def test_dsa_verification(self, vector, backend):
digest_algorithm = vector['digest_algorithm'].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
if (not backend.dsa_parameters_supported(vector['p'], vector['q'],
vector['g'])
or not backend.dsa_hash_supported(algorithm)):
pytest.skip(
"{0} does not support the provided parameters".format(backend))
public_key = dsa.DSAPublicKey(vector['p'], vector['q'], vector['g'],
vector['y'])
sig = der_encode_dsa_signature(vector['r'], vector['s'])
verifier = public_key.verifier(sig, algorithm(), backend)
verifier.update(vector['msg'])
if vector['result'] == "F":
with pytest.raises(InvalidSignature):
verifier.verify()
else:
verifier.verify()
def test_invalid_dsa_public_key_arguments(self):
# Test a modulus < 1024 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=2**1000,
subgroup_order=int(self._parameters_1024['q'],
16),
generator=int(self._parameters_1024['g'], 16),
y=int(self._parameters_1024['y'], 16))
# Test a modulus < 2048 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=2**2000,
subgroup_order=int(self._parameters_2048['q'],
16),
generator=int(self._parameters_2048['g'], 16),
y=int(self._parameters_2048['y'], 16))
# Test a modulus < 3072 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=2**3000,
subgroup_order=int(self._parameters_3072['q'],
16),
generator=int(self._parameters_3072['g'], 16),
y=int(self._parameters_3072['y'], 16))
# Test a modulus > 3072 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=2**3100,
subgroup_order=int(self._parameters_3072['q'],
16),
generator=int(self._parameters_3072['g'], 16),
y=int(self._parameters_3072['y'], 16))
# Test a subgroup_order < 160 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=2**150,
generator=int(self._parameters_1024['g'], 16),
y=int(self._parameters_1024['y'], 16))
# Test a subgroup_order < 256 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_2048['p'], 16),
subgroup_order=2**250,
generator=int(self._parameters_2048['g'], 16),
y=int(self._parameters_2048['y'], 16))
# Test a subgroup_order > 256 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_3072['p'], 16),
subgroup_order=2**260,
generator=int(self._parameters_3072['g'], 16),
y=int(self._parameters_3072['y'], 16))
# Test a modulus, subgroup_order pair of (1024, 256) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_2048['q'],
16),
generator=int(self._parameters_1024['g'], 16),
y=int(self._parameters_1024['y'], 16))
# Test a modulus, subgroup_order pair of (2048, 160) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_2048['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=int(self._parameters_2048['g'], 16),
y=int(self._parameters_2048['y'], 16))
# Test a modulus, subgroup_order pair of (3072, 160) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_3072['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=int(self._parameters_3072['g'], 16),
y=int(self._parameters_3072['y'], 16))
# Test a generator < 1
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=0,
y=int(self._parameters_1024['y'], 16))
# Test a generator = 1
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=1,
y=int(self._parameters_1024['y'], 16))
# Test a generator > modulus
with pytest.raises(ValueError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=2**1200,
y=int(self._parameters_1024['y'], 16))
# Test a non-integer y value
with pytest.raises(TypeError):
dsa.DSAPublicKey(modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_1024['q'],
16),
generator=int(self._parameters_1024['g'], 16),
y=None)
def test_load_dsa_example_keys(self):
parameters = dsa.DSAParameters(
modulus=int(self._parameters_1024['p'], 16),
subgroup_order=int(self._parameters_1024['q'], 16),
generator=int(self._parameters_1024['g'], 16))
assert parameters
assert parameters.modulus
assert parameters.subgroup_order
assert parameters.generator
assert parameters.modulus == parameters.p
assert parameters.subgroup_order == parameters.q
assert parameters.generator == parameters.g
pub_key = dsa.DSAPublicKey(modulus=int(self._parameters_1024["p"], 16),
subgroup_order=int(
self._parameters_1024["q"], 16),
generator=int(self._parameters_1024["g"],
16),
y=int(self._parameters_1024["y"], 16))
assert pub_key
assert pub_key.key_size
assert pub_key.y
pub_key_parameters = pub_key.parameters()
assert pub_key_parameters
assert pub_key_parameters.modulus
assert pub_key_parameters.subgroup_order
assert pub_key_parameters.generator
skey = dsa.DSAPrivateKey(modulus=int(self._parameters_1024["p"], 16),
subgroup_order=int(self._parameters_1024["q"],
16),
generator=int(self._parameters_1024["g"], 16),
x=int(self._parameters_1024["x"], 16),
y=int(self._parameters_1024["y"], 16))
assert skey
_check_dsa_private_key(skey)
skey_parameters = skey.parameters()
assert skey_parameters
assert skey_parameters.modulus
assert skey_parameters.subgroup_order
assert skey_parameters.generator
pkey = dsa.DSAPublicKey(modulus=int(self._parameters_1024["p"], 16),
subgroup_order=int(self._parameters_1024["q"],
16),
generator=int(self._parameters_1024["g"], 16),
y=int(self._parameters_1024["y"], 16))
assert pkey
pkey_parameters = pkey.parameters()
assert pkey_parameters
assert pkey_parameters.modulus
assert pkey_parameters.subgroup_order
assert pkey_parameters.generator
pkey2 = skey.public_key()
assert pkey2
pkey2_parameters = pkey.parameters()
assert pkey2_parameters
assert pkey2_parameters.modulus
assert pkey2_parameters.subgroup_order
assert pkey2_parameters.generator
