| # This file is dual licensed under the terms of the Apache License, Version |
| # 2.0, and the BSD License. See the LICENSE file in the root of this repository |
| # for complete details. |
| |
| from __future__ import absolute_import, division, print_function |
| |
| import binascii |
| |
| import pytest |
| |
| from cryptography.exceptions import InvalidSignature |
| from cryptography.hazmat.backends.interfaces import CMACBackend |
| from cryptography.hazmat.primitives.ciphers.algorithms import AES |
| from cryptography.hazmat.primitives.cmac import CMAC |
| |
| |
| @pytest.mark.requires_backend_interface(interface=CMACBackend) |
| @pytest.mark.wycheproof_tests("aes_cmac_test.json") |
| def test_aes_cmac(backend, wycheproof): |
| key = binascii.unhexlify(wycheproof.testcase["key"]) |
| msg = binascii.unhexlify(wycheproof.testcase["msg"]) |
| tag = binascii.unhexlify(wycheproof.testcase["tag"]) |
| |
| # skip truncated tags, which we don't support in the API |
| if wycheproof.valid and len(tag) == 16: |
| ctx = CMAC(AES(key), backend) |
| ctx.update(msg) |
| ctx.verify(tag) |
| elif len(key) not in [16, 24, 32]: |
| with pytest.raises(ValueError): |
| CMAC(AES(key), backend) |
| else: |
| ctx = CMAC(AES(key), backend) |
| ctx.update(msg) |
| with pytest.raises(InvalidSignature): |
| ctx.verify(tag) |
