def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature,
key_value, signature_alg):
if "ecdsa-" in signature_alg:
ec_key_value = self._find(key_value,
"ECKeyValue",
namespace="ds11")
named_curve = self._find(ec_key_value,
"NamedCurve",
namespace="ds11")
public_key = self._find(ec_key_value,
"PublicKey",
namespace="ds11")
key_data = b64decode(public_key.text)[1:]
x = bytes_to_long(key_data[:len(key_data) // 2])
y = bytes_to_long(key_data[len(key_data) // 2:])
curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
key = ec.EllipticCurvePublicNumbers(
x=x, y=y,
curve=curve_class()).public_key(backend=default_backend())
verifier = key.verifier(
raw_signature,
ec.ECDSA(self._get_signature_digest_method(signature_alg)))
elif "dsa-" in signature_alg:
dsa_key_value = self._find(key_value, "DSAKeyValue")
p = self._get_long(dsa_key_value, "P")
q = self._get_long(dsa_key_value, "Q")
g = self._get_long(dsa_key_value, "G", require=False)
y = self._get_long(dsa_key_value, "Y")
pn = dsa.DSAPublicNumbers(
y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
key = pn.public_key(backend=default_backend())
sig_as_der_seq = der_encoder.encode(
DERSequenceOfIntegers([
bytes_to_long(raw_signature[:len(raw_signature) // 2]),
bytes_to_long(raw_signature[len(raw_signature) // 2:])
]))
verifier = key.verifier(
sig_as_der_seq,
self._get_signature_digest_method(signature_alg))
elif "rsa-" in signature_alg:
rsa_key_value = self._find(key_value, "RSAKeyValue")
modulus = self._get_long(rsa_key_value, "Modulus")
exponent = self._get_long(rsa_key_value, "Exponent")
key = rsa.RSAPublicNumbers(
e=exponent, n=modulus).public_key(backend=default_backend())
verifier = key.verifier(
raw_signature,
padding=PKCS1v15(),
algorithm=self._get_signature_digest_method(signature_alg))
else:
raise NotImplementedError()
verifier.update(signed_info_c14n)
verifier.verify()
def test_dsa_private_numbers_invalid_types(self):
parameter_numbers = dsa.DSAParameterNumbers(p=1, q=2, g=3)
public_numbers = dsa.DSAPublicNumbers(
y=4,
parameter_numbers=parameter_numbers
)
with pytest.raises(TypeError):
dsa.DSAPrivateNumbers(x=4, public_numbers=None)
with pytest.raises(TypeError):
dsa.DSAPrivateNumbers(x=None, public_numbers=public_numbers)
def parameter_numbers(self):
p = self._backend._ffi.new("BIGNUM **")
q = self._backend._ffi.new("BIGNUM **")
g = self._backend._ffi.new("BIGNUM **")
self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
return dsa.DSAParameterNumbers(p=self._backend._bn_to_int(p[0]),
q=self._backend._bn_to_int(q[0]),
g=self._backend._bn_to_int(g[0]))
def private_numbers(self):
return dsa.DSAPrivateNumbers(
public_numbers=dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(
p=self._backend._bn_to_int(self._dsa_cdata.p),
q=self._backend._bn_to_int(self._dsa_cdata.q),
g=self._backend._bn_to_int(self._dsa_cdata.g)
),
y=self._backend._bn_to_int(self._dsa_cdata.pub_key)
),
x=self._backend._bn_to_int(self._dsa_cdata.priv_key)
)
def get_public_key(public_key_numbers):
y = public_key_numbers['y']
p = public_key_numbers['p']
q = public_key_numbers['q']
g = public_key_numbers['g']
#construct public key based on public_key_numbers
parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