assert skey_parameters.modulus == pkey_parameters.modulus
assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order
assert skey_parameters.generator == pkey_parameters.generator
assert skey.y == pkey.y
assert skey.key_size == pkey.key_size
assert pkey_parameters.modulus == pkey2_parameters.modulus
assert pkey_parameters.subgroup_order == \
pkey2_parameters.subgroup_order
assert pkey_parameters.generator == pkey2_parameters.generator
assert pkey.y == pkey2.y
assert pkey.key_size == pkey2.key_size
def test_invalid_public_key_argument_types(self):
with pytest.raises(TypeError):
dsa.DSAPublicKey(None, None, None, None)
def test_invalid_dsa_public_key_arguments(self):
# Test a modulus < 1024 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=2**1000,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y)
# Test a modulus < 2048 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=2**2000,
subgroup_order=DSA_KEY_2048.public_numbers.parameter_numbers.q,
generator=DSA_KEY_2048.public_numbers.parameter_numbers.g,
y=DSA_KEY_2048.public_numbers.y)
# Test a modulus < 3072 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=2**3000,
subgroup_order=DSA_KEY_3072.public_numbers.parameter_numbers.q,
generator=DSA_KEY_3072.public_numbers.parameter_numbers.g,
y=DSA_KEY_3072.public_numbers.y)
# Test a modulus > 3072 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=2**3100,
subgroup_order=DSA_KEY_3072.public_numbers.parameter_numbers.q,
generator=DSA_KEY_3072.public_numbers.parameter_numbers.g,
y=DSA_KEY_3072.public_numbers.y)
# Test a subgroup_order < 160 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=2**150,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y)
# Test a subgroup_order < 256 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_2048.public_numbers.parameter_numbers.p,
subgroup_order=2**250,
generator=DSA_KEY_2048.public_numbers.parameter_numbers.g,
y=DSA_KEY_2048.public_numbers.y)
# Test a subgroup_order > 256 bits in length
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_3072.public_numbers.parameter_numbers.p,
subgroup_order=2**260,
generator=DSA_KEY_3072.public_numbers.parameter_numbers.g,
y=DSA_KEY_3072.public_numbers.y)
# Test a modulus, subgroup_order pair of (1024, 256) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_2048.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y)
# Test a modulus, subgroup_order pair of (2048, 160) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_2048.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_2048.public_numbers.parameter_numbers.g,
y=DSA_KEY_2048.public_numbers.y)
# Test a modulus, subgroup_order pair of (3072, 160) bit lengths
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_3072.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_3072.public_numbers.parameter_numbers.g,
y=DSA_KEY_3072.public_numbers.y)
# Test a generator < 1
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=0,
y=DSA_KEY_1024.public_numbers.y)
# Test a generator = 1
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=1,
y=DSA_KEY_1024.public_numbers.y)
# Test a generator > modulus
with pytest.raises(ValueError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=2**1200,
y=DSA_KEY_1024.public_numbers.y)
# Test a non-integer y value
with pytest.raises(TypeError):
dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=None)
def test_load_dsa_example_keys(self):
parameters = dsa.DSAParameters(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g)
assert parameters
assert parameters.modulus
assert parameters.subgroup_order
assert parameters.generator
assert parameters.modulus == parameters.p
assert parameters.subgroup_order == parameters.q
assert parameters.generator == parameters.g
pub_key = dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y)
assert pub_key
assert pub_key.key_size
assert pub_key.y
pub_key_parameters = pub_key.parameters()
assert pub_key_parameters
assert pub_key_parameters.modulus
assert pub_key_parameters.subgroup_order
assert pub_key_parameters.generator
skey = dsa.DSAPrivateKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y,
x=DSA_KEY_1024.x)
assert skey
_check_dsa_private_key(skey)
skey_parameters = skey.parameters()
assert skey_parameters
assert skey_parameters.modulus
assert skey_parameters.subgroup_order
assert skey_parameters.generator
pkey = dsa.DSAPublicKey(
modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p,
subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q,
generator=DSA_KEY_1024.public_numbers.parameter_numbers.g,
y=DSA_KEY_1024.public_numbers.y)
assert pkey
pkey_parameters = pkey.parameters()
assert pkey_parameters
assert pkey_parameters.modulus
assert pkey_parameters.subgroup_order
assert pkey_parameters.generator
pkey2 = skey.public_key()
assert pkey2
pkey2_parameters = pkey.parameters()
assert pkey2_parameters
assert pkey2_parameters.modulus
assert pkey2_parameters.subgroup_order
assert pkey2_parameters.generator
assert skey_parameters.modulus == pkey_parameters.modulus
assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order
assert skey_parameters.generator == pkey_parameters.generator
assert skey.y == pkey.y
assert skey.key_size == pkey.key_size
assert pkey_parameters.modulus == pkey2_parameters.modulus
assert pkey_parameters.subgroup_order == \
pkey2_parameters.subgroup_order
assert pkey_parameters.generator == pkey2_parameters.generator
assert pkey.y == pkey2.y
assert pkey.key_size == pkey2.key_size
