def encode(dsa_key): seq_of = SequenceOf() seq_of.extend( [Integer(dsa_key.p), Integer(dsa_key.q), Integer(dsa_key.g)]) return seq_of
def sign(self, pki_obj, data): new_pki = deepcopy(pki_obj) new_pki.hash_obj = self.hash_obj r, s = new_pki.sign(data) seq = SequenceOf() seq.extend([Integer(r), Integer(s)]) return BitString(Bytes(encoder.encode(seq)).int())
def encode(rsa_key: object): param_seq = SequenceOf() param_seq.append(Integer(rsa_key.n)) param_seq.append(Integer(rsa_key.e)) param_bs = bin(Bytes(encoder.encode(param_seq)).int())[2:] param_bs = param_bs.zfill(math.ceil(len(param_bs) / 8) * 8) param_bs = BitString(param_bs) return param_bs
def encode(eddsa_key: object, **kwargs): alg_id = SequenceOf() alg_id.setComponentByPosition(0, ObjectIdentifier(eddsa_key.curve.oid)) seq = Sequence() seq.setComponentByPosition(0, alg_id) seq.setComponentByPosition(1, X509EdDSASubjectPublicKey.encode(eddsa_key)) encoded = encoder.encode(seq) return X509EdDSAPublicKey.transport_encode(encoded, **kwargs)
class KDCReqBody(_K5Sequence): componentType = NamedTypes( _mfield('kdc-options', 0, BitString()), _ofield('cname', 1, PrincipalName()), _mfield('realm', 2, GeneralString()), _ofield('sname', 3, PrincipalName()), _ofield('from', 4, GeneralizedTime()), _mfield('till', 5, GeneralizedTime()), _ofield('rtime', 6, GeneralizedTime()), _mfield('nonce', 7, Integer()), _mfield('etype', 8, SequenceOf(componentType=Integer())), _ofield('addresses', 9, HostAddresses()), _ofield('enc-authorization-data', 10, EncryptedData()), _ofield('additional-tickets', 11, SequenceOf(componentType=Ticket())))
class RingSignatureSchema(Sequence): """An ASN.1 schema for ring signatures. Ring signatures are identified with an object ID following Recommendation ITU-T X.667. The UUID4 used is 3b5e61af-c4ec-496e-95e9-4b64bccdc809. """ componentType = NamedTypes( NamedType("algorithm", ObjectIdentifier(value=_OBJECT_ID)), NamedType("key_image", OctetString()), NamedType("public_keys", SequenceOf(componentType=OctetString())), NamedType("c", SequenceOf(componentType=OctetString())), NamedType("r", SequenceOf(componentType=OctetString())), )
class KdcReqBody(Sequence): componentType = NamedTypes( NamedType('kdc-options', _c(0, KDCOptions())), OptionalNamedType('cname', _c(1, PrincipalName())), NamedType('realm', _c(2, Realm())), OptionalNamedType('sname', _c(3, PrincipalName())), OptionalNamedType('from', _c(4, KerberosTime())), NamedType('till', _c(5, KerberosTime())), OptionalNamedType('rtime', _c(6, KerberosTime())), NamedType('nonce', _c(7, Integer())), NamedType('etype', _c(8, SequenceOf(componentType=Integer()))), OptionalNamedType('addresses', _c(9, HostAddresses())), OptionalNamedType('enc-authorization-data', _c(10, EncryptedData())), OptionalNamedType('additional-tickets', _c(11, SequenceOf(componentType=Ticket()))))
def encode(ecdsa_key: object, **kwargs): curve_seq = [ ObjectIdentifier([1, 2, 840, 10045, 2, 1]), X509ECDSAParams.encode(ecdsa_key) ] encoded = SequenceOf() encoded.extend(curve_seq) top_seq = Sequence() top_seq.setComponentByPosition(0, encoded) top_seq.setComponentByPosition( 1, X509ECDSASubjectPublicKey.encode(ecdsa_key)) encoded = encoder.encode(top_seq) return X509ECDSAPublicKey.transport_encode(encoded, **kwargs)
