diff options
author | Casey Deccio <casey@deccio.net> | 2020-11-19 09:51:29 -0700 |
---|---|---|
committer | Casey Deccio <casey@deccio.net> | 2020-11-20 07:42:52 -0700 |
commit | 65997b1761b3ccbaef84cbc4ffc24585717e8b02 (patch) | |
tree | aa5d4ab8974660ff47165fa73138df55d4c36e25 /tests | |
parent | 2b27d2d2bab6f08f4e84c5c7c42734a00fad4b3e (diff) | |
download | m2crypto-65997b1761b3ccbaef84cbc4ffc24585717e8b02.tar.gz |
Add support for DigestSign* and DigestVerify*
Add support for DigestSign* and DigestVerify* OpenSSL functions, for use
with ED25519, etc. Allow PKey to support non-digest algorithms, such as
ED25519, but keep default behaviors. Include tests for both digest and
non-digest algorithms.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/ec.pub2.pem | 5 | ||||
-rw-r--r-- | tests/ed25519.priv.pem | 3 | ||||
-rw-r--r-- | tests/ed25519.pub.pem | 3 | ||||
-rw-r--r-- | tests/ed25519.pub2.pem | 3 | ||||
-rw-r--r-- | tests/test_evp.py | 54 |
5 files changed, 68 insertions, 0 deletions
diff --git a/tests/ec.pub2.pem b/tests/ec.pub2.pem new file mode 100644 index 0000000..80e740f --- /dev/null +++ b/tests/ec.pub2.pem @@ -0,0 +1,5 @@ +-----BEGIN PUBLIC KEY----- +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEQdk1A7xe7OelJhoFfE7x0u3gFSACecUC +lM/9SqYiPusEpxI9XOe7te/8N/uavHd7z/GxnWSS7cTWuKUzkBgmggZkeVwz1a0a ++trEhzxxiEN50Puuc0ExtNFQcgvIa6en +-----END PUBLIC KEY----- diff --git a/tests/ed25519.priv.pem b/tests/ed25519.priv.pem new file mode 100644 index 0000000..6f764c4 --- /dev/null +++ b/tests/ed25519.priv.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIHYXZmLr4mS9wVx+PZVTNalGrxvuuS2SwrJqEmCUsYaC +-----END PRIVATE KEY----- diff --git a/tests/ed25519.pub.pem b/tests/ed25519.pub.pem new file mode 100644 index 0000000..e3c5d01 --- /dev/null +++ b/tests/ed25519.pub.pem @@ -0,0 +1,3 @@ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAqVvZ55o7SU/yNEr/07AwMzxtm7teY6xhnhR9bDoWm2k= +-----END PUBLIC KEY----- diff --git a/tests/ed25519.pub2.pem b/tests/ed25519.pub2.pem new file mode 100644 index 0000000..557f28e --- /dev/null +++ b/tests/ed25519.pub2.pem @@ -0,0 +1,3 @@ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEANSn/xYZB3kS30u9Gxb7RriRu80oJYsQd6jmA3u7TaVY= +-----END PUBLIC KEY----- diff --git a/tests/test_evp.py b/tests/test_evp.py index fff7127..c98b50c 100644 --- a/tests/test_evp.py +++ b/tests/test_evp.py @@ -248,6 +248,60 @@ class EVPTestCase(unittest.TestCase): pubkey.verify_update(b'test message not') self.assertEqual(pubkey.verify_final(sig), 0) + @unittest.skipIf(m2.OPENSSL_VERSION_NUMBER < 0x10101000, + 'Relies on support for Ed25519 which was introduced in OpenSSL 1.1.1') + def test_digest_verify(self): + pkey = EVP.load_key('tests/ed25519.priv.pem') + pkey.reset_context(None) + pkey.digest_sign_init() + sig = pkey.digest_sign(b'test message') + + # OK + pkey = EVP.load_key_pubkey('tests/ed25519.pub.pem') + pkey.reset_context(None) + pkey.digest_verify_init() + self.assertEqual(pkey.digest_verify(sig, b'test message'), 1) + + # wrong public key + pkey = EVP.load_key_pubkey('tests/ed25519.pub2.pem') + pkey.reset_context(None) + pkey.digest_verify_init() + self.assertEqual(pkey.digest_verify(sig, b'test message'), 0) + + # wrong message + pkey = EVP.load_key_pubkey('tests/ed25519.pub.pem') + pkey.reset_context(None) + pkey.digest_verify_init() + self.assertEqual(pkey.digest_verify(sig, b'test message not'), 0) + + def test_digest_verify_final(self): + pkey = EVP.load_key('tests/ec.priv.pem') + pkey.reset_context('sha256') + pkey.digest_sign_init() + pkey.digest_sign_update(b'test message') + sig = pkey.digest_sign_final() + + # OK + pkey = EVP.load_key_pubkey('tests/ec.pub.pem') + pkey.reset_context('sha256') + pkey.digest_verify_init() + pkey.digest_verify_update(b'test message') + self.assertEqual(pkey.digest_verify_final(sig), 1) + + # wrong public key + pkey = EVP.load_key_pubkey('tests/ec.pub2.pem') + pkey.reset_context('sha256') + pkey.digest_verify_init() + pkey.digest_verify_update(b'test message') + self.assertEqual(pkey.digest_verify_final(sig), 0) + + # wrong message + pkey = EVP.load_key_pubkey('tests/ec.pub.pem') + pkey.reset_context('sha256') + pkey.digest_verify_init() + pkey.digest_verify_update(b'test message not') + self.assertEqual(pkey.digest_verify_final(sig), 0) + def test_load_bad(self): with self.assertRaises(BIO.BIOError): EVP.load_key('thisdoesnotexist-dfgh56789') |