def test_x25519_ecdh_a_share(self):
a_random = a2b_hex("77076d0a7318a57d3c16c17251b26645df4"
"c2f87ebc0992ab177fba51db92c2a")
a_public = x25519(a_random, bytearray(X25519_G))
self.assertEqual(a_public,
a2b_hex("8520f0098930a754748b7ddcb43ef75a0"
"dbf3a0d26381af4eba4a98eaa9b4e6a"))
def test_x25519_ecdh_b_share(self):
b_random = a2b_hex("5dab087e624a8a4b79e17f8b83800ee6"
"6f3bb1292618b6fd1c2f8b27ff88e0eb")
b_public = x25519(b_random, bytearray(X25519_G))
self.assertEqual(b_public,
a2b_hex("de9edb7d7b7dc1b4d35b61c2ece43537"
"3f8343c85b78674dadfc7e146f882b4f"))
def test_x25519_ecdh_a_share(self):
a_random = a2b_hex("77076d0a7318a57d3c16c17251b26645df4"
"c2f87ebc0992ab177fba51db92c2a")
a_public = x25519(a_random, bytearray(X25519_G))
self.assertEqual(
a_public,
a2b_hex("8520f0098930a754748b7ddcb43ef75a0"
"dbf3a0d26381af4eba4a98eaa9b4e6a"))
def test_x25519_ecdh_b_share(self):
b_random = a2b_hex("5dab087e624a8a4b79e17f8b83800ee6"
"6f3bb1292618b6fd1c2f8b27ff88e0eb")
b_public = x25519(b_random, bytearray(X25519_G))
self.assertEqual(
b_public,
a2b_hex("de9edb7d7b7dc1b4d35b61c2ece43537"
"3f8343c85b78674dadfc7e146f882b4f"))
def test_all_zero_k(self):
k = bytearray(32)
u = a2b_hex("e6db6867583030db3594c1a424b15f7"
"c726624ec26b3353b10a903a6d0ab1c4c")
ret = x25519(k, u)
self.assertEqual(ret,
a2b_hex("030d7ba1a76719f96d5c39122f690e78"
"56895ee9d24416279eb9182010287113"))
def test_x25519_one_iteration(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
ret = x25519(k, u)
self.assertEqual(ret,
a2b_hex("422c8e7a6227d7bca1350b3e2bb7279f7"
"897b87bb6854b783c60e80311ae3079"))
def test_x25519_million_iterations(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
for _ in range(1000000):
u, k = bytearray(k), x25519(k, u)
self.assertEqual(k,
a2b_hex("7c3911e0ab2586fd864497297e575e6f3b"
"c601c0883c30df5f4dd2d24f665424"))
def test_x25519_thousand_iterations(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
for _ in range(1000):
u, k = bytearray(k), x25519(k, u)
self.assertEqual(k,
a2b_hex("684cf59ba83309552800ef566f2f4d3c"
"1c3887c49360e3875f2eb94d99532c51"))
def test_x25519_one_iteration(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
ret = x25519(k, u)
self.assertEqual(
ret,
a2b_hex("422c8e7a6227d7bca1350b3e2bb7279f7"
"897b87bb6854b783c60e80311ae3079"))
def test_all_zero_k(self):
k = bytearray(32)
u = a2b_hex("e6db6867583030db3594c1a424b15f7"
"c726624ec26b3353b10a903a6d0ab1c4c")
ret = x25519(k, u)
self.assertEqual(
ret,
a2b_hex("030d7ba1a76719f96d5c39122f690e78"
"56895ee9d24416279eb9182010287113"))
def test_x25519_2(self):
k = a2b_hex("4b66e9d4d1b4673c5ad22691957d6af"
"5c11b6421e0ea01d42ca4169e7918ba0d")
u = a2b_hex("e5210f12786811d3f4b7959d0538ae2"
"c31dbe7106fc03c3efc4cd549c715a493")
ret = x25519(k, u)
self.assertEqual(ret,
a2b_hex("95cbde9476e8907d7aade45cb4b873f88"
"b595a68799fa152e6f8f7647aac7957"))
def test_x25519_1(self):
k = a2b_hex("a546e36bf0527c9d3b16154b82465ed"
"d62144c0ac1fc5a18506a2244ba449ac4")
u = a2b_hex("e6db6867583030db3594c1a424b15f7"
"c726624ec26b3353b10a903a6d0ab1c4c")
ret = x25519(k, u)
self.assertEqual(a2b_hex("c3da55379de9c6908e94ea4df28d084f"
"32eccf03491c71f754b4075577a28552"),
ret)
def test_x25519_1(self):
k = a2b_hex("a546e36bf0527c9d3b16154b82465ed"
"d62144c0ac1fc5a18506a2244ba449ac4")
u = a2b_hex("e6db6867583030db3594c1a424b15f7"
"c726624ec26b3353b10a903a6d0ab1c4c")
ret = x25519(k, u)
self.assertEqual(
a2b_hex("c3da55379de9c6908e94ea4df28d084f"
"32eccf03491c71f754b4075577a28552"), ret)
def test_x25519_2(self):
k = a2b_hex("4b66e9d4d1b4673c5ad22691957d6af"
"5c11b6421e0ea01d42ca4169e7918ba0d")
u = a2b_hex("e5210f12786811d3f4b7959d0538ae2"
"c31dbe7106fc03c3efc4cd549c715a493")
ret = x25519(k, u)
self.assertEqual(
ret,
a2b_hex("95cbde9476e8907d7aade45cb4b873f88"
"b595a68799fa152e6f8f7647aac7957"))
def test_x448_ecdh_b_share(self):
b_random = a2b_hex("1c306a7ac2a0e2e0990b294470cb"
"a339e6453772b075811d8fad0d1d"
"6927c120bb5ee8972b0d3e21374c"
"9c921b09d1b0366f10b65173992d")
b_public = x448(b_random, bytearray(X448_G))
self.assertEqual(b_public,
a2b_hex("3eb7a829b0cd20f5bcfc0b599b6f"
"eccf6da4627107bdb0d4f345b430"
"27d8b972fc3e34fb4232a13ca706"
"dcb57aec3dae07bdc1c67bf33609"))
def test_x448_ecdh_a_share(self):
a_random = a2b_hex("9a8f4925d1519f5775cf46b04b58"
"00d4ee9ee8bae8bc5565d498c28d"
"d9c9baf574a94197448973910063"
"82a6f127ab1d9ac2d8c0a598726b")
a_public = x448(a_random, bytearray(X448_G))
self.assertEqual(a_public,
a2b_hex("9b08f7cc31b7e3e67d22d5aea121"
"074a273bd2b83de09c63faa73d2c"
"22c5d9bbc836647241d953d40c5b"
