Example #1
0
 def decrypt(rsa_key, rsa_str):
     rsa_bytes = base64.decodebytes(rsa_str.encode())
     rsa_key = PublicKey.load_pkcs1_openssl_pem(rsa_key.encode())
     num = transform.bytes2int(rsa_bytes)
     decry = core.decrypt_int(num, rsa_key.e, rsa_key.n)
     out = transform.int2bytes(decry)
     sep_idx = out.index(b"\x00", 2)
     out = out[sep_idx + 1:]
     return out
Example #2
0
 def test_many_encrypt_decrypt(self):
     priv_key = PrivateKey.load_pkcs1(private_key_data)
     pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
     for i in range(100):
         try:
             data = randnum.read_random_bits(16 * 8)
             enc = pkcs1_v2.encrypt(data, pub_key, hasher='SHA-256')
             dec = pkcs1_v2.decrypt(enc, priv_key, hasher='SHA-256')
             self.assertEqual(dec, data, i)
         except BaseException as e:
             self.assertIsNone(e, i)
Example #3
0
 def load_pubkey_from_str(str_key):
     """
     str likes below, prefix and suffix are needed.
     -----BEGIN PUBLIC KEY-----
     MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEYkKp8k9wTzGMMBUrPfeMiS9R
     VBso8N8aC5hb0mJzm648kQLLJRA/wyiDu4AKSSIMsOOgtJD90ucvb5nDrQDI6+S3
     KDqkb9C1+36twe/kUcFtrTiiRPIL0ngWAOX5uXhJRZ4fvtzyOL03oOMXroxrUmR0
     +/nIst9tUud7+tbZ6QIDAQAB
     -----END PUBLIC KEY-----
     """
     return PublicKey.load_pkcs1_openssl_pem(str_key.encode())
Example #4
0
 def test_many_sign_verify(self):
     priv_key = PrivateKey.load_pkcs1(private_key_data)
     pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
     for i in range(100):
         try:
             data = randnum.read_random_bits(16 * 8)
             signature = pkcs1_v2.sign(data, priv_key, hasher='SHA-256')
             self.assertTrue(
                 pkcs1_v2.verify(data, signature, pub_key,
                                 hasher='SHA-256'), i)
         except BaseException as e:
             self.assertIsNone(e, i)
Example #5
0
    def _validate_token_against_public_key(self, access_token, public_key):
        header, encoded_payload, signature = self._split_header_payload_signature_from_token(
            access_token)
        headers = TokenManager.load_decoded_content_as_json(header)
        if headers['alg'] != 'RS256':
            # As public key is used, algorithm has to be RS256
            raise SecurityError('Invalid algorithm!', code=401)

        decoded_signature = TokenManager.b64decode(signature)
        pubkey = PublicKey.load_pkcs1_openssl_pem(public_key)
        message = header + '.' + encoded_payload
        verified = rsa.verify(message.encode('utf-8'), decoded_signature,
                              pubkey)
        return verified, encoded_payload
Example #6
0
    def test_many_encrypt_decrypt_fixed_data(self):
        priv_key = PrivateKey.load_pkcs1(private_key_data)
        pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
        all_enc = set()
        for i in range(100):
            try:
                data = b'a simple test message, which will be encrypted'
                enc = pkcs1_v2.encrypt(data, pub_key, hasher='SHA-256')
                dec = pkcs1_v2.decrypt(enc, priv_key, hasher='SHA-256')
                self.assertEqual(dec, data, i)
                all_enc.add(enc)
            except BaseException as e:
                self.assertIsNone(e, i)

        # Make sure the seed is doing what it's supposed to do
        # This test might (theoretically) fail, although it really shouldn't
        # A fail here might indicate a bad RNG
        self.assertGreater(len(all_enc), 1)
Example #7
0
    def test_many_sign_verify_fixed_data(self):
        priv_key = PrivateKey.load_pkcs1(private_key_data)
        pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
        all_signatures = set()
        for i in range(100):
            try:
                data = b'a simple test message, which will be signed'
                signature = pkcs1_v2.sign(data, priv_key, hasher='SHA-256')
                self.assertTrue(
                    pkcs1_v2.verify(data, signature, pub_key,
                                    hasher='SHA-256'), i)
                all_signatures.add(signature)
            except BaseException as e:
                self.assertIsNone(e, i)

        # Make sure the salt is doing what it's supposed to do
        # This test might (theoretically) fail, although it really shouldn't
        # A fail here might indicate a bad RNG
        self.assertGreater(len(all_signatures), 1)
Example #8
0
 def test_verify(self):
     pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
     ok = pkcs1_v2.verify(b'test', sig_data, pub_key, salt_len=0)
     self.assertTrue(ok)
Example #9
0
 def test_encrypt(self):
     pub_key = PublicKey.load_pkcs1_openssl_pem(public_key_data)
     ct = pkcs1_v2.encrypt(b'test',
                           pub_key,
                           test_seed=b'abcdefghijklmnopqrstuvwxyz'[:20])
     self.assertEqual(ct, enc_data)