def test_private_key(self): seed = unhexlify( "4adf5d37ac6785e83e99a924f92676d366a78690af59c92b6bdf14f9cdbcf26fdad478109607583d633b60078d61d51d81b7509c5433b0d4c9" ) Px = 0x72a01eea003a35f9ac44231dc4aae2a382f351d80bf32508175b0855edcf389aa2bbf308dd961ce361a6e7c2091bc78957f6ebcf3002a617 Py = 0x9e0d08d84586e9aeefecacb41d049b831f1a3ee0c3eada63e34557b30702b50ab59fb372feff7c30b8cbb7dd51afbe88444ec56238722ec1 key = EccKey(curve="Ed448", seed=seed) self.assertEqual(key.seed, seed) self.assertEqual( key.d, 0xb07cf179604f83433186e5178760c759c15125ee54ff6f8dcde46e872b709ac82ed0bd0a4e036d774034dcb18a9fb11894657a1485895f80 ) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ.x, Px) self.assertEqual(key.pointQ.y, Py) point = EccPoint(Px, Py, "ed448") key = EccKey(curve="Ed448", seed=seed, point=point) self.assertEqual( key.d, 0xb07cf179604f83433186e5178760c759c15125ee54ff6f8dcde46e872b709ac82ed0bd0a4e036d774034dcb18a9fb11894657a1485895f80 ) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="ed448", seed=seed) # Must not accept d parameter self.assertRaises(ValueError, EccKey, curve="ed448", d=1)
def test_private_key(self): key = EccKey(curve="P-256", d=1) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ.x, _curves['p256'].Gx) self.assertEqual(key.pointQ.y, _curves['p256'].Gy) point = EccPoint(_curves['p256'].Gx, _curves['p256'].Gy) key = EccKey(curve="P-256", d=1, point=point) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="secp256r1", d=1) key = EccKey(curve="prime256v1", d=1)
def _sign_ed25519(self, msg_or_hash, ph): if self._context or ph: flag = int(ph) # dom2(flag, self._context) dom2 = b'SigEd25519 no Ed25519 collisions' + bchr(flag) + \ bchr(len(self._context)) + self._context else: dom2 = b'' PHM = msg_or_hash.digest() if ph else msg_or_hash # See RFC 8032, section 5.1.6 # Step 2 r_hash = SHA512.new(dom2 + self._key._prefix + PHM).digest() r = Integer.from_bytes(r_hash, 'little') % self._order # Step 3 R_pk = EccKey(point=r * self._key._curve.G)._export_eddsa() # Step 4 k_hash = SHA512.new(dom2 + R_pk + self._A + PHM).digest() k = Integer.from_bytes(k_hash, 'little') % self._order # Step 5 s = (r + k * self._key.d) % self._order return R_pk + s.to_bytes(32, 'little')
def test_public_key(self): p521 = _curves['p521'] point = EccPoint(p521.Gx, p521.Gy, 'p521') key = EccKey(curve="P-384", point=point) self.failIf(key.has_private()) self.assertEqual(key.pointQ, point)
def test_public_key(self): point = EccPoint(_curves['ed448'].Gx, _curves['ed448'].Gy, curve='ed448') key = EccKey(curve="ed448", point=point) self.assertFalse(key.has_private()) self.assertEqual(key.pointQ, point)
def test_public_key(self): p384 = _curves['p384'] point = EccPoint(p384.Gx, p384.Gy, 'p384') key = EccKey(curve="P-384", point=point) self.assertFalse(key.has_private()) self.assertEqual(key.pointQ, point)
def test_private_key(self): key = EccKey(curve="P-224", d=1) self.assertEqual(key.d, 1) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ.x, _curves['p224'].Gx) self.assertEqual(key.pointQ.y, _curves['p224'].Gy) point = EccPoint(_curves['p224'].Gx, _curves['p224'].Gy, curve='P-224') key = EccKey(curve="P-224", d=1, point=point) self.assertEqual(key.d, 1) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="secp224r1", d=1) key = EccKey(curve="prime224v1", d=1)
def test_private_key(self): p521 = _curves['p521'] key = EccKey(curve="P-521", d=1) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ.x, p521.Gx) self.assertEqual(key.pointQ.y, p521.Gy) point = EccPoint(p521.Gx, p521.Gy, "p521") key = EccKey(curve="P-521", d=1, point=point) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="p521", d=1) key = EccKey(curve="secp521r1", d=1) key = EccKey(curve="prime521v1", d=1)
