tests/hazmat/primitives/test_ed448.py - platform/external/python/cryptography - Git at Google

 # This file is dual licensed under the terms of the Apache License, Version
 # 2.0, and the BSD License. See the LICENSE file in the root of this repository
 # for complete details.

 from __future__ import absolute_import, division, print_function

 import binascii
 import os

 import pytest

 from cryptography.exceptions import InvalidSignature, _Reasons
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.ed448 import (
     Ed448PrivateKey,
     Ed448PublicKey,
 )

 from ...utils import (
     load_nist_vectors,
     load_vectors_from_file,
     raises_unsupported_algorithm,
 )


 @pytest.mark.supported(
     only_if=lambda backend: not backend.ed448_supported(),
     skip_message="Requires OpenSSL without Ed448 support",
 )
 def test_ed448_unsupported(backend):
     with raises_unsupported_algorithm(
         _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
     ):
         Ed448PublicKey.from_public_bytes(b"0" * 57)

     with raises_unsupported_algorithm(
         _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
     ):
         Ed448PrivateKey.from_private_bytes(b"0" * 57)

     with raises_unsupported_algorithm(
         _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
     ):
         Ed448PrivateKey.generate()


 @pytest.mark.supported(
     only_if=lambda backend: backend.ed448_supported(),
     skip_message="Requires OpenSSL with Ed448 support",
 )
 class TestEd448Signing(object):
     @pytest.mark.parametrize(
         "vector",
         load_vectors_from_file(
             os.path.join("asymmetric", "Ed448", "rfc8032.txt"),
             load_nist_vectors,
         ),
     )
     def test_sign_input(self, vector, backend):
         if vector.get("context") is not None:
             pytest.skip("ed448 contexts are not currently supported")

         sk = binascii.unhexlify(vector["secret"])
         pk = binascii.unhexlify(vector["public"])
         message = binascii.unhexlify(vector["message"])
         signature = binascii.unhexlify(vector["signature"])
         private_key = Ed448PrivateKey.from_private_bytes(sk)
         computed_sig = private_key.sign(message)
         assert computed_sig == signature
         public_key = private_key.public_key()
         assert (
             public_key.public_bytes(
                 serialization.Encoding.Raw, serialization.PublicFormat.Raw
             )
             == pk
         )
         public_key.verify(signature, message)

     def test_invalid_signature(self, backend):
         key = Ed448PrivateKey.generate()
         signature = key.sign(b"test data")
         with pytest.raises(InvalidSignature):
             key.public_key().verify(signature, b"wrong data")

         with pytest.raises(InvalidSignature):
             key.public_key().verify(b"0" * 64, b"test data")

     def test_generate(self, backend):
         key = Ed448PrivateKey.generate()
         assert key
         assert key.public_key()

     @pytest.mark.parametrize(
         "vector",
         load_vectors_from_file(
             os.path.join("asymmetric", "Ed448", "rfc8032.txt"),
             load_nist_vectors,
         ),
     )
     def test_pub_priv_bytes_raw(self, vector, backend):
         sk = binascii.unhexlify(vector["secret"])
         pk = binascii.unhexlify(vector["public"])
         private_key = Ed448PrivateKey.from_private_bytes(sk)
         assert (
             private_key.private_bytes(
                 serialization.Encoding.Raw,
                 serialization.PrivateFormat.Raw,
                 serialization.NoEncryption(),
             )
             == sk
         )
         assert (
             private_key.public_key().public_bytes(
                 serialization.Encoding.Raw, serialization.PublicFormat.Raw
             )
             == pk
         )
         public_key = Ed448PublicKey.from_public_bytes(pk)
         assert (
             public_key.public_bytes(
                 serialization.Encoding.Raw, serialization.PublicFormat.Raw
             )
             == pk
         )