"12da88120d53177f80e532c41fa0"))
def test_x25519_thousand_iterations(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
for _ in range(1000):
u, k = bytearray(k), x25519(k, u)
self.assertEqual(
k,
a2b_hex("684cf59ba83309552800ef566f2f4d3c"
"1c3887c49360e3875f2eb94d99532c51"))
def test_x25519_million_iterations(self):
k = a2b_hex("0900000000000000000000000000000"
"000000000000000000000000000000000")
u = bytearray(k)
for _ in range(1000000):
u, k = bytearray(k), x25519(k, u)
self.assertEqual(
k,
a2b_hex("7c3911e0ab2586fd864497297e575e6f3b"
"c601c0883c30df5f4dd2d24f665424"))
def test_x448_ecdh_b_share(self):
b_random = a2b_hex("1c306a7ac2a0e2e0990b294470cb"
"a339e6453772b075811d8fad0d1d"
"6927c120bb5ee8972b0d3e21374c"
"9c921b09d1b0366f10b65173992d")
b_public = x448(b_random, bytearray(X448_G))
self.assertEqual(
b_public,
a2b_hex("3eb7a829b0cd20f5bcfc0b599b6f"
"eccf6da4627107bdb0d4f345b430"
"27d8b972fc3e34fb4232a13ca706"
"dcb57aec3dae07bdc1c67bf33609"))
def test_x448_ecdh_a_share(self):
a_random = a2b_hex("9a8f4925d1519f5775cf46b04b58"
"00d4ee9ee8bae8bc5565d498c28d"
"d9c9baf574a94197448973910063"
"82a6f127ab1d9ac2d8c0a598726b")
a_public = x448(a_random, bytearray(X448_G))
self.assertEqual(
a_public,
a2b_hex("9b08f7cc31b7e3e67d22d5aea121"
"074a273bd2b83de09c63faa73d2c"
"22c5d9bbc836647241d953d40c5b"
"12da88120d53177f80e532c41fa0"))
def test_x448_one_iteration(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
ret = x448(k, u)
self.assertEqual(ret,
a2b_hex("3f482c8a9f19b01e6c46ee9711d9dc14fd"
"4bf67af30765c2ae2b846a"
"4d23a8cd0db897086239492caf350b51f8"
"33868b9bc2b3bca9cf4113"))
def test_all_zero_k(self):
k = bytearray(56)
u = a2b_hex("06fce640fa3487bfda5f6cf2d5263f8"
"aad88334cbd07437f020f08f9"
"814dc031ddbdc38c19c6da2583fa542"
"9db94ada18aa7a7fb4ef8a086")
ret = x448(k, u)
self.assertEqual(ret,
a2b_hex("f8d21fea4fe227fa556d27ec5317d839"
"4db22217e27a96c8f7b47d36a4e15ba1"
"bef872684ba18ee5ce72577b0aed87e9"
"8a3714ab32d9d169"))
def test_x448_thousand_iterations(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
for _ in range(1000):
u, k = bytearray(k), x448(k, u)
self.assertEqual(k,
a2b_hex("aa3b4749d55b9daf1e5b00288826c46727"
"4ce3ebbdd5c17b975e09d4"
"af6c67cf10d087202db88286e2b79fceea"
"3ec353ef54faa26e219f38"))
def test_x448_one_iteration(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
ret = x448(k, u)
self.assertEqual(
ret,
a2b_hex("3f482c8a9f19b01e6c46ee9711d9dc14fd"
"4bf67af30765c2ae2b846a"
"4d23a8cd0db897086239492caf350b51f8"
"33868b9bc2b3bca9cf4113"))
def test_all_zero_k(self):
k = bytearray(56)
u = a2b_hex("06fce640fa3487bfda5f6cf2d5263f8"
"aad88334cbd07437f020f08f9"
"814dc031ddbdc38c19c6da2583fa542"
"9db94ada18aa7a7fb4ef8a086")
ret = x448(k, u)
self.assertEqual(
ret,
a2b_hex("f8d21fea4fe227fa556d27ec5317d839"
"4db22217e27a96c8f7b47d36a4e15ba1"
"bef872684ba18ee5ce72577b0aed87e9"
"8a3714ab32d9d169"))
def test_x448_million_iterations(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
for _ in range(1000000):
u, k = bytearray(k), x448(k, u)
self.assertEqual(k,
a2b_hex("077f453681caca3693198420bbe515cae"
"0002472519b3e67661a7e89"
"cab94695c8f4bcd66e61b9b9c946da8d5"
"24de3d69bd9d9d66b997e37"))
def test_x448_million_iterations(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
for _ in range(1000000):
u, k = bytearray(k), x448(k, u)
self.assertEqual(
k,
a2b_hex("077f453681caca3693198420bbe515cae"
"0002472519b3e67661a7e89"
"cab94695c8f4bcd66e61b9b9c946da8d5"
"24de3d69bd9d9d66b997e37"))
def test_x448_thousand_iterations(self):
k = a2b_hex("05000000000000000000000000000000000000000"
"000000000000000"
"00000000000000000000000000000000000000000"
"000000000000000")
u = bytearray(k)
for _ in range(1000):
u, k = bytearray(k), x448(k, u)
self.assertEqual(
k,
a2b_hex("aa3b4749d55b9daf1e5b00288826c46727"
"4ce3ebbdd5c17b975e09d4"
"af6c67cf10d087202db88286e2b79fceea"
"3ec353ef54faa26e219f38"))
def test_x25519_ecdh_shared(self):
a_random = a2b_hex("77076d0a7318a57d3c16c17251b26645df4"
"c2f87ebc0992ab177fba51db92c2a")
a_public = x25519(a_random, bytearray(X25519_G))
b_random = a2b_hex("5dab087e624a8a4b79e17f8b83800ee6"
"6f3bb1292618b6fd1c2f8b27ff88e0eb")
b_public = x25519(b_random, bytearray(X25519_G))
a_shared = x25519(a_random, b_public)
b_shared = x25519(b_random, a_public)
self.assertEqual(a_shared, b_shared)
self.assertEqual(a_shared,
a2b_hex("4a5d9d5ba4ce2de1728e3bf480350f25"
"e07e21c947d19e3376f09b3c1e161742"))
def test_x448_2(self):
k = a2b_hex("203d494428b8399352665ddca42f9de"
"8fef600908e0d461cb021f8c5"
