1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7import binascii 8 9import pytest 10 11from cryptography.exceptions import InvalidSignature 12from cryptography.hazmat.backends.interfaces import DSABackend 13from cryptography.hazmat.primitives import hashes, serialization 14 15 16_DIGESTS = { 17 "SHA-1": hashes.SHA1(), 18 "SHA-224": hashes.SHA224(), 19 "SHA-256": hashes.SHA256(), 20} 21 22 23@pytest.mark.requires_backend_interface(interface=DSABackend) 24@pytest.mark.wycheproof_tests( 25 "dsa_test.json", 26 "dsa_2048_224_sha224_test.json", 27 "dsa_2048_224_sha256_test.json", 28 "dsa_2048_256_sha256_test.json", 29 "dsa_3072_256_sha256_test.json", 30) 31def test_dsa_signature(backend, wycheproof): 32 key = serialization.load_der_public_key( 33 binascii.unhexlify(wycheproof.testgroup["keyDer"]), backend 34 ) 35 digest = _DIGESTS[wycheproof.testgroup["sha"]] 36 37 if wycheproof.valid or ( 38 wycheproof.acceptable and not wycheproof.has_flag("NoLeadingZero") 39 ): 40 key.verify( 41 binascii.unhexlify(wycheproof.testcase["sig"]), 42 binascii.unhexlify(wycheproof.testcase["msg"]), 43 digest, 44 ) 45 else: 46 with pytest.raises(InvalidSignature): 47 key.verify( 48 binascii.unhexlify(wycheproof.testcase["sig"]), 49 binascii.unhexlify(wycheproof.testcase["msg"]), 50 digest, 51 ) 52