Add more robust key and parameter processing: test vectors

docs/development/test-vectors.rst

@@ -95,6 +95,12 @@ Custom asymmetric vectors
 * ``asymmetric/PEM_Serialization/rsa_public_key.pem`` and
   ``asymmetric/DER_Serialization/rsa_public_key.der``- Contains an RSA 2048
   bit public generated using OpenSSL from ``rsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/rsa_public_key_invalid_exponent.pem`` and
+  ``asymmetric/DER_Serialization/rsa_public_key_invalid_exponent.der`` -
+  Contains an RSA SubjectPublicKeyInfo public key with public exponent 1.
+* ``asymmetric/PEM_Serialization/rsa_public_key_pkcs1_invalid_exponent.pem``
+  and ``asymmetric/DER_Serialization/rsa_public_key_pkcs1_invalid_exponent.der``
+  - Contains an RSA PKCS #1 public key with public exponent 1.
 * ``asymmetric/PEM_Serialization/rsa_wrong_delimiter_public_key.pem`` - Contains
   an RSA 2048 bit public key generated from ``rsa_private_key.pem``, but with
   the wrong PEM delimiter (``RSA PUBLIC KEY`` when it should be ``PUBLIC KEY``).
@@ -113,6 +119,19 @@ Custom asymmetric vectors
 * ``asymmetric/DER_Serialization/dsa_public_key_invalid_bit_string.der`` -
   Contains a DSA public key with the bit string padding value set to 2 rather
   than the required 0.
+* ``asymmetric/PEM_Serialization/dsa_public_key_y1.pem`` and
+  ``asymmetric/DER_Serialization/dsa_public_key_y1.der`` - Contains a DSA
+  public key with public value ``y = 1``.
+* ``asymmetric/PEM_Serialization/dsa_public_key_y_p_plus_1.pem`` and
+  ``asymmetric/DER_Serialization/dsa_public_key_y_p_plus_1.der`` - Contains a
+  DSA public key with public value ``y = p + 1``.
+* ``asymmetric/PEM_Serialization/dsa_public_key_y_p_minus_1.pem`` and
+  ``asymmetric/DER_Serialization/dsa_public_key_y_p_minus_1.der`` - Contains a
+  DSA public key with public value ``y = p - 1``.
+* ``asymmetric/PEM_Serialization/dsa_private_key_invalid_public_key.pem`` and
+  ``asymmetric/DER_Serialization/dsa_private_key_invalid_public_key.der`` -
+  Contains a DSA private key with a public value that does not match the
+  private value.
 * ``asymmetric/PKCS8/unenc-dsa-pkcs8.pem`` and
   ``asymmetric/DER_Serialization/unenc-dsa-pkcs8.der`` - Contains a DSA 1024
   bit key generated using OpenSSL.
@@ -360,6 +379,21 @@ Key exchange
   contains a Diffie-Hellman public key generated with a previous version of
   ``cryptography``.
 
+* ``vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_parameters_invalid_p.pem``
+  and
+  ``vectors/cryptography_vectors/asymmetric/DER_Serialization/dh_parameters_invalid_p.der``
+  contain Diffie-Hellman parameters with an invalid ``p`` value.
+
+* ``vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_public_key_invalid_parameters.pem``
+  and
+  ``vectors/cryptography_vectors/asymmetric/DER_Serialization/dh_public_key_invalid_parameters.der``
+  contain a Diffie-Hellman public key with invalid parameters.
+
+* ``vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_private_key_invalid_parameters.pem``
+  and
+  ``vectors/cryptography_vectors/asymmetric/DER_Serialization/dh_private_key_invalid_parameters.der``
+  contain a Diffie-Hellman private key with invalid parameters.
