def create_ref_keys():
key_lines = load_file("ecc_p256.txt").splitlines()
private_key_d = bytes_to_long(compact(key_lines[2:5]))
public_key_xy = compact(key_lines[6:11])
assert bord(public_key_xy[0]) == 4 # Uncompressed
public_key_x = bytes_to_long(public_key_xy[1:33])
public_key_y = bytes_to_long(public_key_xy[33:])
return (ECC.construct(curve="P-256", d=private_key_d),
ECC.construct(curve="P-256", point_x=public_key_x, point_y=public_key_y))
def create_ref_keys():
key_lines = load_file("ecc_p256.txt").splitlines()
private_key_d = bytes_to_long(compact(key_lines[2:5]))
public_key_xy = compact(key_lines[6:11])
assert bord(public_key_xy[0]) == 4 # Uncompressed
public_key_x = bytes_to_long(public_key_xy[1:33])
public_key_y = bytes_to_long(public_key_xy[33:])
return (ECC.construct(curve="P-256", d=private_key_d),
ECC.construct(curve="P-256", point_x=public_key_x, point_y=public_key_y))
def create_ref_keys_p521():
key_len = 66
key_lines = load_file("ecc_p521.txt").splitlines()
private_key_d = bytes_to_long(compact(key_lines[2:7]))
public_key_xy = compact(key_lines[8:17])
assert bord(public_key_xy[0]) == 4 # Uncompressed
public_key_x = bytes_to_long(public_key_xy[1:key_len+1])
public_key_y = bytes_to_long(public_key_xy[key_len+1:])
return (ECC.construct(curve="P-521", d=private_key_d),
ECC.construct(curve="P-521", point_x=public_key_x, point_y=public_key_y))
def test_equality(self):
private_key = ECC.construct(d=3, curve="P-256")
private_key2 = ECC.construct(d=3, curve="P-256")
private_key3 = ECC.construct(d=4, curve="P-256")
public_key = private_key.public_key()
public_key2 = private_key2.public_key()
public_key3 = private_key3.public_key()
self.assertEqual(private_key, private_key2)
self.assertNotEqual(private_key, private_key3)
self.assertEqual(public_key, public_key2)
self.assertNotEqual(public_key, public_key3)
self.assertNotEqual(public_key, private_key)
def _convert_key_format(key_bits: BinaryStr, key_type: str):
if key_type == 'rsa':
return RSA.import_key(key_bits).export_key(format='DER')
elif key_type == 'ec':
xp = int.from_bytes(key_bits[1:33], 'big')
yp = int.from_bytes(key_bits[33:], 'big')
return ECC.construct(curve='P-256', point_x=xp, point_y=yp).export_key(format='DER')
else:
raise ValueError(f'Unsupported key type {key_type}')
def receive_msg1(self, msg: bytes) -> bytes:
io = BytesIO(msg)
Gax = io.read(32)
Gay = io.read(32)
gid = io.read(4)
self.Ga = ECC.construct(curve=self.CURVE_NAME,
point_x=_load_int(Gax),
point_y=_load_int(Gay))
self.epid_group_id = _load_int(gid)
self._handle_msg1_msg2()
return self._generate_msg2()
def test_construct(self):
curve = _curves['p521']
key = ECC.construct(curve="P-521", d=1)
self.failUnless(key.has_private())
self.assertEqual(key.pointQ, _curves['p521'].G)
key = ECC.construct(curve="P-521", point_x=curve.Gx, point_y=curve.Gy)
self.failIf(key.has_private())
self.assertEqual(key.pointQ, curve.G)
# Other names
ECC.construct(curve="p521", d=1)
ECC.construct(curve="secp521r1", d=1)
ECC.construct(curve="prime521v1", d=1)
def test_construct(self):
key = ECC.construct(curve="P-256", d=1)
self.assertTrue(key.has_private())
self.assertEqual(key.pointQ, _curves['p256'].G)
key = ECC.construct(curve="P-256", point_x=_curves['p256'].Gx,
point_y=_curves['p256'].Gy)
self.assertFalse(key.has_private())
self.assertEqual(key.pointQ, _curves['p256'].G)
# Other names
ECC.construct(curve="p256", d=1)
ECC.construct(curve="secp256r1", d=1)
ECC.construct(curve="prime256v1", d=1)
def test_construct(self):
curve = _curves['p384']
key = ECC.construct(curve="P-384", d=1)
self.assertTrue(key.has_private())
self.assertEqual(key.pointQ, _curves['p384'].G)
key = ECC.construct(curve="P-384", point_x=curve.Gx, point_y=curve.Gy)
self.assertFalse(key.has_private())
self.assertEqual(key.pointQ, curve.G)
# Other names
ECC.construct(curve="p384", d=1)
ECC.construct(curve="secp384r1", d=1)
ECC.construct(curve="prime384v1", d=1)
def test_repr(self):
p1 = ECC.construct(
curve='P-256',
d=
75467964919405407085864614198393977741148485328036093939970922195112333446269,
point_x=
20573031766139722500939782666697015100983491952082159880539639074939225934381,
point_y=
108863130203210779921520632367477406025152638284581252625277850513266505911389
)
self.assertEqual(
repr(p1),
