diff options
author | Matěj Cepl <mcepl@cepl.eu> | 2020-12-02 17:40:06 +0100 |
---|---|---|
committer | Matěj Cepl <mcepl@cepl.eu> | 2020-12-03 07:38:35 +0100 |
commit | cb4529c45e96107d754a59c0904311695bddb350 (patch) | |
tree | edb45dead63a02e55a835d9dd9966bb4bd02bd9f /tests | |
parent | 2ed7a360dcba129c27d1232ea561b05d5391ae4b (diff) | |
download | m2crypto-cb4529c45e96107d754a59c0904311695bddb350.tar.gz |
Use parametrized to create parametrized tests.
Stop testing 2.7 on Fedora.
Remove .travis.yml, we have Github Actions working
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_bio.py | 48 | ||||
-rw-r--r-- | tests/test_evp.py | 172 |
2 files changed, 110 insertions, 110 deletions
diff --git a/tests/test_bio.py b/tests/test_bio.py index 89b2fc3..95c3bde 100644 --- a/tests/test_bio.py +++ b/tests/test_bio.py @@ -1,6 +1,5 @@ #!/usr/bin/env python from __future__ import absolute_import - """ Unit tests for M2Crypto.BIO. @@ -11,12 +10,29 @@ Author: Heikki Toivonen """ import logging +from parameterized import parameterized + from M2Crypto import BIO, Rand from . import unittest from .fips import fips_mode log = logging.getLogger('test_bio') +ciphers = [ + 'des_ede_ecb', 'des_ede_cbc', 'des_ede_cfb', 'des_ede_ofb', + 'des_ede3_ecb', 'des_ede3_cbc', 'des_ede3_cfb', 'des_ede3_ofb', + 'aes_128_ecb', 'aes_128_cbc', 'aes_128_cfb', 'aes_128_ofb', + 'aes_192_ecb', 'aes_192_cbc', 'aes_192_cfb', 'aes_192_ofb', + 'aes_256_ecb', 'aes_256_cbc', 'aes_256_cfb', 'aes_256_ofb'] +nonfips_ciphers = ['bf_ecb', 'bf_cbc', 'bf_cfb', 'bf_ofb', + # 'idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb', + 'cast5_ecb', 'cast5_cbc', 'cast5_cfb', 'cast5_ofb', + # 'rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb', + 'des_ecb', 'des_cbc', 'des_cfb', 'des_ofb', + 'rc4', 'rc2_40_cbc'] +if not fips_mode: # Forbidden ciphers + ciphers += nonfips_ciphers + class CipherStreamTestCase(unittest.TestCase): def try_algo(self, algo): @@ -52,33 +68,11 @@ class CipherStreamTestCase(unittest.TestCase): self.assertEqual(data, data2, '%s algorithm cipher test failed' % algo) - def test_ciphers(self): - ciphers = [ - 'des_ede_ecb', 'des_ede_cbc', 'des_ede_cfb', 'des_ede_ofb', - 'des_ede3_ecb', 'des_ede3_cbc', 'des_ede3_cfb', 'des_ede3_ofb', - 'aes_128_ecb', 'aes_128_cbc', 'aes_128_cfb', 'aes_128_ofb', - 'aes_192_ecb', 'aes_192_cbc', 'aes_192_cfb', 'aes_192_ofb', - 'aes_256_ecb', 'aes_256_cbc', 'aes_256_cfb', 'aes_256_ofb'] - nonfips_ciphers = ['bf_ecb', 'bf_cbc', 'bf_cfb', 'bf_ofb', - # 'idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb', - 'cast5_ecb', 'cast5_cbc', 'cast5_cfb', 'cast5_ofb', - # 'rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb', - 'des_ecb', 'des_cbc', 'des_cfb', 'des_ofb', - 'rc4', 'rc2_40_cbc'] - if not fips_mode: # Forbidden ciphers - ciphers += nonfips_ciphers - - failed_ciphers = [] - log.debug('ciphers:\n%s', ciphers) - for i in ciphers: - try: - self.try_algo(i) - except AssertionError: - failed_ciphers.append(i) - - self.assertEqual(len(failed_ciphers), 0, - "failed ciphers: %s" % ', '.join(failed_ciphers)) + @parameterized.expand(ciphers) + def test_algo(self, algo): + self.try_algo(algo) + def test_nosuchalgo(self): with self.assertRaises(ValueError): self.try_algo('nosuchalgo4567') diff --git a/tests/test_evp.py b/tests/test_evp.py index 7cc69db..de2bd8a 100644 --- a/tests/test_evp.py +++ b/tests/test_evp.py @@ -14,12 +14,30 @@ import logging from binascii import a2b_hex, hexlify, unhexlify +from parameterized import parameterized + from M2Crypto import BIO, EVP, RSA, Rand, m2, util