def _convertToAsn1Signature(self, signature):
assert(len(signature) == 64)
asn1R = toAsn1IntBytes(signature[:32])
asn1S = toAsn1IntBytes(signature[32:])
# Add ASN1 Type=2(int), and Length fields
asn1R = bytearray([2]) + asn1Length(len(asn1R)) + asn1R
asn1S = bytearray([2]) + asn1Length(len(asn1S)) + asn1S
# Add ASN1 Type=0x30(Sequence) and Length fields
asn1ECSigBytes = bytearray([0x30]) +\
asn1Length(len(asn1R+asn1S)) + asn1R + asn1S
return asn1ECSigBytes
def _convertToAsn1Signature(self, signature):
assert (len(signature) == 64)
asn1R = toAsn1IntBytes(signature[:32])
asn1S = toAsn1IntBytes(signature[32:])
# Add ASN1 Type=2(int), and Length fields
asn1R = bytearray([2]) + asn1Length(len(asn1R)) + asn1R
asn1S = bytearray([2]) + asn1Length(len(asn1S)) + asn1S
# Add ASN1 Type=0x30(Sequence) and Length fields
asn1ECSigBytes = bytearray([0x30]) +\
asn1Length(len(asn1R+asn1S)) + asn1R + asn1S
return asn1ECSigBytes
def _constructEcFromRawKeys(self, rawPrivateKey, rawPublicKey):
assert(len(rawPrivateKey) == 32)
assert(len(rawPublicKey) == 64)
bytes1 = a2b_hex("02010104")
bytes2 = a2b_hex("a00a06082a8648ce3d030107a14403420004")
rawPrivateKey = toAsn1IntBytes(rawPrivateKey)
b = bytes1 + asn1Length(len(rawPrivateKey)) + rawPrivateKey +\
bytes2 + rawPublicKey
b = bytearray([0x30]) + asn1Length(len(b)) + b
pemPrivKeyBytes = PEMEncoder(b).getEncoded("EC PRIVATE KEY")
return EC.load_key_bio(BIO.MemoryBuffer(pemPrivKeyBytes))
def _constructEcFromRawKeys(self, rawPrivateKey, rawPublicKey):
assert (len(rawPrivateKey) == 32)
assert (len(rawPublicKey) == 64)
bytes1 = a2b_hex("02010104")
bytes2 = a2b_hex("a00a06082a8648ce3d030107a14403420004")
rawPrivateKey = toAsn1IntBytes(rawPrivateKey)
b = bytes1 + asn1Length(len(rawPrivateKey)) + rawPrivateKey +\
bytes2 + rawPublicKey
b = bytearray([0x30]) + asn1Length(len(b)) + b
pemPrivKeyBytes = PEMEncoder(b).getEncoded("EC PRIVATE KEY")
return EC.load_key_bio(BIO.MemoryBuffer(pemPrivKeyBytes))
def test_ASN1(self):
assert (asn1Length(7) == bytearray([7]))
assert (asn1Length(0x7F) == bytearray([0x7F]))
assert (asn1Length(0x80) == bytearray([0x81, 0x80]))
assert (asn1Length(0x81) == bytearray([0x81, 0x81]))
assert (asn1Length(0xFF) == bytearray([0x81, 0xFF]))
assert (asn1Length(0x0100) == bytearray([0x82, 0x01, 0x00]))
assert (asn1Length(0x0101) == bytearray([0x82, 0x01, 0x01]))
assert (asn1Length(0xFFFF) == bytearray([0x82, 0xFF, 0xFF]))
assert (toAsn1IntBytes(bytearray([0xFF])) == bytearray([0x00, 0xFF]))
assert (toAsn1IntBytes(bytearray([0x7F])) == bytearray([0x7F]))
assert (toAsn1IntBytes(bytearray([0x00])) == bytearray([0x00]))
assert (toAsn1IntBytes(bytearray([0x00, 0x00])) == bytearray([0x00]))
assert (toAsn1IntBytes(bytearray([0x00, 0x01])) == bytearray([0x01]))
assert (toAsn1IntBytes(bytearray([0, 0xFF])) == bytearray([0, 0xFF]))
assert (toAsn1IntBytes(bytearray([0, 0, 0,
0xFF])) == bytearray([0, 0xFF]))
assert (toAsn1IntBytes(bytearray([0, 0, 0, 1, 1])) == bytearray([1,
1]))
assert (bytearray([0xFF]) == fromAsn1IntBytes(bytearray([0x00, 0xFF]),
1))
assert (bytearray([0x7F]) == fromAsn1IntBytes(bytearray([0x7F]), 1))
assert (bytearray([0x00]) == fromAsn1IntBytes(bytearray([0x00]), 1))
assert (bytearray([0x00,
0x00]) == fromAsn1IntBytes(bytearray([0x00]), 2))
assert (bytearray([0x00,
0x01]) == fromAsn1IntBytes(bytearray([0x01]), 2))
assert (bytearray([0,
0xFF]) == fromAsn1IntBytes(bytearray([0, 0xFF]), 2))
