def test_import_ssh(self):
rsa_pub = RSA.import_key(TEST_SSH_PUB)
rsa_ssh2_pub = RSA.import_key(TEST_SSH2_PUB)
rsa_priv = RSA.import_key(TEST_SSH_PRIV)
self.assertEqual((rsa_pub.n, rsa_pub.e), (rsa_priv.n, rsa_priv.e))
self.assertEqual((rsa_ssh2_pub.n, rsa_ssh2_pub.e),
(rsa_priv.n, rsa_priv.e))
self.assertEqual(
rsa_priv.p,
170621934107914837135188221741345039360973520058114456501388562509658795389537603696495314914263307477879633584504500740005298573150803280618484950209080803799140960436472056595329677438530606065566161783436714140793820145487700054413432516764645134976280363736900482101671242116081306644146548602721659188139
)
self.assertEqual(
rsa_priv.q,
147975660846396990587026799132395215581845148822588177668939892854130080870127891229734413269282872842954263443501467315040323804831400031921589112815742747614415764378548901698763469577356909867186752247509564255224167675065755796937983163876790155687818626513794653480829583948160749345458911841406938261219
)
self.assertEqual(
rsa_priv.alt_d,
19762369934989515131049274315841316326050549933114536766674916078250573730800216520650633877972440419194814420402043176472759537753254149225125134250003994948721187698467807920387489440310994705791482721107511012797884534895932222871683633147680034924999627916905359454912445366494543706676734716375543152258328317139760580320162173490414588340925370831975060554770385250590880497700813834231770436219310405458193997653119990344803085718020467915664214557758416316811073003911746514622779992001874409075037973245976299609023867178313200550274791579981490063847585903047671618462828834780979891650959756006736369309609
)
self.assertEqual(
rsa_ssh2_pub.export_public_key(encoding=PKIEncoding.SSH2).replace(
b'\n', b''), TEST_SSH2_PUB_NO_CMT.replace(b'\n', b''))
def test_rsa(self):
for bits in [512, 1024, 2048, 4096]:
for _ in range(5):
ca = RSA(bits)
leaf = RSA(bits)
self._run_test(ca, leaf)
def decode(buffer: bytes, **kwargs) -> object:
"""
Decodes a JWK JSON string into an RSA object.
Parameters:
buffer (bytes/str): JWK JSON string.
Returns:
RSA: RSA object.
"""
from samson.public_key.rsa import RSA
if issubclass(type(buffer), (bytes, bytearray)):
buffer = buffer.decode()
jwk = json.loads(buffer)
n = Bytes(url_b64_decode(jwk['n'].encode('utf-8'))).int()
e = Bytes(url_b64_decode(jwk['e'].encode('utf-8'))).int()
if 'p' in jwk:
p = Bytes(url_b64_decode(jwk['p'].encode('utf-8'))).int()
q = Bytes(url_b64_decode(jwk['q'].encode('utf-8'))).int()
else:
p = 2
q = 3
rsa = RSA(8, p=p, q=q, e=e)
rsa.n = n
rsa.bits = rsa.n.bit_length()
return rsa
def _run_import_pem_enc(self, enc_priv):
with self.assertRaises(ValueError):
RSA.import_key(enc_priv)
enc_rsa = RSA.import_key(enc_priv, PEM_PASSPHRASE)
