def test_encode_rfc6979_non_integer(): with pytest.raises(ValueError): encode_rfc6979_signature("h", 3) with pytest.raises(ValueError): encode_rfc6979_signature("3", "2") with pytest.raises(ValueError): encode_rfc6979_signature(3, "h") with pytest.raises(ValueError): encode_rfc6979_signature(3.3, 1.2) with pytest.raises(ValueError): encode_rfc6979_signature("hello", "world")
def test_deprecated_rfc6979_signature(): with pytest.warns(CryptographyDeprecationWarning): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" with pytest.warns(CryptographyDeprecationWarning): decoded = decode_rfc6979_signature(sig) assert decoded == (1, 1)
def verify_ssh_sig(self, data, msg): if len(msg.asbytes()) == 40: # spies.com bug: signature has no header sig = msg.asbytes() else: kind = msg.get_text() if kind != 'ssh-dss': return 0 sig = msg.get_binary() # pull out (r, s) which are NOT encoded as mpints sigR = util.inflate_long(sig[:20], 1) sigS = util.inflate_long(sig[20:], 1) signature = encode_rfc6979_signature(sigR, sigS) key = dsa.DSAPublicNumbers( y=self.y, parameter_numbers=dsa.DSAParameterNumbers( p=self.p, q=self.q, g=self.g)).public_key(backend=default_backend()) verifier = key.verifier(signature, hashes.SHA1()) verifier.update(data) try: verifier.verify() except InvalidSignature: return False else: return True
def test_dsa_verification(self, vector, backend): digest_algorithm = vector['digest_algorithm'].replace("-", "") algorithm = self._algorithms_dict[digest_algorithm] if ( not backend.dsa_parameters_supported( vector['p'], vector['q'], vector['g'] ) or not backend.dsa_hash_supported(algorithm) ): pytest.skip( "{0} does not support the provided parameters".format(backend) ) public_key = dsa.DSAPublicNumbers( parameter_numbers=dsa.DSAParameterNumbers( vector['p'], vector['q'], vector['g'] ), y=vector['y'] ).public_key(backend) sig = encode_rfc6979_signature(vector['r'], vector['s']) verifier = public_key.verifier(sig, algorithm()) verifier.update(vector['msg']) if vector['result'] == "F": with pytest.raises(InvalidSignature): verifier.verify() else: verifier.verify()
def test_signature_failures(self, backend, vector): hash_type = _HASH_TYPES[vector['digest_algorithm']] curve_type = ec._CURVE_TYPES[vector['curve']] _skip_ecdsa_vector(backend, curve_type, hash_type) key = ec.EllipticCurvePublicNumbers( vector['x'], vector['y'], curve_type() ).public_key(backend) signature = encode_rfc6979_signature(vector['r'], vector['s']) verifier = key.verifier( signature, ec.ECDSA(hash_type()) ) verifier.update(vector['message']) if vector["fail"] is True: with pytest.raises(exceptions.InvalidSignature): verifier.verify() else: verifier.verify()
def verify(self, key, payload, signature): pkey = key.get_op_key('verify', self._curve) r = signature[:len(signature) // 2] s = signature[len(signature) // 2:] enc_signature = ec_utils.encode_rfc6979_signature( int(hexlify(r), 16), int(hexlify(s), 16)) pkey.verify(enc_signature, payload, ec.ECDSA(self.hashfn))
def verify_ssh_sig(self, data, msg): if len(msg.asbytes()) == 40: # spies.com bug: signature has no header sig = msg.asbytes() else: kind = msg.get_text() if kind != 'ssh-dss': return 0 sig = msg.get_binary() # pull out (r, s) which are NOT encoded as mpints sigR = util.inflate_long(sig[:20], 1) sigS = util.inflate_long(sig[20:], 1) signature = encode_rfc6979_signature(sigR, sigS) key = dsa.DSAPublicNumbers( y=self.y, parameter_numbers=dsa.DSAParameterNumbers( p=self.p, q=self.q, g=self.g ) ).public_key(backend=default_backend()) verifier = key.verifier(signature, hashes.SHA1()) verifier.update(data) try: verifier.verify() except InvalidSignature: return False else: return True
def verify(self, key, payload, signature): pkey = key.get_op_key('verify', self.curve) r = signature[:len(signature)//2] s = signature[len(signature)//2:] enc_signature = ec_utils.encode_rfc6979_signature( int(hexlify(r), 16), int(hexlify(s), 16)) verifier = pkey.verifier(enc_signature, ec.ECDSA(self.hashfn)) verifier.update(payload) verifier.verify()
