def generate_dsa_private_key(self, parameters): ctx = self._lib.DSA_new() assert ctx != self._ffi.NULL ctx = self._ffi.gc(ctx, self._lib.DSA_free) ctx.p = self._int_to_bn(parameters.p) ctx.q = self._int_to_bn(parameters.q) ctx.g = self._int_to_bn(parameters.g) self._lib.DSA_generate_key(ctx) return dsa.DSAPrivateKey( modulus=self._bn_to_int(ctx.p), subgroup_order=self._bn_to_int(ctx.q), generator=self._bn_to_int(ctx.g), x=self._bn_to_int(ctx.priv_key), y=self._bn_to_int(ctx.pub_key) )
def test_dsa_signing(self, vector, backend): digest_algorithm = vector['digest_algorithm'].replace("-", "") algorithm = self._algorithms_dict[digest_algorithm] if (not backend.dsa_parameters_supported(vector['p'], vector['q'], vector['g']) or not backend.dsa_hash_supported(algorithm)): pytest.skip( "{0} does not support the provided parameters".format(backend)) private_key = dsa.DSAPrivateKey(vector['p'], vector['q'], vector['g'], vector['x'], vector['y']) signer = private_key.signer(algorithm(), backend) signer.update(vector['msg']) signature = signer.finalize() assert signature public_key = private_key.public_key() verifier = public_key.verifier(signature, algorithm(), backend) verifier.update(vector['msg']) verifier.verify()
def test_invalid_dsa_private_key_arguments(self): # Test a modulus < 1024 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=2**1000, subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test a modulus < 2048 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=2**2000, subgroup_order=int(self._parameters_2048['q'], 16), generator=int(self._parameters_2048['g'], 16), x=int(self._parameters_2048['x'], 16), y=int(self._parameters_2048['y'], 16)) # Test a modulus < 3072 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=2**3000, subgroup_order=int(self._parameters_3072['q'], 16), generator=int(self._parameters_3072['g'], 16), x=int(self._parameters_3072['x'], 16), y=int(self._parameters_3072['y'], 16)) # Test a modulus > 3072 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=2**3100, subgroup_order=int(self._parameters_3072['q'], 16), generator=int(self._parameters_3072['g'], 16), x=int(self._parameters_3072['x'], 16), y=int(self._parameters_3072['y'], 16)) # Test a subgroup_order < 160 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=2**150, generator=int(self._parameters_1024['g'], 16), x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test a subgroup_order < 256 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_2048['p'], 16), subgroup_order=2**250, generator=int(self._parameters_2048['g'], 16), x=int(self._parameters_2048['x'], 16), y=int(self._parameters_2048['y'], 16)) # Test a subgroup_order > 256 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_3072['p'], 16), subgroup_order=2**260, generator=int(self._parameters_3072['g'], 16), x=int(self._parameters_3072['x'], 16), y=int(self._parameters_3072['y'], 16)) # Test a modulus, subgroup_order pair of (1024, 256) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_2048['q'], 16), generator=int(self._parameters_1024['g'], 16), x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test a modulus, subgroup_order pair of (2048, 160) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_2048['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_2048['g'], 16), x=int(self._parameters_2048['x'], 16), y=int(self._parameters_2048['y'], 16)) # Test a modulus, subgroup_order pair of (3072, 160) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_3072['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_3072['g'], 16), x=int(self._parameters_3072['x'], 16), y=int(self._parameters_3072['y'], 16)) # Test a generator < 1 with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=0, x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test a generator = 1 with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=1, x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test a generator > modulus with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=2**1200, x=int(self._parameters_1024['x'], 16), y=int(self._parameters_1024['y'], 16)) # Test x = 0 with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=0, y=int(self._parameters_1024['y'], 16)) # Test x < 0 with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=-2, y=int(self._parameters_1024['y'], 16)) # Test x = subgroup_order with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=2**159, y=int(self._parameters_1024['y'], 16)) # Test x > subgroup_order with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=2**200, y=int(self._parameters_1024['y'], 16)) # Test y != (generator ** x) % modulus with pytest.raises(ValueError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=int(self._parameters_1024['x'], 16), y=2**100) # Test a non-integer y value with pytest.raises(TypeError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=int(self._parameters_1024['x'], 16), y=None) # Test a non-integer x value with pytest.raises(TypeError): dsa.DSAPrivateKey(modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16), x=None, y=int(self._parameters_1024['x'], 16))
