def test_attack(self):
ring = ZZ/ZZ(233970423115425145524320034830162017933)
curve = WeierstrassCurve(a=ring(-95051), b=ring(11279326), cardinality=29246302889428143187362802287225875743, base_tuple=(182, 85518893674295321206118380980485522083), ring=ring)
m = b"crazy flamboyant for the rap enjoyment"
sha256 = SHA256()
bob_key = ECDHE(G=curve.G)
eve_ecdhe = ECDHE(d=1, G=curve.G)
def oracle_func(h, r):
h = h.cache_mul(h.curve.cardinality().bit_length())
K = bob_key.derive_key(h)
hmac = HMAC(key=K, hash_obj=sha256)
mac = hmac.generate(m)
for i in range(r):
eve_ecdhe.d = i
eve_hmac = HMAC(key=eve_ecdhe.derive_key(h), hash_obj=sha256)
if eve_hmac.generate(m) == mac:
return i
raise Exception(f'Residue not found for {r}!')
inv_a = WeierstrassCurve(a=ring(-95051), b=ring(210), cardinality=233970423115425145550826547352470124412, base_tuple=(182, 85518893674295321206118380980485522083), ring=ring)
inv_b = WeierstrassCurve(a=ring(-95051), b=ring(504), cardinality=233970423115425145544350131142039591210, base_tuple=(182, 85518893674295321206118380980485522083), ring=ring)
inv_c = WeierstrassCurve(a=ring(-95051), b=ring(727), cardinality=233970423115425145545378039958152057148, base_tuple=(182, 85518893674295321206118380980485522083), ring=ring)
oracle = DefaultOracle(oracle_func)
ica = InvalidCurveAttack(oracle, curve)
recovered_key = ica.execute(bob_key.pub, [inv_a, inv_b, inv_c])
self.assertEqual(recovered_key, bob_key.d)
def test_totp_correctness(self):
sha1, sha256, sha512 = SHA1(), SHA256(), SHA512()
sha1_seed = Bytes(0x3132333435363738393031323334353637383930)
sha256_seed = Bytes(
0x3132333435363738393031323334353637383930313233343536373839303132)
sha512_seed = Bytes(
0x31323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334
)
seed_dict = {sha1: sha1_seed, sha256: sha256_seed, sha512: sha512_seed}
expected_values = [(59, '94287082', sha1), (59, '46119246', sha256),
(59, '90693936', sha512),
(1111111109, '07081804', sha1),
(1111111109, '68084774', sha256),
(1111111109, '25091201', sha512),
(1111111111, '14050471', sha1),
(1111111111, '67062674', sha256),
(1111111111, '99943326', sha512),
(1234567890, '89005924', sha1),
(1234567890, '91819424', sha256),
(1234567890, '93441116', sha512)]
for request_time, expected_code, hash_obj in expected_values:
hotp = HOTP(key=seed_dict[hash_obj],
digits=8,
counter=DummyCounter(request_time // 30),
hash_obj=hash_obj)
code = hotp.generate()
self.assertEqual(code, expected_code)
def test_vec17(self):
message = b'test'
H = SHA256()
k = 0xFF86F57924DA248D6E44E8154EB69F0AE2AEBAEE9931D0B5A969F904
r = 0xAD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6
s = 0x178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD
self._run_224(message, H, k, (r, s))
class X509RSASigningAlgorithms(Enum):
sha1WithRSAEncryption = X509RSASignature('sha1WithRSAEncryption', SHA1())
