def test_sign_int() -> None: key = SignIntPrivateKey() with pytest.raises(Exception, match="sign_int called"): run(key.sign_int(12345)) with pytest.raises(Exception, match="sign_int called"): run(key.sign_bytes(b"foo")) with pytest.raises(Exception, match="sign_int called"): run(key.sign_v15(b"foo", hashes.md5()))
def test_sign() -> None: key.default_scheme = rsa.RsaScheme.PKCS1v1_5 key.default_hash_algorithm = hashes.sha2_256() meta = key.sig_meta sig0 = run(key.sign(b"Hello")) assert sig0.algorithm == AsymmetricAlgorithm.RSA assert sig0.meta == meta sig1 = run(key.sign_digest(sha2_256(b"Hello"))) assert sig1.algorithm == AsymmetricAlgorithm.RSA assert sig1.meta == meta key.default_hash_algorithm = hashes.md5() sig2 = run(key.sign_digest(sha2_256(b"Hello"))) assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA, rsa.RsaScheme.PKCS1v1_5, hashes.sha2_256()) assert sig2.meta == meta key.default_scheme = rsa.RsaScheme.PSS key.default_pss_options = rsa.PssOptions(trailer_field=b"foobar", salt_length=17) meta_pss = key.sig_meta sig3 = run(key.sign(b"Hello")) assert sig3.meta == meta_pss assert meta_pss == rsa.RsaPssMetadata( AsymmetricAlgorithm.RSA, rsa.RsaScheme.PSS, hashes.md5(), rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5()), 17, b"foobar", ) sig4 = run(key.sign_digest(md5(b"Hello"))) assert sig4.meta == meta_pss key.default_scheme = rsa.RsaScheme.RAW with pytest.raises(Exception, match="Bad default scheme"): run(key.sign(b"foo")) with pytest.raises(Exception, match="Bad default scheme"): run(key.sign_digest(md5(b"foo"))) with pytest.raises(Exception, match="Unsupported scheme"): key.sig_meta
def test_parse_pss_options() -> None: def_hash = hashes.sha2_256() with pytest.raises(TypeError, match="conflicting hash algorithms"): pss.parse_pss_options(pub, def_hash, rsa.PssOptions(hash_alg=hashes.sha1()), dgst_hash_alg=hashes.sha2_256()) assert pss.parse_pss_options(pub, def_hash).hash_alg == hashes.sha2_256() assert pss.parse_pss_options( pub, default_hash_alg=hashes.md5()).hash_alg == hashes.md5() assert pss.parse_pss_options( pub, def_hash, rsa.PssOptions(hash_alg=hashes.md5())).hash_alg == hashes.md5() assert pss.parse_pss_options( pub, def_hash, dgst_hash_alg=hashes.md5()).hash_alg == hashes.md5() mgf_md5 = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1, rsa.Mgf1Parameters(hashes.md5())) mgf_md5_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5()) mgf_sha2_256_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.sha2_256()) assert pss.parse_pss_options(pub, def_hash).mgf_alg == mgf_sha2_256_meta assert pss.parse_pss_options( pub, default_hash_alg=hashes.md5()).mgf_alg == mgf_md5_meta assert pss.parse_pss_options( pub, def_hash, rsa.PssOptions(mgf_alg=mgf_md5)).mgf_alg == mgf_md5_meta assert (mgf_sha2_256_meta == pss.parse_pss_options( pub, def_hash, rsa.PssOptions( mgf_alg=rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1))).mgf_alg) params = "params" test_alg = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.OTHER, params) parsed = pss.parse_pss_options(pub, def_hash, rsa.PssOptions(mgf_alg=test_alg)).mgf_alg assert isinstance(parsed, rsa.OtherMgfMetadata) assert parsed.params is params with pytest.raises(NotImplementedError): pss.parse_pss_options( pub, def_hash, rsa.PssOptions(mgf_alg=rsa.MgfAlgorithm("foo", "bar")))
def test_sign_v15() -> None: key.default_hash_algorithm = hashes.sha2_256() sig0 = run(key.sign_v15(b"Hello")) sig1 = run(key.sign_v15_digest(sha2_256(b"Hello"))) assert sig0 == sig1 assert sig0.algorithm == AsymmetricAlgorithm.RSA assert sig0.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA, rsa.RsaScheme.PKCS1v1_5, hashes.sha2_256()) assert sig0.meta == sig1.meta key.default_hash_algorithm = hashes.md5() sig2 = run(key.sign_v15(b"Hello")) sig3 = run(key.sign_v15_digest(md5(b"Hello"))) assert sig2 == sig3 assert sig2.algorithm == AsymmetricAlgorithm.RSA assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA, rsa.RsaScheme.PKCS1v1_5, hashes.md5()) assert sig2.meta == sig3.meta sig4 = run(key.sign_v15(b"Hello", hashes.sha2_256())) assert sig0 == sig4
"f8c6682ff695766ff06082e7f8", )), HashVector(hashes.blake2s(16), OID - 1 - 3 - 6 - 1 - 4 - 1 - 1722 - 12 - 2 - 2 - 4, ( "64550d6ffe2c0a01a14aba1eade0200c", "317ffec56d1e2b93098d8d44d3124938", "96fd07258925748a0d2fb1c8a1167a73", )), HashVector( hashes.blake2s(32), OID - 1 - 3 - 6 - 1 - 4 - 1 - 1722 - 12 - 2 - 2 - 8, ( "69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9", "03a4921c6b0aa0e5bed57228a3b6fd61bec160d46fa610ce6742dd51ab311f43", "606beeec743ccbeff6cbcdf5d5302aa855c256c29b88c8ed331ea1a6bf3c8812", )), HashVector(hashes.md5(), OID - 1 - 2 - 840 - 113549 - 2 - 5, ( "d41d8cd98f00b204e9800998ecf8427e", "3858f62230ac3c915f300c664312c63f", "9e107d9d372bb6826bd81d3542a419d6", )), HashVector(hashes.ripemd_160(), OID - 1 - 3 - 36 - 3 - 2 - 1, ( "9c1185a5c5e9fc54612808977ee8f548b2258d31", "a06e327ea7388c18e4740e350ed4e60f2e04fc41", "37f332f68db77bd9d7edd4969571ad671cf9dd3b", )), HashVector(hashes.sha1(), OID - 1 - 3 - 14 - 3 - 2 - 26, ( "da39a3ee5e6b4b0d3255bfef95601890afd80709", "8843d7f92416211de9ebb963ff4ce28125932878", "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", )), HashVector(hashes.sha2_224(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 4,