dec_rsa = RSA.import_key(TEST_PEM_DEC)
self.assertEqual((enc_rsa.d, enc_rsa.e, enc_rsa.p, enc_rsa.q),
(dec_rsa.d, dec_rsa.e, dec_rsa.p, dec_rsa.q))
def decode(buffer: bytes, **kwargs):
from samson.public_key.rsa import RSA
_, pub = parse_openssh_key(buffer, SSH_PUBLIC_HEADER, RSAPublicKey, RSAPrivateKey, None)
n, e, p, q = pub.n, pub.e, 2, 3
rsa = RSA(8, p=p, q=q, e=e)
rsa.n = n
return rsa
def test_gauntlet(self):
for _ in range(10):
bits = max(16, Bytes.random(2).int() >> 4)
rsa = RSA(bits, e=65537)
for _ in range(10):
plaintext = Bytes.random((bits // 8) - 1)
ciphertext = rsa.encrypt(plaintext)
self.assertEqual(
rsa.decrypt(ciphertext).zfill(len(plaintext)), plaintext)
def decode(buffer: bytes, **kwargs):
from samson.public_key.rsa import RSA
priv, _ = parse_openssh_key(buffer, SSH_PUBLIC_HEADER, RSAPublicKey,
RSAPrivateKey, kwargs.get('passphrase'))
n, e, p, q = priv.n, priv.e, priv.p, priv.q
rsa = RSA(8, p=p, q=q, e=e)
rsa.n = n
return rsa
def test_factorize_from_d(self):
for _ in range(5):
bits = max(1, Bytes.random(2).int() >> 4)
rsa_a = RSA(bits, e=65537)
new_rsa_a = RSA.factorize_from_d(rsa_a.d, rsa_a.e, rsa_a.n)
# Here we sort p and q since we don't know which found prime will be assigned to which variable
self.assertEqual(
(rsa_a.d, rsa_a.e, rsa_a.n, sorted([rsa_a.p, rsa_a.q])),
(new_rsa_a.d, new_rsa_a.e, new_rsa_a.n,
sorted([new_rsa_a.p, new_rsa_a.q])))
def test_import_export_public(self):
rsa_pub = RSA.import_key(TEST_PUB)
rsa_priv = RSA.import_key(TEST_PRIV)
der_bytes = rsa_pub.export_public_key(encoding=PKIEncoding.X509)
new_pub = RSA.import_key(der_bytes)
self.assertEqual((rsa_pub.n, rsa_pub.e), (rsa_priv.n, rsa_priv.e))
self.assertEqual((rsa_pub.n, rsa_pub.e), (new_pub.n, new_pub.e))
self.assertEqual(der_bytes.replace(b'\n', b''),
TEST_PUB.replace(b'\n', b''))
def decode(buffer: bytes, **kwargs):
from samson.public_key.rsa import RSA
items = bytes_to_der_sequence(buffer)
items = [int(item) for item in items]
n, e = items
rsa = RSA(8, e=e)
rsa.n = n
rsa.bits = rsa.n.bit_length()
return rsa
def test_import_enc_gauntlet(self):
supported_algos = RFC1423_ALGOS.keys()
for algo in supported_algos:
for _ in range(10):
rsa = RSA(512)
key = Bytes.random(Bytes.random(1).int() + 1)
enc_pem = rsa.export_private_key(encryption=algo,
passphrase=key)
dec_rsa = RSA.import_key(enc_pem, key)
self.assertEqual((rsa.d, rsa.e, rsa.p, rsa.q),
(dec_rsa.d, dec_rsa.e, dec_rsa.p, dec_rsa.q))
def test_kat(self):
plaintext = Bytes(
0xEB7A19ACE9E3006350E329504B45E2CA82310B26DCD87D5C68F1EEA8F55267C31B2E8BB4251F84D7E0B2C04626F5AFF93EDCFB25C9C2B3FF8AE10E839A2DDB4CDCFE4FF47728B4A1B7C1362BAAD29AB48D2869D5024121435811591BE392F982FB3E87D095AEB40448DB972F3AC14F7BC275195281CE32D2F1B76D4D353E2D
)