sha224WithRSAEncryption = X509RSASignature('sha224WithRSAEncryption', SHA224())
sha256WithRSAEncryption = X509RSASignature('sha256WithRSAEncryption', SHA256())
sha384WithRSAEncryption = X509RSASignature('sha384WithRSAEncryption', SHA384())
sha512WithRSAEncryption = X509RSASignature('sha512WithRSAEncryption', SHA512())
sha512_224WithRSAEncryption = X509RSASignature('sha512-224WithRSAEncryption', SHA512(trunc=224))
sha512_256WithRSAEncryption = X509RSASignature('sha512-256WithRSAEncryption', SHA512(trunc=256))
def test_vec22(self):
message = b'sample'
H = SHA256()
k = 0xA6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60
r = 0xEFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716
s = 0xF7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8
self._run_256(message, H, k, (r, s))
def test_vec27(self):
message = b'test'
H = SHA256()
k = 0xD16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0
r = 0xF1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367
s = 0x019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083
self._run_256(message, H, k, (r, s))
def test_vec2(self):
message = b'sample'
H = SHA256()
k = 0x32B1B6D7D42A05CB449065727A84804FB1A3E34D8F261496
r = 0x4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55
s = 0xCCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85
self._run_192(message, H, k, (r, s))
def test_vec7(self):
message = b'test'
H = SHA256()
k = 0x5C4CE89CF56D9E7C77C8585339B006B97B5F0680B4306C6C
r = 0x3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE
s = 0x5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F
self._run_192(message, H, k, (r, s))
def test_vec12(self):
message = b'sample'
H = SHA256()
k = 0xAD3029E0278F80643DE33917CE6908C70A8FF50A411F06E41DEDFCDC
r = 0x61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA
s = 0xBC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101
self._run_224(message, H, k, (r, s))
def test_vec32(self):
message = b'sample'
H = SHA256()
k = 0x0EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0
r = 0x1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7
s = 0x04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC
self._run_521(message, H, k, (r, s))
def test_vec37(self):
message = b'test'
H = SHA256()
k = 0x01DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258
r = 0x00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8
s = 0x0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86
self._run_521(message, H, k, (r, s))
def test_length_extension(self):
secret = b'mysecret'
message = b'mymessage'
for alg in [MD4(), MD5(), SHA1(), SHA256(), SHA512(), RIPEMD160()]:
observed = alg.hash(secret + message)
payload, new_hash = alg.length_extension(observed,
message, b'evilbytes!',
len(secret))
self.assertEqual(alg.hash(secret + payload), new_hash)
def derive(self, kek: tuple, derived_length: int, header: dict) -> Bytes:
from samson.encoding.general import PKIAutoParser