def test_load_dsa_example_keys(self): parameters = dsa.DSAParameters( modulus=int(self._parameters_1024['p'], 16), subgroup_order=int(self._parameters_1024['q'], 16), generator=int(self._parameters_1024['g'], 16)) assert parameters assert parameters.modulus assert parameters.subgroup_order assert parameters.generator assert parameters.modulus == parameters.p assert parameters.subgroup_order == parameters.q assert parameters.generator == parameters.g pub_key = dsa.DSAPublicKey(modulus=int(self._parameters_1024["p"], 16), subgroup_order=int( self._parameters_1024["q"], 16), generator=int(self._parameters_1024["g"], 16), y=int(self._parameters_1024["y"], 16)) assert pub_key assert pub_key.key_size assert pub_key.y pub_key_parameters = pub_key.parameters() assert pub_key_parameters assert pub_key_parameters.modulus assert pub_key_parameters.subgroup_order assert pub_key_parameters.generator skey = dsa.DSAPrivateKey(modulus=int(self._parameters_1024["p"], 16), subgroup_order=int(self._parameters_1024["q"], 16), generator=int(self._parameters_1024["g"], 16), x=int(self._parameters_1024["x"], 16), y=int(self._parameters_1024["y"], 16)) assert skey _check_dsa_private_key(skey) skey_parameters = skey.parameters() assert skey_parameters assert skey_parameters.modulus assert skey_parameters.subgroup_order assert skey_parameters.generator pkey = dsa.DSAPublicKey(modulus=int(self._parameters_1024["p"], 16), subgroup_order=int(self._parameters_1024["q"], 16), generator=int(self._parameters_1024["g"], 16), y=int(self._parameters_1024["y"], 16)) assert pkey pkey_parameters = pkey.parameters() assert pkey_parameters assert pkey_parameters.modulus assert pkey_parameters.subgroup_order assert pkey_parameters.generator pkey2 = skey.public_key() assert pkey2 pkey2_parameters = pkey.parameters() assert pkey2_parameters assert pkey2_parameters.modulus assert pkey2_parameters.subgroup_order assert pkey2_parameters.generator assert skey_parameters.modulus == pkey_parameters.modulus assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order assert skey_parameters.generator == pkey_parameters.generator assert skey.y == pkey.y assert skey.key_size == pkey.key_size assert pkey_parameters.modulus == pkey2_parameters.modulus assert pkey_parameters.subgroup_order == \ pkey2_parameters.subgroup_order assert pkey_parameters.generator == pkey2_parameters.generator assert pkey.y == pkey2.y assert pkey.key_size == pkey2.key_size
def test_invalid_private_key_argument_types(self): with pytest.raises(TypeError): dsa.DSAPrivateKey(None, None, None, None, None)
def test_invalid_dsa_private_key_arguments(self): # Test a modulus < 1024 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=2**1000, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test a modulus < 2048 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=2**2000, subgroup_order=DSA_KEY_2048.public_numbers.parameter_numbers.q, generator=DSA_KEY_2048.public_numbers.parameter_numbers.g, x=DSA_KEY_2048.x, y=DSA_KEY_2048.public_numbers.y) # Test a modulus < 3072 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=2**3000, subgroup_order=DSA_KEY_3072.public_numbers.parameter_numbers.q, generator=DSA_KEY_3072.public_numbers.parameter_numbers.g, x=DSA_KEY_3072.x, y=DSA_KEY_3072.public_numbers.y) # Test a modulus > 3072 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=2**3100, subgroup_order=DSA_KEY_3072.public_numbers.parameter_numbers.q, generator=DSA_KEY_3072.public_numbers.parameter_numbers.g, x=DSA_KEY_3072.x, y=DSA_KEY_3072.public_numbers.y) # Test a subgroup_order < 160 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=2**150, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test a subgroup_order < 256 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_2048.public_numbers.parameter_numbers.p, subgroup_order=2**250, generator=DSA_KEY_2048.public_numbers.parameter_numbers.g, x=DSA_KEY_2048.x, y=DSA_KEY_2048.public_numbers.y) # Test a subgroup_order > 256 bits in length with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_3072.public_numbers.parameter_numbers.p, subgroup_order=2**260, generator=DSA_KEY_3072.public_numbers.parameter_numbers.g, x=DSA_KEY_3072.x, y=DSA_KEY_3072.public_numbers.y) # Test a modulus, subgroup_order pair of (1024, 256) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_2048.