ciphertext = 0x1253E04DC0A5397BB44A7AB87E9BF2A039A33D1E996FC82A94CCD30074C95DF763722017069E5268DA5D1C0B4F872CF653C11DF82314A67968DFEAE28DEF04BB6D84B1C31D654A1970E5783BD6EB96A024C2CA2F4A90FE9F2EF5C9C140E5BB48DA9536AD8700C84FC9130ADEA74E558D51A74DDF85D8B50DE96838D6063E0955
modulus = 0xBBF82F090682CE9C2338AC2B9DA871F7368D07EED41043A440D6B6F07454F51FB8DFBAAF035C02AB61EA48CEEB6FCD4876ED520D60E1EC4619719D8A5B8B807FAFB8E0A3DFC737723EE6B4B7D93A2584EE6A649D060953748834B2454598394EE0AAB12D7B61A51F527A9A41F6C1687FE2537298CA2A8F5946F8E5FD091DBDCB
prime = 0xC97FB1F027F453F6341233EAAAD1D9353F6C42D08866B1D05A0F2035028B9D869840B41666B42E92EA0DA3B43204B5CFCE3352524D0416A5A441E700AF461503
e = 17
rsa = RSA(512, p=prime, q=modulus // prime, e=e)
self.assertEqual(rsa.decrypt(ciphertext), plaintext)
self.assertEqual(rsa.encrypt(plaintext), ciphertext)
def test_import_export_private(self):
rsa = RSA.import_key(TEST_PRIV)
der_bytes = rsa.export_private_key(encoding=PKIEncoding.PKCS1)
new_rsa = RSA.import_key(der_bytes)
self.assertEqual((rsa.n, rsa.e, rsa.alt_d), (
0x545702789299c59544f0a48037d5fcbe285b5c214d26469f7f52423763d01b331d0f7c9dfd5e98435b362e083875d101e10bf862a34a20cd38cd68743770b1ee57ce7f04e4335729aecacdc662b9b1e0f438f1a691538001d9c8f3374dc1dabf2e9fb316be636b0d2393f511c5bc7373c1666562322dc3911163e338b83bdf7d9a622c81b9edd19cd1699cae8c2def325de313e070d7733fc7ca95e0b12ef6a43095626e1fa3b19681a6e6b2828eb6b3487cb7bb58370086b108e9eaf9f20a53b8f44c9fe7ab7ad545d70b3c5f470190ece9e7172824e05747e1c431a664ab6bd2f914bf64e4dcac0575c493f52a488737f85742fb52aa4555f144ab8e601713,
0x10001,
7637900981413881127344732199207423148450857019726723094659043462794313258767201253269496359678839942555541437712415706663660985252940123204794095993626699211163986533562336773310103190916142252882331767886927729021516529141672972169957951166501750445256177733568843099186777096376892875529534391517354389358568809006385725873288954661635538351606457829485241023554979084645466210495420866845750976009860684015622002855709494103022482640146893844516679296838305756556603312962721311081086887412291530082263197989863828789712221961262494351622769754044860656696333724061992404959980518191241190042534000830303328685273
))
self.assertEqual((rsa.d, rsa.e, rsa.p, rsa.q),
(new_rsa.d, new_rsa.e, new_rsa.p, new_rsa.q))
self.assertEqual(der_bytes.replace(b'\n', b''),
TEST_PRIV.replace(b'\n', b''))
def test_der_encode(self):
for _ in range(20):
bits = max(1, Bytes.random(2).int() >> 4)
rsa = RSA(bits, e=65537)
should_pem_encode = Bytes.random(1).int() & 1
der_bytes = rsa.export_private_key(should_pem_encode)
recovered_rsa = RSA.import_key(der_bytes)
self.assertEqual(
(rsa.d, rsa.e, rsa.n, rsa.p, rsa.q),
(recovered_rsa.d, recovered_rsa.e, recovered_rsa.n,
recovered_rsa.p, recovered_rsa.q))
