def main(): afl.init() try: decode_rfc6979_signature(sys.stdin.read()) except ValueError: pass
def test_decode_rfc6979_invalid_asn1(): with pytest.raises(ValueError): # This byte sequence has an invalid ASN.1 sequence length as well as # an invalid integer length for the second integer. decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01") with pytest.raises(ValueError): # This is the BER "end-of-contents octets," which older versions of # pyasn1 are wrongly willing to return from top-level DER decoding. decode_rfc6979_signature(b"\x00\x00")
def der_to_raw_signature(der_sig, curve): num_bits = curve.key_size num_bytes = (num_bits + 7) // 8 r, s = decode_rfc6979_signature(der_sig) return number_to_bytes(r, num_bytes) + number_to_bytes(s, num_bytes)
def test_deprecated_rfc6979_signature(): with pytest.warns(CryptographyDeprecationWarning): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" with pytest.warns(CryptographyDeprecationWarning): decoded = decode_rfc6979_signature(sig) assert decoded == (1, 1)
def sign_ssh_data(self, data): key = dsa.DSAPrivateNumbers( x=self.x, public_numbers=dsa.DSAPublicNumbers( y=self.y, parameter_numbers=dsa.DSAParameterNumbers( p=self.p, q=self.q, g=self.g ) ) ).private_key(backend=default_backend()) signer = key.signer(hashes.SHA1()) signer.update(data) r, s = decode_rfc6979_signature(signer.finalize()) m = Message() m.add_string('ssh-dss') # apparently, in rare cases, r or s may be shorter than 20 bytes! rstr = util.deflate_long(r, 0) sstr = util.deflate_long(s, 0) if len(rstr) < 20: rstr = zero_byte * (20 - len(rstr)) + rstr if len(sstr) < 20: sstr = zero_byte * (20 - len(sstr)) + sstr m.add_string(rstr + sstr) return m
def sign(self, key, payload): skey = key.get_op_key('sign', self.curve) signer = skey.signer(ec.ECDSA(self.hashfn)) signer.update(payload) signature = signer.finalize() r, s = ec_utils.decode_rfc6979_signature(signature) l = key.get_curve(self.curve).key_size return self.encode_int(r, l) + self.encode_int(s, l)
def sign_ssh_data(self, data): signer = self.signing_key.signer(ec.ECDSA(hashes.SHA256())) signer.update(data) sig = signer.finalize() r, s = decode_rfc6979_signature(sig) m = Message() m.add_string('ecdsa-sha2-nistp256') m.add_string(self._sigencode(r, s)) return m
def test_rfc6979_signature(): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" assert decode_rfc6979_signature(sig) == (1, 1) r_s1 = (1037234182290683143945502320610861668562885151617, 559776156650501990899426031439030258256861634312) sig2 = encode_rfc6979_signature(*r_s1) assert sig2 == ( b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b' b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08') assert decode_rfc6979_signature(sig2) == r_s1 sig3 = encode_rfc6979_signature(0, 0) assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00" assert decode_rfc6979_signature(sig3) == (0, 0) sig4 = encode_rfc6979_signature(-1, 0) assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" assert decode_rfc6979_signature(sig4) == (-1, 0)
def test_rfc6979_signature(): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" assert decode_rfc6979_signature(sig) == (1, 1) r_s1 = ( 1037234182290683143945502320610861668562885151617, 559776156650501990899426031439030258256861634312 ) sig2 = encode_rfc6979_signature(*r_s1) assert sig2 == ( b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b' b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08' ) assert decode_rfc6979_signature(sig2) == r_s1 sig3 = encode_rfc6979_signature(0, 0) assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00" assert decode_rfc6979_signature(sig3) == (0, 0) sig4 = encode_rfc6979_signature(-1, 0) assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" assert decode_rfc6979_signature(sig4) == (-1, 0)
def sign_ssh_data(self, data): key = dsa.DSAPrivateNumbers( x=self.x, public_numbers=dsa.DSAPublicNumbers( y=self.y, parameter_numbers=dsa.DSAParameterNumbers( p=self.p, q=self.q, g=self.g))).private_key(backend=default_backend()) signer = key.signer(hashes.SHA1()) signer.update(data) r, s = decode_rfc6979_signature(signer.finalize()) m = Message() m.add_string('ssh-dss') # apparently, in rare cases, r or s may be shorter than 20 bytes! rstr = util.deflate_long(r, 0) sstr = util.deflate_long(s, 0) if len(rstr) < 20: rstr = zero_byte * (20 - len(rstr)) + rstr if len(sstr) < 20: sstr = zero_byte * (20 - len(sstr)) + sstr m.add_string(rstr + sstr) return m
def sign(self, key, payload): skey = key.get_op_key('sign', self._curve) signature = skey.sign(payload, ec.ECDSA(self.hashfn)) r, s = ec_utils.decode_rfc6979_signature(signature) l = key.get_curve(self._curve).key_size return _encode_int(r, l) + _encode_int(s, l)
def test_decode_rfc6979_trailing_bytes(): with pytest.raises(ValueError): decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00")
import sys import afl from cryptography.hazmat.primitives.asymmetric.utils import ( decode_rfc6979_signature, ) afl.start() try: decode_rfc6979_signature(sys.stdin.read()) except ValueError: pass sys.exit(0)
def test_decode_rfc6979_invalid_asn1(): with pytest.raises(ValueError): # This byte sequence has an invalid ASN.1 sequence length as well as # an invalid integer length for the second integer. decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01")