publick_number = dsa.DSAPublicNumbers(y, parameter_numbers)
public_key = publick_number.public_key(default_backend())
#print(publick_number)
return public_key
def test_dsa_private_numbers(self):
parameter_numbers = dsa.DSAParameterNumbers(p=1, q=2, g=3)
public_numbers = dsa.DSAPublicNumbers(
y=4,
parameter_numbers=parameter_numbers
)
private_numbers = dsa.DSAPrivateNumbers(
x=5,
public_numbers=public_numbers
)
assert private_numbers.x == 5
assert private_numbers.public_numbers == public_numbers
def test_dsa_public_numbers_invalid_types(self):
with pytest.raises(TypeError):
dsa.DSAPublicNumbers(
y=4, parameter_numbers=None # type: ignore[arg-type]
)
with pytest.raises(TypeError):
parameter_numbers = dsa.DSAParameterNumbers(p=1, q=2, g=3)
dsa.DSAPublicNumbers(
y=None, # type: ignore[arg-type]
parameter_numbers=parameter_numbers,
)
def test_private_numbers_ne(self):
pub = dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
priv = dsa.DSAPrivateNumbers(1, pub)
assert priv != dsa.DSAPrivateNumbers(
2, dsa.DSAPublicNumbers(
1, dsa.DSAParameterNumbers(1, 2, 3)
)
)
assert priv != dsa.DSAPrivateNumbers(
1, dsa.DSAPublicNumbers(
2, dsa.DSAParameterNumbers(1, 2, 3)
)
)
assert priv != dsa.DSAPrivateNumbers(
1, dsa.DSAPublicNumbers(
1, dsa.DSAParameterNumbers(2, 2, 3)
)
)
assert priv != dsa.DSAPrivateNumbers(
1, dsa.DSAPublicNumbers(
1, dsa.DSAParameterNumbers(1, 3, 3)
)
)
assert priv != dsa.DSAPrivateNumbers(
1, dsa.DSAPublicNumbers(
1, dsa.DSAParameterNumbers(1, 2, 4)
)
)
assert priv != object()
def test_repr(self):
parameter_numbers = dsa.DSAParameterNumbers(p=1, q=2, g=3)
assert (
repr(parameter_numbers) == "<DSAParameterNumbers(p=1, q=2, g=3)>"
)
public_numbers = dsa.DSAPublicNumbers(
y=4, parameter_numbers=parameter_numbers
)
assert repr(public_numbers) == (
"<DSAPublicNumbers(y=4, parameter_numbers=<DSAParameterNumbers(p=1"
", q=2, g=3)>)>"
)
def _load_ssh_dss_public_key(key_type, decoded_data, backend):
p, rest = _read_next_mpint(decoded_data)
q, rest = _read_next_mpint(rest)
g, rest = _read_next_mpint(rest)
y, rest = _read_next_mpint(rest)
if rest:
raise ValueError('Key body contains extra bytes.')
parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
public_numbers = dsa.DSAPublicNumbers(y, parameter_numbers)
return public_numbers.public_key(backend)
def make_dsa_key(material):
'''Convert a hex-based dict of values to a DSA key'''
backend = default_backend()
public_material = material['public']
private_material = material['private']
p = int(public_material['p'], 16)
q = int(public_material['q'], 16)
g = int(public_material['g'], 16)
y = int(public_material['y'], 16)
x = int(private_material['x'], 16)
params = dsa.DSAParameterNumbers(p, q, g)
pn = dsa.DSAPublicNumbers(y, params)
return dsa.DSAPrivateNumbers(x, pn).private_key(backend), None
def write_private_key(self, file_obj, password=None):
key = dsa.DSAPrivateNumbers(
x=self.x,
public_numbers=dsa.DSAPublicNumbers(
y=self.y,
parameter_numbers=dsa.DSAParameterNumbers(
p=self.p, q=self.q,
g=self.g))).private_key(backend=default_backend())
self._write_private_key(file_obj,
key,
serialization.PrivateFormat.TraditionalOpenSSL,
password=password)
def load_private(self, data, pubfields, backend):
"""Make DSA private key from data."""
