def setUp(self):
p = b'800000000000000089e1855218a0e7dac38136ffafa72eda7'
p += b'859f2171e25e65eac698c1702578b07dc2a1076da241c76c6'
p += b'2d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebe'
p += b'ac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2'
p += b'b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc87'
p += b'1a584471bb1'
p = number.bytes_to_long(c1.hextoascii(p))
q = b'f4f47f05794b256174bba6e9b396a7707e563c5b'
q = number.bytes_to_long(c1.hextoascii(q))
g = b'5958c9d3898b224b12672c0b98e06c60df923cb8bc999d119'
g += b'458fef538b8fa4046c8db53039db620c094c9fa077ef389b5'
g += b'322a559946a71903f990f1f7e0e025e2d7f7cf494aff1a047'
g += b'0f5b64c36b625a097f1651fe775323556fe00b3608c887892'
g += b'878480e99041be601a62166ca6894bdd41a7054ec89f756ba'
g += b'9fc95302291'
g = number.bytes_to_long(c1.hextoascii(g))
y = b'2d026f4bf30195ede3a088da85e398ef869611d0f68f07'
y += b'13d51c9c1a3a26c95105d915e2d8cdf26d056b86b8a7b8'
y += b'5519b1c23cc3ecdc6062650462e3063bd179c2a6581519'
y += b'f674a61f1d89a1fff27171ebc1b93d4dc57bceb7ae2430'
y += b'f98a6a4d83d8279ee65d71c1203d2c96d65ebbf7cce9d3'
y += b'2971c3de5084cce04a2e147821'
self.params = p, q, g
self.pub = number.bytes_to_long(c1.hextoascii(y))
def setUp(self):
p = b'800000000000000089e1855218a0e7dac38136ffafa72eda7'
p += b'859f2171e25e65eac698c1702578b07dc2a1076da241c76c6'
p += b'2d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebe'
p += b'ac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2'
p += b'b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc87'
p += b'1a584471bb1'
p = number.bytes_to_long(c1.hextoascii(p))
q = b'f4f47f05794b256174bba6e9b396a7707e563c5b'
q = number.bytes_to_long(c1.hextoascii(q))
g = b'5958c9d3898b224b12672c0b98e06c60df923cb8bc999d119'
g += b'458fef538b8fa4046c8db53039db620c094c9fa077ef389b5'
g += b'322a559946a71903f990f1f7e0e025e2d7f7cf494aff1a047'
g += b'0f5b64c36b625a097f1651fe775323556fe00b3608c887892'
g += b'878480e99041be601a62166ca6894bdd41a7054ec89f756ba'
g += b'9fc95302291'
g = number.bytes_to_long(c1.hextoascii(g))
y = b'084ad4719d044495496a3201c8ff484feb45b962e7302e56a392aee4'
y += b'abab3e4bdebf2955b4736012f21a08084056b19bcd7fee56048e004'
y += b'e44984e2f411788efdc837a0d2e5abb7b555039fd243ac01f0fb2ed'
y += b'1dec568280ce678e931868d23eb095fde9d3779191b8c0299d6e07b'
y += b'bb283e6633451e535c45513b2d33c99ea17'
self.params = p, q, g
self.pub = number.bytes_to_long(c1.hextoascii(y))
def setUp(self):
p = b'800000000000000089e1855218a0e7dac38136ffafa72eda7'
p += b'859f2171e25e65eac698c1702578b07dc2a1076da241c76c6'
p += b'2d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebe'
p += b'ac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2'
p += b'b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc87'
p += b'1a584471bb1'
p = number.bytes_to_long(c1.hextoascii(p))
q = b'f4f47f05794b256174bba6e9b396a7707e563c5b'
q = number.bytes_to_long(c1.hextoascii(q))
g = 0
y = b'084ad4719d044495496a3201c8ff484feb45b962e7302e56a392aee4'
y += b'abab3e4bdebf2955b4736012f21a08084056b19bcd7fee56048e004'
y += b'e44984e2f411788efdc837a0d2e5abb7b555039fd243ac01f0fb2ed'
y += b'1dec568280ce678e931868d23eb095fde9d3779191b8c0299d6e07b'