"38345dd77c3e4806e25f46d3315c44e"
"0a5b4371282dd2c8d5be3095f")
u = a2b_hex("0fbcc2f993cd56d3305b0b7d9e55d4c"
"1a8fb5dbb52f8e9a1e9b6201b"
"165d015894e56c4d3570bee52fe205e"
"28a78b91cdfbde71ce8d157db")
ret = x448(k, u)
self.assertEqual(ret,
a2b_hex("884a02576239ff7a2f2f63b2db6a9ff37"
"047ac13568e1e30fe63c4a7"
"ad1b3ee3a5700df34321d62077e63633c"
"575c1c954514e99da7c179d"))
def test_x25519_decode(self):
value = a2b_hex('e6db6867583030db3594c1a424b15f7c7'
'26624ec26b3353b10a903a6d0ab1c4c')
scalar = decodeUCoordinate(value, 255)
self.assertEqual(scalar, int("344264340339195944511551077811888216513"
"16167215306631574996226621102155684838"))
def test_x448_1(self):
k = a2b_hex("3d262fddf9ec8e88495266fea19a34d"
"28882acef045104d0d1aae121"
"700a779c984c24f8cdd78fbff44943e"
"ba368f54b29259a4f1c600ad3")
u = a2b_hex("06fce640fa3487bfda5f6cf2d5263f8"
"aad88334cbd07437f020f08f9"
"814dc031ddbdc38c19c6da2583fa542"
"9db94ada18aa7a7fb4ef8a086")
ret = x448(k, u)
self.assertEqual(ret,
a2b_hex("ce3e4ff95a60dc6697da1db1d85e6afbd"
"f79b50a2412d7546d5f239f"
"e14fbaadeb445fc66a01b0779d9822396"
"1111e21766282f73dd96b6f"))
def test_x25519_decode_scalar(self):
value = a2b_hex('a546e36bf0527c9d3b16154b82465edd6'
'2144c0ac1fc5a18506a2244ba449ac4')
scalar = decodeScalar22519(value)
self.assertEqual(scalar, int("310298424921150409048955604518630896564"
"72772604678260265531221036453811406496"))
def test_all_zero_u(self):
k = a2b_hex("a546e36bf0527c9d3b16154b82465ed"
"d62144c0ac1fc5a18506a2244ba449ac4")
u = bytearray(32)
ret = x25519(k, u)
self.assertEqual(ret, bytearray(32))
def test_x448_2(self):
k = a2b_hex("203d494428b8399352665ddca42f9de"
"8fef600908e0d461cb021f8c5"
"38345dd77c3e4806e25f46d3315c44e"
"0a5b4371282dd2c8d5be3095f")
u = a2b_hex("0fbcc2f993cd56d3305b0b7d9e55d4c"
"1a8fb5dbb52f8e9a1e9b6201b"
"165d015894e56c4d3570bee52fe205e"
"28a78b91cdfbde71ce8d157db")
ret = x448(k, u)
self.assertEqual(
ret,
a2b_hex("884a02576239ff7a2f2f63b2db6a9ff37"
"047ac13568e1e30fe63c4a7"
"ad1b3ee3a5700df34321d62077e63633c"
"575c1c954514e99da7c179d"))
def test_x448_1(self):
k = a2b_hex("3d262fddf9ec8e88495266fea19a34d"
"28882acef045104d0d1aae121"
"700a779c984c24f8cdd78fbff44943e"
"ba368f54b29259a4f1c600ad3")
u = a2b_hex("06fce640fa3487bfda5f6cf2d5263f8"
"aad88334cbd07437f020f08f9"
"814dc031ddbdc38c19c6da2583fa542"
"9db94ada18aa7a7fb4ef8a086")
ret = x448(k, u)
self.assertEqual(
ret,
a2b_hex("ce3e4ff95a60dc6697da1db1d85e6afbd"
"f79b50a2412d7546d5f239f"
"e14fbaadeb445fc66a01b0779d9822396"
"1111e21766282f73dd96b6f"))
def test_all_zero_u(self):
k = a2b_hex("a546e36bf0527c9d3b16154b82465ed"
"d62144c0ac1fc5a18506a2244ba449ac4")
u = bytearray(32)
ret = x25519(k, u)
self.assertEqual(ret,
bytearray(32))
def test_x25519_ecdh_shared(self):
a_random = a2b_hex("77076d0a7318a57d3c16c17251b26645df4"
"c2f87ebc0992ab177fba51db92c2a")
a_public = x25519(a_random, bytearray(X25519_G))
b_random = a2b_hex("5dab087e624a8a4b79e17f8b83800ee6"
"6f3bb1292618b6fd1c2f8b27ff88e0eb")
b_public = x25519(b_random, bytearray(X25519_G))
a_shared = x25519(a_random, b_public)
b_shared = x25519(b_random, a_public)
self.assertEqual(a_shared, b_shared)
self.assertEqual(
a_shared,
a2b_hex("4a5d9d5ba4ce2de1728e3bf480350f25"
"e07e21c947d19e3376f09b3c1e161742"))
def test_x25519_decode_scalar(self):
value = a2b_hex('a546e36bf0527c9d3b16154b82465edd6'
'2144c0ac1fc5a18506a2244ba449ac4')
scalar = decodeScalar22519(value)
self.assertEqual(
scalar,
int("310298424921150409048955604518630896564"
"72772604678260265531221036453811406496"))
def test_all_zero_u(self):
k = a2b_hex("3d262fddf9ec8e88495266fea19a34d"
"28882acef045104d0d1aae121"
"700a779c984c24f8cdd78fbff44943e"
"ba368f54b29259a4f1c600ad3")
u = bytearray(56)
ret = x448(k, u)
self.assertEqual(ret, bytearray(56))
def test_x25519_decode(self):
value = a2b_hex('e6db6867583030db3594c1a424b15f7c7'
'26624ec26b3353b10a903a6d0ab1c4c')
scalar = decodeUCoordinate(value, 255)
self.assertEqual(
scalar,
int("344264340339195944511551077811888216513"
"16167215306631574996226621102155684838"))
def test_all_zero_u(self):
k = a2b_hex("3d262fddf9ec8e88495266fea19a34d"
"28882acef045104d0d1aae121"
"700a779c984c24f8cdd78fbff44943e"
"ba368f54b29259a4f1c600ad3")
u = bytearray(56)
ret = x448(k, u)
self.assertEqual(ret,
bytearray(56))
def test_x448_decode_scalar(self):
value = a2b_hex('3d262fddf9ec8e88495266fea19a34d2'
'8882acef045104d0d1aae121'
'700a779c984c24f8cdd78fbff44943eb'
'a368f54b29259a4f1c600ad3')
scalar = decodeScalar448(value)
self.assertEqual(int("599189175373896402783756016145213256157230856"