# Support input formats
# 1) (priv, pub): Allows user to specify their own private key.
if type(kek) is tuple:
priv_key, peer_pub = kek
# 2) priv: Pull 'epk from header. Used in decryption.
elif 'epk' in header:
priv_key = kek
peer_pub = PKIAutoParser.import_key(
json.dumps(header['epk']).encode('utf-8'))
# 3) pub: Ephemeral private key.
else:
priv_key = ECDHE(G=kek.curve.G)
peer_pub = kek
# Need to clean up priv and pub keys
if type(priv_key) is ECDSA:
priv_key = ECDHE(d=priv_key.d, G=priv_key.G)
if hasattr(peer_pub, 'Q'):
peer_pub = peer_pub.Q
elif hasattr(peer_pub, 'pub'):
peer_pub = peer_pub.pub
# Add 'epk' header if not present
if not 'epk' in header:
if type(priv_key) in [ECDSA, ECDHE]:
encoded_key = ECDSA(
G=priv_key.G,
d=priv_key.d).export_public_key(encoding=PKIEncoding.JWK)
else:
encoded_key = JWKEdDSAPublicKey.encode(priv_key)
header['epk'] = json.loads(encoded_key.decode())
# Actual key derivation process
agreement_key = priv_key.derive_key(peer_pub)
apu = url_b64_decode(
header['apu'].encode('utf-8')) if 'apu' in header else b''
apv = url_b64_decode(
header['apv'].encode('utf-8')) if 'apv' in header else b''
alg_id = header[self.key_alg].encode('utf-8')
other_info = b''.join([
Bytes(len(item)).zfill(4) + Bytes.wrap(item)
for item in [alg_id, apu, apv]
]) + Bytes(derived_length * 8).zfill(4)
kdf = ConcatKDF(SHA256(), derived_length)
return kdf.derive(agreement_key, other_info)
def test_vec1(self):
hash_obj = SHA256()
ikm = Bytes(0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b)
salt = Bytes(0x000102030405060708090a0b0c).zfill(13)
info = Bytes(0xf0f1f2f3f4f5f6f7f8f9)
L = 42
okm = Bytes(
0x3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
)
self._run_test(hash_obj, L, ikm, salt, info, okm)
def test_vec3(self):
hash_obj = SHA256()
ikm = Bytes(0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b)
salt = Bytes(b'')
info = Bytes(b'')
L = 42
okm = Bytes(
0x8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
)
self._run_test(hash_obj, L, ikm, salt, info, okm)
def test_multiple_recipient_verify(self):
key_a = b'{"crv":"P-256","d":"GRv1Mpp30nHVfHtnB3XwvFyQnUasU7TtSeIxhnit_mQ","kty":"EC","x":"odJQgm0v4FmQ2klGf0cbUrdTdsDLrHWqjw3MjRw3CU0","y":"RDJxZ7COPk8pnnwOuKN-i5bYGMhQrUzgdydgkG3BarA"}'
key_b = b'{"k":"EOMbE3QXor7d1Fb3slJVYXVzZyfhiufBefBQ_phUlhw","kty":"oct"}'
key_c = b'{"d":"BaJsxmMk3athcX3h5VQqAAVQWWAupHHlysm4o7aTpf-0-oTL4ClWsDEn5PbsKpBxliTCfoOCHKdizAIyr-b5ZeFUPrFTwNxdutlCb8HKpiyIvJz09JQ38nvZtOwMykOZCF6rIPkZI-L0UGCMamvMQsyg1cYAbC3T2MpJaZZUfHqTT4AwpgIo7yXuDGrSFz-B4F0yJNR2-IbTtgDS-N4HdX8hvJijjX8WfnFxMRsEXYnzjgeYyu6gTy-wrhcy_0BiJOGSdJL-EcOndhHCW0JGz0oYCArTmP9Oppd31ftBKj7SxvmHxkh4KqTT7bFLeI9YNPh0Tx-RYxc4RvJoODHwIQ","dp":"NSU8GMWE43i5MO6IAA2mBm4X342SsWYF114LP_GewbgcdSwNLqqWkqNDBMqYbUb7H4H5mAQ-YdGKYVu9ceOyS4b-bQh1PLxkkCANdM9juTRfLNdeVaeAjGvJzNvTp7gg6DphFbeQ4tV4QfACYGKbNbpKxP10Wk20-eO1djMSfg0","dq":"LzmIr15O8ON4G_j6Kds