y += b'bb283e6633451e535c45513b2d33c99ea17'
self.params = p, q, g
self.pub = number.bytes_to_long(c1.hextoascii(y))
def GET(self):
user_data = web.input(file='', signature='')
if user_data.file == "" or user_data.signature == "":
return 500
expected = hmac_sha1(key, user_data.file.encode('utf-8'))
actual = c1.hextoascii(user_data.signature)
if insecure_compare(expected, actual):
return 200
else:
return 500
def test_dsa(self):
p = b'a8f9cd201e5e35d892f85f80e4db2599a5676a3b'
p += b'1d4f190330ed3256b26d0e80a0e49a8fffaaad2'
p += b'a24f472d2573241d4d6d6c7480c80b4c67bb447'
p += b'9c15ada7ea8424d2502fa01472e760241713dab'
p += b'025ae1b02e1703a1435f62ddf4ee4c1b664066e'
p += b'b22f2e3bf28bb70a2a76e4fd5ebe2d1229681b5'
p += b'b06439ac9c7e9d8bde283'
p = number.bytes_to_long(c1.hextoascii(p))
q = b'f85f0f83ac4df7ea0cdf8f469bfeeaea14156495'
q = number.bytes_to_long(c1.hextoascii(q))
g = b'2b3152ff6c62f14622b8f48e59f8af46883b38e7'
g += b'9b8c74deeae9df131f8b856e3ad6c8455dab87c'
g += b'c0da8ac973417ce4f7878557d6cdf40b35b4a0c'
g += b'a3eb310c6a95d68ce284ad4e25ea28591611ee0'
g += b'8b8444bd64b25f3f7c572410ddfb39cc728b9c9'
g += b'36f85f419129869929cdb909a6a3a99bbe08921'
g += b'6368171bd0ba81de4fe33'
g = number.bytes_to_long(c1.hextoascii(g))
msg = b'3b46736d559bd4e0c2c1b2553a33ad3c6cf23c'
msg += b'ac998d3d0c0e8fa4b19bca06f2f386db2dcff'
msg += b'9dca4f40ad8f561ffc308b46c5f31a7735b5f'
msg += b'a7e0f9e6cb512e63d7eea05538d66a75cd0d4'
msg += b'234b5ccf6c1715ccaaf9cdc0a2228135f716e'
msg += b'e9bdee7fc13ec27a03a6d11c5c5b3685f5190'
msg += b'0b1337153bc6c4e8f52920c33fa37f4e7'
msg = c1.hextoascii(msg)
x = b'c53eae6d45323164c7d07af5715703744a63fc3a'
x = number.bytes_to_long(c1.hextoascii(x))
y = b'313fd9ebca91574e1c2eebe1517c57e0c21b0209'
y += b'872140c5328761bbb2450b33f1b18b409ce9ab7'
y += b'c4cd8fda3391e8e34868357c199e16a6b2eba06'
y += b'd6749def791d79e95d3a4d09b24c392ad89dbf1'
y += b'00995ae19c01062056bb14bce005e8731efde17'
y += b'5f95b975089bdcdaea562b32786d96f5a31aedf'
y += b'75364008ad4fffebb970b'
y = number.bytes_to_long(c1.hextoascii(y))
params = p, q, g
pub = y
priv = x
k = b'98cbcc4969d845e2461b5f66383dd503712bbcfa'
k = number.bytes_to_long(c1.hextoascii(k))
r, s, k = dsa_sign_with_k(msg, params, priv, k)
sig = r, s
r = c1.asciitohex(number.long_to_bytes(r))
s = c1.asciitohex(number.long_to_bytes(s))
self.assertEqual(r,
b'50ed0e810e3f1c7cb6ac62332058448bd8b284c0'.upper())
self.assertEqual(s,
b'c6aded17216b46b7e4b6f2a97c1ad7cc3da83fde'.upper())
self.assertTrue(dsa_verify(msg, sig, params, pub))
self.assertEqual(get_x_from_k(msg, sig, params, k), x)
def test_challenge_8(self):
linenum = 0
result = ''
expected = 'd880619740a8a19b7840a8a31c810a3d08649af70dc06f4fd5d2d69c74'
expected += '4cd283e2dd052f6b641dbf9d11b0348542bb5708649af70dc06f4fd5d'
expected += '2d69c744cd2839475c9dfdbc1d46597949d9c7e82bf5a08649af70dc0'
expected += '6f4fd5d2d69c744cd28397a93eab8d6aecd566489154789a6b0308649'
expected += 'af70dc06f4fd5d2d69c744cd283d403180c98c8f6db1f2a3f9c4040de'
expected += 'b0ab51b29933f2c123c58386b06fba186a'
for line in self.f.readlines():
if is_ecb(c1.hextoascii(line.strip()), 3):
result = line.strip()
break
linenum += 1