     @pytest.mark.parametrize(
         ("encoding", "fmt", "encryption", "passwd", "load_func"),
         [
             (
                 serialization.Encoding.PEM,
                 serialization.PrivateFormat.PKCS8,
                 serialization.BestAvailableEncryption(b"password"),
                 b"password",
                 serialization.load_pem_private_key,
             ),
             (
                 serialization.Encoding.DER,
                 serialization.PrivateFormat.PKCS8,
                 serialization.BestAvailableEncryption(b"password"),
                 b"password",
                 serialization.load_der_private_key,
             ),
             (
                 serialization.Encoding.PEM,
                 serialization.PrivateFormat.PKCS8,
                 serialization.NoEncryption(),
                 None,
                 serialization.load_pem_private_key,
             ),
             (
                 serialization.Encoding.DER,
                 serialization.PrivateFormat.PKCS8,
                 serialization.NoEncryption(),
                 None,
                 serialization.load_der_private_key,
             ),
         ],
     )
     def test_round_trip_private_serialization(
         self, encoding, fmt, encryption, passwd, load_func, backend
     ):
         key = Ed448PrivateKey.generate()
         serialized = key.private_bytes(encoding, fmt, encryption)
         loaded_key = load_func(serialized, passwd, backend)
         assert isinstance(loaded_key, Ed448PrivateKey)

     def test_invalid_type_public_bytes(self, backend):
         with pytest.raises(TypeError):
             Ed448PublicKey.from_public_bytes(object())

     def test_invalid_type_private_bytes(self, backend):
         with pytest.raises(TypeError):
             Ed448PrivateKey.from_private_bytes(object())

     def test_invalid_length_from_public_bytes(self, backend):
         with pytest.raises(ValueError):
             Ed448PublicKey.from_public_bytes(b"a" * 56)
         with pytest.raises(ValueError):
             Ed448PublicKey.from_public_bytes(b"a" * 58)

     def test_invalid_length_from_private_bytes(self, backend):
         with pytest.raises(ValueError):
             Ed448PrivateKey.from_private_bytes(b"a" * 56)
         with pytest.raises(ValueError):
             Ed448PrivateKey.from_private_bytes(b"a" * 58)

     def test_invalid_private_bytes(self, backend):
         key = Ed448PrivateKey.generate()
         with pytest.raises(ValueError):
             key.private_bytes(
                 serialization.Encoding.Raw,
                 serialization.PrivateFormat.Raw,
                 None,
             )

         with pytest.raises(ValueError):
             key.private_bytes(
                 serialization.Encoding.Raw,
                 serialization.PrivateFormat.PKCS8,
                 None,
             )

         with pytest.raises(ValueError):
             key.private_bytes(
                 serialization.Encoding.PEM,
                 serialization.PrivateFormat.Raw,
                 serialization.NoEncryption(),
             )

     def test_invalid_public_bytes(self, backend):
         key = Ed448PrivateKey.generate().public_key()
         with pytest.raises(ValueError):
             key.public_bytes(
                 serialization.Encoding.Raw,
                 serialization.PublicFormat.SubjectPublicKeyInfo,
             )

         with pytest.raises(ValueError):
             key.public_bytes(
                 serialization.Encoding.PEM, serialization.PublicFormat.PKCS1
             )

         with pytest.raises(ValueError):
             key.public_bytes(
                 serialization.Encoding.PEM, serialization.PublicFormat.Raw
             )

     def test_buffer_protocol(self, backend):
         private_bytes = os.urandom(57)
         key = Ed448PrivateKey.from_private_bytes(bytearray(private_bytes))
         assert (
             key.private_bytes(
                 serialization.Encoding.Raw,
                 serialization.PrivateFormat.Raw,
                 serialization.NoEncryption(),
             )
             == private_bytes
         )

     def test_malleability(self, backend):
         # This is a signature where r > the group order. It should be
         # rejected to prevent signature malleability issues. This test can
         # be removed when wycheproof grows ed448 vectors
         public_bytes = binascii.unhexlify(
             "fedb02a658d74990244d9d10cf338e977565cbbda6b24c716829ed6ee1e4f28cf"
             "2620c052db8d878f6243bffc22242816c1aaa67d2f3603600"
         )
         signature = binascii.unhexlify(
             "0cc16ba24d69277f927c1554b0f08a2a711bbdd20b058ccc660d00ca13542a3ce"
             "f9e5c44c54ab23a2eb14f947e167b990b080863e28b399380f30db6e54d5d1406"
             "d23378ffde11b1fb81b2b438a3b8e8aa7f7f4e1befcc905023fab5a5465053844"
             "f04cf0c1b51d84760f869588687f57500"
         )
         key = Ed448PublicKey.from_public_bytes(public_bytes)
         with pytest.raises(InvalidSignature):
             key.verify(signature, b"8")
	# This file is dual licensed under the terms of the Apache License, Version
	# 2.0, and the BSD License. See the LICENSE file in the root of this repository
	# for complete details.

