def testExportKey6(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     encoded = key.export_key('PEM')
     self.assertEqual(self.pem_pkcs8, encoded)
     encoded = key.export_key('PEM', pkcs8=True)
     self.assertEqual(self.pem_pkcs8, encoded)
 def testExportKey8(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     encoded = key.export_key('PEM', pkcs8=False, passphrase="PWDTEST")
     key = DSA.importKey(encoded, "PWDTEST")
     self.assertEqual(self.y, key.y)
     self.assertEqual(self.p, key.p)
     self.assertEqual(self.q, key.q)
     self.assertEqual(self.g, key.g)
     self.assertEqual(self.x, key.x)
    def test2(self):

        for sig in self.signatures:
            tk = sig.test_key
            key = DSA.construct([tk.y, tk.g, tk.p, tk.q, tk.x], False)
            signer = DSS.new(key, 'deterministic-rfc6979')

            hash_obj = sig.module.new(sig.message)
            result = signer.sign(hash_obj)
            self.assertEqual(sig.result, result)
    def test1(self):
        q = 0x4000000000000000000020108A2E0CC0D99F8A5EF
        x = 0x09A4D6792295A7F730FC3F2B49CBC0F62E862272F
        p = 2 * q + 1
        y = pow(2, x, p)
        key = DSA.construct([pow(y, 2, p), 2, p, q, x], False)
        signer = DSS.new(key, 'deterministic-rfc6979')

        # Test _int2octets
        self.assertEqual(hexlify(signer._int2octets(x)),
                         b("009a4d6792295a7f730fc3f2b49cbc0f"
                           "62e862272f"))

        # Test _bits2octets
        h1 = SHA256.new(b("sample")).digest()
        self.assertEqual(hexlify(signer._bits2octets(h1)),
                         b("01795edf0d54db760f156d0dac04c032"
                           "2b3a204224"))
 def testExportKey1(self):
     tup = (self.y, self.g, self.p, self.q)
     key = DSA.construct(tup)
     encoded = key.export_key('DER')
     self.assertEqual(self.der_public, encoded)
 def test_exportKey(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     self.assertEqual(key.exportKey(), key.export_key())
 def testExportError2(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     self.assertRaises(ValueError, key.export_key, 'DER', pkcs8=False, passphrase="PWDTEST")
 def testExportKey10(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     randfunc = BytesIO(unhexlify(b("27A1C66C42AFEECE") + b("D725BF1B6B8239F4"))).read
     encoded = key.export_key('DER', pkcs8=True, passphrase="PWDTEST", randfunc=randfunc)
     self.assertEqual(self.der_pkcs8_encrypted, encoded)
 def testExportKey7(self):
     tup = (self.y, self.g, self.p, self.q)
     key = DSA.construct(tup)
     encoded = key.export_key('OpenSSH')
     self.assertEqual(self.ssh_pub, encoded)
 def testExportKey4(self):
     tup = (self.y, self.g, self.p, self.q, self.x)
     key = DSA.construct(tup)
     encoded = key.export_key('PEM', pkcs8=False)
     self.assertEqual(self.pem_private, encoded)
class FIPS_DSA_Tests(unittest.TestCase):

    # 1st 1024 bit key from SigGen.txt
    P = 0xa8f9cd201e5e35d892f85f80e4db2599a5676a3b1d4f190330ed3256b26d0e80a0e49a8fffaaad2a24f472d2573241d4d6d6c7480c80b4c67bb4479c15ada7ea8424d2502fa01472e760241713dab025ae1b02e1703a1435f62ddf4ee4c1b664066eb22f2e3bf28bb70a2a76e4fd5ebe2d1229681b5b06439ac9c7e9d8bde283
    Q = 0xf85f0f83ac4df7ea0cdf8f469bfeeaea14156495
    G = 0x2b3152ff6c62f14622b8f48e59f8af46883b38e79b8c74deeae9df131f8b856e3ad6c8455dab87cc0da8ac973417ce4f7878557d6cdf40b35b4a0ca3eb310c6a95d68ce284ad4e25ea28591611ee08b8444bd64b25f3f7c572410ddfb39cc728b9c936f85f419129869929cdb909a6a3a99bbe089216368171bd0ba81de4fe33
    X = 0xc53eae6d45323164c7d07af5715703744a63fc3a
    Y = 0x313fd9ebca91574e1c2eebe1517c57e0c21b0209872140c5328761bbb2450b33f1b18b409ce9ab7c4cd8fda3391e8e34868357c199e16a6b2eba06d6749def791d79e95d3a4d09b24c392ad89dbf100995ae19c01062056bb14bce005e8731efde175f95b975089bdcdaea562b32786d96f5a31aedf75364008ad4fffebb970b