"085026129926891459468622403380588640249457727"
"683869421921443004045221642549886377526240828"),
scalar)
def test_x448_decode_scalar(self):
value = a2b_hex('3d262fddf9ec8e88495266fea19a34d2'
'8882acef045104d0d1aae121'
'700a779c984c24f8cdd78fbff44943eb'
'a368f54b29259a4f1c600ad3')
scalar = decodeScalar448(value)
self.assertEqual(
int("599189175373896402783756016145213256157230856"
"085026129926891459468622403380588640249457727"
"683869421921443004045221642549886377526240828"), scalar)
def test_x448_ecdh_shared(self):
a_random = a2b_hex("9a8f4925d1519f5775cf46b04b58"
"00d4ee9ee8bae8bc5565d498c28d"
"d9c9baf574a94197448973910063"
"82a6f127ab1d9ac2d8c0a598726b")
a_public = x448(a_random, bytearray(X448_G))
b_random = a2b_hex("1c306a7ac2a0e2e0990b294470cb"
"a339e6453772b075811d8fad0d1d"
"6927c120bb5ee8972b0d3e21374c"
"9c921b09d1b0366f10b65173992d")
b_public = x448(b_random, bytearray(X448_G))
a_shared = x448(a_random, b_public)
b_shared = x448(b_random, a_public)
self.assertEqual(a_shared, b_shared)
self.assertEqual(a_shared,
a2b_hex("07fff4181ac6cc95ec1c16a94a0f"
"74d12da232ce40a77552281d282b"
"b60c0b56fd2464c335543936521c"
"24403085d59a449a5037514a879d"))
def test_x448_decode(self):
value = a2b_hex('06fce640fa3487bfda5f6cf2d5263f8'
'aad88334cbd07437f020f08f9'
'814dc031ddbdc38c19c6da2583fa542'
'9db94ada18aa7a7fb4ef8a086')
scalar = decodeUCoordinate(value, 448)
self.assertEqual(scalar, int("38223991081410733011622996123"
"4899377031416365"
"24057132514834655592243802516"
"2094455820962429"
"14297133958436003433731007979"
"1515452463053830"))
def test_x448_ecdh_shared(self):
a_random = a2b_hex("9a8f4925d1519f5775cf46b04b58"
"00d4ee9ee8bae8bc5565d498c28d"
"d9c9baf574a94197448973910063"
"82a6f127ab1d9ac2d8c0a598726b")
a_public = x448(a_random, bytearray(X448_G))
b_random = a2b_hex("1c306a7ac2a0e2e0990b294470cb"
"a339e6453772b075811d8fad0d1d"
"6927c120bb5ee8972b0d3e21374c"
"9c921b09d1b0366f10b65173992d")
b_public = x448(b_random, bytearray(X448_G))
a_shared = x448(a_random, b_public)
b_shared = x448(b_random, a_public)
self.assertEqual(a_shared, b_shared)
self.assertEqual(
a_shared,
a2b_hex("07fff4181ac6cc95ec1c16a94a0f"
"74d12da232ce40a77552281d282b"
"b60c0b56fd2464c335543936521c"
"24403085d59a449a5037514a879d"))
def test_x448_decode(self):
value = a2b_hex('06fce640fa3487bfda5f6cf2d5263f8'
'aad88334cbd07437f020f08f9'
'814dc031ddbdc38c19c6da2583fa542'
'9db94ada18aa7a7fb4ef8a086')
scalar = decodeUCoordinate(value, 448)
self.assertEqual(
scalar,
int("38223991081410733011622996123"
"4899377031416365"
"24057132514834655592243802516"
"2094455820962429"
"14297133958436003433731007979"
"1515452463053830"))
def test_sign_and_verify_with_sha254(self):
#message
msg = a2b_hex(
"812172f09cbae62517804885754125fc6066e9a902f9db2041eeddd7e8"
"da67e4a2e65d0029c45ecacea6002f9540eb1004c883a8f900fd84a98b"
"5c449ac49c56f3a91d8bed3f08f427935fbe437ce46f75cd666a070726"
"5c61a096698dc2f36b28c65ec7b6e475c8b67ddfb444b2ee6a984e9d6d"
"15233e25e44bd8d7924d129d")
# key
key = Python_DSAKey(
p=bytesToNumber(
a2b_hex(
"cba13e533637c37c0e80d9fcd052c1e41a88ac325c4ebe13b7170088d5"
"4eef4881f3d35eae47c210385a8485d2423a64da3ffda63a26f92cf5a3"
"04f39260384a9b7759d8ac1adc81d3f8bfc5e6cb10efb4e0f75867f4e8"
"48d1a338586dd0648feeb163647ffe7176174370540ee8a8f588da8cc1"
"43d939f70b114a7f981b8483")),
q=bytesToNumber(
a2b_hex("95031b8aa71f29d525b773ef8b7c6701ad8a5d99")),
g=bytesToNumber(
a2b_hex(
"45bcaa443d4cd1602d27aaf84126edc73bd773de6ece15e97e7fef46f1"
"3072b7adcaf7b0053cf4706944df8c4568f26c997ee7753000fbe477a3"
"7766a4e970ff40008eb900b9de4b5f9ae06e06db6106e78711f3a67fec"
"a74dd5bddcdf675ae4014ee9489a42917fbee3bb9f2a24df67512c1c35"
"c97bfbf2308eaacd28368c5c")),
y=bytesToNumber(
a2b_hex(
"4cd6178637d0f0de1488515c3b12e203a3c0ca652f2fe30d088dc7278a"
"87affa634a727a721932d671994a958a0f89223c286c3a9b10a9656054"
"2e2626b72e0cd28e5133fb57dc238b7fab2de2a49863ecf998751861ae"
"668bf7cad136e6933f57dfdba544e3147ce0e7370fa6e8ff1de690c51b"
"4aeedf0485183889205591e8")))
# signature
r = bytesToNumber(a2b_hex("76683a085d6742eadf95a61af75f881276cfd26a"))
s = bytesToNumber(a2b_hex("3b9da7f9926eaaad0bebd4845c67fcdb64d12453"))
sig = encode_sequence(encode_integer(r), encode_integer(s))
# test
self.assertTrue(key.hashAndVerify(sig, msg, hAlg="sha256"))
def test_sign_and_verify_with_sha224(self):
#message
msg = a2b_hex(
"fb2128052509488cad0745ed3e6312850dd96ddaf791f1e624e22a6b9beaa6"
"5319c325c78ef59cacba0ccfa722259f24f92c17b77a8f6d8e97c93d880d2d"
"8dbbbedcf6acefa06b0e476ca2013d0394bd90d56c10626ef43cea79d1ef0b"
