Python PKCS1_OAEP Examples

Example #1

 def testEncryptDecrypt1(self):
     # Encrypt/Decrypt messages of length [0..128-2*20-2]
     for pt_len in range(0, 128 - 2 * 20 - 2):
         pt = self.rng(pt_len)
         ct = PKCS.encrypt(pt, self.key1024)
         pt2 = PKCS.decrypt(ct, self.key1024)
         self.assertEqual(pt, pt2)

Example #2

 def testEncryptDecrypt2(self):
     # Verify that OAEP supports labels
     pt = self.rng(35)
     xlabel = self.rng(22)
     cipher = PKCS.new(self.key1024, label=xlabel)
     ct = cipher.encrypt(pt)
     self.assertEqual(cipher.decrypt(ct), pt)

Example #3

 def testDecrypt1(self):
     # Verify decryption using all test vectors
     for test in self._testData:
         # Build the key
         comps = [int(rws(test[0][x]), 16) for x in ('n', 'e', 'd')]
         key = RSA.construct(comps)
         # The real test
         cipher = PKCS.new(key, test[4])
         pt = cipher.decrypt(t2b(test[2]))
         self.assertEqual(pt, t2b(test[1]))

Example #4

    def testEncryptDecrypt3(self):
        # Verify that encrypt() uses the custom MGF
        global mgfcalls

        # Helper function to monitor what's requested from MGF
        def newMGF(seed, maskLen):
            global mgfcalls
            mgfcalls += 1
            return bchr(0x00) * maskLen

        mgfcalls = 0
        pt = self.rng(32)
        cipher = PKCS.new(self.key1024, mgfunc=newMGF)
        ct = cipher.encrypt(pt)
        self.assertEqual(mgfcalls, 2)
        self.assertEqual(cipher.decrypt(ct), pt)

Example #5

    def testEncryptDecrypt1(self):
        # Helper function to monitor what's requested from RNG
        global asked

        def localRng(N):
            global asked
            asked += N
            return self.rng(N)

        # Verify that OAEP is friendly to all hashes
        for hashmod in (MD2, MD5, SHA1, SHA256, RIPEMD):
            # Verify that encrypt() asks for as many random bytes
            # as the hash output size
            asked = 0
            pt = self.rng(40)
            self.key1024._randfunc = localRng
            cipher = PKCS.new(self.key1024, hashmod)
            ct = cipher.encrypt(pt)
            self.assertEqual(cipher.decrypt(ct), pt)
            self.assertTrue(asked > hashmod.digest_size)

Example #6

    def testEncrypt1(self):
        # Verify encryption using all test vectors
        for test in self._testData:
            # Build the key
            comps = [int(rws(test[0][x]), 16) for x in ('n', 'e')]
            key = RSA.construct(comps)

            # RNG that takes its random numbers from a pool given
            # at initialization
            class randGen:
                def __init__(self, data):
                    self.data = data
                    self.idx = 0

                def __call__(self, N):
                    r = self.data[self.idx:N]
                    self.idx += N
                    return r

            # The real test
            key._randfunc = randGen(t2b(test[3]))
            cipher = PKCS.new(key, test[4])
            ct = cipher.encrypt(t2b(test[1]))
            self.assertEqual(ct, t2b(test[2]))

Example #7

 def testDecrypt2(self):
     # Simplest possible negative tests
     for ct_size in (127, 128, 129):
         cipher = PKCS.new(self.key1024)
         self.assertRaises(ValueError, cipher.decrypt, bchr(0x00) * ct_size)

Example #8

 def testEncrypt2(self):
     # Verify that encryption fails if plaintext is too long
     pt = '\x00' * (128 - 2 * 20 - 2 + 1)
     cipher = PKCS.new(self.key1024)
     self.assertRaises(ValueError, cipher.encrypt, pt)