def test_sign_int() -> None:
key = SignIntPrivateKey()
with pytest.raises(Exception, match="sign_int called"):
run(key.sign_int(12345))
with pytest.raises(Exception, match="sign_int called"):
run(key.sign_bytes(b"foo"))
with pytest.raises(Exception, match="sign_int called"):
run(key.sign_v15(b"foo", hashes.md5()))
def test_sign() -> None:
key.default_scheme = rsa.RsaScheme.PKCS1v1_5
key.default_hash_algorithm = hashes.sha2_256()
meta = key.sig_meta
sig0 = run(key.sign(b"Hello"))
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == meta
sig1 = run(key.sign_digest(sha2_256(b"Hello")))
assert sig1.algorithm == AsymmetricAlgorithm.RSA
assert sig1.meta == meta
key.default_hash_algorithm = hashes.md5()
sig2 = run(key.sign_digest(sha2_256(b"Hello")))
assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.sha2_256())
assert sig2.meta == meta
key.default_scheme = rsa.RsaScheme.PSS
key.default_pss_options = rsa.PssOptions(trailer_field=b"foobar",
salt_length=17)
meta_pss = key.sig_meta
sig3 = run(key.sign(b"Hello"))
assert sig3.meta == meta_pss
assert meta_pss == rsa.RsaPssMetadata(
AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PSS,
hashes.md5(),
rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5()),
17,
b"foobar",
)
sig4 = run(key.sign_digest(md5(b"Hello")))
assert sig4.meta == meta_pss
key.default_scheme = rsa.RsaScheme.RAW
with pytest.raises(Exception, match="Bad default scheme"):
run(key.sign(b"foo"))
with pytest.raises(Exception, match="Bad default scheme"):
run(key.sign_digest(md5(b"foo")))
with pytest.raises(Exception, match="Unsupported scheme"):
key.sig_meta
def test_parse_pss_options() -> None:
def_hash = hashes.sha2_256()
with pytest.raises(TypeError, match="conflicting hash algorithms"):
pss.parse_pss_options(pub,
def_hash,
rsa.PssOptions(hash_alg=hashes.sha1()),
dgst_hash_alg=hashes.sha2_256())
assert pss.parse_pss_options(pub, def_hash).hash_alg == hashes.sha2_256()
assert pss.parse_pss_options(
pub, default_hash_alg=hashes.md5()).hash_alg == hashes.md5()
assert pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(hash_alg=hashes.md5())).hash_alg == hashes.md5()
assert pss.parse_pss_options(
pub, def_hash, dgst_hash_alg=hashes.md5()).hash_alg == hashes.md5()
mgf_md5 = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1,
rsa.Mgf1Parameters(hashes.md5()))
mgf_md5_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5())
mgf_sha2_256_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1,
hashes.sha2_256())
assert pss.parse_pss_options(pub, def_hash).mgf_alg == mgf_sha2_256_meta
assert pss.parse_pss_options(
pub, default_hash_alg=hashes.md5()).mgf_alg == mgf_md5_meta
assert pss.parse_pss_options(
pub, def_hash, rsa.PssOptions(mgf_alg=mgf_md5)).mgf_alg == mgf_md5_meta
assert (mgf_sha2_256_meta == pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(
mgf_alg=rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1))).mgf_alg)
params = "params"
test_alg = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.OTHER, params)
parsed = pss.parse_pss_options(pub, def_hash,
rsa.PssOptions(mgf_alg=test_alg)).mgf_alg
assert isinstance(parsed, rsa.OtherMgfMetadata)
assert parsed.params is params
with pytest.raises(NotImplementedError):
pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(mgf_alg=rsa.MgfAlgorithm("foo", "bar")))
def test_sign_v15() -> None:
key.default_hash_algorithm = hashes.sha2_256()
sig0 = run(key.sign_v15(b"Hello"))
sig1 = run(key.sign_v15_digest(sha2_256(b"Hello")))
assert sig0 == sig1
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.sha2_256())
assert sig0.meta == sig1.meta
key.default_hash_algorithm = hashes.md5()
sig2 = run(key.sign_v15(b"Hello"))
sig3 = run(key.sign_v15_digest(md5(b"Hello")))
assert sig2 == sig3
assert sig2.algorithm == AsymmetricAlgorithm.RSA
assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.md5())
assert sig2.meta == sig3.meta
sig4 = run(key.sign_v15(b"Hello", hashes.sha2_256()))
assert sig0 == sig4
"f8c6682ff695766ff06082e7f8",
)),
HashVector(hashes.blake2s(16),
OID - 1 - 3 - 6 - 1 - 4 - 1 - 1722 - 12 - 2 - 2 - 4, (
"64550d6ffe2c0a01a14aba1eade0200c",
"317ffec56d1e2b93098d8d44d3124938",
"96fd07258925748a0d2fb1c8a1167a73",
)),
HashVector(
hashes.blake2s(32),
OID - 1 - 3 - 6 - 1 - 4 - 1 - 1722 - 12 - 2 - 2 - 8, (
"69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9",
"03a4921c6b0aa0e5bed57228a3b6fd61bec160d46fa610ce6742dd51ab311f43",
"606beeec743ccbeff6cbcdf5d5302aa855c256c29b88c8ed331ea1a6bf3c8812",
)),
HashVector(hashes.md5(), OID - 1 - 2 - 840 - 113549 - 2 - 5, (
"d41d8cd98f00b204e9800998ecf8427e",
"3858f62230ac3c915f300c664312c63f",
"9e107d9d372bb6826bd81d3542a419d6",
)),
HashVector(hashes.ripemd_160(), OID - 1 - 3 - 36 - 3 - 2 - 1, (
"9c1185a5c5e9fc54612808977ee8f548b2258d31",
"a06e327ea7388c18e4740e350ed4e60f2e04fc41",
"37f332f68db77bd9d7edd4969571ad671cf9dd3b",
)),
HashVector(hashes.sha1(), OID - 1 - 3 - 14 - 3 - 2 - 26, (
"da39a3ee5e6b4b0d3255bfef95601890afd80709",
"8843d7f92416211de9ebb963ff4ce28125932878",
"2fd4e1c67a2d28fced849ee1bb76e7391b93eb12",
)),
HashVector(hashes.sha2_224(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 4,