def test_invalid_pss_signature_data_too_large_for_modulus(self, backend): signature = binascii.unhexlify( b"cb43bde4f7ab89eb4a79c6e8dd67e0d1af60715da64429d90c716a490b799c29" b"194cf8046509c6ed851052367a74e2e92d9b38947ed74332acb115a03fcc0222" ) public_key = rsa.RSAPublicKey( modulus=int( b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68" b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8" b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303" b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4" b"030d3581e13522", 16 ), public_exponent=65537 ) verifier = public_key.verifier( signature, padding.PSS( mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA1(), backend ) verifier.update(b"sign me") with pytest.raises(InvalidSignature): verifier.verify()
def test_pss_verify_salt_length_too_long(self, backend): signature = binascii.unhexlify( b"8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8" b"534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd" ) public_key = rsa.RSAPublicKey( modulus=int( b"d309e4612809437548b747d7f9eb9cd3340f54fe42bb3f84a36933b0839c" b"11b0c8b7f67e11f7252370161e31159c49c784d4bc41c42a78ce0f0b40a3" b"ca8ffb91", 16 ), public_exponent=65537 ) verifier = public_key.verifier( signature, padding.PSS( mgf=padding.MGF1( algorithm=hashes.SHA1(), salt_length=1000000 ) ), hashes.SHA1(), backend ) verifier.update(b"sign me") with pytest.raises(InvalidSignature): verifier.verify()
def test_invalid_pss_signature_wrong_data(self, backend): public_key = rsa.RSAPublicKey( modulus=int( b"dffc2137d5e810cde9e4b4612f5796447218bab913b3fa98bdf7982e4fa6" b"ec4d6653ef2b29fb1642b095befcbea6decc178fb4bed243d3c3592c6854" b"6af2d3f3", 16 ), public_exponent=65537 ) signature = binascii.unhexlify( b"0e68c3649df91c5bc3665f96e157efa75b71934aaa514d91e94ca8418d100f45" b"6f05288e58525f99666bab052adcffdf7186eb40f583bd38d98c97d3d524808b" ) verifier = public_key.verifier( signature, padding.PSS( mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA1(), backend ) verifier.update(b"incorrect data") with pytest.raises(InvalidSignature): verifier.verify()
def test_invalid_pss_signature_wrong_key(self, backend): signature = binascii.unhexlify( b"3a1880165014ba6eb53cc1449d13e5132ebcc0cfd9ade6d7a2494a0503bd0826" b"f8a46c431e0d7be0ca3e453f8b2b009e2733764da7927cc6dbe7a021437a242e" ) public_key = rsa.RSAPublicKey( modulus=int( b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68" b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8" b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303" b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4" b"030d3581e13522e1", 16 ), public_exponent=65537 ) verifier = public_key.verifier( signature, padding.PSS( mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA1(), backend ) verifier.update(b"sign me") with pytest.raises(InvalidSignature): verifier.verify()
def test_pss_signing(self, pkcs1_example, backend): private, public, example = pkcs1_example private_key = rsa.RSAPrivateKey( p=private["p"], q=private["q"], private_exponent=private["private_exponent"], dmp1=private["dmp1"], dmq1=private["dmq1"], iqmp=private["iqmp"], public_exponent=private["public_exponent"], modulus=private["modulus"]) public_key = rsa.RSAPublicKey( public_exponent=public["public_exponent"], modulus=public["modulus"]) signer = private_key.signer( padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=padding.PSS.MAX_LENGTH), hashes.SHA1(), backend) signer.update(binascii.unhexlify(example["message"])) signature = signer.finalize() assert len(signature) == math.ceil(private_key.key_size / 8.0) # PSS signatures contain randomness so we can't do an exact # signature check. Instead we'll verify that the signature created # successfully verifies. verifier = public_key.verifier( signature, padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=padding.PSS.MAX_LENGTH), hashes.SHA1(), backend) verifier.update(binascii.unhexlify(example["message"])) verifier.verify()
