def generateECKeyPair(self):
# Generate M2Crypto.EC.EC object
ec = EC.gen_params(EC.NID_X9_62_prime256v1)
ec.gen_key()
rawPrivateKey, rawPublicKey = self._constructRawKeysFromEc(ec)
return ECPublicKey(rawPublicKey,
ec), ECPrivateKey(rawPrivateKey, rawPublicKey, ec)
def getSignature(self, data):
# Produce ASN.1 signature
hash = Digest.SHA256(data)
asn1SigBytes = self.ec.sign_dsa_asn1(hash)
# Convert stupid ASN.1 signature into 64-byte signature
# Double-check before returning
sigBytes = self._convertToRawSignature(asn1SigBytes)
assert (ECPublicKey(self.rawPublicKey, self.ec).verify(data, sigBytes))
return sigBytes
def __init__(self, data=None):
TlsStructure.__init__(self, data)
if data is not None and len(data) != TackBreakSig.LENGTH:
raise SyntaxError(
"Break signature is the wrong size. Is %s and should be %s." %
(len(data), TackBreakSig.LENGTH))
if data is not None:
self.public_key = ECPublicKey(self.getBytes(64))
self.signature = self.getBytes(64)
if not self._verifySignature():
raise SyntaxError("Signature verification failure")
if self.index != len(data):
raise SyntaxError("Excess bytes in TACK_Break_Sig")
def __init__(self, data=None, password=None):
TlsStructure.__init__(self, data)
if data is not None:
self.version = self.getInt(1)
if self.version != 1:
raise SyntaxError("Bad version in Secret File")
self.password = password
self.iter_count = self.getInt(4)
self.salt = self.getBytes(16)
self.ciphertext = self.getBytes(32)
self.public_key = ECPublicKey(self.getBytes(64))
self.mac = bytearray(self.getBytes(32))
if self.password is not None:
rawPrivateKey = self._decryptKey(password, self.salt,
self.ciphertext,
self.iter_count,
self.public_key, self.mac)
self.private_key = ECPrivateKey(rawPrivateKey,
self.public_key.getRawKey())