def decode(buffer: bytes, **kwargs):
from samson.public_key.rsa import RSA
items = bytes_to_der_sequence(buffer)
items = [int(item) for item in items]
del items[6:]
del items[0]
_n, e, _d, p, q = items
rsa = RSA(0, p=p, q=q, e=e)
rsa.bits = rsa.n.bit_length()
return rsa
def test_import_openssh(self):
for key, passphrase in [
TEST_OPENSSH0, TEST_OPENSSH1, TEST_OPENSSH2, TEST_OPENSSH3
]:
if passphrase:
with self.assertRaises(ValueError):
RSA.import_key(key)
rsa = RSA.import_key(key, passphrase=passphrase)
self.assertEqual(rsa.p * rsa.q, rsa.n)
self.assertEqual(rsa.alt_d,
mod_inv(rsa.e, (rsa.p - 1) * (rsa.q - 1)))
self.assertTrue(is_prime(rsa.p))
self.assertTrue(is_prime(rsa.q))
def test_openssh_gauntlet(self):
num_runs = 6
num_enc = num_runs // 3
for i in range(num_runs):
bits = 128 + (Bytes.random(2).int() % (4096 - 128))
rsa = RSA(bits)
passphrase = None
if i < num_enc:
passphrase = Bytes.random(Bytes.random(1).int())
priv = rsa.export_private_key(encoding=PKIEncoding.OpenSSH,
encryption=b'aes256-ctr',
passphrase=passphrase)
pub_openssh = rsa.export_public_key(encoding=PKIEncoding.OpenSSH)
pub_ssh2 = rsa.export_public_key(encoding=PKIEncoding.SSH2)
new_priv = RSA.import_key(priv, passphrase=passphrase)
new_pub_openssh = RSA.import_key(pub_openssh)
new_pub_ssh2 = RSA.import_key(pub_ssh2)
self.assertEqual(
(new_priv.d, new_priv.e, new_priv.n, new_priv.p, new_priv.q),
(rsa.d, rsa.e, rsa.n, rsa.p, rsa.q))
self.assertEqual((new_pub_openssh.e, new_pub_openssh.n),
(rsa.e, rsa.n))
self.assertEqual((new_pub_ssh2.e, new_pub_ssh2.n), (rsa.e, rsa.n))
def test_import_x509(self):
rsa = RSA.import_key(TEST_X509)
self.assertEqual((rsa.n, rsa.e), (
24940683201879137993056120312454473942594318232290600735533280813657819079216867596712294845341701840650539113593082459581192282077758505643187412712080936552854003723249342272875345512981239150545161577739015704663222308367346717190651433566838090248539539684067138040760166497684693081358176609716700732118835147703707164874725475008676983042554525064000012095164085296963339592428935499593551005865083467668896772193959564280661680461005515765882973709774222632895423473512678883713520905183203401266909934112053801007749095605556769087928322759818966788666176216229944621540846530277052278166189462503753144895461,
65537))
self.assertEqual(
rsa.export_public_key(encoding=PKIEncoding.X509).replace(
b'\n', b''), TEST_X509.replace(b'\n', b''))
def decode(buffer: bytes, **kwargs):
from samson.public_key.rsa import RSA
items = bytes_to_der_sequence(buffer)
if type(items[1]) is BitString:
if str(items[0][0]) == '1.2.840.113549.1.1.1':
bitstring_seq = decoder.decode(Bytes(int(items[1])))[0]
items = list(bitstring_seq)
else:
raise ValueError('Unable to decode RSA key.')
