def test_invalid_pss_signature_data_too_large_for_modulus(self, backend):
signature = binascii.unhexlify(
b"cb43bde4f7ab89eb4a79c6e8dd67e0d1af60715da64429d90c716a490b799c29"
b"194cf8046509c6ed851052367a74e2e92d9b38947ed74332acb115a03fcc0222"
)
public_key = rsa.RSAPublicKey(
modulus=int(
b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68"
b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8"
b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303"
b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4"
b"030d3581e13522", 16
),
public_exponent=65537
)
verifier = public_key.verifier(
signature,
padding.PSS(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA1(),
backend
)
verifier.update(b"sign me")
with pytest.raises(InvalidSignature):
verifier.verify()
def test_pss_verify_salt_length_too_long(self, backend):
signature = binascii.unhexlify(
b"8b9a3ae9fb3b64158f3476dd8d8a1f1425444e98940e0926378baa9944d219d8"
b"534c050ef6b19b1bdc6eb4da422e89161106a6f5b5cc16135b11eb6439b646bd"
)
public_key = rsa.RSAPublicKey(
modulus=int(
b"d309e4612809437548b747d7f9eb9cd3340f54fe42bb3f84a36933b0839c"
b"11b0c8b7f67e11f7252370161e31159c49c784d4bc41c42a78ce0f0b40a3"
b"ca8ffb91", 16
),
public_exponent=65537
)
verifier = public_key.verifier(
signature,
padding.PSS(
mgf=padding.MGF1(
algorithm=hashes.SHA1(),
salt_length=1000000
)
),
hashes.SHA1(),
backend
)
verifier.update(b"sign me")
with pytest.raises(InvalidSignature):
verifier.verify()
def test_invalid_pss_signature_wrong_data(self, backend):
public_key = rsa.RSAPublicKey(
modulus=int(
b"dffc2137d5e810cde9e4b4612f5796447218bab913b3fa98bdf7982e4fa6"
b"ec4d6653ef2b29fb1642b095befcbea6decc178fb4bed243d3c3592c6854"
b"6af2d3f3", 16
),
public_exponent=65537
)
signature = binascii.unhexlify(
b"0e68c3649df91c5bc3665f96e157efa75b71934aaa514d91e94ca8418d100f45"
b"6f05288e58525f99666bab052adcffdf7186eb40f583bd38d98c97d3d524808b"
)
verifier = public_key.verifier(
signature,
padding.PSS(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA1(),
backend
)
verifier.update(b"incorrect data")
with pytest.raises(InvalidSignature):
verifier.verify()
def test_invalid_pss_signature_wrong_key(self, backend):
signature = binascii.unhexlify(
b"3a1880165014ba6eb53cc1449d13e5132ebcc0cfd9ade6d7a2494a0503bd0826"
b"f8a46c431e0d7be0ca3e453f8b2b009e2733764da7927cc6dbe7a021437a242e"
)
public_key = rsa.RSAPublicKey(
modulus=int(
b"381201f4905d67dfeb3dec131a0fbea773489227ec7a1448c3109189ac68"
b"5a95441be90866a14c4d2e139cd16db540ec6c7abab13ffff91443fd46a8"
b"960cbb7658ded26a5c95c86f6e40384e1c1239c63e541ba221191c4dd303"
b"231b42e33c6dbddf5ec9a746f09bf0c25d0f8d27f93ee0ae5c0d723348f4"
b"030d3581e13522e1", 16
),
public_exponent=65537
)
verifier = public_key.verifier(
signature,
padding.PSS(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA1(),
backend
)
verifier.update(b"sign me")
with pytest.raises(InvalidSignature):
verifier.verify()
def test_pss_signing(self, pkcs1_example, backend):
private, public, example = pkcs1_example
private_key = rsa.RSAPrivateKey(
p=private["p"],
q=private["q"],
private_exponent=private["private_exponent"],
dmp1=private["dmp1"],
dmq1=private["dmq1"],
iqmp=private["iqmp"],
public_exponent=private["public_exponent"],
modulus=private["modulus"])
public_key = rsa.RSAPublicKey(
public_exponent=public["public_exponent"],
modulus=public["modulus"])
signer = private_key.signer(
padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA1(),
backend)
signer.update(binascii.unhexlify(example["message"]))
signature = signer.finalize()
assert len(signature) == math.ceil(private_key.key_size / 8.0)
# PSS signatures contain randomness so we can't do an exact
# signature check. Instead we'll verify that the signature created
# successfully verifies.
verifier = public_key.verifier(
signature,
padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA1(),
backend)
verifier.update(binascii.unhexlify(example["message"]))
verifier.verify()
def test_invalid_public_key_argument_values(self):
