From dff1d43d0ae65da599eb60f99d411112b39fc8e9 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 23 Feb 2014 15:09:56 -0600 Subject: add basic multibackend so we can do signatures using default_backend --- tests/hazmat/backends/test_multibackend.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index ce77ce2f..e3f83d3a 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -20,6 +20,7 @@ from cryptography.hazmat.backends.interfaces import ( ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import hashes, hmac +from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes @@ -85,6 +86,9 @@ class DummyRSABackend(object): def generate_rsa_private_key(self, public_exponent, private_key): pass + def create_rsa_signature_ctx(self, private_key, padding, algorithm): + pass + class TestMultiBackend(object): def test_ciphers(self): @@ -158,6 +162,13 @@ class TestMultiBackend(object): key_size=1024, public_exponent=65537 ) + backend.create_rsa_signature_ctx("private_key", padding.PKCS1(), + hashes.MD5()) + backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_signature_ctx("private_key", padding.PKCS1(), + hashes.MD5()) -- cgit v1.2.3 From bfba58bf535048d9b29fd2b7b6044695aa02a4c7 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 24 Feb 2014 19:32:57 -0600 Subject: update multibackend with new PKCS1v15 class name --- tests/hazmat/backends/test_multibackend.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index e3f83d3a..be1e76e2 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -162,7 +162,7 @@ class TestMultiBackend(object): key_size=1024, public_exponent=65537 ) - backend.create_rsa_signature_ctx("private_key", padding.PKCS1(), + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) backend = MultiBackend([]) @@ -170,5 +170,5 @@ class TestMultiBackend(object): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) with pytest.raises(UnsupportedAlgorithm): - backend.create_rsa_signature_ctx("private_key", padding.PKCS1(), + backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) -- cgit v1.2.3 From 42b3713eede3f5b417b0ce123fdcc9c4c24009d3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 23 Feb 2014 19:13:19 -0600 Subject: add RSA verification support --- tests/hazmat/backends/test_multibackend.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index be1e76e2..5a8f9934 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -89,6 +89,10 @@ class DummyRSABackend(object): def create_rsa_signature_ctx(self, private_key, padding, algorithm): pass + def create_rsa_verification_ctx(self, public_key, signature, padding, + algorithm): + pass + class TestMultiBackend(object): def test_ciphers(self): @@ -165,6 +169,9 @@ class TestMultiBackend(object): backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) + backend.create_rsa_verification_ctx("public_key", "sig", + padding.PKCS1(), hashes.MD5()) + backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): backend.generate_rsa_private_key(key_size=1024, public_exponent=3) @@ -172,3 +179,7 @@ class TestMultiBackend(object): with pytest.raises(UnsupportedAlgorithm): backend.create_rsa_signature_ctx("private_key", padding.PKCS1v15(), hashes.MD5()) + + with pytest.raises(UnsupportedAlgorithm): + backend.create_rsa_verification_ctx("public_key", "sig", + padding.PKCS1(), hashes.MD5()) -- cgit v1.2.3 From dc720296556645f0641907e3618f6a1613c39fe7 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 25 Feb 2014 22:59:58 -0600 Subject: more PKCS1->PKCS1v15 --- tests/hazmat/backends/test_multibackend.