class KDCRep(_K5Sequence): componentType = NamedTypes( _mfield('pvno', 0, Integer()), _mfield('msg-type', 1, Integer()), _ofield('padata', 2, SequenceOf(componentType=PAData())), _mfield('crealm', 3, GeneralString()), _mfield('cname', 4, PrincipalName()), _mfield('ticket', 5, Ticket()), _mfield('enc-part', 6, EncryptedData()))
def __init__(self, dom=None): if dom: self.dom = dom else: self.dom = package_schema.Descriptor() self.dom['descriptors-array'] = SequenceOf()
def encode(eddsa_key: object, **kwargs): alg_id = SequenceOf() alg_id.setComponentByPosition(0, ObjectIdentifier(eddsa_key.curve.oid)) zero_fill = math.ceil(eddsa_key.d.int().bit_length() / 8) priv_key = OctetString( encoder.encode( OctetString(Bytes.wrap(eddsa_key.d).zfill(zero_fill)))) top_seq = Sequence() top_seq.setComponentByPosition(0, Integer(0)) top_seq.setComponentByPosition(1, alg_id) top_seq.setComponentByPosition(2, priv_key) encoded = encoder.encode(top_seq) encoded = PKCS8EdDSAPrivateKey.transport_encode(encoded, **kwargs) return encoded
class KdcRep(Sequence): componentType = NamedTypes( NamedType('pvno', _c(0, Integer())), NamedType('msg-type', _c(1, Integer())), OptionalNamedType('padata', _c(2, SequenceOf(componentType=PAData()))), NamedType('crealm', _c(3, Realm())), NamedType('cname', _c(4, PrincipalName())), NamedType('ticket', _c(5, Ticket())), NamedType('enc-part', _c(6, EncryptedData())))
def encode(dh_key: object, **kwargs): dh_params = SequenceOf() dh_params.setComponentByPosition(0, Integer(dh_key.p)) dh_params.setComponentByPosition(1, Integer(dh_key.g)) alg_id = Sequence() alg_id.setComponentByPosition(0, ObjectIdentifier([1, 2, 840, 113549, 1, 3, 1])) alg_id.setComponentByPosition(1, dh_params) param_oct = OctetString(encoder.encode(Integer(dh_key.key))) top_seq = Sequence() top_seq.setComponentByPosition(0, Integer(0)) top_seq.setComponentByPosition(1, alg_id) top_seq.setComponentByPosition(2, param_oct) encoded = encoder.encode(top_seq) encoded = PKCS8DiffieHellmanPrivateKey.transport_encode(encoded, **kwargs) return encoded
class KdcReqBody(Sequence): componentType = NamedTypes( NamedType('kdc-options', _c(0, KDCOptions())), OptionalNamedType('cname', _c(1, PrincipalName())), NamedType('realm', _c(2, Realm())), OptionalNamedType('sname', _c(3, PrincipalName())), OptionalNamedType('from', _c(4, KerberosTime())), NamedType('till', _c(5, KerberosTime())), OptionalNamedType('rtime', _c(6, KerberosTime())), NamedType('nonce', _c(7, Integer())), NamedType('etype', _c(8, SequenceOf(componentType=Integer()))))
def encode(ecdsa_key: object, **kwargs): alg_id = SequenceOf() alg_id.setComponentByPosition( 0, ObjectIdentifier([1, 2, 840, 10045, 2, 1])) alg_id.setComponentByPosition( 1, ObjectIdentifier( ber_decoder.decode(b'\x06' + bytes([len(ecdsa_key.G.curve.oid)]) + ecdsa_key.G.curve.oid)[0].asTuple())) zero_fill = math.ceil(ecdsa_key.G.curve.q.bit_length() / 8) params_seq = Sequence() params_seq.setComponentByPosition(0, Integer(1)) params_seq.setComponentByPosition( 1, OctetString(Bytes(ecdsa_key.d).zfill(zero_fill))) params_seq.setComponentByPosition( 2, PublicPoint(ecdsa_key.format_public_point())) param_oct = OctetString(encoder.encode(params_seq)) top_seq = Sequence() top_seq.setComponentByPosition(0, Integer(0)) top_seq.setComponentByPosition(1, alg_id) top_seq.setComponentByPosition(2, param_oct) encoded = encoder.encode(top_seq) encoded = PKCS8ECDSAPrivateKey.transport_encode(encoded, **kwargs) return encoded