(p, q, g, y), data = self.get_public(data)
x, data = _get_mpint(data)
if (p, q, g, y) != pubfields:
raise ValueError("Corrupt data: dsa field mismatch")
parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
public_numbers = dsa.DSAPublicNumbers(y, parameter_numbers)
self._validate(public_numbers)
private_numbers = dsa.DSAPrivateNumbers(x, public_numbers)
private_key = private_numbers.private_key(backend)
return private_key, data
def _fromString_BLOB(cls, blob):
"""
Return a public key object corresponding to this public key blob.
The format of a RSA public key blob is::
string 'ssh-rsa'
integer e
integer n
The format of a DSA public key blob is::
string 'ssh-dss'
integer p
integer q
integer g
integer y
The format of ECDSA-SHA2-* public key blob is::
string 'ecdsa-sha2-[identifier]'
integer x
integer y
identifier is the standard NIST curve name.
@type blob: L{bytes}
@param blob: The key data.
@return: A new key.
@rtype: L{twisted.conch.ssh.keys.Key}
@raises BadKeyError: if the key type (the first string) is unknown.
"""
keyType, rest = common.getNS(blob)
if keyType == b'ssh-rsa':
e, n, rest = common.getMP(rest, 2)
return cls(
rsa.RSAPublicNumbers(e, n).public_key(default_backend()))
elif keyType == b'ssh-dss':
p, q, g, y, rest = common.getMP(rest, 4)
return cls(
dsa.DSAPublicNumbers(y=y,
parameter_numbers=dsa.DSAParameterNumbers(
p=p, q=q,
g=g)).public_key(default_backend()))
elif keyType in _curveTable:
# First we have to make an EllipticCuvePublicNumbers from the
# provided curve and points,
# then turn it into a public key object.
return cls(
ec.EllipticCurvePublicNumbers.from_encoded_point(
_curveTable[keyType],
common.getNS(rest, 2)[1]).public_key(default_backend()))
else:
raise BadKeyError('unknown blob type: %s' % (keyType, ))
def test_load_ssh_public_key_dss(self, backend):
ssh_key = (
b"ssh-dss AAAAB3NzaC1kc3MAAACBALmwUtfwdjAUjU2Dixd5DvT0NDcjjr69UD"
b"LqSD/Xt5Al7D3GXr1WOrWGpjO0NE9qzRCvMTU7zykRH6XjuNXB6Hvv48Zfm4vm"
b"nHQHFmmMg2bI75JbnOwdzWnnPZJrVU4rS23dFFPqs5ug+EbhVVrcwzxahjcSjJ"
b"7WEQSkVQWnSPbbAAAAFQDXmpD3DIkGvLSBf1GdUF4PHKtUrQAAAIB/bJFwss+2"
b"fngmfG/Li5OyL7A9iVoGdkUaFaxEUROTp7wkm2z49fXFAir+/U31v50Tu98YLf"
b"WvKlxdHcdgQYV9Ww5LIrhWwwD4UKOwC6w5S3KHVbi3pWUi7vxJFXOWfeu1mC/J"
b"TWqMKR91j+rmOtdppWIZRyIVIqLcMdGO3m+2VgAAAIANFDz5KQH5NvoljpoRQi"
b"RgyPjxWXiE7vjLElKj4v8KrpanAywBzdhIW1y/tzpGuwRwj5ihi8iNTHgSsoTa"
b"j5AG5HPomJf5vJElxpu/2O9pHA52wcNObIQ7j+JA5uWusxNIbl+pF6sSiP8abr"
b"z53N7tPF/IhHTjBHb1Ol7IFu9p9A== testkey@localhost"
)
key = load_ssh_public_key(ssh_key, backend)
assert key is not None
assert isinstance(key, dsa.DSAPublicKey)
numbers = key.public_numbers()
expected_y = int(
"d143cf92901f936fa258e9a11422460c8f8f1597884eef8cb1252a3e2ff0aae"
"96a7032c01cdd8485b5cbfb73a46bb04708f98a18bc88d4c7812b284da8f900"
"6e473e89897f9bc9125c69bbfd8ef691c0e76c1c34e6c843b8fe240e6e5aeb3"
"13486e5fa917ab1288ff1a6ebcf9dcdeed3c5fc88474e30476f53a5ec816ef6"
"9f4", 16
)
expected_p = int(
"b9b052d7f07630148d4d838b17790ef4f43437238ebebd5032ea483fd7b7902"
"5ec3dc65ebd563ab586a633b4344f6acd10af31353bcf29111fa5e3b8d5c1e8"
"7befe3c65f9b8be69c740716698c8366c8ef925b9cec1dcd69e73d926b554e2"
"b4b6ddd1453eab39ba0f846e1555adcc33c5a8637128c9ed61104a45505a748"
"f6db", 16
)
expected_q = 1230879958723280233885494314531920096931919647917
expected_g = int(
"7f6c9170b2cfb67e78267c6fcb8b93b22fb03d895a0676451a15ac44511393a"