6cfsipA7QQsZ5DOH5GERXoT5vSkSJbXjwconeXNxo32NHFKzmwgjJTmngK-0s1llV9F3XQXvGObyRnCxnyVbH4rKb8Z8DuB8yKQC7O0U6kdUF6KT0jLpITBV4SFf-UdF0QcixP6uXEe-MtGl3Xx8C5xE","e":"AQAB","kty":"RSA","n":"3LiaXfDj0Ohz0MRhz6fCNXOV6SDm2RAabJGWBk6NyII3HwdAkT9ToRrKnW2UzvlxegI9ZvtaJxiNS-V7Mfw4cQn3INVgRwTVfmRFUeZa40Kz0b3UeMIbppswoAUomRPwFMPJeHXXcqAWi2D7Z6BQlEIMTY4vKEg6jC93fPoLJCEKuwPRn7OAXIw9caWWOQsjTXrmKuYqLsPqAO49Am4IMm8uAX-RtCIl6fd9ZcI0CvBUbbTmJK3EkSpAxnQAwS-0FRYI-XK22SJz3YyeI0KVCsEARnBZajA4x8YhFK3ivcJ6Zs1cSDp67fj6g09RfYH6EteTb8gY5b7ARWme2MbyUw","p":"9rSy05qO-kNSPpb0emP8coeH2Fn61OSbBmq9x0vO4lmwPRSti3AMIo7qyRYuM0TgPXRAcbCxqsYo40eaabL5kR9nwb9qY52Gl3T8WlEsJW2Q1Mf0V0npzdB1qGlTOMCCkC4CQA6gRAE3cImZFb2y57FihWO4C1ouDNm6VPGwBKM","q":"5QlM1oLM2l1XMSTtA6USMN6TCJwI5W84nRI0mFe__zSenlYxVQy_jyIi8qiaW5TlOu_KoaplMAJl6zll5QanxNAU5vSlh5o3ckGClMPCkkM6X3_iIHNg8aNJ-qqTQiqLgKuCniqRus85avxumIAucCIBotiDqCVotOzhdAsthpE","qi":"izbMRPRkiZTNBFw-KufAz1_xnmoueuuG_-DnLg7kX8xj-yGW6fHXDQPxv0L4AHqGT_Vy7KotaUbxHaTmgszxjhGqrkzv-TeA5jfD6oVaKP9Lp4_YWUGMEcbmnQYTqBA2M_mAAqP8z77KNixtHCjcUdtV5kWKKco6sOHhWlmdNFM"}'
token = b'{"payload":"HBE86DIy4RkTxwTxPrs3jR-_l3e9CNxBbMwgoJiGgVIEUKLWr50wIDZA0OnN24OcZmy_QNLbEs0dthHj_ddW5kefUTw5Eg","signatures":[{"protected":"eyJhbGciOiJFUzI1NiJ9","signature":"X9cMVGG1N-eze0Wd2vlx1GQXYEoxwytGjflswOOeh_oWuoNH_BOJpDPQ4yaMs_x_tiLEEF-gomnXV_per_6D2g"},{"protected":"eyJhbGciOiJIUzUxMiJ9","signature":"otWgkMW6aoH8hsHctvE6befp16TqAmiKZG_o6e8ZZ3mi2YjcSUfa0ZMxDMVW6r4MEhlifbq3ZBTQiMFzTobWpQ"},{"protected":"eyJhbGciOiJQUzUxMiJ9","signature":"jJT25xiDTd_kqlR06l8qZ20hkPnxSd5nszjWIF1PpkRLy2J3flYsxBM7KEogfQusO00-EBwqqtzUJ--_HW6w3L75Q_Hmn92UYL4dEqzOOR0iS_BeDuhc6GvOqJePaDxySlf9W2FL0M96_ldIMzGMeczsqB5OA3ziGRDLzCzlfHKNaUBH1zqWTkNza_t_ba9xeD-ewTFFX9cbM-2tSqPMVbIbip0gvMwO8b9-npCgbgb1x0s_IEvjmPfYYBKAxRUakQ9n-yBBFd--YqjO8FcoOZSc8cKPmxCdTVGf8PdV_PJbpkpofuHJOM2_VO--Z2S4uqCgj4URbnwBSPwSj7Ttww"}]}'
jwsset = JWSSet.parse(token)
ecdsa_key_a = PKIAutoParser.import_key(key_a)
ecdsa_key_a.hash_obj = SHA256()
self.assertTrue(jwsset.verify(ecdsa_key_a))
self.assertTrue(jwsset.verify(JWKOctKey.decode(key_b)))
self.assertTrue(jwsset.verify(PKIAutoParser.import_key(key_c)))
def __init__(self,
G: WeierstrassCurve,
hash_obj: object = SHA256(),
d: int = None):
"""
Parameters:
G (WeierstrassCurve): Generator point for a curve.
hash_obj (object): Instantiated object with compatible hash interface.
d (int): (Optional) Private key.
"""
Primitive.__init__(self)
self.G = G
self.q = self.G.curve.q
self.d = Bytes.wrap(d).int() if d else random_int_between(1, self.q)
self.Q = self.d * self.G
self.hash_obj = hash_obj
def __init__(self,
key: bytes = None,
H: FunctionType = SHA256().hash,
q: int = DiffieHellman.MODP_2048):
"""
Parameters:
key (bytes): Bytes-like object shared by both parties to authenticate each other.
H (func): Cryptographic hash function. Takes in bytes and returns the hash digest.
q (int): Modulus.
