def test_serialize_number_compact(self):
for number, string in (
(1231234, b'#c!E'),
(0, b''),
(255, b'$p'),
(1231231231232, b'$?Pvfdc'),
(13371337, b'5AkH'),
(90, b'#!'),
(89, b'~'),
(256, b'$q')):
self.assertEqual(seccure.serialize_number(number,
fmt=seccure.SER_COMPACT), string)
self.assertEqual(seccure.serialize_number(gmpy.mpz(number),
fmt=seccure.SER_COMPACT), string)
self.assertEqual(seccure.deserialize_number(
string, fmt=seccure.SER_COMPACT), number)
for number, string in (
(1231234, b'!!!!!!#c!E'),
(0, b'!!!!!!!!!!'),
(255, b'!!!!!!!!$p'),
(1231231231232, b'!!!$?Pvfdc'),
(13371337, b'!!!!!!5AkH'),
(90, b'!!!!!!!!#!'),
(89, b'!!!!!!!!!~'),
(256, b'!!!!!!!!$q')):
self.assertEqual(
seccure.serialize_number(number, outlen=10,
fmt=seccure.SER_COMPACT), string)
self.assertEqual(seccure.deserialize_number(string,
fmt=seccure.SER_COMPACT), number)
def test_serialize_number_binary(self):
for number, string in (
(1231234, b'12c982'),
(0, b''),
(255, b'ff'),
(1231231231232, b'011eab19a500'),
(13371337, b'cc07c9'),
(256, b'0100')):
self.assertEqual(binascii.hexlify(seccure.serialize_number(number)),
string)
self.assertEqual(binascii.hexlify(seccure.serialize_number(
gmpy.mpz(number))), string)
self.assertEqual(seccure.deserialize_number(
binascii.unhexlify(string)), number)
for number, string in (
(1231234, b'0012c982'),
(0, b'00000000'),
(255, b'000000ff'),
(13371337, b'00cc07c9'),
(256, b'00000100')):
self.assertEqual(binascii.hexlify(
seccure.serialize_number(number, outlen=4)), string)
self.assertEqual(binascii.hexlify(
seccure.serialize_number(gmpy.mpz(number),
outlen=4)), string)
self.assertEqual(seccure.deserialize_number(
binascii.unhexlify(string)), number)
def test_serialize_number_binary(self):
for number, string in (
(1231234, b'12c982'),
(0, b''),
(255, b'ff'),
(1231231231232, b'011eab19a500'),
(13371337, b'cc07c9'),
(256, b'0100')):
self.assertEqual(
binascii.hexlify(
seccure.serialize_number(number)),
string)
self.assertEqual(binascii.hexlify(seccure.serialize_number(
gmpy.mpz(number))), string)
self.assertEqual(seccure.deserialize_number(
binascii.unhexlify(string)), number)
for number, string in (
(1231234, b'0012c982'),
(0, b'00000000'),
(255, b'000000ff'),
(13371337, b'00cc07c9'),
(256, b'00000100')):
self.assertEqual(binascii.hexlify(
seccure.serialize_number(number, outlen=4)), string)
self.assertEqual(binascii.hexlify(
seccure.serialize_number(gmpy.mpz(number),
outlen=4)), string)
self.assertEqual(seccure.deserialize_number(
binascii.unhexlify(string)), number)
def test_serialize_number_compact(self):
for number, string in ((1231234, b'#c!E'), (0, b''), (255, b'$p'),
(1231231231232,
b'$?Pvfdc'), (13371337, b'5AkH'), (90, b'#!'),
(89, b'~'), (256, b'$q')):
self.assertEqual(
seccure.serialize_number(number, fmt=seccure.SER_COMPACT),
string)
self.assertEqual(
seccure.serialize_number(gmpy.mpz(number),
fmt=seccure.SER_COMPACT), string)
self.assertEqual(
seccure.deserialize_number(string, fmt=seccure.SER_COMPACT),
number)
for number, string in ((1231234, b'!!!!!!#c!E'), (0, b'!!!!!!!!!!'),
(255, b'!!!!!!!!$p'), (1231231231232,
b'!!!$?Pvfdc'),
(13371337, b'!!!!!!5AkH'), (90, b'!!!!!!!!#!'),
(89, b'!!!!!!!!!~'), (256, b'!!!!!!!!$q')):
self.assertEqual(
seccure.serialize_number(number,
outlen=10,
fmt=seccure.SER_COMPACT), string)
self.assertEqual(
seccure.deserialize_number(string, fmt=seccure.SER_COMPACT),
number)
def test_nist_testvectors(self):
vectors = nist_test_vectors()