"7bc249b6cf8f5f5c5022afefd4df5bf9d13bbdf182df5af2a5c5d1dc7604185"
"7d5b0e4b22b856c300f850a3b00bac394b728755b8b7a56522eefc491573967"
"debb5982fc94d6a8c291f758feae63ad769a5621947221522a2dc31d18ede6f"
"b656", 16
)
expected = dsa.DSAPublicNumbers(
expected_y,
dsa.DSAParameterNumbers(expected_p, expected_q, expected_g)
)
assert numbers == expected
def _deserialize_dsa_private_key(stream: typing.BinaryIO) -> dsa.DSAPrivateKey:
dsa_p = _sshbuf_get_bignum2(stream)
dsa_q = _sshbuf_get_bignum2(stream)
dsa_g = _sshbuf_get_bignum2(stream)
dsa_pub_key = _sshbuf_get_bignum2(stream)
dsa_priv_key = _sshbuf_get_bignum2(stream)
parameter_numbers = dsa.DSAParameterNumbers(p=dsa_p, q=dsa_q, g=dsa_g)
public_numbers = dsa.DSAPublicNumbers(y=dsa_pub_key,
parameter_numbers=parameter_numbers)
private_numbers = dsa.DSAPrivateNumbers(x=dsa_priv_key,
public_numbers=public_numbers)
# ignoring mypy error that DSAPrivateNumbers does not have private_key() - it does.
return private_numbers.private_key(
backend=default_backend()) # type: ignore
def public_numbers(self):
p = self._backend._ffi.new("BIGNUM **")
q = self._backend._ffi.new("BIGNUM **")
g = self._backend._ffi.new("BIGNUM **")
pub_key = self._backend._ffi.new("BIGNUM **")
self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
self._backend.openssl_assert()
self._backend.oepnssl_assert()
self._backend._lib.DSA_get0_key(self.dsa_cdata, pub_key,
self._backend._ffi.NULL)
self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
return dsa.DSAPublicNumbers(parameter_numbers=dsa.DSAParameterNumbers(
p=self._backend._bn_to_int(p[0]),
q=self._backend._bn_to_int(q[0]),
g=self._backend._bn_to_int(g[0])),
y=self._backend._bn_to_int(pub_key[0]))
def test_dsa_signing(self, vector, backend):
digest_algorithm = vector['digest_algorithm'].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
_skip_if_dsa_not_supported(backend, algorithm, vector['p'],
vector['q'], vector['g'])
private_key = dsa.DSAPrivateNumbers(
public_numbers=dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(
vector['p'], vector['q'], vector['g']),
y=vector['y']),
x=vector['x']).private_key(backend)
signature = private_key.sign(vector['msg'], algorithm())
assert signature
private_key.public_key().verify(signature, vector['msg'], algorithm())
def test_large_p(self, backend):
key = load_vectors_from_file(
os.path.join("asymmetric", "PEM_Serialization", "dsa_4096.pem"),
lambda pemfile: serialization.load_pem_private_key(
pemfile.read(), None, backend),
mode="rb")
pn = key.private_numbers()
assert pn.public_numbers.parameter_numbers.p.bit_length() == 4096
# Turn it back into a key to confirm that values this large pass
# verification
dsa.DSAPrivateNumbers(public_numbers=dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(
p=pn.public_numbers.parameter_numbers.p,
q=pn.public_numbers.parameter_numbers.q,
g=pn.public_numbers.parameter_numbers.g,
),
y=pn.public_numbers.y),
x=pn.x).private_key(backend)
def test_dsa_verification(self, vector, backend):
digest_algorithm = vector['digest_algorithm'].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
_skip_if_dsa_not_supported(backend, algorithm, vector['p'],
vector['q'], vector['g'])
public_key = dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(vector['p'], vector['q'],
vector['g']),
y=vector['y']).public_key(backend)
sig = encode_dss_signature(vector['r'], vector['s'])
if vector['result'] == "F":