"c7ac452bf9b9acaef70325e055ac006d34024b32204abea4be5faae0a6d46d"
"365ed0d9")
# key
key = Python_DSAKey(
p=bytesToNumber(
a2b_hex(
"8b9b32f5ba38faad5e0d506eb555540d0d7963195558ca308b7466228d"
"92a17b3b14b8e0ab77a9f3b2959a09848aa69f8df92cd9e9edef0adf79"
"2ce77bfceccadd9352700ca5faecf181fa0c326db1d6e5d352458011e5"
"1bd3248f4e3bd7c820d7e0a81932aca1eba390175e53eada197223674e"
"3900263e90f72d94e7447bff")),
q=bytesToNumber(
a2b_hex("bc550e965647fb3a20f245ec8475624abbb26edd")),
g=bytesToNumber(
a2b_hex(
"11333a931fba503487777376859fdc12f7c687b0948ae889d287f1b7a7"
"12ad220ae4f1ce379d0dbb5c9abf419621f005fc123c327e5055d18506"
"34c36d397e689e111d598c1c3636b940c84f42f436846e8e7fcad9012c"
"eda398720f32fffd1a45ab6136ce417069207ac140675b8f86dd063915"
"ae6f62b0cec729fbd509ac17")),
y=bytesToNumber(
a2b_hex(
"7e339f3757450390160e02291559f30bed0b2d758c5ccc2d8d456232bb"
"435ae49de7e7957e3aad9bfdcf6fd5d9b6ee3b521bc2229a8421dc2aa5"
"9b9952345a8fc1de49b348003a9b18da642d7f6f56e3bc665131ae9762"
"088a93786f7b4b72a4bcc308c67e2532a3a5bf09652055cc26bf3b1883"
"3598cffd7011f2285f794557")))
# signature
r = bytesToNumber(a2b_hex("afee719e7f848b54349ccc3b4fb26065833a4d8e"))
s = bytesToNumber(a2b_hex("734efe992256f31325e749bc32a24a1f957b3a1b"))
sig = encode_sequence(encode_integer(r), encode_integer(s))
# test
self.assertTrue(key.hashAndVerify(sig, msg, hAlg="sha224"))
def test_sign_and_verify_with_sha1(self):
#message
msg = a2b_hex(
"3b46736d559bd4e0c2c1b2553a33ad3c6cf23cac998d3d0c0e8fa4b19bca06"
"f2f386db2dcff9dca4f40ad8f561ffc308b46c5f31a7735b5fa7e0f9e6cb51"
"2e63d7eea05538d66a75cd0d4234b5ccf6c1715ccaaf9cdc0a2228135f716e"
"e9bdee7fc13ec27a03a6d11c5c5b3685f51900b1337153bc6c4e8f52920c33"
"fa37f4e7")
# key
key = Python_DSAKey(
p=bytesToNumber(
a2b_hex(
"a8f9cd201e5e35d892f85f80e4db2599a5676a3b1d4f190330ed3256b2"
"6d0e80a0e49a8fffaaad2a24f472d2573241d4d6d6c7480c80b4c67bb4"
"479c15ada7ea8424d2502fa01472e760241713dab025ae1b02e1703a14"
"35f62ddf4ee4c1b664066eb22f2e3bf28bb70a2a76e4fd5ebe2d122968"
"1b5b06439ac9c7e9d8bde283")),
q=bytesToNumber(
a2b_hex("f85f0f83ac4df7ea0cdf8f469bfeeaea14156495")),
g=bytesToNumber(
a2b_hex(
"2b3152ff6c62f14622b8f48e59f8af46883b38e79b8c74deeae9df131f"
"8b856e3ad6c8455dab87cc0da8ac973417ce4f7878557d6cdf40b35b4a"
"0ca3eb310c6a95d68ce284ad4e25ea28591611ee08b8444bd64b25f3f7"
"c572410ddfb39cc728b9c936f85f419129869929cdb909a6a3a99bbe08"
"9216368171bd0ba81de4fe33")),
y=bytesToNumber(
a2b_hex(
"313fd9ebca91574e1c2eebe1517c57e0c21b0209872140c5328761bbb2"
"450b33f1b18b409ce9ab7c4cd8fda3391e8e34868357c199e16a6b2eba"
"06d6749def791d79e95d3a4d09b24c392ad89dbf100995ae19c0106205"
"6bb14bce005e8731efde175f95b975089bdcdaea562b32786d96f5a31a"
"edf75364008ad4fffebb970b")))
# signature
r = bytesToNumber(a2b_hex("50ed0e810e3f1c7cb6ac62332058448bd8b284c0"))
s = bytesToNumber(a2b_hex("c6aded17216b46b7e4b6f2a97c1ad7cc3da83fde"))
sig = encode_sequence(encode_integer(r), encode_integer(s))
# test
self.assertTrue(key.hashAndVerify(sig, msg))
def handleArgs(argv, argString, flagsList=[]):
# Convert to getopt argstring format:
# Add ":" after each arg, ie "abc" -> "a:b:c:"
getOptArgString = ":".join(argString) + ":"
try:
opts, argv = getopt.getopt(argv, getOptArgString, flagsList)
except getopt.GetoptError as e:
printError(e)
# Default values if arg not present
privateKey = None
cert_chain = None
username = None
password = None
tacks = None
verifierDB = None
reqCert = False
directory = None
expLabel = None
expLength = 20
alpn = []
dhparam = None
psk = None
psk_ident = None
psk_hash = 'sha256'
resumption = False
for opt, arg in opts:
if opt == "-k":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
# OpenSSL/m2crypto does not support RSASSA-PSS certificates
privateKey = parsePEMKey(s,
private=True,
implementations=["python"])
elif opt == "-c":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
x509 = X509()
x509.parse(s)
cert_chain = X509CertChain([x509])
elif opt == "-u":
username = arg
elif opt == "-p":
password = arg
elif opt == "-t":
if tackpyLoaded:
s = open(arg, "rU").read()
tacks = Tack.createFromPemList(s)
elif opt == "-v":
verifierDB = VerifierDB(arg)
verifierDB.open()
elif opt == "-d":
directory = arg
elif opt == "--reqcert":
reqCert = True
elif opt == "-l":
expLabel = arg
elif opt == "-L":
expLength = int(arg)
elif opt == "-a":
alpn.append(bytearray(arg, 'utf-8'))
elif opt == "--param":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
dhparam = parseDH(s)
elif opt == "--psk":
psk = a2b_hex(arg)
elif opt == "--psk-ident":
psk_ident = arg
