return names
# The private key and root certificate name are hard coded here:
# This is the root private key
ROOT_KEY = RSA(0x00c1541fac63d3b969aa231a02cb2e0d9ee7b26724f136c121b2c28bdae5caa87733cc407ad83842ef20ec67d941b448a1ce3557cf5ddebf3c9bde8f36f253ee73e670d1c4c6631d1ddc0e39cbde09b833f66347ea379c3fa891d61a0ca005b38b0b2cad1058e3589c9f30600be81e4ff4ac220972c17b74f92f03d72b496f643543d0b27a5227f1efee13c138888b23cb101877b3b4dc091f0b3bb6fc3c792187b05ab38e97862f8af6156bcbfbb824385132c6741e6c65cfcd5f13142421a210b95185884c4866f3ea644dfb8006133d14e72a4704f3e700cf827ca5ffd2ef74c2ab6a5259ffff40f0f7f607891388f917fc9fc9e65742df1bfa0b322140bb65,
65537,
0x00980f2db66ef249e4954074a5fbdf663135363a3071554ac4d19079661bd5b179c890ffaa5fc4a8c8e3116e81104fd7cd049f2a48dd2165332bb9fad511f6f817cb09b3c45cf1fa25d13e9331099c8578c173c74dae9dc3e83784ba0a7216e9e8144af8786221b741c167d033ad47a245e4da04aa710a44aff5cdc480b48adbba3575d1315555690f081f9f69691e801e34c21240bcd3df9573ec5f9aa290c5ed19404fb911ab28b7680e0be086487273db72da6621f24d8c66197a5f1b7687efe1d9e3b6655af2891d4540482e1246ff5f62ce61b8b5dcb2c66ade6bb41e0bf071445fb8544aa0a489780f770a6f1031ee19347641794f4ad17354d579a9d061)
# Root certificate CN
ROOT_CN = "Testing CA"
# All certificates are issued under this policy OID, in the Google arc:
CERT_POLICY_OID = asn1.OID([1, 3, 6, 1, 4, 1, 11129, 2, 4, 1])
# These result in the following root certificate:
# -----BEGIN CERTIFICATE-----
# MIIC1DCCAbygAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwpUZXN0
# aW5nIENBMB4XDTEwMDEwMTA2MDAwMFoXDTMyMTIwMTA2MDAwMFowFTETMBEGA1UE
# AxMKVGVzdGluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFU
# H6xj07lpqiMaAssuDZ7nsmck8TbBIbLCi9rlyqh3M8xAetg4Qu8g7GfZQbRIoc41
# V89d3r88m96PNvJT7nPmcNHExmMdHdwOOcveCbgz9mNH6jecP6iR1hoMoAWziwss
# rRBY41icnzBgC+geT/SsIglywXt0+S8D1ytJb2Q1Q9CyelIn8e/uE8E4iIsjyxAY
# d7O03AkfCzu2/Dx5IYewWrOOl4YvivYVa8v7uCQ4UTLGdB5sZc/NXxMUJCGiELlR
# hYhMSGbz6mRN+4AGEz0U5ypHBPPnAM+CfKX/0u90wqtqUln//0Dw9/YHiROI+Rf8
# n8nmV0LfG/oLMiFAu2UCAwEAAaMvMC0wEgYDVR0TAQH/BAgwBgEB/wIBATAXBgNV
# HSAEEDAOMAwGCisGAQQB1nkCBAEwDQYJKoZIhvcNAQELBQADggEBADNrvoAyqAVm
# bydPBBfLRqyH4DXt2vuMVmnSdnWnOxYiEezGmNSNiO1k1ZFBwVSsd+JHrT24lax9
# kvU1yQDW//PBu3ijfZOCaIUleQiGXHMGfV4MjzgYbxpvHOvEUC6IXmYCsIEwcZgK
counter[j] = 0
y += hashalg(seed + counter)
return y[:masklen]
class ASN1_MGFAlg(asn1.AlgID):
def __init__(self, oid, hash_alg, func):
self.oid = oid
self.param = hash_alg
self.func = func
def decode(self, octets, index=0):
ls = asn1.decode(octets, index)
if (len(ls) != 2 or not isinstance(ls[0], asn1.OID)
or not isinstance(ls[1], list)):
raise DecodeError
self.oid = ls[0]
self.hash_alg = cryptohash.ASN1_HashAlg.fromlist(ls[1])
@classmethod
def fromlist(cls, ls):
return cls(ls[0], cryptohash.ASN1_HashAlg.fromlist(ls[1]))
def __call__(self, seed, masklen):
return self.func(seed, masklen, self.param)
id_mgf1 = asn1.OID("1.2.840.113549.1.1.8",
"/ISO/Member-Body/US/RSADSI/PKCS/PKCS-1/MGF1")
alg_mgf1sha1 = ASN1_MGFAlg(id_mgf1, cryptohash.alg_sha1, mgf1)
"""Rivest-Shamir–Adleman public-key cryptosystem specified in FIPS 186."""
from arith import basic, mod, primes
import mgf
import asn1
import warnings
import random
import textwrap
import cryptohash
import base64
import randomart
from common import *
id_pkcs1 = asn1.OID("1.2.840.113549.1.1",
"/ISO/Member-Body/US/RSADSI/PKCS/PKCS-1")
id_rsa = id_pkcs1.subnode("1", "RSAEncryption")
def secure_len(strength):
"""Return the bit length of RSA with security strength not less than required."""
# SP 800-57 Table 2
if strength <= 80:
return 1024
elif strength <= 112:
return 2048
elif strength <= 128:
return 3072
elif strength <= 192:
return 7680
elif strength <= 256:
return 15360
else:
def rawshake256l(message, l):
if isinstance(message, str):
return c_src.cryptohash.rawshake256l(bytes(message, "utf-8"), l)
else:
return c_src.cryptohash.rawshake256l(message, l)
def keccak_diy(message, l, cap, pad):
if isinstance(message, str):
return c_src.cryptohash.keccak_diy(bytes(message, "utf-8"), l, cap,
pad)
else:
return c_src.cryptohash.keccak_diy(message, l, cap, pad)
id_digest_alg = asn1.OID("1.2.840.113549.2",
"/ISO/Member-Body/US/RSADSI/DigestAlgorithm")
id_nist_hash = asn1.OID(
"2.16.840.1.101.3.4.2",
"/Joint-ISO-ITU-T/Country/US/Organization/gov/CSOR/NISTAlgorithm/HashAlgs",
)
id_secsig_alg = asn1.OID("1.3.14.3.2",
"/ISO/Identified-Organization/OIW/SecSIG/Algorithms")
id_md5 = id_digest_alg.subnode("5", "MD5")
alg_md5 = ASN1_HashAlg(id_md5, None, md5, 16, 18, 0)
id_sha1 = id_secsig_alg.subnode("26", "SHA1")
alg_sha1 = ASN1_HashAlg(id_sha1, None, sha1, 20, 62, 0)
id_sha224 = id_nist_hash.subnode("4", "SHA224")
alg_sha224 = ASN1_HashAlg(id_sha224, None, sha224, 28, 112, 32)
id_sha256 = id_nist_hash.subnode("1", "SHA256")
alg_sha256 = ASN1_HashAlg(id_sha256, None, sha256, 32, 128, 0)
id_sha384 = id_nist_hash.subnode("2", "SHA384")