def test_invalid_public_key_argument_values(self): # Start with public_exponent=7, modulus=15. Then change one value at a # time to test the bounds. # Test a modulus < 3. with pytest.raises(ValueError): rsa.RSAPublicKey(public_exponent=7, modulus=2) # Test a public_exponent < 3 with pytest.raises(ValueError): rsa.RSAPublicKey(public_exponent=1, modulus=15) # Test a public_exponent > modulus with pytest.raises(ValueError): rsa.RSAPublicKey(public_exponent=17, modulus=15) # Test a public_exponent that is not odd. with pytest.raises(ValueError): rsa.RSAPublicKey(public_exponent=6, modulus=15)
def test_pkcs1v15_verification(self, pkcs1_example, backend): private, public, example = pkcs1_example public_key = rsa.RSAPublicKey( public_exponent=public["public_exponent"], modulus=public["modulus"]) verifier = public_key.verifier( binascii.unhexlify(example["signature"]), padding.PKCS1v15(), hashes.SHA1(), backend) verifier.update(binascii.unhexlify(example["message"])) verifier.verify()
def test_pss_verification(self, pkcs1_example, backend): private, public, example = pkcs1_example public_key = rsa.RSAPublicKey( public_exponent=public["public_exponent"], modulus=public["modulus"]) verifier = public_key.verifier( binascii.unhexlify(example["signature"]), padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()), salt_length=20), hashes.SHA1(), backend) verifier.update(binascii.unhexlify(example["message"])) verifier.verify()
def rsa_verification_test(backend, params, hash_alg, pad_factory): public_key = rsa.RSAPublicKey(public_exponent=params["public_exponent"], modulus=params["modulus"]) pad = pad_factory(params, hash_alg) verifier = public_key.verifier(binascii.unhexlify(params["s"]), pad, hash_alg, backend) verifier.update(binascii.unhexlify(params["msg"])) if params["fail"]: with pytest.raises(InvalidSignature): verifier.verify() else: verifier.verify()
def ajax(): key_data = request.forms['pubkey'] asn1 = base64.b64decode(key_data) # key = load_privatekey(FILETYPE_ASN1, asn1) t = decoder.decode(asn1) f = t[0][0][0][1] r = decoder.decode( bytes( int(__, 2) for __ in chunk_into(''.join([str(_) for _ in f]), 8)))[0] modulus = int(r[0]) e = int(r[1]) k = rsa.RSAPublicKey(e, modulus) return '{1}\n{0}'.format(modulus, e)
def test_load_pss_vect_example_keys(self, pkcs1_example): secret, public = pkcs1_example skey = rsa.RSAPrivateKey( p=secret["p"], q=secret["q"], private_exponent=secret["private_exponent"], dmp1=secret["dmp1"], dmq1=secret["dmq1"], iqmp=secret["iqmp"], public_exponent=secret["public_exponent"], modulus=secret["modulus"] ) assert skey _check_rsa_private_key(skey) pkey = rsa.RSAPublicKey( public_exponent=public["public_exponent"], modulus=public["modulus"] ) assert pkey pkey2 = skey.public_key() assert pkey2 assert skey.modulus == pkey.modulus assert skey.modulus == skey.n assert skey.public_exponent == pkey.public_exponent assert skey.public_exponent == skey.e assert skey.private_exponent == skey.d assert pkey.modulus assert pkey.modulus == pkey2.modulus assert pkey.modulus == pkey.n assert pkey.public_exponent == pkey2.public_exponent assert pkey.public_exponent == pkey.e assert skey.key_size assert skey.key_size == pkey.key_size assert skey.key_size == pkey2.key_size
def test_invalid_public_key_argument_types(self): with pytest.raises(TypeError): rsa.RSAPublicKey(None, None)
import cryptography from cryptography import fernet as ft from cryptography.hazmat.primitives.asymmetric import rsa as rsa key = ft.Fernet.generate_key() a = ft.Fernet(key) b = a.encrypt(b"testsetstsetts") print(b) print(a.decrypt(b)) #rsa.RSABackend() #rsa. #backend = rsa.RSABackend() # #a = rsa.generate_private_key(16, 64, backend) #print(a) public = rsa.RSAPublicKey() #v = ft.Cipher(cryptography.hazmat.primitives.ciphers.algorithms.AES(b"stestste984854785757575757777777") ,cryptography.hazmat.primitives.ciphers.base.AEADCipherContext(), cryptography.hazmat.backends.default_backend()) # # #v_enc = v.encryptor() #v_enc.authenticate_additional_data("test") # #v_enc.finalize() #print(v_enc)