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test a modulus, subgroup_order pair of (2048, 160) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_2048.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_2048.public_numbers.parameter_numbers.g, x=DSA_KEY_2048.x, y=DSA_KEY_2048.public_numbers.y) # Test a modulus, subgroup_order pair of (3072, 160) bit lengths with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_3072.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_3072.public_numbers.parameter_numbers.g, x=DSA_KEY_3072.x, y=DSA_KEY_3072.public_numbers.y) # Test a generator < 1 with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=0, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test a generator = 1 with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=1, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test a generator > modulus with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=2**1200, x=DSA_KEY_1024.x, y=DSA_KEY_1024.public_numbers.y) # Test x = 0 with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=0, y=DSA_KEY_1024.public_numbers.y) # Test x < 0 with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=-2, y=DSA_KEY_1024.public_numbers.y) # Test x = subgroup_order with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=2**159, y=DSA_KEY_1024.public_numbers.y) # Test x > subgroup_order with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=2**200, y=DSA_KEY_1024.public_numbers.y) # Test y != (generator ** x) % modulus with pytest.raises(ValueError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=DSA_KEY_1024.x, y=2**100) # Test a non-integer y value with pytest.raises(TypeError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=DSA_KEY_1024.x, y=None) # Test a non-integer x value with pytest.raises(TypeError): dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, x=None, y=DSA_KEY_1024.public_numbers.y)
def test_load_dsa_example_keys(self): parameters = dsa.DSAParameters( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g) assert parameters assert parameters.modulus assert parameters.subgroup_order assert parameters.generator assert parameters.modulus == parameters.p assert parameters.subgroup_order == parameters.q assert parameters.generator == parameters.g pub_key = dsa.DSAPublicKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, y=DSA_KEY_1024.public_numbers.y) assert pub_key assert pub_key.key_size assert pub_key.y pub_key_parameters = pub_key.parameters() assert pub_key_parameters assert pub_key_parameters.modulus assert pub_key_parameters.subgroup_order assert pub_key_parameters.generator skey = dsa.DSAPrivateKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, y=DSA_KEY_1024.public_numbers.y, x=DSA_KEY_1024.x) assert skey _check_dsa_private_key(skey) skey_parameters = skey.parameters() assert skey_parameters assert skey_parameters.modulus assert skey_parameters.subgroup_order assert skey_parameters.generator pkey = dsa.DSAPublicKey( modulus=DSA_KEY_1024.public_numbers.parameter_numbers.p, subgroup_order=DSA_KEY_1024.public_numbers.parameter_numbers.q, generator=DSA_KEY_1024.public_numbers.parameter_numbers.g, y=DSA_KEY_1024.public_numbers.y) assert pkey pkey_parameters = pkey.parameters() assert pkey_parameters assert pkey_parameters.modulus assert pkey_parameters.subgroup_order assert pkey_parameters.generator pkey2 = skey.public_key() assert pkey2 pkey2_parameters = pkey.parameters() assert pkey2_parameters assert pkey2_parameters.modulus assert pkey2_parameters.subgroup_order assert pkey2_parameters.generator assert skey_parameters.modulus == pkey_parameters.modulus assert skey_parameters.subgroup_order == pkey_parameters.subgroup_order assert skey_parameters.generator == pkey_parameters.generator assert skey.y == pkey.y assert skey.key_size == pkey.key_size assert pkey_parameters.modulus == pkey2_parameters.modulus assert pkey_parameters.subgroup_order == \ pkey2_parameters.subgroup_order assert pkey_parameters.generator == pkey2_parameters.generator assert pkey.y == pkey2.y assert pkey.key_size == pkey2.key_size