"""
Primitive.__init__(self)
self.key = key or Bytes(random_int_between(1, q))
self.q = q
self.A = random_int_between(1, q)
self.a = random_int_between(1, q)
self.H = H
def test_gauntlet(self):
for jwa in [JWASignatureAlg.HS256, JWASignatureAlg.HS384, JWASignatureAlg.HS512]:
for _ in range(50):
key = Bytes.random(16)
jws = JWS.create(jwa, BODY, key)
self.assertTrue(jws.verify(key))
for jwa, curve, hash_obj in [(JWASignatureAlg.ES256, P256, SHA256()), (JWASignatureAlg.ES384, P384, SHA384()), (JWASignatureAlg.ES512, P521, SHA512())]:
for _ in range(10):
key = ECDSA(G=curve.G, hash_obj=hash_obj)
jws = JWS.create(jwa, BODY, key)
self.assertTrue(jws.verify(key))
for jwa in [JWASignatureAlg.RS256, JWASignatureAlg.RS384, JWASignatureAlg.RS512, JWASignatureAlg.PS256, JWASignatureAlg.PS384, JWASignatureAlg.PS512]:
for _ in range(10):
key = RSA(2048)
jws = JWS.create(jwa, BODY, key)
correct = jws.verify(key)
if not correct:
print(key)
print(jws)
self.assertTrue(correct)
for i in range(10):
if i % 2:
curve = EdwardsCurve25519
else:
curve = EdwardsCurve448
key = EdDSA(curve=curve)
jws = JWS.create(JWASignatureAlg.EdDSA, BODY, key)
correct = jws.verify(key)
if not correct:
print(key)
print(jws)
self.assertTrue(correct)
def test_vec2(self):
hash_obj = SHA256()
ikm = Bytes(
0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
).zfill(80)
salt = Bytes(
0x606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
)
info = Bytes(
0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
)
L = 82
okm = Bytes(
0xb11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
)
self._run_test(hash_obj, L, ikm, salt, info, okm)
def __init__(self, hash_obj: object=SHA256(), p: int=None, q: int=None, g: int=None, x: int=None, L: int=2048, N: int=256):
"""
Parameters:
hash_obj (object): Instantiated object with compatible hash interface.
p (int): (Optional) Prime modulus.
q (int): (Optional) Prime modulus.
g (int): (Optional) Generator.
x (int): (Optional) Private key.
L (int): (Optional) Bit length of `p`.
N (int): (Optional) Bit length of `q`.
"""
Primitive.__init__(self)
# Parameter generation
# https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
if not q:
q = find_prime(N)
# Start somewhere in 2**(L-1); ensure it's even
i = Bytes.random((L-1) // 8).int() // 2 * 2
# Construct the base as an even multiple of `q`
base = 2**(L-1) // (2*q) * 2
while not is_prime((base + i) * q + 1):
i += 2
p = (base + i) * q + 1
assert (p-1) % q == 0
# Construct `g`
while True:
h = Bytes.random(N // 8).int() % (p-1)
g = pow(h, (p-1) // q, p)
if h > 1 and h < (p-1) and g > 1:
break
self.p = p
self.q = q
self.g = g
self.x = x or random_int_between(1, self.q)
self.y = pow(self.g, self.x, self.p)
self.hash_obj = hash_obj
def __init__(self,
desired_len: int,
cost: int,
parallelization_factor: int,
block_size_factor: int = 8,
hash_fn: FunctionType = lambda passwd, msg: HMAC(
passwd, SHA256()).generate(msg)):
"""
Parameters:
desired_len (int): Desired output length.
cost (int): Cost (usually a power of two).
block_size_factor (int): `r` from the RFC.
hash_fn (func): Function that takes in bytes and returns them hashed.
"""
self.block_size = block_size_factor * 128
self.hash_fn = hash_fn
self.pbkdf2 = PBKDF2(hash_fn, self.block_size * parallelization_factor,
1)
self.desired_len = desired_len
self.cost = cost
self.block_size_factor = block_size_factor
self.parallelization_factor = parallelization_factor
def __init__(self,
identity: bytes,
password: bytes,
g: int = 2,
N: int = MODP_1024,
hash_obj: object = SHA256(),
a: int = None):
"""
Parameters:
identity (bytes): Username.
password (bytes): Password.
g (int): Generator.
N (int): Prime modulus.
hash_obj (object): Instantiated object with compatible hash interface.
a (int): Random private value.
