aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives/test_rsa.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/hazmat/primitives/test_rsa.py')
-rw-r--r--tests/hazmat/primitives/test_rsa.py590
1 files changed, 585 insertions, 5 deletions
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 79323265..c458a662 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -16,16 +16,21 @@ from __future__ import absolute_import, division, print_function
import binascii
import itertools
+import math
import os
import pytest
from cryptography import exceptions, utils
+from cryptography.exceptions import _Reasons
from cryptography.hazmat.primitives import hashes, interfaces
-from cryptography.hazmat.primitives.asymmetric import rsa
-from cryptography.hazmat.primitives.asymmetric import padding
+from cryptography.hazmat.primitives.asymmetric import padding, rsa
-from ...utils import load_pkcs1_vectors, load_vectors_from_file
+from .utils import generate_rsa_verification_test
+from ...utils import (
+ load_pkcs1_vectors, load_rsa_nist_vectors, load_vectors_from_file,
+ raises_unsupported_algorithm
+)
@utils.register_interface(interfaces.AsymmetricPadding)
@@ -33,6 +38,10 @@ class DummyPadding(object):
name = "UNSUPPORTED-PADDING"
+class DummyMGF(object):
+ pass
+
+
def _modinv(e, m):
"""
Modular Multiplicative Inverse. Returns x such that: (x*e) mod m == 1
@@ -385,6 +394,13 @@ class TestRSA(object):
rsa.RSAPublicKey(public_exponent=6, modulus=15)
+def test_rsa_generate_invalid_backend():
+ pretend_backend = object()
+
+ with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE):
+ rsa.RSAPrivateKey.generate(65537, 2048, pretend_backend)
+
+
@pytest.mark.rsa
class TestRSASignature(object):
@pytest.mark.parametrize(
@@ -412,6 +428,162 @@ class TestRSASignature(object):
signature = signer.finalize()
assert binascii.hexlify(signature) == example["signature"]
+ @pytest.mark.parametrize(
+ "pkcs1_example",
+ _flatten_pkcs1_examples(load_vectors_from_file(
+ os.path.join(
+ "asymmetric", "RSA", "pkcs-1v2-1d2-vec", "pss-vect.txt"),
+ load_pkcs1_vectors
+ ))
+ )
+ def test_pss_signing(self, pkcs1_example, backend):
+ private, public, example = pkcs1_example
+ private_key = rsa.RSAPrivateKey(
+ p=private["p"],
+ q=private["q"],
+ private_exponent=private["private_exponent"],
+ dmp1=private["dmp1"],
+ dmq1=private["dmq1"],
+ iqmp=private["iqmp"],
+ public_exponent=private["public_exponent"],
+ modulus=private["modulus"]
+ )
+ public_key = rsa.RSAPublicKey(
+ public_exponent=public["public_exponent"],
+ modulus=public["modulus"]
+ )
+ signer = private_key.signer(
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ signer.update(binascii.unhexlify(example["message"]))
+ signature = signer.finalize()
+ assert len(signature) == math.ceil(private_key.key_size / 8.0)
+ # PSS signatures contain randomness so we can't do an exact
+ # signature check. Instead we'll verify that the signature created
+ # successfully verifies.
+ verifier = public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(binascii.unhexlify(example["message"]))
+ verifier.verify()
+
+ @pytest.mark.parametrize(
+ "hash_alg",
+ [hashes.SHA224(), hashes.SHA256(), hashes.SHA384(), hashes.SHA512()]
+ )
+ def test_pss_signing_sha2(self, hash_alg, backend):
+ if not backend.mgf1_hash_supported(hash_alg):
+ pytest.skip(
+ "Does not support {0} with MGF1.".format(hash_alg.name)
+ )
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=768,
+ backend=backend
+ )
+ public_key = private_key.public_key()
+ pss = padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ )
+ signer = private_key.signer(
+ pss,
+ hash_alg,
+ backend
+ )
+ signer.update(b"testing signature")
+ signature = signer.finalize()
+ verifier = public_key.verifier(
+ signature,
+ pss,
+ hash_alg,
+ backend
+ )
+ verifier.update(b"testing signature")
+ verifier.verify()
+
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512."
+ )
+ def test_pss_minimum_key_size_for_digest(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=522,
+ backend=backend
+ )
+ signer = private_key.signer(
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA512(),
+ backend
+ )
+ signer.update(b"no failure")
+ signer.finalize()
+
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512."