# Start with public_exponent=7, modulus=15. Then change one value at a
# time to test the bounds.
# Test a modulus < 3.
with pytest.raises(ValueError):
rsa.RSAPublicKey(public_exponent=7, modulus=2)
# Test a public_exponent < 3
with pytest.raises(ValueError):
rsa.RSAPublicKey(public_exponent=1, modulus=15)
# Test a public_exponent > modulus
with pytest.raises(ValueError):
rsa.RSAPublicKey(public_exponent=17, modulus=15)
# Test a public_exponent that is not odd.
with pytest.raises(ValueError):
rsa.RSAPublicKey(public_exponent=6, modulus=15)
def test_pkcs1v15_verification(self, pkcs1_example, backend):
private, public, example = pkcs1_example
public_key = rsa.RSAPublicKey(
public_exponent=public["public_exponent"],
modulus=public["modulus"])
verifier = public_key.verifier(
binascii.unhexlify(example["signature"]), padding.PKCS1v15(),
hashes.SHA1(), backend)
verifier.update(binascii.unhexlify(example["message"]))
verifier.verify()
def test_pss_verification(self, pkcs1_example, backend):
private, public, example = pkcs1_example
public_key = rsa.RSAPublicKey(
public_exponent=public["public_exponent"],
modulus=public["modulus"])
verifier = public_key.verifier(
binascii.unhexlify(example["signature"]),
padding.PSS(mgf=padding.MGF1(algorithm=hashes.SHA1()),
salt_length=20), hashes.SHA1(), backend)
verifier.update(binascii.unhexlify(example["message"]))
verifier.verify()
def rsa_verification_test(backend, params, hash_alg, pad_factory):
public_key = rsa.RSAPublicKey(public_exponent=params["public_exponent"],
modulus=params["modulus"])
pad = pad_factory(params, hash_alg)
verifier = public_key.verifier(binascii.unhexlify(params["s"]), pad,
hash_alg, backend)
verifier.update(binascii.unhexlify(params["msg"]))
if params["fail"]:
with pytest.raises(InvalidSignature):
verifier.verify()
else:
verifier.verify()
def ajax():
key_data = request.forms['pubkey']
asn1 = base64.b64decode(key_data)
# key = load_privatekey(FILETYPE_ASN1, asn1)
t = decoder.decode(asn1)
f = t[0][0][0][1]
r = decoder.decode(
bytes(
int(__, 2)
for __ in chunk_into(''.join([str(_) for _ in f]), 8)))[0]
modulus = int(r[0])
e = int(r[1])
k = rsa.RSAPublicKey(e, modulus)
return '{1}\n{0}'.format(modulus, e)
def test_load_pss_vect_example_keys(self, pkcs1_example):
secret, public = pkcs1_example
skey = rsa.RSAPrivateKey(
p=secret["p"],
q=secret["q"],
private_exponent=secret["private_exponent"],
dmp1=secret["dmp1"],
dmq1=secret["dmq1"],
iqmp=secret["iqmp"],
public_exponent=secret["public_exponent"],
modulus=secret["modulus"]
)
assert skey
_check_rsa_private_key(skey)
pkey = rsa.RSAPublicKey(
public_exponent=public["public_exponent"],
modulus=public["modulus"]
)
assert pkey
pkey2 = skey.public_key()
assert pkey2
assert skey.modulus == pkey.modulus
assert skey.modulus == skey.n
assert skey.public_exponent == pkey.public_exponent
assert skey.public_exponent == skey.e
assert skey.private_exponent == skey.d
assert pkey.modulus
assert pkey.modulus == pkey2.modulus
assert pkey.modulus == pkey.n
assert pkey.public_exponent == pkey2.public_exponent
assert pkey.public_exponent == pkey.e
assert skey.key_size
assert skey.key_size == pkey.key_size
assert skey.key_size == pkey2.key_size
def test_invalid_public_key_argument_types(self):
with pytest.raises(TypeError):
rsa.RSAPublicKey(None, None)
import cryptography
from cryptography import fernet as ft
from cryptography.hazmat.primitives.asymmetric import rsa as rsa
key = ft.Fernet.generate_key()
a = ft.Fernet(key)
b = a.encrypt(b"testsetstsetts")
print(b)
print(a.decrypt(b))
#rsa.RSABackend()
#rsa.
#backend = rsa.RSABackend()
#
#a = rsa.generate_private_key(16, 64, backend)
#print(a)
public = rsa.RSAPublicKey()
#v = ft.Cipher(cryptography.hazmat.primitives.ciphers.algorithms.AES(b"stestste984854785757575757777777") ,cryptography.hazmat.primitives.ciphers.base.AEADCipherContext(), cryptography.hazmat.backends.default_backend())
#
#
#v_enc = v.encryptor()
#v_enc.authenticate_additional_data("test")
#
#v_enc.finalize()
#print(v_enc)