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 5a8f9934..63168180 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -170,7 +170,7 @@ class TestMultiBackend(object): hashes.MD5()) backend.create_rsa_verification_ctx("public_key", "sig", - padding.PKCS1(), hashes.MD5()) + padding.PKCS1v15(), hashes.MD5()) backend = MultiBackend([]) with pytest.raises(UnsupportedAlgorithm): @@ -181,5 +181,5 @@ class TestMultiBackend(object): hashes.MD5()) with pytest.raises(UnsupportedAlgorithm): - backend.create_rsa_verification_ctx("public_key", "sig", - padding.PKCS1(), hashes.MD5()) + backend.create_rsa_verification_ctx( + "public_key", "sig", padding.PKCS1v15(), hashes.MD5()) -- cgit v1.2.3 From 235d3ce2b7ae13cf94c97c00f5aa89c40bc6763c Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 1 Mar 2014 20:54:13 +0000 Subject: Get rid of handle_errors --- tests/hazmat/backends/test_openssl.py | 39 +++++------------------------------ 1 file changed, 5 insertions(+), 34 deletions(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index b24808df..fb9b978d 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -71,46 +71,17 @@ class TestOpenSSL(object): with pytest.raises(UnsupportedAlgorithm): cipher.encryptor() - def test_handle_unknown_error(self): - with pytest.raises(InternalError): - backend._handle_error_code(0) - - backend._lib.ERR_put_error(backend._lib.ERR_LIB_EVP, 0, 0, - b"test_openssl.py", -1) - with pytest.raises(InternalError): - backend._handle_error(None) - - backend._lib.ERR_put_error( - backend._lib.ERR_LIB_EVP, - backend._lib.EVP_F_EVP_ENCRYPTFINAL_EX, - 0, - b"test_openssl.py", - -1 - ) - with pytest.raises(InternalError): - backend._handle_error(None) - - backend._lib.ERR_put_error( - backend._lib.ERR_LIB_EVP, - backend._lib.EVP_F_EVP_DECRYPTFINAL_EX, - 0, - b"test_openssl.py", - -1 - ) - with pytest.raises(InternalError): - backend._handle_error(None) - - def test_handle_multiple_errors(self): + def test_consume_errors(self): for i in range(10): backend._lib.ERR_put_error(backend._lib.ERR_LIB_EVP, 0, 0, b"test_openssl.py", -1) assert backend._lib.ERR_peek_error() != 0 - with pytest.raises(InternalError): - backend._handle_error(None) + errors = backend._consume_errors() assert backend._lib.ERR_peek_error() == 0 + assert len(errors) == 10 def test_openssl_error_string(self): backend._lib.ERR_put_error( @@ -121,8 +92,8 @@ class TestOpenSSL(object): -1 ) - with pytest.raises(InternalError) as exc: - backend._handle_error(None) + errors = backend._consume_errors() + exc = backend._unknown_error(errors[0]) assert ( "digital envelope routines:" -- cgit v1.2.3 From 1c979c6a28385e8c2f92ecd457fc0ebe48819536 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 1 Mar 2014 21:29:28 +0000 Subject: pep8 --- tests/hazmat/backends/test_openssl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index fb9b978d..9d48f4e8 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -14,7 +14,7 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm, InternalError +from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.backends.openssl.backend import backend, Backend from cryptography.hazmat.primitives import interfaces, hashes from cryptography.hazmat.primitives.ciphers import Cipher -- cgit v1.2.3 From 94ee8b5c8570a330f9e3d30ae8313ec41b10b470 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 1 Mar 2014 22:08:49 +0000 Subject: raise InternalError --- tests/hazmat/backends/test_openssl.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 9d48f4e8..42c1b395 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -14,7 +14,7 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import UnsupportedAlgorithm, InternalError from cryptography.hazmat.backends.openssl.backend import backend, Backend from cryptography.hazmat.primitives import interfaces, hashes from cryptography.hazmat.primitives.ciphers import Cipher @@ -118,6 +118,15 @@ class TestOpenSSL(object): b"data not multiple of block length" ) + def test_unknown_error_in_cipher_finalize(self): + cipher = Cipher(AES(b"\0" * 16), CBC(b"\0" * 16), backend=backend) + enc = cipher.encryptor() + enc.update(b"\0") + backend._lib.ERR_put_error(0, 0, 1, + b"test_openssl.py", -1) + with pytest.raises(InternalError): + enc.finalize() + def test_derive_pbkdf2_raises_unsupported_on_old_openssl(self): if backend.pbkdf2_hmac_supported(hashes.SHA256()): pytest.skip("Requires an older OpenSSL") -- cgit v1.2.3 From c6a6f317fca2aa368943870ecc3854bb53399f06 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Thu, 6 Mar 2014 14:22:56 -0800 Subject: Convert stuff --- tests/hazmat/backends/test_commoncrypto.py | 4 ++-- tests/hazmat/backends/test_multibackend.py | 24 +++++++++++++----------- tests/hazmat/backends/test_openssl.py | 8 +++++--- 3 