def test_sign_pss() -> None:
key.default_hash_algorithm = hashes.sha2_256()
key.default_pss_options = None
opt = rsa.PssOptions(salt_length=123)
sig0 = run(key.sign_pss(b"Hello", opt))
sig1 = run(key.sign_pss_digest(sha2_256(b"Hello"), opt))
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig1.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == rsa.RsaPssMetadata(
AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PSS,
hashes.sha2_256(),
rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.sha2_256()),
123,
b"\xbc",
)
assert sig0.meta == sig1.meta
with pytest.raises(NotImplementedError, match="Unsupported algorithm"):
run(
key.sign_pss(
b"Hello",
rsa.PssOptions(
mgf_alg=rsa.MgfAlgorithm(rsa.MgfAlgorithmId.OTHER))))
with pytest.raises(NotImplementedError, match="Only BC trailer supported"):
run(key.sign_pss(b"Hello", rsa.PssOptions(trailer_field=b"foo")))
with pytest.raises(NotImplementedError, match="Custom salt not supported"):
run(key.sign_pss(b"Hello", rsa.PssOptions(salt=b"foo")))
def test_sign_pss() -> None:
key.default_hash_algorithm = hashes.sha2_256()
key.default_pss_options = None
opt = rsa.PssOptions(salt=urandom(123))
sig0 = run(key.sign_pss(b"Hello", opt))
sig1 = run(key.sign_pss_digest(sha2_256(b"Hello"), opt))
assert sig0 == sig1
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == rsa.RsaPssMetadata(
AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PSS,
hashes.sha2_256(),
rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.sha2_256()),
123,
b"\xbc",
)
def test_sign() -> None:
key.default_scheme = rsa.RsaScheme.PKCS1v1_5
key.default_hash_algorithm = hashes.sha2_256()
meta = key.sig_meta
sig0 = run(key.sign(b"Hello"))
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == meta
sig1 = run(key.sign_digest(sha2_256(b"Hello")))
assert sig1.algorithm == AsymmetricAlgorithm.RSA
assert sig1.meta == meta
key.default_hash_algorithm = hashes.md5()
sig2 = run(key.sign_digest(sha2_256(b"Hello")))
assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.sha2_256())
assert sig2.meta == meta
key.default_scheme = rsa.RsaScheme.PSS
key.default_pss_options = rsa.PssOptions(trailer_field=b"foobar",
salt_length=17)
meta_pss = key.sig_meta
sig3 = run(key.sign(b"Hello"))
assert sig3.meta == meta_pss
assert meta_pss == rsa.RsaPssMetadata(
AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PSS,
hashes.md5(),
rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5()),
17,
b"foobar",
)
sig4 = run(key.sign_digest(md5(b"Hello")))
assert sig4.meta == meta_pss
key.default_scheme = rsa.RsaScheme.RAW
with pytest.raises(Exception, match="Bad default scheme"):
run(key.sign(b"foo"))
with pytest.raises(Exception, match="Bad default scheme"):
run(key.sign_digest(md5(b"foo")))
with pytest.raises(Exception, match="Unsupported scheme"):
key.sig_meta
def test_parse_pss_options() -> None:
def_hash = hashes.sha2_256()
with pytest.raises(TypeError, match="conflicting hash algorithms"):
pss.parse_pss_options(pub,
def_hash,
rsa.PssOptions(hash_alg=hashes.sha1()),
dgst_hash_alg=hashes.sha2_256())
assert pss.parse_pss_options(pub, def_hash).hash_alg == hashes.sha2_256()
assert pss.parse_pss_options(
pub, default_hash_alg=hashes.md5()).hash_alg == hashes.md5()
assert pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(hash_alg=hashes.md5())).hash_alg == hashes.md5()
assert pss.parse_pss_options(
pub, def_hash, dgst_hash_alg=hashes.md5()).hash_alg == hashes.md5()
mgf_md5 = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1,
rsa.Mgf1Parameters(hashes.md5()))
mgf_md5_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1, hashes.md5())
mgf_sha2_256_meta = rsa.Mgf1Metadata(rsa.MgfAlgorithmId.MGF1,
hashes.sha2_256())
assert pss.parse_pss_options(pub, def_hash).mgf_alg == mgf_sha2_256_meta
assert pss.parse_pss_options(
pub, default_hash_alg=hashes.md5()).mgf_alg == mgf_md5_meta
assert pss.parse_pss_options(
pub, def_hash, rsa.PssOptions(mgf_alg=mgf_md5)).mgf_alg == mgf_md5_meta
assert (mgf_sha2_256_meta == pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(
mgf_alg=rsa.MgfAlgorithm(rsa.MgfAlgorithmId.MGF1))).mgf_alg)
params = "params"
test_alg = rsa.MgfAlgorithm(rsa.MgfAlgorithmId.OTHER, params)
parsed = pss.parse_pss_options(pub, def_hash,
rsa.PssOptions(mgf_alg=test_alg)).mgf_alg