n, e = [int(item) for item in items]
rsa = RSA(8, e=e)
rsa.n = n
rsa.bits = rsa.n.bit_length()
return rsa
def test_import_x509_cert(self):
from subprocess import check_call
rsa = RSA.import_key(TEST_X509_CERT)
self.assertEqual((rsa.n, rsa.e), (
20610613182366935712704430937310221613534562009948079789360453139910836064941977579908816718964543026281318436151676011110161911330939696498276776328767963169924766263613120148750878393738643775336834994232750269121171496638721145925440236992515720886919332303626091341082673908400068674399845813788179494391992902026084622226552237412130605804686837213484458829751479165161843145474359043291343036771933142460660698742069747900485297316236559451091673622347679667437351203815946583872835580939553583968621857705820720681124927525077143151996560098282758335232786356354477898597546915310745330577744741027892958321197,
65537))
cert = rsa.export_public_key(encoding=PKIEncoding.X509_CERT).decode()
check_call([f'echo -n \"{cert}\" | openssl x509 -text'], shell=True)
def test_import_pkcs1(self):
rsa_priv = RSA.import_key(TEST_PKCS1_PRIV)
rsa_pub = RSA.import_key(TEST_PKCS1_PUB)
priv_out = rsa_priv.export_private_key(encoding=PKIEncoding.PKCS1,
marker='RSA PRIVATE KEY')
pub_out = rsa_priv.export_public_key(encoding=PKIEncoding.PKCS1,
marker='RSA PUBLIC KEY')
self.assertEqual((rsa_priv.p, rsa_priv.q, rsa_priv.d, rsa_priv.e), (
166139291584298120902443024169830845883823889075313984939917653208853637890905161126081148766441591539160401657770377684418968678267217917397922110840150169955546544901086157269951344598822644183037291254655299911780341794815716113854851191488541745191877611504429644948688088285889033976663223284567224856833,
150119113690962013024882886767787358736438702874024877639987005001513857060716647340813407248335373915813194132699511163987634021103271207272747869072785907538172094131387346081221837644849184613482205496553768651031911865532714182752679665482800511607578006666579667465077298743858640016483407400610361062117,
261443907406365378354663085808874736386503755521058985081882965637470767771213025297791271476414073951003560905113869260605140573834934363441563582910410964978725003553295056860481290987047183978890184230384420847820829849525721267527923689830443383138481525900699205548045140667247267145170931395629543661831064542899777508230897484324075615967481549633013603167452463475949339014097601443520652166671659780291518107163852587423275987949452420808289251299490423174099687524419810127240076379136338103470684200785820699599792642573784713209902559428358302232211377555678297104998775430839041504293459045414977936385,
65537))
self.assertEqual((rsa_priv.n, rsa_priv.e), (rsa_pub.n, rsa_pub.e))
self.assertEqual(priv_out.replace(b'\n', b''),
TEST_PKCS1_PRIV.replace(b'\n', b''))
self.assertEqual(pub_out.replace(b'\n', b''),
TEST_PKCS1_PUB.replace(b'\n', b''))
def test_recover_plaintext(self):
rsa = RSA(2048)
