def build_vectors(mgf1alg, hashalg, filename): vectors = load_vectors_from_file(filename, load_pkcs1_vectors) output = [] for vector in vectors: # RSA keys for this must be long enough to accommodate the length of # the underlying hash function. This means we can't use the keys from # the sha1 test vectors for sha512 tests because 1024-bit keys are too # small. Instead we parse the vectors for the test cases, then # generate our own 2048-bit keys for each. private, _ = vector skey = rsa.generate_private_key(65537, 2048, backend) pn = skey.private_numbers() examples = private["examples"] output.append(b"# =============================================") output.append(b"# Example") output.append(b"# Public key") output.append(b"# Modulus:") output.append(format(pn.public_numbers.n, "x")) output.append(b"# Exponent:") output.append(format(pn.public_numbers.e, "x")) output.append(b"# Private key") output.append(b"# Modulus:") output.append(format(pn.public_numbers.n, "x")) output.append(b"# Public exponent:") output.append(format(pn.public_numbers.e, "x")) output.append(b"# Exponent:") output.append(format(pn.d, "x")) output.append(b"# Prime 1:") output.append(format(pn.p, "x")) output.append(b"# Prime 2:") output.append(format(pn.q, "x")) output.append(b"# Prime exponent 1:") output.append(format(pn.dmp1, "x")) output.append(b"# Prime exponent 2:") output.append(format(pn.dmq1, "x")) output.append(b"# Coefficient:") output.append(format(pn.iqmp, "x")) pkey = skey.public_key() vectorkey = rsa.RSAPrivateNumbers( p=private["p"], q=private["q"], d=private["private_exponent"], dmp1=private["dmp1"], dmq1=private["dmq1"], iqmp=private["iqmp"], public_numbers=rsa.RSAPublicNumbers( e=private["public_exponent"], n=private["modulus"] ) ).private_key(backend) count = 1 for example in examples: message = vectorkey.decrypt( binascii.unhexlify(example["encryption"]), padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None ) ) assert message == binascii.unhexlify(example["message"]) ct = pkey.encrypt( message, padding.OAEP( mgf=padding.MGF1(algorithm=mgf1alg), algorithm=hashalg, label=None ) ) output.append( b"# OAEP Example {0} alg={1} mgf1={2}".format( count, hashalg.name, mgf1alg.name ) ) count += 1 output.append(b"# Message:") output.append(example["message"]) output.append(b"# Encryption:") output.append(binascii.hexlify(ct)) return b"\n".join(output)
def verify_one_vector(vector): digest_algorithm = vector['digest_algorithm'] message = vector['message'] x = vector['x'] y = vector['y'] signature = encode_rfc6979_signature(vector['r'], vector['s']) numbers = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256K1()) key = numbers.public_key(default_backend()) verifier = key.verifier( signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]())) verifier.update(message) return verifier.verify() def verify_vectors(vectors): for vector in vectors: assert verify_one_vector(vector) vector_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") secp256k1_vectors = load_vectors_from_file(vector_path, load_fips_ecdsa_signing_vectors) verify_vectors(secp256k1_vectors)
from __future__ import absolute_import, division, print_function import binascii import os import pytest from cryptography.exceptions import (AlreadyFinalized, InvalidKey, UnsupportedAlgorithm) from cryptography.hazmat.backends.interfaces import ScryptBackend from cryptography.hazmat.primitives.kdf.scrypt import Scrypt, _MEM_LIMIT from tests.utils import load_nist_vectors, load_vectors_from_file vectors = load_vectors_from_file(os.path.join("KDF", "scrypt.txt"), load_nist_vectors) def _skip_if_memory_limited(memory_limit, params): # Memory calc adapted from OpenSSL (URL split over 2 lines, thanks PEP8) # https://github.com/openssl/openssl/blob/6286757141a8c6e14d647ec733634a # e0c83d9887/crypto/evp/scrypt.c#L189-L221 blen = int(params["p"]) * 128 * int(params["r"]) vlen = 32 * int(params["r"]) * (int(params["n"]) + 2) * 4 memory_required = blen + vlen if memory_limit < memory_required: pytest.skip("Test exceeds Scrypt memory limit. " "This is likely a 32-bit platform.") def test_memory_limit_skip():
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and # limitations under the License. import os import pytest from cryptography.exceptions import InvalidToken, UnsupportedAlgorithm from cryptography.hazmat.primitives.twofactor.hotp import HOTP from cryptography.hazmat.primitives import hashes from tests.utils import load_vectors_from_file, load_nist_vectors from cryptography.hazmat.primitives.hashes import MD5, SHA1 vectors = load_vectors_from_file("twofactor/rfc-4226.txt", load_nist_vectors) @pytest.mark.supported( only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), skip_message="Does not support HMAC-SHA1.") @pytest.mark.hmac class TestHOTP(object): def test_invalid_key_length(self, backend): secret = os.urandom(10) with pytest.raises(ValueError): HOTP(secret, 6, SHA1(), backend) def test_invalid_hotp_length(self, backend): secret = os.urandom(16)
