def test_signature_validity(Msg, Qx, Qy, R, S, expected):
"""Msg = message, Qx and Qy represent the base point on
elliptic curve c192, R and S are the signature, and
"expected" is True iff the signature is expected to be valid."""
pubk = Public_key(generator_192,
ellipticcurve.Point(curve_192, Qx, Qy))
got = pubk.verifies(digest_integer(Msg), Signature(R, S))
if got == expected:
print "Signature tested as expected: got %s, expected %s." % \
( got, expected )
else:
raise TestFailure("*** Signature test failed: got %s, expected %s." % \
( got, expected ))
def from_string(klass, string, curve=NIST192p):
order = curve.order
assert len(string) == curve.verifying_key_length, \
(len(string), curve.verifying_key_length)
xs = string[:curve.baselen]
ys = string[curve.baselen:]
assert len(xs) == curve.baselen, (len(xs), curve.baselen)
assert len(ys) == curve.baselen, (len(ys), curve.baselen)
x = string_to_number(xs)
y = string_to_number(ys)
assert ecdsa.point_is_valid(curve.generator, x, y)
import ellipticcurve
point = ellipticcurve.Point(curve.curve, x, y, order)
return klass.from_public_point(point, curve)
def point_is_valid(generator, x, y):
"""Is (x,y) a valid public key based on the specified generator?"""
# These are the tests specified in X9.62.
n = generator.order()
curve = generator.curve()
if x < 0 or n <= x or y < 0 or n <= y:
return False
if not curve.contains_point(x, y):
return False
if not n * ellipticcurve.Point(curve, x, y) == ellipticcurve.INFINITY:
return False
return True
ellipticcurve.INFINITY:
return False
return True
# NIST Curve P-192:
_p = 6277101735386680763835789423207666416083908700390324961279L
_r = 6277101735386680763835789423176059013767194773182842284081L
# s = 0x3045ae6fc8422f64ed579528d38120eae12196d5L
# c = 0x3099d2bbbfcb2538542dcd5fb078b6ef5f3d6fe2c745de65L
_b = 0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1L
_Gx = 0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012L
_Gy = 0x07192b95ffc8da78631011ed6b24cdd573f977a11e794811L
curve_192 = ellipticcurve.CurveFp(_p, -3, _b)
generator_192 = ellipticcurve.Point(curve_192, _Gx, _Gy, _r)
# NIST Curve P-224:
_p = 26959946667150639794667015087019630673557916260026308143510066298881L
_r = 26959946667150639794667015087019625940457807714424391721682722368061L
# s = 0xbd71344799d5c7fcdc45b59fa3b9ab8f6a948bc5L
# c = 0x5b056c7e11dd68f40469ee7f3c7a7d74f7d121116506d031218291fbL
_b = 0xb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4L
_Gx = 0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21L
_Gy = 0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34L
curve_224 = ellipticcurve.CurveFp(_p, -3, _b)
generator_224 = ellipticcurve.Point(curve_224, _Gx, _Gy, _r)
# NIST Curve P-256:
_p = 115792089210356248762697446949407573530086143415290314195533631308867097853951L
meta = meta[:k1] + correct_sha[:0x10] + meta[k1 + 0x10:]
meta = meta[:k2] + correct_sha[0x10:] + ('\x00' * 0xC) + meta[k2 +
0x10:]
else:
print "Section already has correct hash"
# reinsert decrypted metadata into file
f = f[:meta_offset + 0x20] + meta_keys + meta_header + meta + f[meta_offset +
meta_len:]
# self signature is now invalid, so we need to fix it
print "Fixing signature"
sig_len = struct.unpack('>Q', meta_header[0x0:0x8])[0]
hash = int(hashlib.sha1(f[:sig_len]).hexdigest(), 16)
curve = ellipticcurve.CurveFp(p, a, b)
g = ellipticcurve.Point(curve, Gx, Gy, N)
pubkey = ecdsa.Public_key(g, g * priv)
privkey = ecdsa.Private_key(pubkey, priv)
sig = privkey.sign(hash, randrange(1, N))
meta = meta[:sig_len - meta_offset - 0x80] + '\x00' + pack(
sig.r, 160) + '\x00' + pack(sig.s,
160) + meta[sig_len - meta_offset - 0x80 + 42:]
# reencrypt metadata and reinsert into self
print "Re-encrypting and inserting metadata"
meta, crap = aes128ctr(meta, meta_key, meta_iv)
f = f[:meta_offset +
0x20] + meta_keys_enc + meta_header_enc + meta + f[meta_offset +
meta_len:]
# dump output to file