assert isinstance(parsed, rsa.OtherMgfMetadata)
assert parsed.params is params
with pytest.raises(NotImplementedError):
pss.parse_pss_options(
pub, def_hash,
rsa.PssOptions(mgf_alg=rsa.MgfAlgorithm("foo", "bar")))
def load_private_key(path: Path) -> PrivateKey:
logging.info('Loading private key in %s', path.absolute().resolve())
with path.open('rb') as fp:
key = RsaPrivateKey(serialization.load_pem_private_key(
fp.read(),
password=None,
backend=backend,
))
key.default_scheme = RsaScheme.PKCS1v1_5
key.default_hash_algorithm = sha2_256()
return key
def test_mgf1() -> None:
h = hashlib.sha1(m2)
assert pss.mgf1(h, len(db_mask)) == db_mask
assert pss.mgf1(h, 0) == b""
assert pss.mgf1(h, 10) == db_mask[:10]
assert pss.mgf1(h, 55) == db_mask[:55]
assert pss.mgf1(h, 64) == db_mask[:64]
assert len(pss.mgf1(h, 2345)) == 2345
assert pss.mgf1(h, len(db_mask)) == db_mask
assert pss.mgf1(h, len(db_mask), hashes.sha1()) == db_mask
assert pss.mgf1(h, len(db_mask), hashes.sha2_256()) != db_mask
def test_sign_v15() -> None:
key.default_hash_algorithm = hashes.sha2_256()
sig0 = run(key.sign_v15(b"Hello"))
sig1 = run(key.sign_v15_digest(sha2_256(b"Hello")))
assert sig0 == sig1
assert sig0.algorithm == AsymmetricAlgorithm.RSA
assert sig0.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.sha2_256())
assert sig0.meta == sig1.meta
key.default_hash_algorithm = hashes.md5()
sig2 = run(key.sign_v15(b"Hello"))
sig3 = run(key.sign_v15_digest(md5(b"Hello")))
assert sig2 == sig3
assert sig2.algorithm == AsymmetricAlgorithm.RSA
assert sig2.meta == rsa.RsaV15Metadata(AsymmetricAlgorithm.RSA,
rsa.RsaScheme.PKCS1v1_5,
hashes.md5())
assert sig2.meta == sig3.meta
sig4 = run(key.sign_v15(b"Hello", hashes.sha2_256()))
assert sig0 == sig4
def test_signature() -> None:
key = None
meta = EcdsaSignatureMetadata(algorithm=AsymmetricAlgorithm.ECDSA, hash_alg=sha2_256())
val_10_20 = b"\x30\x06\x02\x01\x0a\x02\x01\x14"
sig0 = EcdsaSignature(key=key, meta=meta, der=val_10_20)
assert sig0.r == 10
assert sig0.s == 20
sig1 = EcdsaSignature(key=key, meta=meta, r=10, s=20)
assert sig0 == sig1
with pytest.raises(ValueError, match="Bad parameters"):
EcdsaSignature(key=key, meta=meta, der=val_10_20, r=10, s=20)
def gen_private_key(path: Path, algo: str, params: Mapping[str, Any]) -> PrivateKey:
logging.info('Creating private %s key in %s', algo, path.absolute().resolve())
if algo == 'rsa':
key = RsaPrivateKey(rsa.generate_private_key(
public_exponent=int(params['exp']),
key_size=int(params['bits']),
backend=backend,
))
key.default_scheme = RsaScheme.PKCS1v1_5
key.default_hash_algorithm = sha2_256()
else:
raise NotImplementedError(f'Algorithm {algo!r} not supported')
try:
old_umask = os.umask(0o177)
with path.open('xt') as fp:
fp.write(key.export_private_pem())
finally:
os.umask(old_umask)
return key
"a06e327ea7388c18e4740e350ed4e60f2e04fc41",
"37f332f68db77bd9d7edd4969571ad671cf9dd3b",
)),
HashVector(hashes.sha1(), OID - 1 - 3 - 14 - 3 - 2 - 26, (
"da39a3ee5e6b4b0d3255bfef95601890afd80709",
"8843d7f92416211de9ebb963ff4ce28125932878",
"2fd4e1c67a2d28fced849ee1bb76e7391b93eb12",
)),
HashVector(hashes.sha2_224(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 4,
(
"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
"de76c3e567fca9d246f5f8d3b2e704a38c3c5e258988ab525f941db8",
"730e109bd7a8a32b1cb9d9a09aa2325d2430587ddbc0c38bad911525",
)),
HashVector(
hashes.sha2_256(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 1, (
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2",
"d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592",
)),
HashVector(hashes.sha2_384(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 2, (
"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
"3c9c30d9f665e74d515c842960d4a451c83a0125fd3de7392d7b37231af10c72ea58aedfcdf89a5765bf902af93ecf06",
"ca737f1014a48f4c0b6dd43cb177b0afd9e5169367544c494011e3317dbf9a509cb1e5dc1e85a941bbee3d7f2afbc9b1",
)),
HashVector(
hashes.sha2_512(), OID - 2 - 16 - 840 - 1 - 101 - 3 - 4 - 2 - 3, (
"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce"
"47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
"0a50261ebd1a390fed2bf326f2673c145582a6342d523204973d0219337f8161"
"6a8069b012587cf5635f6925f1b56c360230c19b273500ee013e030601bf2425",