	from __future__ import absolute_import, division, print_function

	import binascii
	import os

	import pytest

	from cryptography.exceptions import InvalidSignature, _Reasons
	from cryptography.hazmat.primitives import serialization
	from cryptography.hazmat.primitives.asymmetric.ed448 import (
	Ed448PrivateKey,
	Ed448PublicKey,
	)

	from ...utils import (
	load_nist_vectors,
	load_vectors_from_file,
	raises_unsupported_algorithm,
	)


	@pytest.mark.supported(
	only_if=lambda backend: not backend.ed448_supported(),
	skip_message="Requires OpenSSL without Ed448 support",
	)
	def test_ed448_unsupported(backend):
	with raises_unsupported_algorithm(
	_Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
	):
	Ed448PublicKey.from_public_bytes(b"0" * 57)

	with raises_unsupported_algorithm(
	_Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
	):
	Ed448PrivateKey.from_private_bytes(b"0" * 57)

	with raises_unsupported_algorithm(
	_Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
	):
	Ed448PrivateKey.generate()


	@pytest.mark.supported(
	only_if=lambda backend: backend.ed448_supported(),
	skip_message="Requires OpenSSL with Ed448 support",
	)
	class TestEd448Signing(object):
	@pytest.mark.parametrize(
	"vector",
	load_vectors_from_file(
	os.path.join("asymmetric", "Ed448", "rfc8032.txt"),
	load_nist_vectors,
	),
	)
	def test_sign_input(self, vector, backend):
	if vector.get("context") is not None:
	pytest.skip("ed448 contexts are not currently supported")

	sk = binascii.unhexlify(vector["secret"])
	pk = binascii.unhexlify(vector["public"])
	message = binascii.unhexlify(vector["message"])
	signature = binascii.unhexlify(vector["signature"])
	private_key = Ed448PrivateKey.from_private_bytes(sk)
	computed_sig = private_key.sign(message)
	assert computed_sig == signature
	public_key = private_key.public_key()
	assert (
	public_key.public_bytes(
	serialization.Encoding.Raw, serialization.PublicFormat.Raw
	)
	== pk
	)
	public_key.verify(signature, message)

	def test_invalid_signature(self, backend):
	key = Ed448PrivateKey.generate()
	signature = key.sign(b"test data")
	with pytest.raises(InvalidSignature):
	key.public_key().verify(signature, b"wrong data")

	with pytest.raises(InvalidSignature):
	key.public_key().verify(b"0" * 64, b"test data")

	def test_generate(self, backend):
	key = Ed448PrivateKey.generate()
	assert key
	assert key.public_key()

	@pytest.mark.parametrize(
	"vector",
	load_vectors_from_file(
	os.path.join("asymmetric", "Ed448", "rfc8032.txt"),
	load_nist_vectors,
	),
	)
	def test_pub_priv_bytes_raw(self, vector, backend):
	sk = binascii.unhexlify(vector["secret"])
	pk = binascii.unhexlify(vector["public"])
	private_key = Ed448PrivateKey.from_private_bytes(sk)
	assert (
	private_key.private_bytes(
	serialization.Encoding.Raw,
	serialization.PrivateFormat.Raw,
	serialization.NoEncryption(),
	)
	== sk
	)
	assert (
	private_key.public_key().public_bytes(
	serialization.Encoding.Raw, serialization.PublicFormat.Raw
	)
	== pk
	)
	public_key = Ed448PublicKey.from_public_bytes(pk)
	assert (
	public_key.public_bytes(
	serialization.Encoding.Raw, serialization.PublicFormat.Raw
	)
	== pk
	)