elif opt == "--psk-sha384":
psk_hash = 'sha384'
elif opt == "--resumption":
resumption = True
else:
assert (False)
# when no names provided, don't return array
if not alpn:
alpn = None
if (psk and not psk_ident) or (not psk and psk_ident):
printError("PSK and IDENTITY must be set together")
if not argv:
printError("Missing address")
if len(argv) > 1:
printError("Too many arguments")
#Split address into hostname/port tuple
address = argv[0]
address = address.split(":")
if len(address) != 2:
raise SyntaxError("Must specify <host>:<port>")
address = (address[0], int(address[1]))
# Populate the return list
retList = [address]
if "k" in argString:
retList.append(privateKey)
if "c" in argString:
retList.append(cert_chain)
if "u" in argString:
retList.append(username)
if "p" in argString:
retList.append(password)
if "t" in argString:
retList.append(tacks)
if "v" in argString:
retList.append(verifierDB)
if "d" in argString:
retList.append(directory)
if "reqcert" in flagsList:
retList.append(reqCert)
if "l" in argString:
retList.append(expLabel)
if "L" in argString:
retList.append(expLength)
if "a" in argString:
retList.append(alpn)
if "param=" in flagsList:
retList.append(dhparam)
if "psk=" in flagsList:
retList.append(psk)
if "psk-ident=" in flagsList:
retList.append(psk_ident)
if "psk-sha384" in flagsList:
retList.append(psk_hash)
if "resumption" in flagsList:
retList.append(resumption)
return retList
def main():
host = "localhost"
port = 4433
num_limit = None
run_exclude = set()
psk_prf = "sha256"
psk_secret = b'\xaa'
psk_ident = b'test'
argv = sys.argv[1:]
opts, args = getopt.getopt(argv, "h:p:e:n:",
["help", "psk=", "psk-iden=", "psk-sha384"])
for opt, arg in opts:
if opt == '-h':
host = arg
elif opt == '-p':
port = int(arg)
elif opt == '-e':
run_exclude.add(arg)
elif opt == '-n':
num_limit = int(arg)
elif opt == '--help':
help_msg()
sys.exit(0)
elif opt == '--psk':
psk_secret = a2b_hex(arg)
elif opt == '--psk-iden':
psk_ident = compatAscii2Bytes(arg)
elif opt == '--psk-sha384':
psk_prf = "sha384"
else:
raise ValueError("Unknown option: {0}".format(opt))
if args:
run_only = set(args)
else:
run_only = None
conversations = {}
conversation = Connect(host, port)
node = conversation
ciphers = []
if psk_prf == "sha256":
ciphers.append(CipherSuite.TLS_AES_128_GCM_SHA256)
else:
ciphers.append(CipherSuite.TLS_AES_256_GCM_SHA384)
ext = OrderedDict()
ext[ExtensionType.supported_versions] = SupportedVersionsExtension()\
.create([TLS_1_3_DRAFT, (3, 3)])
ext[ExtensionType.psk_key_exchange_modes] = PskKeyExchangeModesExtension()\
.create([PskKeyExchangeMode.psk_ke])
psk_settings = [(psk_ident, psk_secret, psk_prf)]
ext[ExtensionType.pre_shared_key] = psk_ext_gen(psk_settings)
mods = []
mods.append(psk_ext_updater(psk_settings))
node = node.add_child(
ClientHelloGenerator(ciphers, extensions=ext, modifiers=mods))
ext = {}
ext[ExtensionType.supported_versions] = srv_ext_handler_supp_vers
ext[ExtensionType.pre_shared_key] = gen_srv_ext_handler_psk(psk_settings)
node = node.add_child(ExpectServerHello(extensions=ext))
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectEncryptedExtensions())
node = node.add_child(ExpectFinished())
node = node.add_child(FinishedGenerator())
node = node.add_child(
ApplicationDataGenerator(bytearray(b"GET / HTTP/1.0\r\n\r\n")))
# This message is optional and may show up 0 to many times
cycle = ExpectNewSessionTicket()
node = node.add_child(cycle)
node.add_child(cycle)
node.next_sibling = ExpectApplicationData()
node = node.next_sibling.add_child(
AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
conversations["sanity"] = conversation
# run the conversation
good = 0
bad = 0
failed = []
if not num_limit:
num_limit = len(conversations)
# make sure that sanity test is run first and last
# to verify that server was running and kept running throught
sanity_test = ('sanity', conversations['sanity'])
ordered_tests = chain([sanity_test],
islice(
filter(lambda x: x[0] != 'sanity',
conversations.items()), num_limit),
[sanity_test])
for c_name, c_test in ordered_tests:
if run_only and c_name not in run_only or c_name in run_exclude:
continue
print("{0} ...".format(c_name))
runner = Runner(c_test)
res = True
try:
runner.run()
except Exception:
print("Error while processing")
print(traceback.format_exc())
res = False
if res:
good += 1
print("OK\n")
else:
bad += 1
failed.append(c_name)
print("Basic script for psk_ke key exchange in TLS 1.3")
print("Check if server supports a PSK handshake without use of DHE key")
print("exchange.")