files changed, 20 insertions(+), 16 deletions(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_commoncrypto.py b/tests/hazmat/backends/test_commoncrypto.py index 7cc0f72f..7feb0c72 100644 --- a/tests/hazmat/backends/test_commoncrypto.py +++ b/tests/hazmat/backends/test_commoncrypto.py @@ -14,7 +14,7 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm, InternalError +from cryptography.exceptions import UnsupportedCipher, InternalError from cryptography.hazmat.bindings.commoncrypto.binding import Binding from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.ciphers.algorithms import AES @@ -61,5 +61,5 @@ class TestCommonCrypto(object): cipher = Cipher( DummyCipher(), GCM(b"fake_iv_here"), backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 63168180..87ef0446 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -14,7 +14,9 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.exceptions import ( + UnsupportedAlgorithm, UnsupportedCipher, UnsupportedHash +) from cryptography.hazmat.backends.interfaces import ( CipherBackend, HashBackend, HMACBackend, PBKDF2HMACBackend, RSABackend ) @@ -34,11 +36,11 @@ class DummyCipherBackend(object): def create_symmetric_encryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm + raise UnsupportedCipher def create_symmetric_decryption_ctx(self, algorithm, mode): if not self.cipher_supported(algorithm, mode): - raise UnsupportedAlgorithm + raise UnsupportedCipher @utils.register_interface(HashBackend) @@ -51,7 +53,7 @@ class DummyHashBackend(object): def create_hash_ctx(self, algorithm): if not self.hash_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(HMACBackend) @@ -64,7 +66,7 @@ class DummyHMACBackend(object): def create_hmac_ctx(self, key, algorithm): if not self.hmac_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(PBKDF2HMACBackend) @@ -78,7 +80,7 @@ class DummyPBKDF2HMACBackend(object): def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, key_material): if not self.pbkdf2_hmac_supported(algorithm): - raise UnsupportedAlgorithm + raise UnsupportedHash @utils.register_interface(RSABackend) @@ -119,9 +121,9 @@ class TestMultiBackend(object): modes.CBC(b"\x00" * 16), backend=backend ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.decryptor() def test_hashes(self): @@ -132,7 +134,7 @@ class TestMultiBackend(object): hashes.Hash(hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): hashes.Hash(hashes.SHA1(), backend=backend) def test_hmac(self): @@ -143,7 +145,7 @@ class TestMultiBackend(object): hmac.HMAC(b"", hashes.MD5(), backend=backend) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): hmac.HMAC(b"", hashes.SHA1(), backend=backend) def test_pbkdf2(self): @@ -154,7 +156,7 @@ class TestMultiBackend(object): backend.derive_pbkdf2_hmac(hashes.MD5(), 10, b"", 10, b"") - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): backend.derive_pbkdf2_hmac(hashes.SHA1(), 10, b"", 10, b"") def test_rsa(self): diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 42c1b395..c6792185 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -14,7 +14,9 @@ import pytest from cryptography import utils -from cryptography.exceptions import UnsupportedAlgorithm, InternalError +from cryptography.exceptions import ( + UnsupportedCipher, UnsupportedHash, InternalError +) from cryptography.hazmat.backends.openssl.backend import backend, Backend from cryptography.hazmat.primitives import interfaces, hashes from cryptography.hazmat.primitives.ciphers import Cipher @@ -68,7 +70,7 @@ class TestOpenSSL(object): cipher = Cipher( DummyCipher(), mode, backend=b, ) - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedCipher): cipher.encryptor() def test_consume_errors(self): @@ -130,7 +132,7 @@ class TestOpenSSL(object): def test_derive_pbkdf2_raises_unsupported_on_old_openssl(self): if backend.pbkdf2_hmac_supported(hashes.SHA256()): pytest.skip("Requires an older OpenSSL") - with pytest.raises(UnsupportedAlgorithm): + with pytest.raises(UnsupportedHash): backend.derive_pbkdf2_hmac(hashes.SHA256(), 10, b"", 1000, b"") # This test is not in the next class because to check if it's really -- cgit v1.2.3