oaep = OAEP(rsa.bits)
plaintext = b'Super secret ;)'
padded_plain = oaep.pad(plaintext)
ciphertext = Bytes(rsa.encrypt(padded_plain))
def oracle_func(attempt):
pt = rsa.decrypt(attempt.int())
try:
oaep.unpad(pt, True)
return False
except ValueError as e:
return "First byte is not zero" in str(e)
except Exception as e:
print(e)
return False
oracle = PaddingOracle(oracle_func)
attack = MangersAttack(oracle, rsa)
recovered_plaintext = oaep.unpad(attack.execute(ciphertext))
self.assertEqual(recovered_plaintext, plaintext)
def _run_oaep(self, e, d, modulus, bits, message, seed,
expected_ciphertext):
rsa = RSA(bits)
rsa.e = e
rsa.d = d
rsa.n = modulus
oaep = OAEP(rsa.bits)
padded_plain = oaep.pad(message, seed=seed)
ciphertext = Bytes(rsa.encrypt(padded_plain))
self.assertEqual(ciphertext, expected_ciphertext)
self.assertEqual(oaep.unpad(rsa.decrypt(ciphertext.int())), message)
def test_factorize_from_shared_p(self):
for _ in range(5):
a_d = 0
b_d = 0
while a_d == b_d:
bits = max(1, Bytes.random(2).int() >> 4)
rsa_a = RSA(bits, e=65537)
rsa_b = RSA(bits, e=65537, p=rsa_a.p)
a_d = rsa_a.d
b_d = rsa_b.d
self.assertNotEqual(rsa_a.d, rsa_b.d)
new_rsa_a, new_rsa_b = RSA.factorize_from_shared_p(
rsa_a.n, rsa_b.n, rsa_a.e)
self.assertEqual((rsa_a.d, rsa_a.e, rsa_a.n, rsa_a.p, rsa_a.q),
(new_rsa_a.d, new_rsa_a.e, new_rsa_a.n,
new_rsa_a.p, new_rsa_a.q))
self.assertEqual((rsa_b.d, rsa_b.e, rsa_b.n, rsa_b.p, rsa_b.q),
(new_rsa_b.d, new_rsa_b.e, new_rsa_b.n,
new_rsa_b.p, new_rsa_b.q))
def test_gauntlet(self):
for jwa in [JWASignatureAlg.HS256, JWASignatureAlg.HS384, JWASignatureAlg.HS512]:
for _ in range(50):
key = Bytes.random(16)
jws = JWS.create(jwa, BODY, key)
self.assertTrue(jws.verify(key))
for jwa, curve, hash_obj in [(JWASignatureAlg.ES256, P256, SHA256()), (JWASignatureAlg.ES384, P384, SHA384()), (JWASignatureAlg.ES512, P521, SHA512())]:
for _ in range(10):
key = ECDSA(G=curve.G, hash_obj=hash_obj)
jws = JWS.create(jwa, BODY, key)
self.assertTrue(jws.verify(key))
for jwa in [JWASignatureAlg.RS256, JWASignatureAlg.RS384, JWASignatureAlg.RS512, JWASignatureAlg.PS256, JWASignatureAlg.PS384, JWASignatureAlg.PS512]:
for _ in range(10):
key = RSA(2048)
jws = JWS.create(jwa, BODY, key)
correct = jws.verify(key)
if not correct:
print(key)
print(jws)
self.assertTrue(correct)
for i in range(10):
if i % 2:
curve = EdwardsCurve25519
else:
curve = EdwardsCurve448
key = EdDSA(curve=curve)
jws = JWS.create(JWASignatureAlg.EdDSA, BODY, key)
correct = jws.verify(key)
if not correct:
print(key)
print(jws)
self.assertTrue(correct)
def test_jwk_gauntlet(self):
for _ in range(100):
rsa = RSA(1024)
priv = rsa.export_private_key(encoding=PKIEncoding.JWK)
pub = rsa.export_public_key(encoding=PKIEncoding.JWK)
new_priv = RSA.import_key(priv)
new_pub = RSA.import_key(pub)
self.assertEqual((new_priv.d, new_priv.n, new_priv.e),
(rsa.d, rsa.n, rsa.e))
self.assertEqual((new_pub.n, new_pub.e), (rsa.n, rsa.e))
