diff --git a/tests/hazmat/primitives/fixtures_dh.py b/tests/hazmat/primitives/fixtures_dh.py new file mode 100644 index 0000000000000000000000000000000000000000..d4f42633b9c89672ac6f5ad2430a2bb7ae603c27_dGVzdHMvaGF6bWF0L3ByaW1pdGl2ZXMvZml4dHVyZXNfZGgucHk= --- /dev/null +++ b/tests/hazmat/primitives/fixtures_dh.py @@ -0,0 +1,24 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.primitives.asymmetric import dh + +FFDH3072_P = dh.DHParameterNumbers( + p=int( + "ffffffffffffffffadf85458a2bb4a9aafdc5620273d3cf1d8b9c583ce2d3695a9e" + "13641146433fbcc939dce249b3ef97d2fe363630c75d8f681b202aec4617ad3df1e" + "d5d5fd65612433f51f5f066ed0856365553ded1af3b557135e7f57c935984f0c70e" + "0e68b77e2a689daf3efe8721df158a136ade73530acca4f483a797abc0ab182b324" + "fb61d108a94bb2c8e3fbb96adab760d7f4681d4f42a3de394df4ae56ede76372bb1" + "90b07a7c8ee0a6d709e02fce1cdf7e2ecc03404cd28342f619172fe9ce98583ff8e" + "4f1232eef28183c3fe3b1b4c6fad733bb5fcbc2ec22005c58ef1837d1683b2c6f34" + "a26c1b2effa886b4238611fcfdcde355b3b6519035bbc34f4def99c023861b46fc9" + "d6e6c9077ad91d2691f7f7ee598cb0fac186d91caefe130985139270b4130c93bc4" + "37944f4fd4452e2d74dd364f2e21e71f54bff5cae82ab9c9df69ee86d2bc522363a" + "0dabc521979b0deada1dbf9a42d5c4484e0abcd06bfa53ddef3c1b20ee3fd59d7c2" + "5e41d2b66c62e37ffffffffffffffff", 16 + ), g=2 +) diff --git a/tests/hazmat/primitives/test_dh.py b/tests/hazmat/primitives/test_dh.py index daa712c50090814fef73f74783585bd9a6842812_dGVzdHMvaGF6bWF0L3ByaW1pdGl2ZXMvdGVzdF9kaC5weQ==..d4f42633b9c89672ac6f5ad2430a2bb7ae603c27_dGVzdHMvaGF6bWF0L3ByaW1pdGl2ZXMvdGVzdF9kaC5weQ== 100644 --- a/tests/hazmat/primitives/test_dh.py +++ b/tests/hazmat/primitives/test_dh.py @@ -16,6 +16,7 @@ from cryptography.hazmat.primitives.asymmetric import dh from cryptography.utils import int_from_bytes +from .fixtures_dh import FFDH3072_P from ...doubles import DummyKeySerializationEncryption from ...utils import load_nist_vectors, load_vectors_from_file @@ -281,7 +282,7 @@ assert isinstance(key.parameters(), dh.DHParameters) def test_exchange(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) assert isinstance(parameters, dh.DHParameters) key1 = parameters.generate_private_key() @@ -289,9 +290,9 @@ symkey1 = key1.exchange(key2.public_key()) assert symkey1 - assert len(symkey1) == 512 // 8 + assert len(symkey1) == 3072 // 8 symkey2 = key2.exchange(key1.public_key()) assert symkey1 == symkey2 def test_exchange_algorithm(self, backend): @@ -293,10 +294,9 @@ symkey2 = key2.exchange(key1.public_key()) assert symkey1 == symkey2 def test_exchange_algorithm(self, backend): - parameters = dh.generate_parameters(2, 512, backend) - + parameters = FFDH3072_P.parameters(backend) key1 = parameters.generate_private_key() key2 = parameters.generate_private_key() @@ -419,9 +419,8 @@ ], ] ) - def test_private_bytes_unencrypted(self, backend, encoding, - loader_func): - parameters = dh.generate_parameters(2, 512, backend) + def test_private_bytes_unencrypted(self, backend, encoding, loader_func): + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() serialized = key.private_bytes( encoding, serialization.PrivateFormat.PKCS8, @@ -442,7 +441,7 @@ ] ) def test_private_bytes_rejects_invalid(self, encoding, fmt, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(ValueError): key.private_bytes(encoding, fmt, serialization.NoEncryption()) @@ -536,7 +535,7 @@ assert private_numbers.public_numbers.parameter_numbers.q is None def test_private_bytes_traditional_openssl_invalid(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(ValueError): key.private_bytes( @@ -546,7 +545,7 @@ ) def test_private_bytes_invalid_encoding(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(TypeError): key.private_bytes( @@ -556,7 +555,7 @@ ) def test_private_bytes_invalid_format(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(ValueError): key.private_bytes( @@ -566,7 +565,7 @@ ) def test_private_bytes_invalid_encryption_algorithm(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(TypeError): key.private_bytes( @@ -576,7 +575,7 @@ ) def test_private_bytes_unsupported_encryption_type(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key() with pytest.raises(ValueError): key.private_bytes( @@ -604,9 +603,8 @@ ], ] ) - def test_public_bytes(self, backend, encoding, - loader_func): - parameters = dh.generate_parameters(2, 512, backend) + def test_public_bytes(self, backend, encoding, loader_func): + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key().public_key() serialized = key.public_bytes( encoding, serialization.PublicFormat.SubjectPublicKeyInfo @@ -701,7 +699,7 @@ assert public_numbers.parameter_numbers.q is None def test_public_bytes_invalid_encoding(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key().public_key() with pytest.raises(TypeError): key.public_bytes( @@ -710,7 +708,7 @@ ) def test_public_bytes_pkcs1_unsupported(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key().public_key() with pytest.raises(ValueError): key.public_bytes( @@ -736,9 +734,8 @@ ], ] ) - def test_parameter_bytes(self, backend, encoding, - loader_func): - parameters = dh.generate_parameters(2, 512, backend) + def test_parameter_bytes(self, backend, encoding, loader_func): + parameters = FFDH3072_P.parameters(backend) serialized = parameters.parameter_bytes( encoding, serialization.ParameterFormat.PKCS3 ) @@ -852,9 +849,9 @@ )) ) def test_public_bytes_rejects_invalid(self, encoding, fmt, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) key = parameters.generate_private_key().public_key() with pytest.raises(ValueError): key.public_bytes(encoding, fmt) def test_parameter_bytes_invalid_encoding(self, backend): @@ -856,9 +853,9 @@ key = parameters.generate_private_key().public_key() with pytest.raises(ValueError): key.public_bytes(encoding, fmt) def test_parameter_bytes_invalid_encoding(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) with pytest.raises(TypeError): parameters.parameter_bytes( "notencoding", @@ -866,7 +863,7 @@ ) def test_parameter_bytes_invalid_format(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) with pytest.raises(ValueError): parameters.parameter_bytes( serialization.Encoding.PEM, @@ -874,7 +871,7 @@ ) def test_parameter_bytes_openssh_unsupported(self, backend): - parameters = dh.generate_parameters(2, 512, backend) + parameters = FFDH3072_P.parameters(backend) with pytest.raises(TypeError): parameters.parameter_bytes( serialization.Encoding.OpenSSH,