+ )
+ def test_pss_signing_digest_too_large_for_key_size(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=512,
+ backend=backend
+ )
+ with pytest.raises(ValueError):
+ private_key.signer(
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA512(),
+ backend
+ )
+
+ def test_pss_signing_salt_length_too_long(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=512,
+ backend=backend
+ )
+ signer = private_key.signer(
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=1000000
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ signer.update(b"failure coming")
+ with pytest.raises(ValueError):
+ signer.finalize()
+
def test_use_after_finalize(self, backend):
private_key = rsa.RSAPrivateKey.generate(
public_exponent=65537,
@@ -432,7 +604,7 @@ class TestRSASignature(object):
key_size=512,
backend=backend
)
- with pytest.raises(exceptions.UnsupportedPadding):
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING):
private_key.signer(DummyPadding(), hashes.SHA1(), backend)
def test_padding_incorrect_type(self, backend):
@@ -444,6 +616,24 @@ class TestRSASignature(object):
with pytest.raises(TypeError):
private_key.signer("notpadding", hashes.SHA1(), backend)
+ def test_rsa_signer_invalid_backend(self, backend):
+ pretend_backend = object()
+ private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend)
+
+ with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE):
+ private_key.signer(
+ padding.PKCS1v15(), hashes.SHA256, pretend_backend)
+
+ def test_unsupported_pss_mgf(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=512,
+ backend=backend
+ )
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
+ private_key.signer(padding.PSS(mgf=DummyMGF()), hashes.SHA1(),
+ backend)
+
@pytest.mark.rsa
class TestRSAVerification(object):
@@ -515,6 +705,122 @@ class TestRSAVerification(object):
with pytest.raises(exceptions.InvalidSignature):
verifier.verify()
+ @pytest.mark.parametrize(
+ "pkcs1_example",
+ _flatten_pkcs1_examples(load_vectors_from_file(
+ os.path.join(
+ "asymmetric", "RSA", "pkcs-1v2-1d2-vec", "pss-vect.txt"),
+ load_pkcs1_vectors
+ ))
+ )
+ def test_pss_verification(self, pkcs1_example, backend):
+ private, public, example = pkcs1_example
+ public_key = rsa.RSAPublicKey(
+ public_exponent=public["public_exponent"],
+ modulus=public["modulus"]
+ )
+ verifier = public_key.verifier(
+ binascii.unhexlify(example["signature"]),
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=20
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(binascii.unhexlify(example["message"]))
+ verifier.verify()
+
+ def test_invalid_pss_signature_wrong_data(self, backend):
+ public_key = rsa.RSAPublicKey(
+ modulus=int(
+ b"dffc2137d5e810cde9e4b4612f5796447218bab913b3fa98bdf7982e4fa6"
+ b"ec4d6653ef2b29fb1642b095befcbea6decc178fb4bed243d3c3592c6854"
+ b"6af2d3f3", 16
+ ),
+ public_exponent=65537
+ )
+ signature = binascii.unhexlify(
+ b"0e68c3649df91c5bc3665f96e157efa75b71934aaa514d91e94ca8418d100f45"
+ b"6f05288e58525f99666bab052adcffdf7186eb40f583bd38d98c97d3d524808b"
+ )
+ verifier = public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(b"incorrect data")
+ with pytest.raises(exceptions.InvalidSignature):
+ verifier.verify()
+
+ def test_invalid_pss_signature_wrong_key(self, backend):
+ signature = binascii.unhexlify(
+ b"3a1880165014ba6eb53cc1449d13e5132ebcc0cfd9ade6d7a2494a0503bd0826"
+ b"f8a46c431e0d7be0ca3e453f8b2b009e2733764da7927cc6dbe7a021437a242e"
+ )
+ public_key = rsa.RSAPublicKey(
+ modulus=int(
+ b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68"
+ b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8"
+ b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303"
+ b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4"
+ b"030d3581e13522e1", 16
+ ),
+ public_exponent=65537
+ )
+ verifier = public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(b"sign me")
+ with pytest.raises(exceptions.InvalidSignature):
+ verifier.verify()
+
+ def test_invalid_pss_signature_data_too_large_for_modulus(self, backend):
+ signature = binascii.unhexlify(
+ b"cb43bde4f7ab89eb4a79c6e8dd67e0d1af60715da64429d90c716a490b799c29"
+ b"194cf8046509c6ed851052367a74e2e92d9b38947ed74332acb115a03fcc0222"
+ )
+ public_key = rsa.RSAPublicKey(
+ modulus=int(
+ b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68"
+ b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8"
+ b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303"
+ b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4"
+ b"030d3581e13522", 16
+ ),
+ public_exponent=65537
+ )
+ verifier = public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(b"sign me")
+ with pytest.raises(exceptions.InvalidSignature):
+ verifier.verify()
+
def test_use_after_finalize(self, backend):
private_key = rsa.RSAPrivateKey.generate(
public_exponent=65537,
@@ -546,7 +852,7 @@ class TestRSAVerification(object):
backend=backend
)
public_key = private_key.public_key()
- with pytest.raises(exceptions.UnsupportedPadding):
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING):
public_key.verifier(b"sig", DummyPadding(), hashes.SHA1(), backend)
def test_padding_incorrect_type(self, backend):
@@ -558,3 +864,277 @@ class TestRSAVerification(object):
public_key = private_key.public_key()
with pytest.raises(TypeError):
public_key.verifier(b"sig", "notpadding", hashes.SHA1(), backend)
+
+ def test_rsa_verifier_invalid_backend(self, backend):
+ pretend_backend = object()
+ private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend)
+ public_key = private_key.public_key()
+
+ with raises_unsupported_algorithm(_Reasons.BACKEND_MISSING_INTERFACE):
+ public_key.verifier(
+ b"foo", padding.PKCS1v15(), hashes.SHA256(), pretend_backend)
+
+ def test_unsupported_pss_mgf(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=512,
+ backend=backend
+ )
+ public_key = private_key.public_key()
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
+ public_key.verifier(b"sig", padding.PSS(mgf=DummyMGF()),
+ hashes.SHA1(), backend)
+
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512."