from . import unittest from tests.fips import fips_mode log = logging.getLogger('test_EVP') +ciphers = [ + 'des_ede_ecb', 'des_ede_cbc', 'des_ede_cfb', 'des_ede_ofb', + 'des_ede3_ecb', 'des_ede3_cbc', 'des_ede3_cfb', 'des_ede3_ofb', + 'aes_128_ecb', 'aes_128_cbc', 'aes_128_cfb', 'aes_128_ofb', + 'aes_128_ctr', 'aes_192_ecb', 'aes_192_cbc', 'aes_192_cfb', + 'aes_192_ofb', 'aes_192_ctr', 'aes_256_ecb', 'aes_256_cbc', + 'aes_256_cfb', 'aes_256_ofb', 'aes_256_ctr'] +nonfips_ciphers = ['bf_ecb', 'bf_cbc', 'bf_cfb', 'bf_ofb', + # 'idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb', + 'cast5_ecb', 'cast5_cbc', 'cast5_cfb', 'cast5_ofb', + # 'rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb', + 'des_ecb', 'des_cbc', 'des_cfb', 'des_ofb', + 'rc4', 'rc2_40_cbc'] +if not fips_mode: # Disabled algorithms + ciphers += nonfips_ciphers + class EVPTestCase(unittest.TestCase): def _gen_callback(self, *args): @@ -349,6 +367,7 @@ class EVPTestCase(unittest.TestCase): self.assertTrue(verify(res)) # works fine self.assertTrue(verify(res)) # segmentation fault in *verify_final* + class CipherTestCase(unittest.TestCase): def cipher_filter(self, cipher, inf, outf): while 1: @@ -382,50 +401,35 @@ class CipherTestCase(unittest.TestCase): self.assertEqual(otxt, ptxt, '%s algorithm cipher test failed' % algo) - def test_ciphers(self): - ciphers = [ - 'des_ede_ecb', 'des_ede_cbc', 'des_ede_cfb', 'des_ede_ofb', - 'des_ede3_ecb', 'des_ede3_cbc', 'des_ede3_cfb', 'des_ede3_ofb', - 'aes_128_ecb', 'aes_128_cbc', 'aes_128_cfb', 'aes_128_ofb', - 'aes_128_ctr', 'aes_192_ecb', 'aes_192_cbc', 'aes_192_cfb', - 'aes_192_ofb', 'aes_192_ctr', 'aes_256_ecb', 'aes_256_cbc', - 'aes_256_cfb', 'aes_256_ofb', 'aes_256_ctr'] - nonfips_ciphers = ['bf_ecb', 'bf_cbc', 'bf_cfb', 'bf_ofb', - # 'idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb', - 'cast5_ecb', 'cast5_cbc', 'cast5_cfb', 'cast5_ofb', - # 'rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb', - 'des_ecb', 'des_cbc', 'des_cfb', 'des_ofb', - 'rc4', 'rc2_40_cbc'] - if not fips_mode: # Disabled algorithms - ciphers += nonfips_ciphers - for i in ciphers: - self.try_algo(i) - - # idea might not be compiled in - ciphers = ['idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb'] - try: - for i in ciphers: - self.try_algo(i) - except ValueError as e: - if str(e) != "('unknown cipher', 'idea_ecb')": - raise - - # rc5 might not be compiled in - ciphers = ['rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb'] - try: - for i in ciphers: - self.try_algo(i) - except ValueError as e: - if str(e) != "('unknown cipher', 'rc5_ecb')": - raise - + @parameterized.expand(ciphers) + def test_ciphers(self, ciph): + self.try_algo(ciph) + + # # non-compiled (['idea_ecb', 'idea_cbc', 'idea_cfb', 'idea_ofb']) + # @parameterized.expand([], skip_on_empty=True) + # def test_ciphers_not_compiled_idea(self, ciph): + # # idea might not be compiled in + # try: + # self.try_algo(ciph) + # except ValueError as e: + # if str(e) != "('unknown cipher', 'idea_ecb')": + # raise + + # # ['rc5_ecb', 'rc5_cbc', 'rc5_cfb', 'rc5_ofb'] + # @parameterized.expand([], skip_on_empty=True) + # def test_ciphers_not_compiled_rc5(self, ciph): + # # rc5 might not be compiled in + # try: + # self.try_algo(ciph) + # except ValueError as e: + # if str(e) != "('unknown cipher', 'rc5_ofb')": + # raise + + def test_ciphers_nosuch(self): with self.assertRaises(ValueError): self.try_algo('nosuchalgo4567') - def test_AES(self): # noqa - enc = 1 - dec = 0 - tests = [ + @parameterized.expand([ # test vectors from