def get_der_signed_resource(self, signature: bytes) -> bytes: hash_ctx = hashlib.sha256() hash_ctx.update(self.get_signed_data()) signed_digest = hash_ctx.digest() resource_signature_dom = schema.ResourceSignature() resource_signature_dom['hash'] = signed_digest signature_block = schema.SignatureBlock() signature_block['signature'] = signature signature_block['certificates'] = SequenceOf() certificate_reference = schema.CertificateReference() certificate_reference['fingerprint'] = self.fingerprint certificate_reference['uri'] = '' signature_block['certificates'].append(certificate_reference) resource_signature_dom['signatures'] = SequenceOf() resource_signature_dom['signatures'].append(signature_block) signed_resource_dom = schema.SignedResource() signed_resource_dom['resource'] = self.dom signed_resource_dom['signature'] = resource_signature_dom return der_encoder.encode(signed_resource_dom)
def verify_signature(sig, data, pubkey): from cryptography.hazmat.primitives.hashes import SHA256 from cryptography.hazmat.primitives.asymmetric.ec import ECDSA from pyasn1.codec.der.encoder import encode from pyasn1.type.univ import Integer, SequenceOf if len(sig) != 64: return False seq = SequenceOf(componentType=Integer()) seq[0] = Util.long_from_bytes(sig[:32]) seq[1] = Util.long_from_bytes(sig[32:]) try: pubkey.verify(encode(seq), data, ECDSA(SHA256())) except: return False return True
def encode(dsa_key: object, **kwargs): dss_params = SequenceOf() dss_params.setComponentByPosition(0, Integer(dsa_key.p)) dss_params.setComponentByPosition(1, Integer(dsa_key.q)) dss_params.setComponentByPosition(2, Integer(dsa_key.g)) alg_id = Sequence() alg_id.setComponentByPosition( 0, ObjectIdentifier([1, 2, 840, 10040, 4, 1])) alg_id.setComponentByPosition(1, dss_params) param_oct = OctetString(encoder.encode(Integer(dsa_key.x))) top_seq = Sequence() top_seq.setComponentByPosition(0, Integer(0)) top_seq.setComponentByPosition(1, alg_id) top_seq.setComponentByPosition(2, param_oct) encoded = encoder.encode(top_seq) encoded = PKCS8DSAPrivateKey.transport_encode(encoded, **kwargs) return encoded
class PrincipalName(Sequence): componentType = NamedTypes( NamedType('name-type', _c(0, Integer())), NamedType('name-string', _c(1, SequenceOf(componentType=KerberosString()))))
class KdcReq(Sequence): componentType = NamedTypes( NamedType('pvno', _c(1, Integer())), NamedType('msg-type', _c(2, Integer())), NamedType('padata', _c(3, SequenceOf(componentType=PAData()))), NamedType('req-body', _c(4, KdcReqBody())))
class KDCReq(_K5Sequence): componentType = NamedTypes( _mfield('pvno', 1, Integer()), _mfield('msg-type', 2, Integer()), _ofield('padata', 3, SequenceOf(componentType=PAData())), _mfield('req-body', 4, KDCReqBody()))
class PrincipalName(_K5Sequence): componentType = NamedTypes( _mfield('name-type', 0, Integer()), _mfield('name-string', 1, SequenceOf(componentType=GeneralString())))