"""
self.a = a or Bytes.random(4).int() % N
self.g = g
self.A = pow(g, self.a, N)
self.identity = identity
self.password = password
self.N = N
self.hash_obj = hash_obj
self.k = hash_obj.hash(Bytes(N) + self.PAD(g)).int()
YJD9LDBaruRgPp/4tZaYwUrX1IQWRNSItu417FPUIZepUEht6NLOlhGb8u15T4jExjBlgx GKKQQ6RcM/pBAoGAYH9+QAVWTzs9Q8cOfvtTumbAOkhU3e8PaVzT9l1hARZ/F+dXfggwKA nVJ9ACxMklgYEAMg4Nh7h/BsJ6/jFR9QfGJc8BjPS/1l10EnLN2rLMH5NOQU9TKtOTv/YO jIl4avgHLYEQwY2Upht/Zkaka6lhVKoKFpMvX1QSu7ezukUCgYEA4evL4ELaxSYTSVX+Vz Q2z8l7riPWLFEqPvMHsgW5wKVkXHnpRx+PoeZQK/+AIdEOMh0zeXEecLg7uQ1T4qmWPDxB uDbtNosYyMryoNAwfQfTcMcc9QvnLXNMqLC7vm/hPlzwvogWyyWeYbOvsjPGSzfaw+DfbU pVYpArfNuzoBM= -----END PRIVATE KEY-----""") ES1_KEY = ECDSA.import_key(b"""-----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgpR4yjoqJ09GAriF++Pxu+I O1FxF9uAGsniq77Lc6woehRANCAAQbdf1V9k89vTxPbWlzYoiJnk+RZpufb5AX7D4mRJN+ o0NjMxFrNFUyiq3Y7+wa9k06Lg7KL06HN+kaax2/Fp3M -----END PRIVATE KEY-----""") ES1_KEY.hash_obj = SHA256() ES2_KEY = ECDSA.import_key(b"""-----BEGIN PRIVATE KEY----- MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDxg/XHeJj3sTTsO8Jnczsxzc jLfwmbJlYMDg2SupAvsrck9iNktrlRlKDX3prWaquhZANiAASzOq9L0SGAfmP1NUxMKunV mxF707SBdr17rYhes0Q+SpnQ7GWliRcGivg501bxcKxri6EIqPlTSstDmtgCPE7rowKVMt jHB2itCKnpa4Zw6373AEe8xrxLrYvSlg1uPmw= -----END PRIVATE KEY-----""") ES2_KEY.hash_obj = SHA384() ES3_KEY = ECDSA.import_key(b"""-----BEGIN PRIVATE KEY----- MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIB94Phb9b/eV0mEt4QHOLB/U 7r3bj1OodWCymrL3peOvkRSRmZqggZqXIUCOiPLLXelwEWeVaIo3zsR59nDiZ4EZqhgYkD
def _run_test(self, key, length, other_info, expected_derived):
kdf = ConcatKDF(SHA256(), length)
self.assertEqual(kdf.derive(key, other_info), expected_derived)
class X509DSASigningAlgorithms(Enum):
id_dsa_with_sha1 = X509DSASignature('id-dsa-with-sha1', SHA1())
id_dsa_with_sha224 = X509DSASignature('id-dsa-with-sha224', SHA224())
id_dsa_with_sha256 = X509DSASignature('id-dsa-with-sha256', SHA256())
# https://tools.ietf.org/html/rfc7518#section-5.1
class JWAContentEncryptionAlg(Enum):
A128CBC_HS256 = 'A128CBC-HS256'
A192CBC_HS384 = 'A192CBC-HS384'
A256CBC_HS512 = 'A256CBC-HS512'
A128GCM = 'A128GCM'
A192GCM = 'A192GCM'
A256GCM = 'A256GCM'
JWA_ALG_MAP = {
# JWS Signature Algorithms
JWASignatureAlg.HS256:
JWA_HS(SHA256()),
JWASignatureAlg.HS384:
JWA_HS(SHA384()),
JWASignatureAlg.HS512:
JWA_HS(SHA512()),
JWASignatureAlg.ES256:
JWA_ES(P256),
JWASignatureAlg.ES384:
JWA_ES(P384),
JWASignatureAlg.ES512:
JWA_ES(P521),
JWASignatureAlg.RS256:
JWA_RS(SHA256()),
JWASignatureAlg.RS384:
JWA_RS(SHA384()),
JWASignatureAlg.RS512:
class X509ECDSASigningAlgorithms(Enum):
ecdsa_with_SHA224 = X509DSASignature('ecdsa-with-SHA224', SHA224())
ecdsa_with_SHA256 = X509DSASignature('ecdsa-with-SHA256', SHA256())
ecdsa_with_SHA384 = X509DSASignature('ecdsa-with-SHA384', SHA384())
ecdsa_with_SHA512 = X509DSASignature('ecdsa-with-SHA512', SHA512())