rfc 3602 # Case #1: Encrypting 16 bytes (1 block) using AES-CBC with # 128-bit key @@ -453,54 +457,55 @@ class CipherTestCase(unittest.TestCase): 'PT': b'This is a 48-byte message (exactly 3 AES blocks)', 'CT': b'd0a02b3836451753d493665d33f0e8862dea54cdb293abc7506939276772f8d5021c19216bad525c8579695d83ba2684', }, - ] + ], name_func=lambda func, num, par: "{}_{}".format(func, num)) + def test_AES(self, test): # noqa + enc = 1 + dec = 0 # Test with padding - for test in tests: - # encrypt - k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), - iv=unhexlify(test['IV']), op=enc) - pbuf = io.BytesIO(test['PT']) - cbuf = io.BytesIO() - ciphertext = hexlify(self.cipher_filter(k, pbuf, cbuf)) - cipherpadding = ciphertext[len(test['PT']) * 2:] - # Remove the padding from the end - ciphertext = ciphertext[:len(test['PT']) * 2] - pbuf.close() - cbuf.close() - self.assertEqual(ciphertext, test['CT']) + # encrypt + k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), + iv=unhexlify(test['IV']), op=enc) + pbuf = io.BytesIO(test['PT']) + cbuf = io.BytesIO() + ciphertext = hexlify(self.cipher_filter(k, pbuf, cbuf)) + cipherpadding = ciphertext[len(test['PT']) * 2:] + # Remove the padding from the end + ciphertext = ciphertext[:len(test['PT']) * 2] + pbuf.close() + cbuf.close() + self.assertEqual(ciphertext, test['CT']) - # decrypt - j = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), - iv=unhexlify(test['IV']), op=dec) - pbuf = io.BytesIO() - cbuf = io.BytesIO(unhexlify(test['CT'] + cipherpadding)) - plaintext = self.cipher_filter(j, cbuf, pbuf) - pbuf.close() - cbuf.close() - self.assertEqual(plaintext, test['PT']) + # decrypt + j = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), + iv=unhexlify(test['IV']), op=dec) + pbuf = io.BytesIO() + cbuf = io.BytesIO(unhexlify(test['CT'] + cipherpadding)) + plaintext = self.cipher_filter(j, cbuf, pbuf) + pbuf.close() + cbuf.close() + self.assertEqual(plaintext, test['PT']) # Test without padding - for test in tests: - # encrypt - k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), - iv=unhexlify(test['IV']), op=enc, padding=False) - pbuf = io.BytesIO(test['PT']) - cbuf = io.BytesIO() - ciphertext = hexlify(self.cipher_filter(k, pbuf, cbuf)) - pbuf.close() - cbuf.close() - self.assertEqual(ciphertext, test['CT']) + # encrypt + k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), + iv=unhexlify(test['IV']), op=enc, padding=False) + pbuf = io.BytesIO(test['PT']) + cbuf = io.BytesIO() + ciphertext = hexlify(self.cipher_filter(k, pbuf, cbuf)) + pbuf.close() + cbuf.close() + self.assertEqual(ciphertext, test['CT']) - # decrypt - j = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), - iv=unhexlify(test['IV']), op=dec, padding=False) - pbuf = io.BytesIO() - cbuf = io.BytesIO(unhexlify(test['CT'])) - plaintext = self.cipher_filter(j, cbuf, pbuf) - pbuf.close() - cbuf.close() - self.assertEqual(plaintext, test['PT']) + # decrypt + j = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(test['KEY']), + iv=unhexlify(test['IV']), op=dec, padding=False) + pbuf = io.BytesIO() + cbuf = io.BytesIO(unhexlify(test['CT'])) + plaintext = self.cipher_filter(j, cbuf, pbuf) + pbuf.close() + cbuf.close() + self.assertEqual(plaintext, test['PT']) def test_AES_ctr(self): # noqa # In CTR mode, encrypt and decrypt are actually the same @@ -690,6 +695,7 @@ def suite(): suite.addTest(unittest.TestLoader().loadTestsFromTestCase(HMACTestCase)) return suite + if __name__ == '__main__': Rand.load_file('randpool.dat', -1) unittest.TextTestRunner().run(suite()) |