+
 X.509
 ~~~~~
 

tests/hazmat/primitives/test_serialization.py

@@ -358,6 +358,24 @@ def test_load_der_rsa_public_key(self, key_file, backend):
         numbers = key.public_numbers()
         assert numbers.e == 65537
 
+    @pytest.mark.parametrize(
+        "key_file",
+        [
+            "rsa_public_key_invalid_exponent.der",
+            "rsa_public_key_pkcs1_invalid_exponent.der",
+        ],
+    )
+    def test_load_der_rsa_public_key_rejects_invalid_exponent(
+        self, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "DER_Serialization", key_file),
+            lambda derfile: derfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_der_public_key(data, backend)
+
     def test_load_der_invalid_public_key(self, backend):
         with pytest.raises(ValueError):
             load_der_public_key(b"invalid data", backend)
@@ -386,6 +404,76 @@ def test_load_der_dsa_public_key(self, key_file, backend):
         assert key
         assert isinstance(key, dsa.DSAPublicKey)
 
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dsa_supported(),
+        skip_message="Does not support DSA.",
+    )
+    @pytest.mark.parametrize(
+        "key_file",
+        [
+            "dsa_public_key_y1.der",
+            "dsa_public_key_y_p_plus_1.der",
+            "dsa_public_key_y_p_minus_1.der",
+        ],
+    )
+    def test_load_der_dsa_public_key_rejects_invalid_y(
+        self, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "DER_Serialization", key_file),
+            lambda derfile: derfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_der_public_key(data, backend)
+
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dsa_supported(),
+        skip_message="Does not support DSA.",
+    )
+    def test_load_der_dsa_private_key_rejects_invalid_public_key(
+        self, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join(
+                "asymmetric",
+                "DER_Serialization",
+                "dsa_private_key_invalid_public_key.der",
+            ),
+            lambda derfile: derfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_der_private_key(data, None, backend)
+
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dh_supported(),
+        skip_message="DH not supported",
+    )
+    @pytest.mark.parametrize(
+        ("kind", "key_file"),
+        [
+            ("parameters", "dh_parameters_invalid_p.der"),
+            ("public", "dh_public_key_invalid_parameters.der"),
+            ("private", "dh_private_key_invalid_parameters.der"),
+        ],
+    )
+    def test_load_der_dh_rejects_invalid_parameters(
+        self, kind, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "DER_Serialization", key_file),
+            lambda derfile: derfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            if kind == "parameters":
+                load_der_parameters(data, backend)
+            elif kind == "public":
+                load_der_public_key(data, backend)