import pretend import pytest import six from cryptography import utils from cryptography.exceptions import AlreadyFinalized, InvalidSignature, _Reasons from cryptography.hazmat.backends.interfaces import CMACBackend from cryptography.hazmat.primitives.ciphers.algorithms import AES, ARC4, TripleDES from cryptography.hazmat.primitives.cmac import CMAC from tests.utils import load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm vectors_aes128 = load_vectors_from_file("CMAC/nist-800-38b-aes128.txt", load_nist_vectors) vectors_aes192 = load_vectors_from_file("CMAC/nist-800-38b-aes192.txt", load_nist_vectors) vectors_aes256 = load_vectors_from_file("CMAC/nist-800-38b-aes256.txt", load_nist_vectors) vectors_aes = vectors_aes128 + vectors_aes192 + vectors_aes256 vectors_3des = load_vectors_from_file("CMAC/nist-800-38b-3des.txt", load_nist_vectors) fake_key = b"\x00" * 16 @pytest.mark.cmac class TestCMAC(object): @pytest.mark.supported(
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and # limitations under the License. import os import pytest from cryptography.exceptions import InvalidToken from cryptography.hazmat.primitives.twofactor.hotp import HOTP from cryptography.hazmat.primitives import hashes from tests.utils import load_vectors_from_file, load_nist_vectors from cryptography.hazmat.primitives.hashes import MD5, SHA1 vectors = load_vectors_from_file( "twofactor/rfc-4226.txt", load_nist_vectors) @pytest.mark.supported( only_if=lambda backend: backend.hmac_supported(hashes.SHA1()), skip_message="Does not support HMAC-SHA1." ) @pytest.mark.hmac class TestHOTP(object): def test_invalid_key_length(self, backend): secret = os.urandom(10) with pytest.raises(ValueError): HOTP(secret, 6, SHA1(), backend) def test_invalid_hotp_length(self, backend):
signature = secret_key.sign( message, hashfunc=hash_func, sigencode=sigencode_der ) r, s = sigdecode_der(signature, None) yield "Msg = {0}".format(hexlify(message)) yield "d = {0:x}".format(secret_key.privkey.secret_multiplier) yield "Qx = {0:x}".format(public_key.pubkey.point.x()) yield "Qy = {0:x}".format(public_key.pubkey.point.y()) yield "R = {0:x}".format(r) yield "S = {0:x}".format(s) yield "" def write_file(lines, dest): for line in lines: print(line) print(line, file=dest) source_path = os.path.join("asymmetric", "ECDSA", "FIPS_186-3", "SigGen.txt") dest_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") fips_vectors = load_vectors_from_file( source_path, load_fips_ecdsa_signing_vectors ) with open_vector_file(dest_path, "w") as dest_file: write_file(build_vectors(fips_vectors), dest_file)
signature = encode_rfc6979_signature(vector['r'], vector['s']) numbers = ec.EllipticCurvePublicNumbers( x, y, ec.SECP256K1() ) key = numbers.public_key(default_backend()) verifier = key.verifier( signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]()) ) verifier.update(message) return verifier.verify() def verify_vectors(vectors): for vector in vectors: assert verify_one_vector(vector) vector_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") secp256k1_vectors = load_vectors_from_file( vector_path, load_fips_ecdsa_signing_vectors ) verify_vectors(secp256k1_vectors)
r, s = sigdecode_der(signature, None) yield "Msg = {0}".format(hexlify(message)) yield "d = {0:x}".format(secret_key.privkey.secret_multiplier) yield "Qx = {0:x}".format(public_key.pubkey.point.x()) yield "Qy = {0:x}".format(public_key.pubkey.point.y()) yield "R = {0:x}".format(r) yield "S = {0:x}".format(s) yield "" def write_file(lines, dest): for line in lines: print(line) print(line, file=dest) source_path = os.path.join("asymmetric", "ECDSA", "FIPS_186-3", "SigGen.txt") dest_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") fips_vectors = load_vectors_from_file( source_path, load_fips_ecdsa_signing_vectors ) with open_vector_file(dest_path, "w") as dest_file: write_file( build_vectors(fips_vectors), dest_file )
from __future__ import absolute_import, division, print_function import binascii import os import pytest from cryptography.exceptions import AlreadyFinalized, InvalidKey, UnsupportedAlgorithm from cryptography.hazmat.backends.interfaces import ScryptBackend from cryptography.hazmat.primitives.kdf.scrypt import Scrypt from tests.utils import load_nist_vectors, load_vectors_from_file vectors = load_vectors_from_file(os.path.join("KDF", "scrypt.txt"), load_nist_vectors) @pytest.mark.requires_backend_interface(interface=ScryptBackend) class TestScrypt(object): @pytest.mark.parametrize("params", vectors) def test_derive(self, backend, params): password = params["password"] work_factor = int(params["n"]) block_size = int(params["r"]) parallelization_factor = int(params["p"]) length = int(params["length"]) salt = params["salt"] derived_key = params["derived_key"] scrypt = Scrypt(salt, length, work_factor, block_size, parallelization_factor, backend)
import pytest import six from cryptography import utils from cryptography.exceptions import (AlreadyFinalized, InvalidSignature, _Reasons) from cryptography.hazmat.backends.interfaces import CMACBackend from cryptography.hazmat.primitives.ciphers.algorithms import (AES, ARC4, TripleDES) from cryptography.hazmat.primitives.cmac import CMAC from tests.utils import (load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm) vectors_aes128 = load_vectors_from_file("CMAC/nist-800-38b-aes128.txt", load_nist_vectors) vectors_aes192 = load_vectors_from_file("CMAC/nist-800-38b-aes192.txt", load_nist_vectors) vectors_aes256 = load_vectors_from_file("CMAC/nist-800-38b-aes256.txt", load_nist_vectors) vectors_aes = vectors_aes128 + vectors_aes192 + vectors_aes256 vectors_3des = load_vectors_from_file("CMAC/nist-800-38b-3des.txt", load_nist_vectors) fake_key = b"\x00" * 16