1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7import binascii 8import os 9 10import pytest 11 12from cryptography.hazmat.backends.interfaces import CipherBackend 13from cryptography.hazmat.primitives import keywrap 14from cryptography.hazmat.primitives.ciphers import algorithms, modes 15 16from .utils import _load_all_params 17from ...utils import load_nist_vectors 18 19 20@pytest.mark.requires_backend_interface(interface=CipherBackend) 21class TestAESKeyWrap(object): 22 @pytest.mark.parametrize( 23 "params", 24 _load_all_params( 25 os.path.join("keywrap", "kwtestvectors"), 26 ["KW_AE_128.txt", "KW_AE_192.txt", "KW_AE_256.txt"], 27 load_nist_vectors, 28 ), 29 ) 30 @pytest.mark.supported( 31 only_if=lambda backend: backend.cipher_supported( 32 algorithms.AES(b"\x00" * 16), modes.ECB() 33 ), 34 skip_message="Does not support AES key wrap (RFC 3394) because AES-ECB" 35 " is unsupported", 36 ) 37 def test_wrap(self, backend, params): 38 wrapping_key = binascii.unhexlify(params["k"]) 39 key_to_wrap = binascii.unhexlify(params["p"]) 40 wrapped_key = keywrap.aes_key_wrap(wrapping_key, key_to_wrap, backend) 41 assert params["c"] == binascii.hexlify(wrapped_key) 42 43 @pytest.mark.parametrize( 44 "params", 45 _load_all_params( 46 os.path.join("keywrap", "kwtestvectors"), 47 ["KW_AD_128.txt", "KW_AD_192.txt", "KW_AD_256.txt"], 48 load_nist_vectors, 49 ), 50 ) 51 @pytest.mark.supported( 52 only_if=lambda backend: backend.cipher_supported( 53 algorithms.AES(b"\x00" * 16), modes.ECB() 54 ), 55 skip_message="Does not support AES key wrap (RFC 3394) because AES-ECB" 56 " is unsupported", 57 ) 58 def test_unwrap(self, backend, params): 59 wrapping_key = binascii.unhexlify(params["k"]) 60 wrapped_key = binascii.unhexlify(params["c"]) 61 if params.get("fail") is True: 62 with pytest.raises(keywrap.InvalidUnwrap): 63 keywrap.aes_key_unwrap(wrapping_key, wrapped_key, backend) 64 else: 65 unwrapped_key = keywrap.aes_key_unwrap( 66 wrapping_key, wrapped_key, backend 67 ) 68 assert params["p"] == binascii.hexlify(unwrapped_key) 69 70 @pytest.mark.supported( 71 only_if=lambda backend: backend.cipher_supported( 72 algorithms.AES(b"\x00" * 16), modes.ECB() 73 ), 74 skip_message="Does not support AES key wrap (RFC 3394) because AES-ECB" 75 " is unsupported", 76 ) 77 def test_wrap_invalid_key_length(self, backend): 78 # The wrapping key must be of length [16, 24, 32] 79 with pytest.raises(ValueError): 80 keywrap.aes_key_wrap(b"badkey", b"sixteen_byte_key", backend) 81 82 @pytest.mark.supported( 83 only_if=lambda backend: backend.cipher_supported( 84 algorithms.AES(b"\x00" * 16), modes.ECB() 85 ), 86 skip_message="Does not support AES key wrap (RFC 3394) because AES-ECB" 87 " is unsupported", 88 ) 89 def test_unwrap_invalid_key_length(self, backend): 90 with pytest.raises(ValueError): 91 keywrap.aes_key_unwrap(b"badkey", b"\x00" * 24, backend) 92 93 @pytest.mark.supported( 94 only_if=lambda backend: backend.cipher_supported( 95 algorithms.AES(b"\x00" * 16), modes.ECB() 96 ), 97 skip_message="Does not support AES key wrap (RFC 3394) because AES-ECB" 98 " is unsupported", 99 ) 100 def test_wrap_invalid_key_to_wrap_length(self, backend): 101 # Keys to wrap must be at least 16 bytes long 102 with pytest.raises(ValueError): 103 keywrap.aes_key_wrap(b"sixteen_byte_key", b"\x00" * 15, backend) 104 105 # Keys to wrap must be a multiple of 8 bytes 106 with pytest.raises(ValueError): 107 keywrap.aes_key_wrap(b"sixteen_byte_key", b"\x00" * 23, backend) 108 109 def test_unwrap_invalid_wrapped_key_length(self, backend): 