with pytest.raises(InvalidSignature):
public_key.verify(sig, vector['msg'], algorithm())
else:
public_key.verify(sig, vector['msg'], algorithm())
def test_dsa_verification(self, vector, backend):
digest_algorithm = vector["digest_algorithm"].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
_skip_if_dsa_not_supported(backend, algorithm, vector["p"],
vector["q"], vector["g"])
public_key = dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(vector["p"], vector["q"],
vector["g"]),
y=vector["y"],
).public_key(backend)
sig = encode_dss_signature(vector["r"], vector["s"])
if vector["result"] == "F":
with pytest.raises(InvalidSignature):
public_key.verify(sig, vector["msg"], algorithm())
else:
public_key.verify(sig, vector["msg"], algorithm())
def convert_key(cls, packet, private=False):
if isinstance(packet, RSAPrivateKey) or isinstance(
packet, RSAPublicKey) or isinstance(
packet, DSAPublicKey) or isinstance(packet, DSAPrivateKey):
if (not private) and (isinstance(packet, DSAPrivateKey)
or isinstance(packet, RSAPrivateKey)):
return packet.public_key()
else:
return packet
packet = cls._parse_packet(packet)
if isinstance(packet, OpenPGP.Message):
packet = packet[0]
if packet.key_algorithm_name() == 'DSA':
params = dsa.DSAParameterNumbers(
cls._bytes_to_long(packet.key['p']),
cls._bytes_to_long(packet.key['q']),
cls._bytes_to_long(packet.key['g']))
public = dsa.DSAPublicNumbers(cls._bytes_to_long(packet.key['y']),
params)
if private:
return dsa.DSAPrivateNumbers(
cls._bytes_to_long(packet.key['x']),
public).private_key(openssl.backend)
else:
return public.public_key(openssl.backend)
else: # RSA
public = rsa.RSAPublicNumbers(cls._bytes_to_long(packet.key['e']),
cls._bytes_to_long(packet.key['n']))
if private:
d = cls._bytes_to_long(packet.key['d'])
p = cls._bytes_to_long(packet.key['q'])
q = cls._bytes_to_long(packet.key['p'])
dmp1 = rsa.rsa_crt_dmp1(d, p)
dmq1 = rsa.rsa_crt_dmp1(d, q)
u = cls._bytes_to_long(packet.key['u'])
return rsa.RSAPrivateNumbers(p, q, d, dmp1, dmq1, u,
public).private_key(
default_backend())
else:
return public.public_key(default_backend())
def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature, key_value, signature_alg):
if "ecdsa-" in signature_alg:
ec_key_value = self._find(key_value, "ECKeyValue", namespace="dsig11")
named_curve = self._find(ec_key_value, "NamedCurve", namespace="dsig11")
public_key = self._find(ec_key_value, "PublicKey", namespace="dsig11")
key_data = b64decode(public_key.text)[1:]
x = bytes_to_long(key_data[:len(key_data)//2])
y = bytes_to_long(key_data[len(key_data)//2:])
curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
key = ec.EllipticCurvePublicNumbers(x=x, y=y, curve=curve_class()).public_key(backend=default_backend())
dss_signature = self._encode_dss_signature(raw_signature, key.key_size)
key.verify(
dss_signature,
data=signed_info_c14n,
signature_algorithm=ec.ECDSA(
self._get_signature_digest_method(signature_alg)
),
)
elif "dsa-" in signature_alg:
dsa_key_value = self._find(key_value, "DSAKeyValue")
p = self._get_long(dsa_key_value, "P")
q = self._get_long(dsa_key_value, "Q")
g = self._get_long(dsa_key_value, "G", require=False)
y = self._get_long(dsa_key_value, "Y")
pn = dsa.DSAPublicNumbers(y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
key = pn.public_key(backend=default_backend())