+            else:
+                load_der_private_key(data, None, backend)
+
     def test_load_ec_public_key(self, backend):
         _skip_curve_unsupported(backend, ec.SECP256R1())
         key = load_vectors_from_file(
@@ -737,6 +825,24 @@ def test_load_pem_rsa_public_key(self, key_file, backend):
         numbers = key.public_numbers()
         assert numbers.e == 65537
 
+    @pytest.mark.parametrize(
+        "key_file",
+        [
+            "rsa_public_key_invalid_exponent.pem",
+            "rsa_public_key_pkcs1_invalid_exponent.pem",
+        ],
+    )
+    def test_load_pem_rsa_public_key_rejects_invalid_exponent(
+        self, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "PEM_Serialization", key_file),
+            lambda pemfile: pemfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_pem_public_key(data, backend)
+
     def test_load_pem_public_fails_with_ec_key_with_rsa_delimiter(self):
         with pytest.raises(ValueError):
             load_vectors_from_file(
@@ -787,6 +893,76 @@ def test_load_pem_dsa_public_key(self, key_file, backend):
         assert key
         assert isinstance(key, dsa.DSAPublicKey)
 
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dsa_supported(),
+        skip_message="Does not support DSA.",
+    )
+    @pytest.mark.parametrize(
+        "key_file",
+        [
+            "dsa_public_key_y1.pem",
+            "dsa_public_key_y_p_plus_1.pem",
+            "dsa_public_key_y_p_minus_1.pem",
+        ],
+    )
+    def test_load_pem_dsa_public_key_rejects_invalid_y(
+        self, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "PEM_Serialization", key_file),
+            lambda pemfile: pemfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_pem_public_key(data, backend)
+
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dsa_supported(),
+        skip_message="Does not support DSA.",
+    )
+    def test_load_pem_dsa_private_key_rejects_invalid_public_key(
+        self, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join(
+                "asymmetric",
+                "PEM_Serialization",
+                "dsa_private_key_invalid_public_key.pem",
+            ),
+            lambda pemfile: pemfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            load_pem_private_key(data, None, backend)
+
+    @pytest.mark.supported(
+        only_if=lambda backend: backend.dh_supported(),
+        skip_message="DH not supported",
+    )
+    @pytest.mark.parametrize(
+        ("kind", "key_file"),
+        [
+            ("parameters", "dh_parameters_invalid_p.pem"),
+            ("public", "dh_public_key_invalid_parameters.pem"),
+            ("private", "dh_private_key_invalid_parameters.pem"),
+        ],
+    )
+    def test_load_pem_dh_rejects_invalid_parameters(
+        self, kind, key_file, backend
+    ):
+        data = load_vectors_from_file(
+            os.path.join("asymmetric", "PEM_Serialization", key_file),