def test_private_key(self): p384 = _curves['p384'] key = EccKey(curve="P-384", d=1) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ.x, p384.Gx) self.assertEqual(key.pointQ.y, p384.Gy) point = EccPoint(p384.Gx, p384.Gy, "p384") key = EccKey(curve="P-384", d=1, point=point) self.assertEqual(key.d, 1) self.failUnless(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="p384", d=1) key = EccKey(curve="secp384r1", d=1) key = EccKey(curve="prime384v1", d=1)
def test_private_key(self): key = EccKey(curve="P-256", d=1) self.assertEqual(key.d, 1) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ.x, _curves['p256'].Gx) self.assertEqual(key.pointQ.y, _curves['p256'].Gy) point = EccPoint(_curves['p256'].Gx, _curves['p256'].Gy) key = EccKey(curve="P-256", d=1, point=point) self.assertEqual(key.d, 1) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="secp256r1", d=1) key = EccKey(curve="prime256v1", d=1) # Must not accept d parameter self.assertRaises(ValueError, EccKey, curve="p256", seed=b'H' * 32)
def init_jwt(self): jwt_key = EccKey(curve='p256', d=int(self.config.private_key, 16)) self.config.jwt_secret_key = jwt_key.export_key(format='PEM') self.config.jwt_public_key = self.config.jwt_public_key or jwt_key.public_key( ).export_key(format='PEM') self.config.jwt_options = { 'verify_signature': True, 'verify_exp': True, 'verify_nbf': False, 'verify_iat': True, 'verify_aud': False }
def test_private_key(self): seed = unhexlify("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60") Px = 38815646466658113194383306759739515082307681141926459231621296960732224964046 Py = 11903303657706407974989296177215005343713679411332034699907763981919547054807 key = EccKey(curve="Ed25519", seed=seed) self.assertEqual(key.seed, seed) self.assertEqual(key.d, 36144925721603087658594284515452164870581325872720374094707712194495455132720) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ.x, Px) self.assertEqual(key.pointQ.y, Py) point = EccPoint(Px, Py, "ed25519") key = EccKey(curve="Ed25519", seed=seed, point=point) self.assertEqual(key.d, 36144925721603087658594284515452164870581325872720374094707712194495455132720) self.assertTrue(key.has_private()) self.assertEqual(key.pointQ, point) # Other names key = EccKey(curve="ed25519", seed=seed) # Must not accept d parameter self.assertRaises(ValueError, EccKey, curve="ed25519", d=1)
def _sign_ed448(self, msg_or_hash, ph): flag = int(ph) # dom4(flag, self._context) dom4 = b'SigEd448' + bchr(flag) + \ bchr(len(self._context)) + self._context PHM = msg_or_hash.read(64) if ph else msg_or_hash # See RFC 8032, section 5.2.6 # Step 2 r_hash = SHAKE256.new(dom4 + self._key._prefix + PHM).read(114) r = Integer.from_bytes(r_hash, 'little') % self._order # Step 3 R_pk = EccKey(point=r * self._key._curve.G)._export_eddsa() # Step 4 k_hash = SHAKE256.new(dom4 + R_pk + self._A + PHM).read(114) k = Integer.from_bytes(k_hash, 'little') % self._order # Step 5 s = (r + k * self._key.d) % self._order return R_pk + s.to_bytes(57, 'little')
def test_invalid_d(self): self.assertRaises(ValueError, lambda: EccKey(curve="P-256", d=0)) self.assertRaises(ValueError, lambda: EccKey(curve="P-256", d=_curve.order))
def test_invalid_curve(self): self.assertRaises(ValueError, lambda: EccKey(curve="P-257", d=1))
def test_public_key_derived(self): priv_key = EccKey(curve="P-256", d=3) pub_key = priv_key.public_key() self.failIf(pub_key.has_private()) self.assertEqual(priv_key.pointQ, pub_key.pointQ)
def test_public_key(self): point = EccPoint(_curve.Gx, _curve.Gy) key = EccKey(curve="P-256", point=point) self.failIf(key.has_private()) self.assertEqual(key.pointQ, point)
def test_invalid_seed(self): self.assertRaises(ValueError, lambda: EccKey(curve="ed448", seed=b'H' * 56))
def test_public_key_derived(self): priv_key = EccKey(curve="ed448", seed=b'H' * 57) pub_key = priv_key.public_key() self.assertFalse(pub_key.has_private()) self.assertEqual(priv_key.pointQ, pub_key.pointQ)