# TODO: supply meaningful key_size_bits for signature length assertion
dss_signature = self._encode_dss_signature(raw_signature, len(raw_signature) * 8 / 2)
key.verify(dss_signature,
data=signed_info_c14n,
algorithm=self._get_signature_digest_method(signature_alg))
elif "rsa-" in signature_alg:
rsa_key_value = self._find(key_value, "RSAKeyValue")
modulus = self._get_long(rsa_key_value, "Modulus")
exponent = self._get_long(rsa_key_value, "Exponent")
key = rsa.RSAPublicNumbers(e=exponent, n=modulus).public_key(backend=default_backend())
key.verify(raw_signature,
data=signed_info_c14n,
padding=PKCS1v15(),
algorithm=self._get_signature_digest_method(signature_alg))
else:
raise NotImplementedError()
def private_numbers(self):
p = self._backend._ffi.new("BIGNUM **")
q = self._backend._ffi.new("BIGNUM **")
g = self._backend._ffi.new("BIGNUM **")
pub_key = self.backend._ffi.new("BIGNUM **")
priv_key = self._backend._ffi.new("BIGNUM **")
self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
self._backend.openssl_assert()
self._backend.openssl_assert()
self._backend._lib.DSA_get0_key()
self._backend.openssl_assert()
self._backend.openssl_assert()
return dsa.DSAPrivateNumbers(public_numbers=dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(
p=self._backend._bn_to_int(p[0]),
q=self._backend._bn_to_int(q[0]),
g=self._backend._bn_to_int(g[0])),
y=self._backend._bn_to_int(pub_key[0])),
x=self._backend._bn_to_int(pub_key[0]))
def _fromString_BLOB(cls, blob):
"""
Return a public key object corresponding to this public key blob.
The format of a RSA public key blob is::
string 'ssh-rsa'
integer e
integer n
The format of a DSA public key blob is::
string 'ssh-dss'
integer p
integer q
integer g
integer y
@type blob: L{bytes}
@param blob: The key data.
@return: A new key.
@rtype: L{twisted.conch.ssh.keys.Key}
@raises BadKeyError: if the key type (the first string) is unknown.
"""
keyType, rest = common.getNS(blob)
if keyType == b'ssh-rsa':
e, n, rest = common.getMP(rest, 2)
return cls(
rsa.RSAPublicNumbers(e, n).public_key(default_backend()))
elif keyType == b'ssh-dss':
p, q, g, y, rest = common.getMP(rest, 4)
return cls(
dsa.DSAPublicNumbers(
y=y,
parameter_numbers=dsa.DSAParameterNumbers(
p=p,
q=q,
g=g
)
).public_key(default_backend())
)
else:
raise BadKeyError('unknown blob type: %s' % (keyType,))
def test_dsa_verification(self, vector, backend):
digest_algorithm = vector['digest_algorithm'].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
if (not backend.dsa_parameters_supported(vector['p'], vector['q'],
vector['g'])
or not backend.dsa_hash_supported(algorithm)):
pytest.skip(
"{0} does not support the provided parameters".format(backend))
public_key = dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(vector['p'], vector['q'],
vector['g']),
y=vector['y']).public_key(backend)
sig = der_encode_dsa_signature(vector['r'], vector['s'])
verifier = public_key.verifier(sig, algorithm())
verifier.update(vector['msg'])
if vector['result'] == "F":
with pytest.raises(InvalidSignature):
verifier.verify()
else:
verifier.verify()
def sign_ssh_data(self, data):
key = dsa.DSAPrivateNumbers(
x=self.x,
public_numbers=dsa.DSAPublicNumbers(
y=self.y,
parameter_numbers=dsa.DSAParameterNumbers(
p=self.p, q=self.q,
g=self.g))).private_key(backend=default_backend())
sig = key.sign(data, hashes.SHA1())
r, s = decode_dss_signature(sig)
m = Message()
m.add_string('ssh-dss')