for curvename in vectors:
curve = seccure.Curve.by_name(curvename)
for k, x, y in vectors[curvename]:
k = seccure.deserialize_number(k, seccure.SER_COMPACT)
x = seccure.deserialize_number(x, seccure.SER_COMPACT)
y = seccure.deserialize_number(y, seccure.SER_COMPACT)
self.assertEqual(curve.base * k,
seccure.AffinePoint(x, y, curve))
def test_nist_testvectors(self):
vectors = nist_test_vectors()
for curvename in vectors:
curve = seccure.Curve.by_name(curvename)
for k, x, y in vectors[curvename]:
k = seccure.deserialize_number(k, seccure.SER_COMPACT)
x = seccure.deserialize_number(x, seccure.SER_COMPACT)
y = seccure.deserialize_number(y, seccure.SER_COMPACT)
self.assertEqual(curve.base * k,
seccure.AffinePoint(x, y, curve))
def test_deserialize_number_compact_unicode(self):
for number, string in ((1231234, '#c!E'), (0, ''), (255, '$p'),
(1231231231232, '$?Pvfdc'), (13371337, '5AkH'),
(90, '#!'), (89, '~'), (256, '$q')):
self.assertEqual(
seccure.deserialize_number(six.u(string),
fmt=seccure.SER_COMPACT), number)
def test_deserialize_number_compact_unicode(self):
for number, string in (
(1231234, '#c!E'),
(0, ''),
(255, '$p'),
(1231231231232, '$?Pvfdc'),
(13371337, '5AkH'),
(90, '#!'),
(89, '~'),
(256, '$q')):
self.assertEqual(seccure.deserialize_number(
six.u(string), fmt=seccure.SER_COMPACT), number)
def do_sae(curve, password, addr1, addr2, rand1, mask1, rand2, mask2):
counter = 1
addr1 = addr_to_bin(addr1)
addr2 = addr_to_bin(addr2)
p = serialize_number(curve.m)
keylen = len(p) * 8
point = None
while not point:
print 'Counter: %d' % counter
pwdseed = hmac_sha256(max(addr1, addr2) + min(addr1, addr2),
password + chr(counter))
counter += 1
print 'Pwd-seed: %s' % binascii.hexlify(pwdseed)
pwdval = kdfz(pwdseed, "SAE Hunting and Pecking", p, keylen)
print 'Pwd-value: %s' % binascii.hexlify(pwdval)
if bin_cmp(pwdval, p) >= 0:
continue
try:
point = curve.point_from_string(pwdval)
if not point.on_curve:
point = None
continue
except:
point = None
continue
print 'PWE: %s, %s' % (point.x, point.y)
# generate commit scalar and commit element from each
# party's randomly generated values
r_a = deserialize_number(binascii.unhexlify(rand1))
m_a = deserialize_number(binascii.unhexlify(mask1))
r_b = deserialize_number(binascii.unhexlify(rand2))
m_b = deserialize_number(binascii.unhexlify(mask2))
s_a = (r_a + m_a) % curve.order
E_a = point * m_a
E_a.y = curve.m-E_a.y
s_b = (r_b + m_b) % curve.order
E_b = point * m_b
E_b.y = curve.m-E_b.y
print 'a commit scalar: %s' % binascii.hexlify(serialize_number(s_a))
print 'a commit elem x: %s' % binascii.hexlify(serialize_number(E_a.x))
print 'a commit elem y: %s' % binascii.hexlify(serialize_number(E_a.y))
print
print 'b commit scalar: %s' % binascii.hexlify(serialize_number(s_b))
print 'b commit elem x: %s' % binascii.hexlify(serialize_number(E_b.x))
print 'b commit elem y: %s' % binascii.hexlify(serialize_number(E_b.y))
# generate shared secret
K_a = (point * s_b + E_b) * r_a
K_b = (point * s_a + E_a) * r_b
print 'a k: %s' % binascii.hexlify(serialize_number(K_a.x))
print 'b k: %s' % binascii.hexlify(serialize_number(K_b.x))
print
# generate KCK and PMK
seed = hmac_sha256('\0'*32, serialize_number(K_a.x))
pmkid = (s_a + s_b) % curve.order
kck_pmk = kdfz(seed, "SAE KCK and PMK", serialize_number(pmkid), 512)
print 'KCK: %s' % binascii.hexlify(kck_pmk[0:32])
print 'PMK: %s' % binascii.hexlify(kck_pmk[32:])
print 'PMKID: %s' % binascii.hexlify(serialize_number(pmkid))