assert (bytearray([0, 0, 0,
0xFF]) == fromAsn1IntBytes(bytearray([0, 0xFF]), 4))
assert (bytearray([0, 0, 0, 1,
1]) == fromAsn1IntBytes(bytearray([1, 1]), 5))
def test_ASN1(self):
assert(asn1Length(7) == bytearray([7]))
assert(asn1Length(0x7F) == bytearray([0x7F]))
assert(asn1Length(0x80) == bytearray([0x81,0x80]))
assert(asn1Length(0x81) == bytearray([0x81,0x81]))
assert(asn1Length(0xFF) == bytearray([0x81,0xFF]))
assert(asn1Length(0x0100) == bytearray([0x82,0x01,0x00]))
assert(asn1Length(0x0101) == bytearray([0x82,0x01,0x01]))
assert(asn1Length(0xFFFF) == bytearray([0x82,0xFF,0xFF]))
assert(toAsn1IntBytes(bytearray([0xFF])) == bytearray([0x00,0xFF]))
assert(toAsn1IntBytes(bytearray([0x7F])) == bytearray([0x7F]))
assert(toAsn1IntBytes(bytearray([0x00])) == bytearray([0x00]))
assert(toAsn1IntBytes(bytearray([0x00,0x00])) == bytearray([0x00]))
assert(toAsn1IntBytes(bytearray([0x00,0x01])) == bytearray([0x01]))
assert(toAsn1IntBytes(bytearray([0,0xFF])) == bytearray([0,0xFF]))
assert(toAsn1IntBytes(bytearray([0,0,0,0xFF])) == bytearray([0,0xFF]))
assert(toAsn1IntBytes(bytearray([0,0,0,1,1])) == bytearray([1,1]))
assert(bytearray([0xFF]) == fromAsn1IntBytes(bytearray([0x00,0xFF]),1))
assert(bytearray([0x7F]) == fromAsn1IntBytes(bytearray([0x7F]),1))
assert(bytearray([0x00]) == fromAsn1IntBytes(bytearray([0x00]),1))
assert(bytearray([0x00,0x00]) == fromAsn1IntBytes(bytearray([0x00]),2))
assert(bytearray([0x00,0x01]) == fromAsn1IntBytes(bytearray([0x01]),2))
assert(bytearray([0,0xFF]) == fromAsn1IntBytes(bytearray([0,0xFF]),2))
assert(bytearray([0,0,0,0xFF]) == fromAsn1IntBytes(bytearray([0,0xFF]),4))
assert(bytearray([0,0,0,1,1]) == fromAsn1IntBytes(bytearray([1,1]),5))
def write(self):
b = bytearray(0)
if self.tackExt:
# type=SEQ,len=?,type=6,len=9(for OID),
# type=4,len=?,TACK
TACKBytes = self.tackExt.serialize()
b = bytearray([4]) + asn1Length(len(TACKBytes)) + TACKBytes
b = bytearray([6,9]) + TlsCertificate.OID_TACK + b
b = bytearray([0x30]) + asn1Length(len(b)) + b
b = b + self.extBytes # add non-TACK extensions after TACK
# Add length fields for extensions and its enclosing tag
b = bytearray([0x30]) + asn1Length(len(b)) + b
b = bytearray([0xA3]) + asn1Length(len(b)) + b
# Add prefix of tbsCertificate, then its type/length fields
b = self.preExtBytes + b
b = bytearray([0x30]) + asn1Length(len(b)) + b
# Add postfix of Certificate (ie SignatureAlgorithm, SignatureValue)
# then its prefix'd type/length fields
b = b + self.postExtBytes
b = bytearray([0x30]) + asn1Length(len(b)) + b
return b
def serialize(self):
b = bytearray(0)
if self.tackExt:
# type=SEQ,len=?,type=6,len=9(for OID),
# type=4,len=?,TACK
TACKBytes = self.tackExt.serialize()
b = bytearray([4]) + asn1Length(len(TACKBytes)) + TACKBytes
b = bytearray([6, 9]) + TlsCertificate.OID_TACK + b
b = bytearray([0x30]) + asn1Length(len(b)) + b
b = b + self.extBytes # add non-TACK extensions after TACK
# Add length fields for extensions and its enclosing tag
b = bytearray([0x30]) + asn1Length(len(b)) + b
b = bytearray([0xA3]) + asn1Length(len(b)) + b
# Add prefix of tbsCertificate, then its type/length fields
b = self.preExtBytes + b
b = bytearray([0x30]) + asn1Length(len(b)) + b
# Add postfix of Certificate (ie SignatureAlgorithm, SignatureValue)
# then its prefix'd type/length fields
b = b + self.postExtBytes
b = bytearray([0x30]) + asn1Length(len(b)) + b
return b