from samson.oracles.padding_oracle import PaddingOracle
from samson.public_key.rsa import RSA
from samson.attacks.pkcs1v15_padding_oracle_attack import PKCS1v15PaddingOracleAttack
from samson.padding.pkcs1v15_padding import PKCS1v15Padding
import unittest
import logging
logging.basicConfig(
format='%(asctime)s - %(name)s [%(levelname)s] %(message)s',
level=logging.DEBUG)
key_length = 256
rsa = RSA(key_length)
padding = PKCS1v15Padding(key_length)
def oracle_func(ciphertext):
plaintext = b'\x00' + rsa.decrypt(ciphertext)
try:
padding.unpad(plaintext, allow_padding_oracle=True)
return True
except Exception as _:
return False
class PKCS1v15PaddingOracleAttackTestCase(unittest.TestCase):
def test_padding_oracle_attack(self):
oracle = PaddingOracle(oracle_func)
import json import unittest RS1_KEY = RSA.import_key(b"""-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDY5D2Xq6mcALI5mH+rzw xIjG6Kmjc6BA44oMNOCuvbVQIGlIGozVnJmyiHuc+DatP5lMGYbeZk7NVSQ/bHew4CDf8r qjZFdH1gUZK8yNCZW2w9pQ0rgYOd9W7ltPXAcctSkQvoPz2CdhKpnKZyosZLXNyp14rCzB P95dgmy7n6W5e6Okjg7iE/ECM8WmavYAQET5Fn/kpS1p7z6YPYVfjRpNm+dGsqF6hHbnBj oZUSUgLBl5T48dHdZP7mNukO8wmkM/4Gq8W7OIhg3en76pp2KRJOIdsYTKRZf5+sq7VoBm 48CRcmUTuI7aOTvbMI+m8NGqQ2x2xqykUbZ6elCbjxAgMBAAECggEBAM9HETXp8GYOpEU2 4IypiuuqidocF7tyNMUZnozvEwjB7PWs510TI0Pw7IMJqK/HYF2dNIcgQJcjX5sHKMjraS +9gKeSO9uUwF1UmA+jOvfUz1T6b+OsGsTS0fDlSBdqqQ13YRHLnlUX0i4Wb1wPA8LyNFB8 lTglINX82t34xPvk2lpRMBpAwjimQZZsjTo5LTNMFOrArzm0VUW2WmfnBA0983RbLhx412 vk02ROCZk00Z8orTeI47n5xDlbYWOcdrAHcUpeH7dNXzPxqw7sSvunkSwbhnTr5diP535+ 66gwdJsh/VBtHOgu3AoL0VYcI5uVXbqjUS5UzbAezI6+s6ECgYEA5wrEH9SXEk+M4kf9ry 37IuYrlyTtMGrQm5hLZiYzEBijxaJyRZNbg//c0jjPARzG0WoGjaAC+aTEp2SNyXtSf51E DedJ3tlqfqsFFamIG5+I/8CkuwRS4R5ljownSpkyDNB1guOf/JliXQdzodD45N9ZuLSuUw /VSq+Ps8RnZycCgYEA8FIoMjj4eYdEO9WZnrmDEBZ71rkWStBu2aAsKOLRu/C/ao5UV4WB whkWFYvmXpCbytCLD0J5/3sdEBynvR/Q9PeLL+krg9j0kDp4Z39Q1IriVV/SZMbUR0A+qC MjwBckkkpcL3CXfW83z4UpWsA1GVX4JKIbJLpQtwqUHa1ALicCgYAwS0TRrnthnXVCe2/g pUjgc6Ja9qIJw9oVHBFuqb90tuHM1vbx6ipv/hSncK58egppDbOO+QqGKlXc85zbp8aH3F S0X0tGpMWo8pCehZBozcEyTI9idDXqzpLF6C/yXPFkUlKt6GyxvVIdRgh6o5bTKIi1njbu L9oSwX3VQtGmcwKBgQDX4mX7n9QOkCYKvjpvLOWA+UGsRb6x3IYH9+xTmlagx4ec+Fjp+q PzMkf1eSSshKl/S1Hwll4z1GvqQmOo8MDsnsepdYRCwA4K1ou9JdD97fmeiiLdpwOhMiRX NKHz+JZA2I3xi+p6owN253+b55iLtv/gIMPTfY/urpEaC73g9wKBgEX6rMznPj9NT/Tgfb VButVCSJwqQeYG4x6TJDi5xcS005Dw7sGSFntMeFTqp88BewSxx0P6PuDebNQBj8zKCOaA kmLKOEeAhDcL3QYsFCv/UTMUnTdXoHTdginKg8Vd80jIJsRgVFE7FV3PB6D6faP9izeHNE fQdk9Ui+yY2YKX -----END PRIVATE KEY-----""") RS2_KEY = RSA.import_key(b"""-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNenZJKQm0RuL9Vlqc2y
def test_import_jwk(self):
rsa = RSA.import_key(TEST_JWK)
priv_jwk = rsa.export_private_key(encoding=PKIEncoding.JWK)
self.assertEqual(priv_jwk, TEST_JWK)
def test_cross_alg(self):
for ca in [DSA(), RSA(2048), ECDSA(G=P256.G)]:
for leaf in [DSA(), RSA(2048), ECDSA(G=P256.G)]:
self._run_test(ca, leaf)