+ )
+ def test_pss_verify_digest_too_large_for_key_size(self, backend):
+ private_key = rsa.RSAPrivateKey.generate(
+ public_exponent=65537,
+ key_size=512,
+ backend=backend
+ )
+ signature = binascii.unhexlify(
+ b"8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8"
+ b"534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd"
+ )
+ public_key = private_key.public_key()
+ with pytest.raises(ValueError):
+ public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=padding.MGF1.MAX_LENGTH
+ )
+ ),
+ hashes.SHA512(),
+ backend
+ )
+
+ def test_pss_verify_salt_length_too_long(self, backend):
+ signature = binascii.unhexlify(
+ b"8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8"
+ b"534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd"
+ )
+ public_key = rsa.RSAPublicKey(
+ modulus=int(
+ b"d309e4612809437548b747d7f9eb9cd3340f54fe42bb3f84a36933b0839c"
+ b"11b0c8b7f67e11f7252370161e31159c49c784d4bc41c42a78ce0f0b40a3"
+ b"ca8ffb91", 16
+ ),
+ public_exponent=65537
+ )
+ verifier = public_key.verifier(
+ signature,
+ padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hashes.SHA1(),
+ salt_length=1000000
+ )
+ ),
+ hashes.SHA1(),
+ backend
+ )
+ verifier.update(b"sign me")
+ with pytest.raises(exceptions.InvalidSignature):
+ verifier.verify()
+
+
+@pytest.mark.rsa
+class TestRSAPSSMGF1Verification(object):
+ test_rsa_pss_mgf1_sha1 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA1()),
+ skip_message="Does not support SHA1 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA1(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+
+ test_rsa_pss_mgf1_sha224 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA224()),
+ skip_message="Does not support SHA224 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA224(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+
+ test_rsa_pss_mgf1_sha256 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA256()),
+ skip_message="Does not support SHA256 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA256(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+
+ test_rsa_pss_mgf1_sha384 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA384()),
+ skip_message="Does not support SHA384 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA384(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+
+ test_rsa_pss_mgf1_sha512 = pytest.mark.supported(
+ only_if=lambda backend: backend.mgf1_hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512 with MGF1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigGenPSS_186-2.rsp",
+ "SigGenPSS_186-3.rsp",
+ "SigVerPSS_186-3.rsp",
+ ],
+ hashes.SHA512(),
+ lambda params, hash_alg: padding.PSS(
+ mgf=padding.MGF1(
+ algorithm=hash_alg,
+ salt_length=params["salt_length"]
+ )
+ )
+ ))
+
+
+@pytest.mark.rsa
+class TestRSAPKCS1Verification(object):
+ test_rsa_pkcs1v15_verify_sha1 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA1()),
+ skip_message="Does not support SHA1."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA1(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha224 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA224()),
+ skip_message="Does not support SHA224."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA224(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha256 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA256()),
+ skip_message="Does not support SHA256."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA256(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha384 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA384()),
+ skip_message="Does not support SHA384."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA384(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+ test_rsa_pkcs1v15_verify_sha512 = pytest.mark.supported(
+ only_if=lambda backend: backend.hash_supported(hashes.SHA512()),
+ skip_message="Does not support SHA512."
+ )(generate_rsa_verification_test(
+ load_rsa_nist_vectors,
+ os.path.join("asymmetric", "RSA", "FIPS_186-2"),
+ [
+ "SigVer15_186-3.rsp",
+ ],
+ hashes.SHA512(),
+ lambda params, hash_alg: padding.PKCS1v15()
+ ))
+
+
+class TestMGF1(object):
+ def test_invalid_hash_algorithm(self):
+ with pytest.raises(TypeError):
+ padding.MGF1(b"not_a_hash", 0)
+
+ def test_invalid_salt_length_not_integer(self):
+ with pytest.raises(TypeError):
+ padding.MGF1(hashes.SHA1(), b"not_a_length")
+
+ def test_invalid_salt_length_negative_integer(self):
+ with pytest.raises(ValueError):
+ padding.MGF1(hashes.SHA1(), -1)
+
+ def test_valid_mgf1_parameters(self):
+ algorithm = hashes.SHA1()
+ salt_length = algorithm.digest_size
+ mgf = padding.MGF1(algorithm, salt_length)
+ assert mgf._algorithm == algorithm
+ assert mgf._salt_length == salt_length
+
+ def test_valid_mgf1_parameters_maximum(self):
+ algorithm = hashes.SHA1()
+ mgf = padding.MGF1(algorithm, padding.MGF1.MAX_LENGTH)
+ assert mgf._algorithm == algorithm
+ assert mgf._salt_length == padding.MGF1.MAX_LENGTH
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 13:50:32 +0000