print("version: {0}\n".format(version))
print("Test end")
print("successful: {0}".format(good))
print("failed: {0}".format(bad))
failed_sorted = sorted(failed, key=natural_sort_keys)
print(" {0}".format('\n '.join(repr(i) for i in failed_sorted)))
if bad > 0:
sys.exit(1)
def main():
host = "localhost"
port = 4433
num_limit = None
run_exclude = set()
expected_failures = {}
last_exp_tmp = None
psk_prf = "sha256"
psk_secret = b'\xaa'
psk_ident = b'test'
argv = sys.argv[1:]
opts, args = getopt.getopt(argv, "h:p:e:x:X:n:",
["help", "psk=", "psk-iden=", "psk-sha384"])
for opt, arg in opts:
if opt == '-h':
host = arg
elif opt == '-p':
port = int(arg)
elif opt == '-e':
run_exclude.add(arg)
elif opt == '-x':
expected_failures[arg] = None
last_exp_tmp = str(arg)
elif opt == '-X':
if not last_exp_tmp:
raise ValueError("-x has to be specified before -X")
expected_failures[last_exp_tmp] = str(arg)
elif opt == '-n':
num_limit = int(arg)
elif opt == '--help':
help_msg()
sys.exit(0)
elif opt == '--psk':
psk_secret = a2b_hex(arg)
elif opt == '--psk-iden':
psk_ident = compatAscii2Bytes(arg)
elif opt == '--psk-sha384':
psk_prf = "sha384"
else:
raise ValueError("Unknown option: {0}".format(opt))
if args:
run_only = set(args)
else:
run_only = None
conversations = {}
conversation = Connect(host, port)
node = conversation
ciphers = []
if psk_prf == "sha256":
ciphers.append(CipherSuite.TLS_AES_128_GCM_SHA256)
else:
ciphers.append(CipherSuite.TLS_AES_256_GCM_SHA384)
ext = OrderedDict()
ext[ExtensionType.supported_versions] = SupportedVersionsExtension()\
.create([TLS_1_3_DRAFT, (3, 3)])
groups = [GroupName.secp256r1]
key_shares = []
for group in groups:
key_shares.append(key_share_gen(group))
ext[ExtensionType.key_share] = ClientKeyShareExtension().create(key_shares)
ext[ExtensionType.supported_groups] = SupportedGroupsExtension()\
.create(groups)
ext[ExtensionType.psk_key_exchange_modes] = PskKeyExchangeModesExtension()\
.create([PskKeyExchangeMode.psk_dhe_ke])
psk_settings = [(psk_ident, psk_secret, psk_prf)]
ext[ExtensionType.pre_shared_key] = psk_ext_gen(psk_settings)
mods = []
mods.append(psk_ext_updater(psk_settings))
node = node.add_child(
ClientHelloGenerator(ciphers, extensions=ext, modifiers=mods))
ext = {}
ext[ExtensionType.supported_versions] = srv_ext_handler_supp_vers
ext[ExtensionType.pre_shared_key] = gen_srv_ext_handler_psk(psk_settings)
ext[ExtensionType.key_share] = srv_ext_handler_key_share
node = node.add_child(ExpectServerHello(extensions=ext))
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectEncryptedExtensions())
node = node.add_child(ExpectFinished())
node = node.add_child(FinishedGenerator())
node = node.add_child(
ApplicationDataGenerator(bytearray(b"GET / HTTP/1.0\r\n\r\n")))
# This message is optional and may show up 0 to many times
cycle = ExpectNewSessionTicket()
node = node.add_child(cycle)
node.add_child(cycle)
node.next_sibling = ExpectApplicationData()
node = node.next_sibling.add_child(
AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
conversations["sanity"] = conversation
# test with FFDHE
conversation = Connect(host, port)
node = conversation
ciphers = []
if psk_prf == "sha256":
ciphers.append(CipherSuite.TLS_AES_128_GCM_SHA256)
else:
ciphers.append(CipherSuite.TLS_AES_256_GCM_SHA384)
ext = OrderedDict()
ext[ExtensionType.supported_versions] = SupportedVersionsExtension()\
.create([TLS_1_3_DRAFT, (3, 3)])
groups = [GroupName.ffdhe2048]
key_shares = []
for group in groups:
key_shares.append(key_share_gen(group))
ext[ExtensionType.key_share] = ClientKeyShareExtension().create(key_shares)
ext[ExtensionType.supported_groups] = SupportedGroupsExtension()\
.create(groups)
ext[ExtensionType.psk_key_exchange_modes] = PskKeyExchangeModesExtension()\
.create([PskKeyExchangeMode.psk_dhe_ke])
psk_settings = [(psk_ident, psk_secret, psk_prf)]
ext[ExtensionType.pre_shared_key] = psk_ext_gen(psk_settings)
mods = []
mods.append(psk_ext_updater(psk_settings))
node = node.add_child(
ClientHelloGenerator(ciphers, extensions=ext, modifiers=mods))
ext = {}
ext[ExtensionType.supported_versions] = srv_ext_handler_supp_vers
ext[ExtensionType.pre_shared_key] = gen_srv_ext_handler_psk(psk_settings)
ext[ExtensionType.key_share] = srv_ext_handler_key_share
node = node.add_child(ExpectServerHello(extensions=ext))
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectEncryptedExtensions())
node = node.add_child(ExpectFinished())
node = node.add_child(FinishedGenerator())
node = node.add_child(
ApplicationDataGenerator(bytearray(b"GET / HTTP/1.0\r\n\r\n")))
# This message is optional and may show up 0 to many times
cycle = ExpectNewSessionTicket()
node = node.add_child(cycle)
node.add_child(cycle)
node.next_sibling = ExpectApplicationData()
node = node.next_sibling.add_child(
AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
conversations["ffdhe2048"] = conversation
# test with x25519
conversation = Connect(host, port)
node = conversation
ciphers = []
if psk_prf == "sha256":
ciphers.append(CipherSuite.TLS_AES_128_GCM_SHA256)
else:
ciphers.append(CipherSuite.TLS_AES_256_GCM_SHA384)
ext = OrderedDict()
ext[ExtensionType.supported_versions] = SupportedVersionsExtension()\
.create([TLS_1_3_DRAFT, (3, 3)])
groups = [GroupName.x25519]
key_shares = []
for group in groups:
key_shares.append(key_share_gen(group))
ext[ExtensionType.key_share] = ClientKeyShareExtension().create(key_shares)
ext[ExtensionType.supported_groups] = SupportedGroupsExtension()\
.create(groups)
ext[ExtensionType.psk_key_exchange_modes] = PskKeyExchangeModesExtension()\
.create([PskKeyExchangeMode.psk_dhe_ke])
psk_settings = [(psk_ident, psk_secret, psk_prf)]
ext[ExtensionType.pre_shared_key] = psk_ext_gen(psk_settings)
mods = []
mods.append(psk_ext_updater(psk_settings))
node = node.add_child(
ClientHelloGenerator(ciphers, extensions=ext, modifiers=mods))
ext = {}
ext[ExtensionType.supported_versions] = srv_ext_handler_supp_vers
ext[ExtensionType.pre_shared_key] = gen_srv_ext_handler_psk(psk_settings)
ext[ExtensionType.key_share] = srv_ext_handler_key_share
node = node.add_child(ExpectServerHello(extensions=ext))
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectEncryptedExtensions())
node = node.add_child(ExpectFinished())
node = node.add_child(FinishedGenerator())
node = node.add_child(
ApplicationDataGenerator(bytearray(b"GET / HTTP/1.0\r\n\r\n")))
# This message is optional and may show up 0 to many times
cycle = ExpectNewSessionTicket()
node = node.add_child(cycle)
node.add_child(cycle)
node.next_sibling = ExpectApplicationData()
node = node.next_sibling.add_child(
AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
conversations["x25519"] = conversation
# run the conversation
good = 0
bad = 0
xfail = 0
xpass = 0
failed = []
xpassed = []
if not num_limit:
num_limit = len(conversations)
# make sure that sanity test is run first and last
# to verify that server was running and kept running throughout
sanity_tests = [('sanity', conversations['sanity'])]
if run_only:
if num_limit > len(run_only):
num_limit = len(run_only)
regular_tests = [(k, v) for k, v in conversations.items()
if k in run_only]
else:
regular_tests = [(k, v) for k, v in conversations.items()
if (k != 'sanity') and k not in run_exclude]
sampled_tests = sample(regular_tests, min(num_limit, len(regular_tests)))
ordered_tests = chain(sanity_tests, sampled_tests, sanity_tests)
for c_name, c_test in ordered_tests:
if run_only and c_name not in run_only or c_name in run_exclude:
continue
print("{0} ...".format(c_name))
runner = Runner(c_test)
res = True
exception = None
try:
runner.run()
except Exception as exp:
exception = exp
print("Error while processing")
print(traceback.format_exc())
res = False
if c_name in expected_failures:
if res:
xpass += 1
xpassed.append(c_name)
print("XPASS-expected failure but test passed\n")
else:
if expected_failures[c_name] is not None and \
expected_failures[c_name] not in str(exception):
bad += 1
failed.append(c_name)
print("Expected error message: {0}\n".format(
expected_failures[c_name]))
else:
xfail += 1
print("OK-expected failure\n")
else:
if res:
good += 1
print("OK\n")
else:
bad += 1
failed.append(c_name)
print("Basic script for psk_dhe_ke key exchange in TLS 1.3")
print("Check if server supports a PSK handshake with use of DHE key")
print("exchange.")