    key_pub = DSA.construct((Y, G, P, Q))
    key_priv = DSA.construct((Y, G, P, Q, X))

    def shortDescription(self):
        return "FIPS DSA Tests"

    def test_loopback(self):
        hashed_msg = SHA512.new(b("test"))
        signer = DSS.new(self.key_priv, 'fips-186-3')
        signature = signer.sign(hashed_msg)

        verifier = DSS.new(self.key_pub, 'fips-186-3')
        verifier.verify(hashed_msg, signature)

    def test_negative_unapproved_hashes(self):
        """Verify that unapproved hashes are rejected"""

        from crypto.Hash import RIPEMD160

        self.description = "Unapproved hash (RIPEMD160) test"
        hash_obj = RIPEMD160.new()
        signer = DSS.new(self.key_priv, 'fips-186-3')
        self.assertRaises(ValueError, signer.sign, hash_obj)
        self.assertRaises(ValueError, signer.verify, hash_obj, b("\x00") * 40)

    def test_negative_unknown_modes_encodings(self):
        """Verify that unknown modes/encodings are rejected"""

        self.description = "Unknown mode test"
        self.assertRaises(ValueError, DSS.new, self.key_priv, 'fips-186-0')

        self.description = "Unknown encoding test"
        self.assertRaises(ValueError, DSS.new, self.key_priv, 'fips-186-3',
                          'xml')

    def test_asn1_encoding(self):
        """Verify ASN.1 encoding"""

        self.description = "ASN.1 encoding test"
        hash_obj = SHA1.new()
        signer = DSS.new(self.key_priv, 'fips-186-3', 'der')
        signature = signer.sign(hash_obj)

        # Verify that output looks like a DER SEQUENCE
        self.assertEqual(bord(signature[0]), 48)
        signer.verify(hash_obj, signature)

        # Verify that ASN.1 parsing fails as expected
        signature = bchr(7) + signature[1:]
        self.assertRaises(ValueError, signer.verify, hash_obj, signature)

    def test_sign_verify(self):
        """Verify public/private method"""

        self.description = "can_sign() test"
        signer = DSS.new(self.key_priv, 'fips-186-3')
        self.assertTrue(signer.can_sign())

        signer = DSS.new(self.key_pub, 'fips-186-3')
        self.assertFalse(signer.can_sign())
    if isinstance(tv, str):
        res = re.match(r"\[mod = L=([0-9]+), N=([0-9]+), ([a-zA-Z0-9-]+)\]",
                       tv)
        hash_name = res.group(3).replace("-", "")
        hash_module = load_hash_by_name(hash_name)
        continue

    if hasattr(tv, "p"):
        modulus = tv.p
        generator = tv.g
        suborder = tv.q
        continue

    hash_obj = hash_module.new(tv.msg)
    key = DSA.construct(
        [bytes_to_long(x) for x in (tv.y, generator, modulus, suborder)],
        False)
    verifier = DSS.new(key, 'fips-186-3')

    def positive_test(self,
                      verifier=verifier,
                      hash_obj=hash_obj,
                      signature=tv.r + tv.s):
        verifier.verify(hash_obj, signature)

    def negative_test(self,
                      verifier=verifier,
                      hash_obj=hash_obj,
                      signature=tv.r + tv.s):
        self.assertRaises(ValueError, verifier.verify, hash_obj, signature)