|
| 1 | +# This file is dual licensed under the terms of the Apache License, Version |
| 2 | +# 2.0, and the BSD License. See the LICENSE file in the root of this repository |
| 3 | +# for complete details. |
| 4 | + |
| 5 | +from __future__ import absolute_import, division, print_function |
| 6 | + |
| 7 | +import binascii |
| 8 | + |
| 9 | +import pytest |
| 10 | + |
| 11 | +from cryptography.hazmat.primitives.asymmetric.x448 import ( |
| 12 | + X448PrivateKey, X448PublicKey |
| 13 | +) |
| 14 | + |
| 15 | + |
| 16 | +@pytest.mark.supported( |
| 17 | + only_if=lambda backend: backend.x448_supported(), |
| 18 | + skip_message="Requires OpenSSL with X448 support" |
| 19 | +) |
| 20 | +@pytest.mark.wycheproof_tests("x448_test.json") |
| 21 | +def test_x448(backend, wycheproof): |
| 22 | + assert set(wycheproof.testgroup.items()) == { |
| 23 | + ("curve", "curve448"), ("type", "XdhComp") |
| 24 | + } |
| 25 | + |
| 26 | + private_key = X448PrivateKey.from_private_bytes( |
| 27 | + binascii.unhexlify(wycheproof.testcase["private"]) |
| 28 | + ) |
| 29 | + public_key_bytes = binascii.unhexlify(wycheproof.testcase["public"]) |
| 30 | + if len(public_key_bytes) == 57: |
| 31 | + assert wycheproof.acceptable |
| 32 | + assert wycheproof.has_flag("NonCanonicalPublic") |
| 33 | + with pytest.raises(ValueError): |
| 34 | + X448PublicKey.from_public_bytes(public_key_bytes) |
| 35 | + return |
| 36 | + |
| 37 | + public_key = X448PublicKey.from_public_bytes(public_key_bytes) |
| 38 | + |
| 39 | + assert wycheproof.valid or wycheproof.acceptable |
| 40 | + |
| 41 | + expected = binascii.unhexlify(wycheproof.testcase["shared"]) |
| 42 | + if expected == b"\x00" * 56: |
| 43 | + assert wycheproof.acceptable |
| 44 | + # OpenSSL returns an error on all zeros shared key |
| 45 | + with pytest.raises(ValueError): |
| 46 | + private_key.exchange(public_key) |
| 47 | + else: |
| 48 | + assert private_key.exchange(public_key) == expected |
0 commit comments