print("Test end")
print(20 * '=')
print("version: {0}".format(version))
print(20 * '=')
print("TOTAL: {0}".format(len(sampled_tests) + 2 * len(sanity_tests)))
print("SKIP: {0}".format(
len(run_exclude.intersection(conversations.keys()))))
print("PASS: {0}".format(good))
print("XFAIL: {0}".format(xfail))
print("FAIL: {0}".format(bad))
print("XPASS: {0}".format(xpass))
print(20 * '=')
sort = sorted(xpassed, key=natural_sort_keys)
if len(sort):
print("XPASSED:\n\t{0}".format('\n\t'.join(repr(i) for i in sort)))
sort = sorted(failed, key=natural_sort_keys)
if len(sort):
print("FAILED:\n\t{0}".format('\n\t'.join(repr(i) for i in sort)))
if bad or xpass:
sys.exit(1)
def handleArgs(argv, argString, flagsList=[]):
# Convert to getopt argstring format:
# Add ":" after each arg, ie "abc" -> "a:b:c:"
getOptArgString = ":".join(argString) + ":"
try:
opts, argv = getopt.getopt(argv, getOptArgString, flagsList)
except getopt.GetoptError as e:
printError(e)
# Default values if arg not present
privateKey = None
cert_chain = None
username = None
password = None
tacks = None
verifierDB = None
reqCert = False
directory = None
expLabel = None
expLength = 20
alpn = []
dhparam = None
psk = None
psk_ident = None
psk_hash = 'sha256'
resumption = False
ssl3 = False
max_ver = None
tickets = None
for opt, arg in opts:
if opt == "-k":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
# OpenSSL/m2crypto does not support RSASSA-PSS certificates
privateKey = parsePEMKey(s, private=True,
implementations=["python"])
elif opt == "-c":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
cert_chain = X509CertChain()
cert_chain.parsePemList(s)
elif opt == "-u":
username = arg
elif opt == "-p":
password = arg
elif opt == "-t":
if tackpyLoaded:
s = open(arg, "rU").read()
tacks = Tack.createFromPemList(s)
elif opt == "-v":
verifierDB = VerifierDB(arg)
verifierDB.open()
elif opt == "-d":
directory = arg
elif opt == "--reqcert":
reqCert = True
elif opt == "-l":
expLabel = arg
elif opt == "-L":
expLength = int(arg)
elif opt == "-a":
alpn.append(bytearray(arg, 'utf-8'))
elif opt == "--param":
s = open(arg, "rb").read()
if sys.version_info[0] >= 3:
s = str(s, 'utf-8')
dhparam = parseDH(s)
elif opt == "--psk":
psk = a2b_hex(arg)
elif opt == "--psk-ident":
psk_ident = bytearray(arg, 'utf-8')
elif opt == "--psk-sha384":
psk_hash = 'sha384'
elif opt == "--resumption":
resumption = True
elif opt == "--ssl3":
ssl3 = True
elif opt == "--max-ver":
max_ver = ver_to_tuple(arg)
elif opt == "--tickets":
tickets = int(arg)
else:
assert(False)
# when no names provided, don't return array
if not alpn:
alpn = None
if (psk and not psk_ident) or (not psk and psk_ident):
printError("PSK and IDENTITY must be set together")
if not argv:
printError("Missing address")
if len(argv)>1:
printError("Too many arguments")
#Split address into hostname/port tuple
address = argv[0]
address = address.split(":")
if len(address) != 2:
raise SyntaxError("Must specify <host>:<port>")
address = ( address[0], int(address[1]) )
# Populate the return list
retList = [address]
if "k" in argString:
retList.append(privateKey)
if "c" in argString:
retList.append(cert_chain)
if "u" in argString:
retList.append(username)
if "p" in argString:
retList.append(password)
if "t" in argString:
retList.append(tacks)
if "v" in argString:
retList.append(verifierDB)
if "d" in argString:
retList.append(directory)
if "reqcert" in flagsList:
retList.append(reqCert)
if "l" in argString:
retList.append(expLabel)
if "L" in argString:
retList.append(expLength)
if "a" in argString:
retList.append(alpn)
if "param=" in flagsList:
retList.append(dhparam)
if "psk=" in flagsList:
retList.append(psk)
if "psk-ident=" in flagsList:
retList.append(psk_ident)
if "psk-sha384" in flagsList:
retList.append(psk_hash)
if "resumption" in flagsList:
retList.append(resumption)
if "ssl3" in flagsList:
retList.append(ssl3)
if "max-ver=" in flagsList:
retList.append(max_ver)
if "tickets=" in flagsList:
retList.append(tickets)
return retList
def test_u_decode_with_invalid_bits(self):
v = a2b_hex('e6db6867583030db3594c1a424b15f7c7'
'26624ec26b3353b10a903a6d0ab1c4c')
with self.assertRaises(ValueError):
decodeUCoordinate(v, 256)