110 # Keys to unwrap must be at least 24 bytes 111 with pytest.raises(keywrap.InvalidUnwrap): 112 keywrap.aes_key_unwrap(b"sixteen_byte_key", b"\x00" * 16, backend) 113 114 # Keys to unwrap must be a multiple of 8 bytes 115 with pytest.raises(keywrap.InvalidUnwrap): 116 keywrap.aes_key_unwrap(b"sixteen_byte_key", b"\x00" * 27, backend) 117 118 119@pytest.mark.supported( 120 only_if=lambda backend: backend.cipher_supported( 121 algorithms.AES(b"\x00" * 16), modes.ECB() 122 ), 123 skip_message="Does not support AES key wrap (RFC 5649) because AES-ECB" 124 " is unsupported", 125) 126@pytest.mark.requires_backend_interface(interface=CipherBackend) 127class TestAESKeyWrapWithPadding(object): 128 @pytest.mark.parametrize( 129 "params", 130 _load_all_params( 131 os.path.join("keywrap", "kwtestvectors"), 132 ["KWP_AE_128.txt", "KWP_AE_192.txt", "KWP_AE_256.txt"], 133 load_nist_vectors, 134 ), 135 ) 136 def test_wrap(self, backend, params): 137 wrapping_key = binascii.unhexlify(params["k"]) 138 key_to_wrap = binascii.unhexlify(params["p"]) 139 wrapped_key = keywrap.aes_key_wrap_with_padding( 140 wrapping_key, key_to_wrap, backend 141 ) 142 assert params["c"] == binascii.hexlify(wrapped_key) 143 144 @pytest.mark.parametrize( 145 "params", 146 _load_all_params("keywrap", ["kwp_botan.txt"], load_nist_vectors), 147 ) 148 def test_wrap_additional_vectors(self, backend, params): 149 wrapping_key = binascii.unhexlify(params["key"]) 150 key_to_wrap = binascii.unhexlify(params["input"]) 151 wrapped_key = keywrap.aes_key_wrap_with_padding( 152 wrapping_key, key_to_wrap, backend 153 ) 154 assert wrapped_key == binascii.unhexlify(params["output"]) 155 156 @pytest.mark.parametrize( 157 "params", 158 _load_all_params( 159 os.path.join("keywrap", "kwtestvectors"), 160 ["KWP_AD_128.txt", "KWP_AD_192.txt", "KWP_AD_256.txt"], 161 load_nist_vectors, 162 ), 163 ) 164 def test_unwrap(self, backend, params): 165 wrapping_key = binascii.unhexlify(params["k"]) 166 wrapped_key = binascii.unhexlify(params["c"]) 167 if params.get("fail") is True: 168 with pytest.raises(keywrap.InvalidUnwrap): 169 keywrap.aes_key_unwrap_with_padding( 170 wrapping_key, wrapped_key, backend 171 ) 172 else: 173 unwrapped_key = keywrap.aes_key_unwrap_with_padding( 174 wrapping_key, wrapped_key, backend 175 ) 176 assert params["p"] == binascii.hexlify(unwrapped_key) 177 178 @pytest.mark.parametrize( 179 "params", 180 _load_all_params("keywrap", ["kwp_botan.txt"], load_nist_vectors), 181 ) 182 def test_unwrap_additional_vectors(self, backend, params): 183 wrapping_key = binascii.unhexlify(params["key"]) 184 wrapped_key = binascii.unhexlify(params["output"]) 185 unwrapped_key = keywrap.aes_key_unwrap_with_padding( 186 wrapping_key, wrapped_key, backend 187 ) 188 assert unwrapped_key == binascii.unhexlify(params["input"]) 189 190 def test_unwrap_invalid_wrapped_key_length(self, backend): 191 # Keys to unwrap must be at least 16 bytes 192 with pytest.raises( 193 keywrap.InvalidUnwrap, match="Must be at least 16 bytes" 194 ): 195 keywrap.aes_key_unwrap_with_padding( 196 b"sixteen_byte_key", b"\x00" * 15, backend 197 ) 198 199 def test_wrap_invalid_key_length(self, backend): 200 with pytest.raises(ValueError, match="must be a valid AES key length"): 201 keywrap.aes_key_wrap_with_padding(b"badkey", b"\x00", backend) 202 203 def test_unwrap_invalid_key_length(self, backend): 204 with pytest.raises(ValueError, match="must be a valid AES key length"): 205 keywrap.aes_key_unwrap_with_padding( 206 b"badkey", b"\x00" * 16, backend 207 ) 208