self.assertEqual(linenum, 132)
self.assertEqual(result, expected)
def pkcs15_verify_bad(message, signature, pub):
"""
Bad PKCS1.5 verify algorithm that uses regular expression check
Args:
message: The message
signature: The message signature
pub: The RSA public key
Returns:
True if signature validates
"""
m = c39.rsa_decrypt(signature, pub)
m = c1.asciitohex(m)
regexp = b'3021300906052B0E03021A05000414'
r = re.compile(regexp)
m = r.split(m)
if len(m) != 2:
return False
h = c1.hextoascii(m[1])[:20]
return h == sha1(message).digest()
def setUp(self):
self.ctxt = b'1b37373331363f78151b7f2b783431333d78397828372d363c78373e783a393b3736'
self.ctxt = c1.hextoascii(self.ctxt)
def setUp(self):
n = b"c8a2069182394a2ab7c3f4190c15589c56"
n += b"a2d4bc42dca675b34cc950e24663048441"
n += b"e8aa593b2bc59e198b8c257e882120c623"
n += b"36e5cc745012c7ffb063eebe53f3c6504c"
n += b"ba6cfe51baa3b6d1074b2f398171f4b198"
n += b"2f4d65caf882ea4d56f32ab57d0c44e6ad"
n += b"4e9cf57a4339eb6962406e350c1b153971"
n += b"83fbf1f0353c9fc991"
n = c1.hextoascii(n)
n = number.bytes_to_long(n)
e = b"010001"
e = c1.hextoascii(e)
e = number.bytes_to_long(e)
d = b"5dfcb111072d29565ba1db3ec48f57645"
d += b"d9d8804ed598a4d470268a89067a2c921"
d += b"dff24ba2e37a3ce834555000dc868ee65"
d += b"88b7493303528b1b3a94f0b71730cf1e8"
d += b"6fca5aeedc3afa16f65c0189d810ddcd8"
d += b"1049ebbd0391868c50edec958b3a2aaef"
d += b"f6a575897e2f20a3ab5455c1bfa55010a"
d += b"c51a7799b1ff8483644a3d425"
d = c1.hextoascii(d)
d = number.bytes_to_long(d)
self.pub = e, n
self.priv = d, n
m1 = b"e8312742ae23c456ef28a23142"
m1 += b"c4490895832765dadce02afe5b"
m1 += b"e5d31b0048fbeee2cf218b1747"
m1 += b"ad4fd81a2e17e124e6af17c388"
m1 += b"8e6d2d40c00807f423a233cad6"
m1 += b"2ce9eaefb709856c94af166dba"
m1 += b"08e7a06965d7fc0d8e5cb26559"
m1 += b"c460e47bc088589d2242c9b3e6"
m1 += b"2da4896fab199e144ec136db8d"
m1 += b"84ab84bcba04ca3b90c8e5"
self.m1 = c1.hextoascii(m1)
s1 = b"28928e19eb86f9c00070a59edf6bf843"
s1 += b"3a45df495cd1c73613c2129840f48c4a"
s1 += b"2c24f11df79bc5c0782bcedde97dbbb2a"
s1 += b"cc6e512d19f085027cd575038453d04905"
s1 += b"413e947e6e1dddbeb3535cdb3d8971fe020"
s1 += b"0506941056f21243503c83eadde053ed866"
s1 += b"c0e0250beddd927a08212aa8ac0efd61631"
s1 += b"ef89d8d049efb36bb35f"
self.s1 = c1.hextoascii(s1)
m2 = b"207102f598ec280045be67592f5bba25"
m2 += b"ba2e2b56e0d2397cbe857cde52da8cca"
m2 += b"83ae1e29615c7056af35e8319f2af86f"
m2 += b"dccc4434cd7707e319c9b2356659d7886"
m2 += b"7a6467a154e76b73c81260f3ab443cc03"
m2 += b"9a0d42695076a79bd8ca25ebc8952ed44"
m2 += b"3c2103b2900c9f58b6a1c8a6266e43880"
m2 += b"cda93bc64d714c980cd8688e8e63"
self.m2 = c1.hextoascii(m2)
s2 = b"77f0f2a04848fe90a8eb35ab5d94cae843db"
s2 += b"61024d0167289eea92e5d1e10a526e420f2d"
s2 += b"334f1bf2aa7ea4e14a93a68dba60fd2ede58"
s2 += b"b794dcbd37dcb1967877d6b67da3fdf2c0c7"
s2 += b"433e47134dde00c9c4d4072e43361a767a52"
s2 += b"7675d8bda7d5921bd483c9551950739e9b2b"
s2 += b"e027df3015b61f751ac1d9f37bea3214d3c8dc96"
self.s2 = c1.hextoascii(s2)
def setUp(self):
self.str1 = c1.hextoascii(b'1c0111001f010100061a024b53535009181c')
self.str2 = c1.hextoascii(b'686974207468652062756c6c277320657965')