+            lambda pemfile: pemfile.read(),
+            mode="rb",
+        )
+        with pytest.raises(ValueError):
+            if kind == "parameters":
+                load_pem_parameters(data, backend)
+            elif kind == "public":
+                load_pem_public_key(data, backend)
+            else:
+                load_pem_private_key(data, None, backend)
+
     def test_load_ec_public_key(self, backend):
         _skip_curve_unsupported(backend, ec.SECP256R1())
         key = load_vectors_from_file(

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_parameters_invalid_p.pem

@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+/////////////////////////////////wIBAg==
+-----END DH PARAMETERS-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_private_key_invalid_parameters.pem

@@ -0,0 +1,9 @@
+-----BEGIN PRIVATE KEY-----
+MIIBIwIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBAP//////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////8C
+AQIEAwIBAg==
+-----END PRIVATE KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dh_public_key_invalid_parameters.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBITCCARcGCSqGSIb3DQEDATCCAQgCggEBAP//////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////8CAQID
+BAACAQQ=
+-----END PUBLIC KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dsa_private_key_invalid_public_key.pem

@@ -0,0 +1,9 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBOwIBAAKBgQDTgxHizTiMPtaY6C/fiOuStamkg9yIAF1Lcl7zQeq7R8+KeopB
+55KhVrfOlyBsT5xc5vxa55EhAra1AuWQULWyHOJj3dsgRLZSI29NQqtLXWqnMYnO
+8azneNeEWlwcHHFHEjGI+NxVEFTuFitjTWDwl/cZB2ZA4gmAoAkxE6i9cwIVAJbF
+OQqLYSwOQiuysOoZSj7JNaKBAoGABreGGrvTXMieecUvaNIIdTibEnNhymaCITjO
+SZHSuGIlnWtFSKZJWxlaoOC2E3yjfrI7lAdNPD0wAEK98VdigStjM+97B866eGB2
+EPzJ7mhJHbweNM0SYVR05SsYvJNPsAxh0559qJAikcRDSk4iJMP0/Z+TzW9PF/wH
+Y0Gn59kCAQECFQCBhf7pzHwOkf2FUDJ08c1aP9FaSQ==
+-----END DSA PRIVATE KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dsa_public_key_y1.pem

@@ -0,0 +1,15 @@
+-----BEGIN PUBLIC KEY-----
+MIICRDCCAjoGByqGSM44BAEwggItAoIBAQDqH7GvIogVWO+TvopfhlPFpVlDTEnI
+wsEqzl6cQUNMnPCo6UmKyw9GY8CLRITqzoRfb7F9rGLJjnBq8Px05NocbCs/v1od
+WP+C/Bpm8+ixIlLEAnj/+d1/EC7tLLW3Mj6/GQjCNNk1QU3e1/jSROVFYbDco5sw
+HejEnan7I98zxhguP5gyCMVg+1EZ+/eOvj5lZO4jXGoVy7msJHurpaQjvGWCoanY
+orTw6ePZ26wSL3UN11QyUTUldIix9uyr8hv/KUf+DTsst//mf05/zfEhT2BT5ypb
+sN0goOn+bbLfCpCMNuleYL9JykNouLiSucefYe+RxHVnxA4fgKxapm73AiEAjsc/
+N2HK9f3+bk6CCYvxD4mHQNy4CCBL9rGPUHGSwZ0CggEBAOTE7KiEFbI+z4EcluSM
+0kIA/pFmMaaKaE5sy2sZE0E9NE0djYSjM4OdiO7kMVIfbjV8FuapO+ERqYB2c5zU
+AbqzudVlv0+5np0YWx4U1hyTcAEz+Qi64D4odk0Qfc0up2dCF2IgdLsZ7/9IL19c
+GobVVRsvxo0cbp2AEZWO9LnCo6VdDTyILmrX+fDzxhVo940HBrEKJvI7Txl8MiuC
+UAIoSgrKkYB7upjs6RK4DhDN8YDPmaNfIQwWVfv9108TsbUEZZH4QDhz0SI5g03W
+xOzrQr90guF5ShYBNXtind+pcfLtJzsUbsHKBtCt9V3ZHWXDcpe9p4xtIQwLwm5V
+gwIDBAACAQE=
+-----END PUBLIC KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dsa_public_key_y_p_minus_1.pem

@@ -0,0 +1,20 @@
+-----BEGIN PUBLIC KEY-----
