예제 #1
0
    def testPSSTestVector(self):
        # Test vector taken from http://www.rsa.com/rsalabs/node.asp?id=2125
        # ---------------------------------
        # Step-by-step RSASSA-PSS Signature
        # ---------------------------------
        
        # Message M to be signed:
        m = a2b_hex(bytes('85 9e ef 2f d7 8a ca 00 30 8b dc 47 11 93 bf 55\
        bf 9d 78 db 8f 8a 67 2b 48 46 34 f3 c9 c2 6e 64\
        78 ae 10 26 0f e0 dd 8c 08 2e 53 a5 29 3a f2 17\
        3c d5 0c 6d 5d 35 4f eb f7 8b 26 02 1c 25 c0 27\
        12 e7 8c d4 69 4c 9f 46 97 77 e4 51 e7 f8 e9 e0\
        4c d3 73 9c 6b bf ed ae 48 7f b5 56 44 e9 ca 74\
        ff 77 a5 3c b7 29 80 2f 6e d4 a5 ff a8 ba 15 98\
        90 fc'.replace(" ", ""),'utf-8'))

        # mHash    = Hash(M)
        # salt     = random string of octets
        # M'       = Padding || mHash || salt
        # H        = Hash(M')
        # DB       = Padding || salt 
        # dbMask   = MGF(H, length(DB))
        # maskedDB = DB xor dbMask (leftmost bit set to
        #            zero)
        # EM       = maskedDB || H || 0xbc
        
        # mHash:
        mHash = a2b_hex(bytes('37 b6 6a e0 44 58 43 35 3d 47 ec b0 b4 fd 14 c1\
        10 e6 2d 6a'.replace(" ", ""),'utf-8'))
        
        # salt:
        salt = a2b_hex(bytes('e3 b5 d5 d0 02 c1 bc e5 0c 2b 65 ef 88 a1 88 d8\
        3b ce 7e 61'.replace(" ", ""),'utf-8'))
        
        # M':
        mPrime = a2b_hex(bytes('00 00 00 00 00 00 00 00 37 b6 6a e0 44 58 43 35\
        3d 47 ec b0 b4 fd 14 c1 10 e6 2d 6a e3 b5 d5 d0\
        02 c1 bc e5 0c 2b 65 ef 88 a1 88 d8 3b ce 7e 61'.replace(" ", ""),'utf-8'))
        
        # H:
        H = a2b_hex(bytes('df 1a 89 6f 9d 8b c8 16 d9 7c d7 a2 c4 3b ad 54\
        6f be 8c fe'.replace(" ", ""),'utf-8'))
        
        # DB:
        DB = a2b_hex(bytes('00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\
        00 00 00 00 00 00 01 e3 b5 d5 d0 02 c1 bc e5 0c\
        2b 65 ef 88 a1 88 d8 3b ce 7e 61'.replace(" ", ""),'utf-8'))
        
        # dbMask:
        dbMask = a2b_hex(bytes('66 e4 67 2e 83 6a d1 21 ba 24 4b ed 65 76 b8 67\
        d9 a4 47 c2 8a 6e 66 a5 b8 7d ee 7f bc 7e 65 af\
        50 57 f8 6f ae 89 84 d9 ba 7f 96 9a d6 fe 02 a4\
        d7 5f 74 45 fe fd d8 5b 6d 3a 47 7c 28 d2 4b a1\
        e3 75 6f 79 2d d1 dc e8 ca 94 44 0e cb 52 79 ec\
        d3 18 3a 31 1f c8 97 39 a9 66 43 13 6e 8b 0f 46\
        5e 87 a4 53 5c d4 c5 9b 10 02 8d'.replace(" ", ""),'utf-8'))
        
        # maskedDB:
        maskedDB = a2b_hex(bytes('66 e4 67 2e 83 6a d1 21 ba 24 4b ed 65 76 b8 67\
        d9 a4 47 c2 8a 6e 66 a5 b8 7d ee 7f bc 7e 65 af\
        50 57 f8 6f ae 89 84 d9 ba 7f 96 9a d6 fe 02 a4\
        d7 5f 74 45 fe fd d8 5b 6d 3a 47 7c 28 d2 4b a1\
        e3 75 6f 79 2d d1 dc e8 ca 94 44 0e cb 52 79 ec\
        d3 18 3a 31 1f c8 96 da 1c b3 93 11 af 37 ea 4a\
        75 e2 4b db fd 5c 1d a0 de 7c ec'.replace(" ", ""),'utf-8'))
        
        # Encoded message EM:
        EM = a2b_hex(bytes('66 e4 67 2e 83 6a d1 21 ba 24 4b ed 65 76 b8 67\
        d9 a4 47 c2 8a 6e 66 a5 b8 7d ee 7f bc 7e 65 af\
        50 57 f8 6f ae 89 84 d9 ba 7f 96 9a d6 fe 02 a4\
        d7 5f 74 45 fe fd d8 5b 6d 3a 47 7c 28 d2 4b a1\
        e3 75 6f 79 2d d1 dc e8 ca 94 44 0e cb 52 79 ec\
        d3 18 3a 31 1f c8 96 da 1c b3 93 11 af 37 ea 4a\
        75 e2 4b db fd 5c 1d a0 de 7c ec df 1a 89 6f 9d\
        8b c8 16 d9 7c d7 a2 c4 3b ad 54 6f be 8c fe bc'.replace(" ", ""),'utf-8'))
        
        if debug:
            print("PSS Test Vector:")
            print("M     =>", m)
            print("Mlen  =>", len(m))
            print("mHash =>", mHash)
            print("salt  =>", salt)
            print("M'    =>", mPrime)
            print("H     =>", H)
            print("DB    =>", DB)
            print("dbmask=>", dbMask)
            print("masked=>", maskedDB)
            print("EM    =>", EM)
            print("EMLen =>", len(EM))
        
        pss = PSSPadding()
        realEM = pss.encode(m,len(EM)*8,salt)
        self.assertEqual(EM, realEM)
예제 #2
0
 def testPSSRountTripEquiv(self):
     pss = PSSPadding()
     m = b'This is a test message'
     em = pss.encode(m)
     self.assertTrue(pss.verify(m, em))