Ejemplo n.º 1
0
	def load_unencrypted(pkeyInfo):
		version, pkeyAlgo, pkeyData = pkeyInfo[0:3]
		if version != 0:
			raise PKCSError('unknown PKCS#8 version: {}'.format(version))
		algoId, algoParms = pkeyAlgo.get_pos(0,2)
		if algoId == OID_PKCS_RSAPKEY:
			from Crypto.PublicKey import RSA
			rsakey = asn1.loads(pkeyData)
			vals = rsakey[1:6] # n, e, d, p, q
			pkey = RSA.construct([long(val) for val in vals])
			print 'RSA!', vals
		elif algoId == OID_PKCS_DSAPKEY:
			from Crypto.PublicKey import DSA
			p, q, g = algoParms
			x = asn1.loads(pkeyData)
			y = pow(g, x, p)
			vals = (y, g, p, q, x)
			pkey = DSA.construct([long(val) for val in vals])
		elif algoId == OID_PKCS_DHPKEY:
			from Crypto.PublicKey import ElGamal
			p, g = algoParms[0:2]
			x = asn1.loads(pkeyData)
			y = pow(g, x, p)
			vals = (p, g, y, x)
			pkey = ElGamal.construct([long(val) for val in vals])
		else:
			raise PKCSError('unknown PKCS#8 key algorithm: {}'.format(algoId))
		return pkey
Ejemplo n.º 2
0
def make_pkey(keyAlg, keyData, isPublic):
	algoId, algoParams = keyAlg.get_slice(0,2)
	if algoId == OID_PKCS_RSAKEY:
		from Crypto.PublicKey import RSA
		vals = asn1.loads(keyData)
		if isPublic:
			vals = vals[0:2] # n, e
		else:
			vals = vals[1:6] # n, e, d, p, q
		key = RSA.construct([long(val) for val in vals])
	elif algoId == OID_X957_DSAKEY:
		from Crypto.PublicKey import DSA
		p, q, g = algoParams
		val = asn1.loads(keyData)
		if isPublic:
			vals = (val, g, p, q) # y, g, p, q
		else:
			y = pow(g, val, p)
			vals = (y, g, p, q, val) # y, g, p, q, x
		key = DSA.construct([long(val) for val in vals])
	else:
		raise ValueError('unknown key algorithm id: {}'.format(algoId))
#	if attrs:
#		for attrId, attrValues in attrs:
#			if attrId in ATTR_NAMES and attrValues:
#				setattr(key, ATTR_NAMES[attrId], attrValues[0])
	return key
Ejemplo n.º 3
0
def load_x509(cert):
	def make_attrlist(value):
		return [{ATTR_NAMES.get(id, id): val} for item in value for id, val in item.iteritems()]
	cert, signAlg, signData = cert
	idx = cert.find_tag(0)
	pkeyAlgo, pkeyData = cert[idx+6]
	algoId, algoParms = pkeyAlgo.get_pos(0,2)
	if algoId == OID_PKCS_RSAPKEY:
		from Crypto.PublicKey import RSA
		rsakey = asn1.loads(pkeyData)
		vals = rsakey[0:2] # n, e
		pkey = RSA.construct([long(val) for val in rsakey])
	elif algoId == OID_PKCS_DSAPKEY:
		from Crypto.PublicKey import DSA
		p, q, g = algoParms
		y = asn1.loads(pkeyData)
		vals = (y, g, p, q)
		pkey = DSA.construct([long(val) for val in vals])
	elif algoId == OID_PKCS_DHPUBNUM:
		from Crypto.PublicKey import ElGamal
		p, g, q = algoParms[0:3]
		y = asn1.loads(pkeyData)
		vals = (p, g, y)
		pkey = ElGamal.construct([long(val) for val in vals])
	else:
		raise PKCSError('unknown X.509 key algorithm: {}'.format(algoId))
	pkey.serialNumber = cert[idx+1]
	pkey.signature = cert[idx+2]
	pkey.issuer = make_attrlist(cert[idx+3])
	pkey.validFrom, pkey.validTo = cert[idx+4]
	pkey.subject = make_attrlist(cert[idx+5])
	pkey.version = cert.get_tag(0, None, 0) + 1
	if pkey.version >= 2:
		pkey.issuerUniqueID = cert.get_tag(1, asn1.BIT_STRING)
		pkey.subjectUniqueID = cert.get_tag(2, asn1.BIT_STRING)
	if pkey.version >= 3:
#		pkey.extensions = cert.get_tag(3, None, [])
		extensions = cert.get_tag(3, None, [])
		pkey.extensions = {}
		for extension in extensions:
			extnId = extension[0]
			if extension[1] == True:
				extnVal = (True, asn1.loads(extension[2]))
			else:
				extnVal = (False, asn1.loads(extension[1]))
			pkey.extensions[ATTR_NAMES.get(extnId, extnId)] = extnVal
	return pkey
Ejemplo n.º 4
0
def make_certkey(certId, certValue):
	if certId == OID_PKCS_X590CERT:
		cert = asn1.loads(certValue)
		pass
	elif certId == OID_PKCS_SDSICERT:
		cert = b64decode(certValue.value)
		print "========  SDSI CERT  =============="
		asn1.pr(cert)
		print "==================================="
	else:
		raise ValueError('unknown certificate type id: {}'.format(certId))
	return key
Ejemplo n.º 5
0
	def load_encrypted(pkeyInfo, passwd):
		encrAlgo, encrData = pkeyInfo[0:2]
		cipher = _pbecipher_fromAlgoInfo(passwd, encrAlgo)
		pkeyData = cipher.decrypt(encrData)
		pkeyInfo = asn1.loads(pkeyData)
		return load_unencrypted(pkeyInfo)