1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7import binascii 8 9import pytest 10 11from cryptography.exceptions import InvalidSignature 12from cryptography.hazmat.backends.interfaces import CMACBackend 13from cryptography.hazmat.primitives.ciphers.algorithms import AES 14from cryptography.hazmat.primitives.cmac import CMAC 15 16 17@pytest.mark.requires_backend_interface(interface=CMACBackend) 18@pytest.mark.wycheproof_tests("aes_cmac_test.json") 19def test_aes_cmac(backend, wycheproof): 20 key = binascii.unhexlify(wycheproof.testcase["key"]) 21 msg = binascii.unhexlify(wycheproof.testcase["msg"]) 22 tag = binascii.unhexlify(wycheproof.testcase["tag"]) 23 24 # skip truncated tags, which we don't support in the API 25 if wycheproof.valid and len(tag) == 16: 26 ctx = CMAC(AES(key), backend) 27 ctx.update(msg) 28 ctx.verify(tag) 29 elif len(key) not in [16, 24, 32]: 30 with pytest.raises(ValueError): 31 CMAC(AES(key), backend) 32 else: 33 ctx = CMAC(AES(key), backend) 34 ctx.update(msg) 35 with pytest.raises(InvalidSignature): 36 ctx.verify(tag) 37