diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2020-12-10 15:12:40 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-10 14:12:40 -0600 |
| commit | 6e50cf3f93f7da02ea981da4efcc977057e2920f (patch) | |
| tree | 52a25990fee38e18af5e2142fa5cb070739c8b21 /tests | |
| parent | 705cdb11fb263af4d9e819f96caaafba3ba71aec (diff) | |
| download | cryptography-6e50cf3f93f7da02ea981da4efcc977057e2920f.tar.gz | |
Convert a few more high cardinality tests to use subtests (#5632)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/primitives/test_aes.py | 35 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 100 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_ed25519.py | 40 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_hash_vectors.py | 46 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 47 |
5 files changed, 134 insertions, 134 deletions
diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 099717801..c9cb98003 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -24,13 +24,12 @@ from ...utils import load_nist_vectors ) @pytest.mark.requires_backend_interface(interface=CipherBackend) class TestAESModeXTS(object): - @pytest.mark.parametrize( - "vector", + def test_xts_vectors(self, backend, subtests): # This list comprehension excludes any vector that does not have a # data unit length that is divisible by 8. The NIST vectors include # tests for implementations that support encryption of data that is # not divisible modulo 8, but OpenSSL is not such an implementation. - [ + vectors = [ x for x in _load_all_params( os.path.join("ciphers", "AES", "XTS", "tweak-128hexstr"), @@ -38,20 +37,22 @@ class TestAESModeXTS(object): load_nist_vectors, ) if int(x["dataunitlen"]) / 8.0 == int(x["dataunitlen"]) // 8 - ], - ) - def test_xts_vectors(self, vector, backend): - key = binascii.unhexlify(vector["key"]) - tweak = binascii.unhexlify(vector["i"]) - pt = binascii.unhexlify(vector["pt"]) - ct = binascii.unhexlify(vector["ct"]) - cipher = base.Cipher(algorithms.AES(key), modes.XTS(tweak), backend) - enc = cipher.encryptor() - computed_ct = enc.update(pt) + enc.finalize() - assert computed_ct == ct - dec = cipher.decryptor() - computed_pt = dec.update(ct) + dec.finalize() - assert computed_pt == pt + ] + for vector in vectors: + with subtests.test(): + key = binascii.unhexlify(vector["key"]) + tweak = binascii.unhexlify(vector["i"]) + pt = binascii.unhexlify(vector["pt"]) + ct = binascii.unhexlify(vector["ct"]) + cipher = base.Cipher( + algorithms.AES(key), modes.XTS(tweak), backend + ) + enc = cipher.encryptor() + computed_ct = enc.update(pt) + enc.finalize() + assert computed_ct == ct + dec = cipher.decryptor() + computed_pt = dec.update(ct) + dec.finalize() + assert computed_pt == pt @pytest.mark.supported( diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 474da5df5..b247247dd 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -386,34 +386,33 @@ class TestDSAVerification(object): "SHA512": hashes.SHA512, } - @pytest.mark.parametrize( - "vector", - load_vectors_from_file( + def test_dsa_verification(self, backend, subtests): + vectors = load_vectors_from_file( os.path.join("asymmetric", "DSA", "FIPS_186-3", "SigVer.rsp"), load_fips_dsa_sig_vectors, - ), - ) - def test_dsa_verification(self, vector, backend): - digest_algorithm = vector["digest_algorithm"].replace("-", "") - algorithm = self._algorithms_dict[digest_algorithm] - - _skip_if_dsa_not_supported( - backend, algorithm, vector["p"], vector["q"], vector["g"] ) - - public_key = dsa.DSAPublicNumbers( - parameter_numbers=dsa.DSAParameterNumbers( - vector["p"], vector["q"], vector["g"] - ), - y=vector["y"], - ).public_key(backend) - sig = encode_dss_signature(vector["r"], vector["s"]) - - if vector["result"] == "F": - with pytest.raises(InvalidSignature): - public_key.verify(sig, vector["msg"], algorithm()) - else: - public_key.verify(sig, vector["msg"], algorithm()) + for vector in vectors: + with subtests.test(): + digest_algorithm = vector["digest_algorithm"].replace("-", "") + algorithm = self._algorithms_dict[digest_algorithm] + + _skip_if_dsa_not_supported( + backend, algorithm, vector["p"], vector["q"], vector["g"] + ) + + public_key = dsa.DSAPublicNumbers( + parameter_numbers=dsa.DSAParameterNumbers( + vector["p"], vector["q"], vector["g"] + ), + y=vector["y"], + ).public_key(backend) + sig = encode_dss_signature(vector["r"], vector["s"]) + + if vector["result"] == "F": + with pytest.raises(InvalidSignature): + public_key.verify(sig, vector["msg"], algorithm()) + else: + public_key.verify(sig, vector["msg"], algorithm()) def test_dsa_verify_invalid_asn1(self, backend): public_key = DSA_KEY_1024.public_numbers.public_key(backend) @@ -494,34 +493,35 @@ class TestDSASignature(object): "SHA512": hashes.SHA512, } - @pytest.mark.parametrize( - "vector", - load_vectors_from_file( + def test_dsa_signing(self, backend, subtests): + vectors = load_vectors_from_file( os.path.join("asymmetric", "DSA", "FIPS_186-3", "SigGen.txt"), load_fips_dsa_sig_vectors, - ), - ) - def test_dsa_signing(self, vector, backend): - digest_algorithm = vector["digest_algorithm"].replace("-", "") - algorithm = self._algorithms_dict[digest_algorithm] - - _skip_if_dsa_not_supported( - backend, algorithm, vector["p"], vector["q"], vector["g"] ) - - private_key = dsa.DSAPrivateNumbers( - public_numbers=dsa.DSAPublicNumbers( - parameter_numbers=dsa.DSAParameterNumbers( - vector["p"], vector["q"], vector["g"] - ), - y=vector["y"], - ), - x=vector["x"], - ).private_key(backend) - signature = private_key.sign(vector["msg"], algorithm()) - assert signature - - private_key.public_key().verify(signature, vector["msg"], algorithm()) + for vector in vectors: + with subtests.test(): + digest_algorithm = vector["digest_algorithm"].replace("-", "") + algorithm = self._algorithms_dict[digest_algorithm] + + _skip_if_dsa_not_supported( + backend, algorithm, vector["p"], vector["q"], vector["g"] + ) + + private_key = dsa.DSAPrivateNumbers( + public_numbers=dsa.DSAPublicNumbers( + parameter_numbers=dsa.DSAParameterNumbers( + vector["p"], vector["q"], vector["g"] + ), + y=vector["y"], + ), + x=vector["x"], + ).private_key(backend) + signature = private_key.sign(vector["msg"], algorithm()) + assert signature + + private_key.public_key().verify( + signature, vector["msg"], algorithm() + ) def test_use_after_finalize(self, backend): private_key = DSA_KEY_1024.private_key(backend) diff --git a/tests/hazmat/primitives/test_ed25519.py b/tests/hazmat/primitives/test_ed25519.py index be239026a..ce74ee8f2 100644 --- a/tests/hazmat/primitives/test_ed25519.py +++ b/tests/hazmat/primitives/test_ed25519.py @@ -68,29 +68,29 @@ def test_ed25519_unsupported(backend): skip_message="Requires OpenSSL with Ed25519 support", ) class TestEd25519Signing(object): - @pytest.mark.parametrize( - "vector", - load_vectors_from_file( + def test_sign_verify_input(self, backend, subtests): + vectors = load_vectors_from_file( os.path.join("asymmetric", "Ed25519", "sign.input"), load_ed25519_vectors, - ), - ) - def test_sign_verify_input(self, vector, backend): - sk = binascii.unhexlify(vector["secret_key"]) - pk = binascii.unhexlify(vector["public_key"]) - message = binascii.unhexlify(vector["message"]) - signature = binascii.unhexlify(vector["signature"]) - private_key = Ed25519PrivateKey.from_private_bytes(sk) - computed_sig = private_key.sign(message) - assert computed_sig == signature - public_key = private_key.public_key() - assert ( - public_key.public_bytes( - serialization.Encoding.Raw, serialization.PublicFormat.Raw - ) - == pk ) - public_key.verify(signature, message) + for vector in vectors: + with subtests.test(): + sk = binascii.unhexlify(vector["secret_key"]) + pk = binascii.unhexlify(vector["public_key"]) + message = binascii.unhexlify(vector["message"]) + signature = binascii.unhexlify(vector["signature"]) + private_key = Ed25519PrivateKey.from_private_bytes(sk) + computed_sig = private_key.sign(message) + assert computed_sig == signature + public_key = private_key.public_key() + assert ( + public_key.public_bytes( + serialization.Encoding.Raw, + serialization.PublicFormat.Raw, + ) + == pk + ) + public_key.verify(signature, message) def test_invalid_signature(self, backend): key = Ed25519PrivateKey.generate() diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index 99adcf923..553eee375 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -230,21 +230,20 @@ class TestSHAKE128(object): hashes.SHAKE128(digest_size=16), ) - @pytest.mark.parametrize( - "vector", - _load_all_params( + def test_shake128_variable(self, backend, subtests): + vectors = _load_all_params( os.path.join("hashes", "SHAKE"), ["SHAKE128VariableOut.rsp"], load_nist_vectors, - ), - ) - def test_shake128_variable(self, vector, backend): - output_length = int(vector["outputlen"]) // 8 - msg = binascii.unhexlify(vector["msg"]) - shake = hashes.SHAKE128(digest_size=output_length) - m = hashes.Hash(shake, backend=backend) - m.update(msg) - assert m.finalize() == binascii.unhexlify(vector["output"]) + ) + for vector in vectors: + with subtests.test(): + output_length = int(vector["outputlen"]) // 8 + msg = binascii.unhexlify(vector["msg"]) + shake = hashes.SHAKE128(digest_size=output_length) + m = hashes.Hash(shake, backend=backend) + m.update(msg) + assert m.finalize() == binascii.unhexlify(vector["output"]) @pytest.mark.supported( @@ -262,18 +261,17 @@ class TestSHAKE256(object): hashes.SHAKE256(digest_size=32), ) - @pytest.mark.parametrize( - "vector", - _load_all_params( + def test_shake256_variable(self, backend, subtests): + vectors = _load_all_params( os.path.join("hashes", "SHAKE"), ["SHAKE256VariableOut.rsp"], load_nist_vectors, - ), - ) - def test_shake256_variable(self, vector, backend): - output_length = int(vector["outputlen"]) // 8 - msg = binascii.unhexlify(vector["msg"]) - shake = hashes.SHAKE256(digest_size=output_length) - m = hashes.Hash(shake, backend=backend) - m.update(msg) - assert m.finalize() == binascii.unhexlify(vector["output"]) + ) + for vector in vectors: + with subtests.test(): + output_length = int(vector["outputlen"]) // 8 + msg = binascii.unhexlify(vector["msg"]) + shake = hashes.SHAKE256(digest_size=output_length) + m = hashes.Hash(shake, backend=backend) + m.update(msg) + assert m.finalize() == binascii.unhexlify(vector["output"]) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 1e32b7f16..d10eb93f4 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1623,29 +1623,30 @@ class TestRSADecryption(object): "Does not support OAEP using SHA224 MGF1 and SHA224 hash." ), ) - @pytest.mark.parametrize("vector", _build_oaep_sha2_vectors()) - def test_decrypt_oaep_sha2_vectors(self, vector, backend): - private, public, example, mgf1_alg, hash_alg = vector - skey = rsa.RSAPrivateNumbers( - p=private["p"], - q=private["q"], - d=private["private_exponent"], - dmp1=private["dmp1"], - dmq1=private["dmq1"], - iqmp=private["iqmp"], - public_numbers=rsa.RSAPublicNumbers( - e=private["public_exponent"], n=private["modulus"] - ), - ).private_key(backend) - message = skey.decrypt( - binascii.unhexlify(example["encryption"]), - padding.OAEP( - mgf=padding.MGF1(algorithm=mgf1_alg), - algorithm=hash_alg, - label=None, - ), - ) - assert message == binascii.unhexlify(example["message"]) + def test_decrypt_oaep_sha2_vectors(self, backend, subtests): + vectors = _build_oaep_sha2_vectors() + for private, public, example, mgf1_alg, hash_alg in vectors: + with subtests.test(): + skey = rsa.RSAPrivateNumbers( + p=private["p"], + q=private["q"], + d=private["private_exponent"], + dmp1=private["dmp1"], + dmq1=private["dmq1"], + iqmp=private["iqmp"], + public_numbers=rsa.RSAPublicNumbers( + e=private["public_exponent"], n=private["modulus"] + ), + ).private_key(backend) + message = skey.decrypt( + binascii.unhexlify(example["encryption"]), + padding.OAEP( + mgf=padding.MGF1(algorithm=mgf1_alg), + algorithm=hash_alg, + label=None, + ), + ) + assert message == binascii.unhexlify(example["message"]) @pytest.mark.supported( only_if=lambda backend: backend.rsa_padding_supported( |