Merge "Handle curve keyword arg weak_cryptographic_key"
This commit is contained in:
commit
b40615b8d2
|
@ -96,7 +96,8 @@ def _weak_crypto_key_size_cryptography_io(context):
|
|||
'SECT163K1': 163,
|
||||
'SECT163R2': 163,
|
||||
}
|
||||
curve = context.call_args[arg_position[key_type]]
|
||||
curve = (context.get_call_arg_value('curve') or
|
||||
context.call_args[arg_position[key_type]])
|
||||
key_size = curve_key_sizes[curve] if curve in curve_key_sizes else 224
|
||||
return _classify_key_size(key_type, key_size)
|
||||
|
||||
|
|
|
@ -9,6 +9,8 @@ from Crypto.PublicKey import RSA
|
|||
# Correct
|
||||
dsa.generate_private_key(key_size=2048,
|
||||
backend=backends.default_backend())
|
||||
ec.generate_private_key(curve=ec.SECP384R1,
|
||||
backend=backends.default_backend())
|
||||
rsa.generate_private_key(public_exponent=65537,
|
||||
key_size=2048,
|
||||
backend=backends.default_backend())
|
||||
|
@ -29,6 +31,8 @@ RSA.generate(4096)
|
|||
# Incorrect: weak key sizes
|
||||
dsa.generate_private_key(key_size=1024,
|
||||
backend=backends.default_backend())
|
||||
ec.generate_private_key(curve=ec.SECT163R2,
|
||||
backend=backends.default_backend())
|
||||
rsa.generate_private_key(public_exponent=65537,
|
||||
key_size=1024,
|
||||
backend=backends.default_backend())
|
||||
|
|
|
@ -455,8 +455,8 @@ class FunctionalTests(testtools.TestCase):
|
|||
def test_weak_cryptographic_key(self):
|
||||
'''Test for weak key sizes.'''
|
||||
expect = {
|
||||
'SEVERITY': {'MEDIUM': 5, 'HIGH': 4},
|
||||
'CONFIDENCE': {'HIGH': 9}
|
||||
'SEVERITY': {'MEDIUM': 6, 'HIGH': 4},
|
||||
'CONFIDENCE': {'HIGH': 10}
|
||||
}
|
||||
self.check_example('weak_cryptographic_key_sizes.py', expect)
|
||||
|
||||
|
|
Loading…
Reference in New Issue