ) self.register_cipher_adapter( + CAST5, + ECB, + GetCipherByName("cast5-{mode.name}") + ) + self.register_cipher_adapter( ARC4, type(None), GetCipherByName("rc4") diff --git a/cryptography/hazmat/primitives/ciphers/algorithms.py b/cryptography/hazmat/primitives/ciphers/algorithms.py index 19cf1920..a5cfce92 100644 --- a/cryptography/hazmat/primitives/ciphers/algorithms.py +++ b/cryptography/hazmat/primitives/ciphers/algorithms.py @@ -90,6 +90,21 @@ class Blowfish(object): return len(self.key) * 8 +@utils.register_interface(interfaces.BlockCipherAlgorithm) +@utils.register_interface(interfaces.CipherAlgorithm) +class CAST5(object): + name = "CAST5" + block_size = 64 + key_sizes = frozenset(range(40, 129, 8)) + + def __init__(self, key): + self.key = _verify_key_size(self, key) + + @property + def key_size(self): + return len(self.key) * 8 + + @utils.register_interface(interfaces.CipherAlgorithm) class ARC4(object): name = "RC4" diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py new file mode 100644 index 00000000..d65a86b2 --- /dev/null +++ b/tests/hazmat/primitives/test_cast5.py @@ -0,0 +1,41 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import binascii +import os + +import pytest + +from cryptography.hazmat.primitives.ciphers import algorithms, modes + +from .utils import generate_encrypt_test +from ...utils import load_nist_vectors + + +@pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + algorithms.CAST5("\x00" * 16), modes.ECB() + ), + skip_message="Does not support CAST5 ECB", +) +@pytest.mark.cipher +class TestCAST5(object): + test_ECB = generate_encrypt_test( + load_nist_vectors, + os.path.join("ciphers", "CAST5"), + ["cast5-ecb.txt"], + lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))), + lambda **kwargs: modes.ECB(), + ) diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py index 6a7b2f93..50cadf64 100644 --- a/tests/hazmat/primitives/test_ciphers.py +++ b/tests/hazmat/primitives/test_ciphers.py @@ -18,7 +18,7 @@ import binascii import pytest from cryptography.hazmat.primitives.ciphers.algorithms import ( - AES, Camellia, TripleDES, Blowfish, ARC4 + AES, Camellia, TripleDES, Blowfish, ARC4, CAST5 ) @@ -80,6 +80,19 @@ class TestBlowfish(object): Blowfish(binascii.unhexlify(b"0" * 6)) +class TestCAST5(object): + @pytest.mark.parametrize(("key", "keysize"), [ + (b"0" * (keysize // 4), keysize) for keysize in range(40, 129, 8) + ]) + def test_key_size(self, key, keysize): + cipher = CAST5(binascii.unhexlify(key)) + assert cipher.key_size == keysize + + def test_invalid_key_size(self): + with pytest.raises(ValueError): + CAST5(binascii.unhexlify(b"0" * 34)) + + class TestARC4(object): @pytest.mark.parametrize(("key", "keysize"), [ (b"0" * 10, 40), |