+MIIDSDCCAjoGByqGSM44BAEwggItAoIBAQDqH7GvIogVWO+TvopfhlPFpVlDTEnI
+wsEqzl6cQUNMnPCo6UmKyw9GY8CLRITqzoRfb7F9rGLJjnBq8Px05NocbCs/v1od
+WP+C/Bpm8+ixIlLEAnj/+d1/EC7tLLW3Mj6/GQjCNNk1QU3e1/jSROVFYbDco5sw
+HejEnan7I98zxhguP5gyCMVg+1EZ+/eOvj5lZO4jXGoVy7msJHurpaQjvGWCoanY
+orTw6ePZ26wSL3UN11QyUTUldIix9uyr8hv/KUf+DTsst//mf05/zfEhT2BT5ypb
+sN0goOn+bbLfCpCMNuleYL9JykNouLiSucefYe+RxHVnxA4fgKxapm73AiEAjsc/
+N2HK9f3+bk6CCYvxD4mHQNy4CCBL9rGPUHGSwZ0CggEBAOTE7KiEFbI+z4EcluSM
+0kIA/pFmMaaKaE5sy2sZE0E9NE0djYSjM4OdiO7kMVIfbjV8FuapO+ERqYB2c5zU
+AbqzudVlv0+5np0YWx4U1hyTcAEz+Qi64D4odk0Qfc0up2dCF2IgdLsZ7/9IL19c
+GobVVRsvxo0cbp2AEZWO9LnCo6VdDTyILmrX+fDzxhVo940HBrEKJvI7Txl8MiuC
+UAIoSgrKkYB7upjs6RK4DhDN8YDPmaNfIQwWVfv9108TsbUEZZH4QDhz0SI5g03W
+xOzrQr90guF5ShYBNXtind+pcfLtJzsUbsHKBtCt9V3ZHWXDcpe9p4xtIQwLwm5V
+gwIDggEGAAKCAQEA6h+xryKIFVjvk76KX4ZTxaVZQ0xJyMLBKs5enEFDTJzwqOlJ
+issPRmPAi0SE6s6EX2+xfaxiyY5wavD8dOTaHGwrP79aHVj/gvwaZvPosSJSxAJ4
+//ndfxAu7Sy1tzI+vxkIwjTZNUFN3tf40kTlRWGw3KObMB3oxJ2p+yPfM8YYLj+Y
+MgjFYPtRGfv3jr4+ZWTuI1xqFcu5rCR7q6WkI7xlgqGp2KK08Onj2dusEi91DddU
+MlE1JXSIsfbsq/Ib/ylH/g07LLf/5n9Of83xIU9gU+cqW7DdIKDp/m2y3wqQjDbp
+XmC/ScpDaLi4krnHn2HvkcR1Z8QOH4CsWqZu9g==
+-----END PUBLIC KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/dsa_public_key_y_p_plus_1.pem

@@ -0,0 +1,20 @@
+-----BEGIN PUBLIC KEY-----
+MIIDSDCCAjoGByqGSM44BAEwggItAoIBAQDqH7GvIogVWO+TvopfhlPFpVlDTEnI
+wsEqzl6cQUNMnPCo6UmKyw9GY8CLRITqzoRfb7F9rGLJjnBq8Px05NocbCs/v1od
+WP+C/Bpm8+ixIlLEAnj/+d1/EC7tLLW3Mj6/GQjCNNk1QU3e1/jSROVFYbDco5sw
+HejEnan7I98zxhguP5gyCMVg+1EZ+/eOvj5lZO4jXGoVy7msJHurpaQjvGWCoanY
+orTw6ePZ26wSL3UN11QyUTUldIix9uyr8hv/KUf+DTsst//mf05/zfEhT2BT5ypb
+sN0goOn+bbLfCpCMNuleYL9JykNouLiSucefYe+RxHVnxA4fgKxapm73AiEAjsc/
+N2HK9f3+bk6CCYvxD4mHQNy4CCBL9rGPUHGSwZ0CggEBAOTE7KiEFbI+z4EcluSM
+0kIA/pFmMaaKaE5sy2sZE0E9NE0djYSjM4OdiO7kMVIfbjV8FuapO+ERqYB2c5zU
+AbqzudVlv0+5np0YWx4U1hyTcAEz+Qi64D4odk0Qfc0up2dCF2IgdLsZ7/9IL19c
+GobVVRsvxo0cbp2AEZWO9LnCo6VdDTyILmrX+fDzxhVo940HBrEKJvI7Txl8MiuC
+UAIoSgrKkYB7upjs6RK4DhDN8YDPmaNfIQwWVfv9108TsbUEZZH4QDhz0SI5g03W
+xOzrQr90guF5ShYBNXtind+pcfLtJzsUbsHKBtCt9V3ZHWXDcpe9p4xtIQwLwm5V
+gwIDggEGAAKCAQEA6h+xryKIFVjvk76KX4ZTxaVZQ0xJyMLBKs5enEFDTJzwqOlJ
+issPRmPAi0SE6s6EX2+xfaxiyY5wavD8dOTaHGwrP79aHVj/gvwaZvPosSJSxAJ4
+//ndfxAu7Sy1tzI+vxkIwjTZNUFN3tf40kTlRWGw3KObMB3oxJ2p+yPfM8YYLj+Y
+MgjFYPtRGfv3jr4+ZWTuI1xqFcu5rCR7q6WkI7xlgqGp2KK08Onj2dusEi91DddU
+MlE1JXSIsfbsq/Ib/ylH/g07LLf/5n9Of83xIU9gU+cqW7DdIKDp/m2y3wqQjDbp
+XmC/ScpDaLi4krnHn2HvkcR1Z8QOH4CsWqZu+A==
+-----END PUBLIC KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/rsa_public_key_invalid_exponent.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+/wIBAQ==
+-----END PUBLIC KEY-----

vectors/cryptography_vectors/asymmetric/PEM_Serialization/rsa_public_key_pkcs1_invalid_exponent.pem

@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCAKCAQEA////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////
+/////////////////////////////////wIBAQ==
+-----END RSA PUBLIC KEY-----