# apparently, in rare cases, r or s may be shorter than 20 bytes!
rstr = util.deflate_long(r, 0)
sstr = util.deflate_long(s, 0)
if len(rstr) < 20:
rstr = zero_byte * (20 - len(rstr)) + rstr
if len(sstr) < 20:
sstr = zero_byte * (20 - len(sstr)) + sstr
m.add_string(rstr + sstr)
return m
def test_generate_dsa_keys(self, vector, backend):
parameters = dsa.DSAParameterNumbers(p=vector['p'],
q=vector['q'],
g=vector['g']).parameters(backend)
skey = parameters.generate_private_key()
numbers = skey.private_numbers()
skey_parameters = numbers.public_numbers.parameter_numbers
pkey = skey.public_key()
parameters = pkey.parameters()
parameter_numbers = parameters.parameter_numbers()
assert parameter_numbers.p == skey_parameters.p
assert parameter_numbers.q == skey_parameters.q
assert parameter_numbers.g == skey_parameters.g
assert skey_parameters.p == vector['p']
assert skey_parameters.q == vector['q']
assert skey_parameters.g == vector['g']
assert skey.key_size == bit_length(vector['p'])
assert pkey.key_size == skey.key_size
public_numbers = pkey.public_numbers()
assert numbers.public_numbers.y == public_numbers.y
assert numbers.public_numbers.y == pow(skey_parameters.g, numbers.x,
skey_parameters.p)
def test_dsa_signing(self, vector, backend):
digest_algorithm = vector['digest_algorithm'].replace("-", "")
algorithm = self._algorithms_dict[digest_algorithm]
_skip_if_dsa_not_supported(backend, algorithm, vector['p'],
vector['q'], vector['g'])
private_key = dsa.DSAPrivateNumbers(
public_numbers=dsa.DSAPublicNumbers(
parameter_numbers=dsa.DSAParameterNumbers(
vector['p'], vector['q'], vector['g']),
y=vector['y']),
x=vector['x']).private_key(backend)
signer = pytest.deprecated_call(private_key.signer, algorithm())
signer.update(vector['msg'])
signature = signer.finalize()
assert signature
public_key = private_key.public_key()
verifier = public_key.verifier(signature, algorithm())
verifier.update(vector['msg'])
verifier.verify()
def create_pubkey(pubkey_info):
"""
<Purpose>
Create and return a DSAPublicKey object from the passed pubkey_info
using pyca/cryptography.
<Arguments>
pubkey_info:
The DSA pubkey info dictionary as specified by
securesystemslib.formats.GPG_DSA_PUBKEY_SCHEMA
<Exceptions>
securesystemslib.exceptions.FormatError if
pubkey_info does not match securesystemslib.formats.GPG_DSA_PUBKEY_SCHEMA
securesystemslib.exceptions.UnsupportedLibraryError if
the cryptography module is not available
<Returns>
A cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey based on the
passed pubkey_info.
"""
if not CRYPTO: # pragma: no cover
raise securesystemslib.exceptions.UnsupportedLibraryError(
NO_CRYPTO_MSG)
securesystemslib.formats.GPG_DSA_PUBKEY_SCHEMA.check_match(pubkey_info)
y = int(pubkey_info['keyval']['public']['y'], 16)
g = int(pubkey_info['keyval']['public']['g'], 16)
p = int(pubkey_info['keyval']['public']['p'], 16)
q = int(pubkey_info['keyval']['public']['q'], 16)
parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
pubkey = dsa.DSAPublicNumbers(y, parameter_numbers).public_key(
backends.default_backend())
return pubkey