	@pytest.mark.parametrize(
	("encoding", "fmt", "encryption", "passwd", "load_func"),
	[
	(
	serialization.Encoding.PEM,
	serialization.PrivateFormat.PKCS8,
	serialization.BestAvailableEncryption(b"password"),
	b"password",
	serialization.load_pem_private_key,
	),
	(
	serialization.Encoding.DER,
	serialization.PrivateFormat.PKCS8,
	serialization.BestAvailableEncryption(b"password"),
	b"password",
	serialization.load_der_private_key,
	),
	(
	serialization.Encoding.PEM,
	serialization.PrivateFormat.PKCS8,
	serialization.NoEncryption(),
	None,
	serialization.load_pem_private_key,
	),
	(
	serialization.Encoding.DER,
	serialization.PrivateFormat.PKCS8,
	serialization.NoEncryption(),
	None,
	serialization.load_der_private_key,
	),
	],
	)
	def test_round_trip_private_serialization(
	self, encoding, fmt, encryption, passwd, load_func, backend
	):
	key = Ed448PrivateKey.generate()
	serialized = key.private_bytes(encoding, fmt, encryption)
	loaded_key = load_func(serialized, passwd, backend)
	assert isinstance(loaded_key, Ed448PrivateKey)

	def test_invalid_type_public_bytes(self, backend):
	with pytest.raises(TypeError):
	Ed448PublicKey.from_public_bytes(object())

	def test_invalid_type_private_bytes(self, backend):
	with pytest.raises(TypeError):
	Ed448PrivateKey.from_private_bytes(object())

	def test_invalid_length_from_public_bytes(self, backend):
	with pytest.raises(ValueError):
	Ed448PublicKey.from_public_bytes(b"a" * 56)
	with pytest.raises(ValueError):
	Ed448PublicKey.from_public_bytes(b"a" * 58)

	def test_invalid_length_from_private_bytes(self, backend):
	with pytest.raises(ValueError):
	Ed448PrivateKey.from_private_bytes(b"a" * 56)
	with pytest.raises(ValueError):
	Ed448PrivateKey.from_private_bytes(b"a" * 58)

	def test_invalid_private_bytes(self, backend):
	key = Ed448PrivateKey.generate()
	with pytest.raises(ValueError):
	key.private_bytes(
	serialization.Encoding.Raw,
	serialization.PrivateFormat.Raw,
	None,
	)

	with pytest.raises(ValueError):
	key.private_bytes(
	serialization.Encoding.Raw,
	serialization.PrivateFormat.PKCS8,
	None,
	)

	with pytest.raises(ValueError):
	key.private_bytes(
	serialization.Encoding.PEM,
	serialization.PrivateFormat.Raw,
	serialization.NoEncryption(),
	)

	def test_invalid_public_bytes(self, backend):
	key = Ed448PrivateKey.generate().public_key()
	with pytest.raises(ValueError):
	key.public_bytes(
	serialization.Encoding.Raw,
	serialization.PublicFormat.SubjectPublicKeyInfo,
	)

	with pytest.raises(ValueError):
	key.public_bytes(
	serialization.Encoding.PEM, serialization.PublicFormat.PKCS1
	)

	with pytest.raises(ValueError):
	key.public_bytes(
	serialization.Encoding.PEM, serialization.PublicFormat.Raw
	)

	def test_buffer_protocol(self, backend):
	private_bytes = os.urandom(57)
	key = Ed448PrivateKey.from_private_bytes(bytearray(private_bytes))
	assert (
	key.private_bytes(
	serialization.Encoding.Raw,
	serialization.PrivateFormat.Raw,
	serialization.NoEncryption(),
	)
	== private_bytes
	)

	def test_malleability(self, backend):
	# This is a signature where r > the group order. It should be
	# rejected to prevent signature malleability issues. This test can
	# be removed when wycheproof grows ed448 vectors
	public_bytes = binascii.unhexlify(
	"fedb02a658d74990244d9d10cf338e977565cbbda6b24c716829ed6ee1e4f28cf"
	"2620c052db8d878f6243bffc22242816c1aaa67d2f3603600"
	)
	signature = binascii.unhexlify(
	"0cc16ba24d69277f927c1554b0f08a2a711bbdd20b058ccc660d00ca13542a3ce"
	"f9e5c44c54ab23a2eb14f947e167b990b080863e28b399380f30db6e54d5d1406"
	"d23378ffde11b1fb81b2b438a3b8e8aa7f7f4e1befcc905023fab5a5465053844"
	"f04cf0c1b51d84760f869588687f57500"
	)
	key = Ed448PublicKey.from_public_bytes(public_bytes)
	with pytest.raises(InvalidSignature):
	key.verify(signature, b"8")