MCPcopy
hub / github.com/pyca/cryptography / test_rsa_pss_signature

Function test_rsa_pss_signature

tests/wycheproof/test_rsa.py:149–197  ·  view source on GitHub ↗
(backend, wycheproof)

Source from the content-addressed store, hash-verified

147 "rsa_pss_misc_test.json",
148)
149def test_rsa_pss_signature(backend, wycheproof):
150 digest = _DIGESTS[wycheproof.testgroup["sha"]]
151 mgf_digest = _DIGESTS[wycheproof.testgroup["mgfSha"]]
152 if digest is None or mgf_digest is None:
153 pytest.skip(
154 "PSS with digest={} and MGF digest={} not supported".format(
155 wycheproof.testgroup["sha"],
156 wycheproof.testgroup["mgfSha"],
157 )
158 )
159 if backend._fips_enabled and (
160 isinstance(digest, hashes.SHA1)
161 or isinstance(mgf_digest, hashes.SHA1)
162 # FIPS 186-4 only allows salt length == digest length for PSS
163 or wycheproof.testgroup["sLen"] != mgf_digest.digest_size
164 # inner MGF1 hash must match outer hash
165 or wycheproof.testgroup["sha"] != wycheproof.testgroup["mgfSha"]
166 ):
167 pytest.skip("Invalid params for FIPS")
168
169 key = wycheproof.cache_value_to_group(
170 "cached_key",
171 lambda: serialization.load_der_public_key(
172 binascii.unhexlify(wycheproof.testgroup["publicKeyDer"]),
173 ),
174 )
175 assert isinstance(key, rsa.RSAPublicKey)
176
177 if wycheproof.valid or wycheproof.acceptable:
178 key.verify(
179 binascii.unhexlify(wycheproof.testcase["sig"]),
180 binascii.unhexlify(wycheproof.testcase["msg"]),
181 padding.PSS(
182 mgf=padding.MGF1(mgf_digest),
183 salt_length=wycheproof.testgroup["sLen"],
184 ),
185 digest,
186 )
187 else:
188 with pytest.raises(InvalidSignature):
189 key.verify(
190 binascii.unhexlify(wycheproof.testcase["sig"]),
191 binascii.unhexlify(wycheproof.testcase["msg"]),
192 padding.PSS(
193 mgf=padding.MGF1(mgf_digest),
194 salt_length=wycheproof.testgroup["sLen"],
195 ),
196 digest,
197 )
198
199
200@wycheproof_tests(

Callers

nothing calls this directly

Calls 3

cache_value_to_groupMethod · 0.80
unhexlifyMethod · 0.80
verifyMethod · 0.45

Tested by

no test coverage detected