def test_rfc6979_signature(): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" assert decode_rfc6979_signature(sig) == (1, 1) r_s1 = (1037234182290683143945502320610861668562885151617, 559776156650501990899426031439030258256861634312) sig2 = encode_rfc6979_signature(*r_s1) assert sig2 == ( b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b' b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08') assert decode_rfc6979_signature(sig2) == r_s1 sig3 = encode_rfc6979_signature(0, 0) assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00" assert decode_rfc6979_signature(sig3) == (0, 0) sig4 = encode_rfc6979_signature(-1, 0) assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" assert decode_rfc6979_signature(sig4) == (-1, 0)
def raw_to_der_signature(raw_sig, curve): num_bits = curve.key_size num_bytes = (num_bits + 7) // 8 if len(raw_sig) != 2 * num_bytes: raise ValueError('Invalid signature') r = bytes_to_number(raw_sig[:num_bytes]) s = bytes_to_number(raw_sig[num_bytes:]) return encode_rfc6979_signature(r, s)
def test_signatures(self, backend, vector): hash_type = _HASH_TYPES[vector["digest_algorithm"]] curve_type = ec._CURVE_TYPES[vector["curve"]] _skip_ecdsa_vector(backend, curve_type, hash_type) key = ec.EllipticCurvePublicNumbers(vector["x"], vector["y"], curve_type()).public_key(backend) signature = encode_rfc6979_signature(vector["r"], vector["s"]) verifier = key.verifier(signature, ec.ECDSA(hash_type())) verifier.update(vector["message"]) assert verifier.verify()
def test_rfc6979_signature(): sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" assert decode_rfc6979_signature(sig) == (1, 1) r_s1 = ( 1037234182290683143945502320610861668562885151617, 559776156650501990899426031439030258256861634312 ) sig2 = encode_rfc6979_signature(*r_s1) assert sig2 == ( b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b' b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08' ) assert decode_rfc6979_signature(sig2) == r_s1 sig3 = encode_rfc6979_signature(0, 0) assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00" assert decode_rfc6979_signature(sig3) == (0, 0) sig4 = encode_rfc6979_signature(-1, 0) assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00" assert decode_rfc6979_signature(sig4) == (-1, 0)
def test_signatures(self, backend, vector): hash_type = _HASH_TYPES[vector['digest_algorithm']] curve_type = ec._CURVE_TYPES[vector['curve']] _skip_ecdsa_vector(backend, curve_type, hash_type) key = ec.EllipticCurvePublicNumbers(vector['x'], vector['y'], curve_type()).public_key(backend) signature = encode_rfc6979_signature(vector['r'], vector['s']) verifier = key.verifier(signature, ec.ECDSA(hash_type())) verifier.update(vector['message']) assert verifier.verify()
def verify_one_vector(vector): digest_algorithm = vector['digest_algorithm'] message = vector['message'] x = vector['x'] y = vector['y'] signature = encode_rfc6979_signature(vector['r'], vector['s']) numbers = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256K1()) key = numbers.public_key(default_backend()) verifier = key.verifier( signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]())) verifier.update(message) return verifier.verify()
def verify_ssh_sig(self, data, msg): if msg.get_text() != 'ecdsa-sha2-nistp256': return False sig = msg.get_binary() sigR, sigS = self._sigdecode(sig) signature = encode_rfc6979_signature(sigR, sigS) verifier = self.verifying_key.verifier(signature, ec.ECDSA(hashes.SHA256())) verifier.update(data) try: verifier.verify() except InvalidSignature: return False else: return True
def verify_ssh_sig(self, data, msg): if msg.get_text() != 'ecdsa-sha2-nistp256': return False sig = msg.get_binary() sigR, sigS = self._sigdecode(sig) signature = encode_rfc6979_signature(sigR, sigS) verifier = self.verifying_key.verifier( signature, ec.ECDSA(hashes.SHA256()) ) verifier.update(data) try: verifier.verify() except InvalidSignature: return False else: return True
def verify_one_vector(vector): digest_algorithm = vector['digest_algorithm'] message = vector['message'] x = vector['x'] y = vector['y'] signature = encode_rfc6979_signature(vector['r'], vector['s']) numbers = ec.EllipticCurvePublicNumbers( x, y, ec.SECP256K1() ) key = numbers.public_key(default_backend()) verifier = key.verifier( signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]()) ) verifier.update(message) return verifier.verify()