"EccKey(curve='NIST P-256', point_x=20573031766139722500939782666697015100983491952082159880539639074939225934381, point_y=108863130203210779921520632367477406025152638284581252625277850513266505911389, d=75467964919405407085864614198393977741148485328036093939970922195112333446269)"
)
def _convert_key_format(key_bits, key_type: str):
if key_type == 'rsa':
raise NotImplementedError('RSA on CNG is not implemented yet')
elif key_type == 'ec':
cng = Cng()
pubkey_stru = c.cast(key_bits, c.POINTER(cng.BcryptEcckeyBlob))[0]
base_idx = c.sizeof(cng.BcryptEcckeyBlob)
key_x = int.from_bytes(
key_bits[base_idx:base_idx + pubkey_stru.cb_key], 'big')
key_y = int.from_bytes(key_bits[base_idx + pubkey_stru.cb_key:],
'big')
return ECC.construct(curve='P-256', point_x=key_x,
point_y=key_y).export_key(format='DER')
else:
raise ValueError(f'Unsupported key type {key_type}')
def test_construct(self):
key = ECC.construct(curve="P-256", d=1)
self.failUnless(key.has_private())
self.assertEqual(key.pointQ, _curve.G)
key = ECC.construct(curve="P-256", point_x=_curve.Gx, point_y=_curve.Gy)
self.failIf(key.has_private())
self.assertEqual(key.pointQ, _curve.G)
# Other names
ECC.construct(curve="secp256r1", d=1)
ECC.construct(curve="prime256v1", d=1)
def extract_config(filebuf):
conf_dict = {}
pe = None
try:
pe = pefile.PE(data=filebuf, fast_load=False)
except Exception:
pass
if pe is None:
return
image_base = pe.OPTIONAL_HEADER.ImageBase
c2found = False
c2list_va_offset = 0
c2_list_offset = 0
delta = 0
yara_matches = yara_scan(filebuf)
if yara_matches.get("$snippet3"):
c2list_va_offset = int(yara_matches["$snippet3"])
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + 2:c2list_va_offset + 6])[0]
c2_list_rva = c2_list_va & 0xFFFF if c2_list_va - image_base > 0x20000 else c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError:
pass
while True:
try:
ip = struct.unpack(
"<I", filebuf[c2_list_offset:c2_list_offset + 4])[0]
except Exception:
return
if ip == 0:
return
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack("H", filebuf[c2_list_offset + 4:c2_list_offset +
6])[0])
if not c2_address or not port:
return
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2_list_offset += 8
elif yara_matches.get("$snippet4"):
c2list_va_offset = int(yara_matches["$snippet4"])
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + 8:c2list_va_offset + 12])[0]
c2_list_rva = c2_list_va & 0xFFFF if c2_list_va - image_base > 0x20000 else c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError:
pass
while True:
try:
ip = struct.unpack(
"<I", filebuf[c2_list_offset:c2_list_offset + 4])[0]
except Exception:
return
if ip == 0:
return
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack("H", filebuf[c2_list_offset + 4:c2_list_offset +
6])[0])
if not c2_address or not port:
return
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2_list_offset += 8
elif any(
yara_matches.get(name, False)
for name in ("$snippet5", "$snippet8", "$snippet9", "$snippetB",
"$snippetC", "$comboA1", "$comboA2")):
delta = 5
if yara_matches.get("$snippet5"):
refc2list = yara_matches.get("$snippet5")
elif yara_matches.get("$snippet8"):
refc2list = yara_matches.get("$snippet8")
elif yara_matches.get("$snippet9"):
refc2list = yara_matches.get("$snippet8")
c2list_va_offset = int(yara_matches["$snippet9"])
tb = struct.unpack(
"b", filebuf[c2list_va_offset + 5:c2list_va_offset + 6])[0]
if tb == 0x48:
delta += 1
elif yara_matches.get("$snippetB"):
delta = 9
refc2list = yara_matches.get("$snippetB")
elif yara_matches.get("$snippetC"):
delta = 8
refc2list = yara_matches.get("$snippetC")
elif yara_matches.get("$comboA1"):
refc2list = yara_matches.get("$comboA1")
elif yara_matches.get("$comboA2"):
delta = 6
refc2list = yara_matches.get("$comboA2")
if refc2list:
c2list_va_offset = int(refc2list)
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + delta:c2list_va_offset +
delta + 4])[0]
c2_list_rva = c2_list_va & 0xFFFF if c2_list_va - image_base > 0x40000 else c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError as err:
log.error(err)
return
while True:
preip = filebuf[c2_list_offset:c2_list_offset + 4]
if not preip:
return
try:
ip = struct.unpack("<I", preip)[0]
except Exception as e:
log.error(e)
break
if ip == 0:
break
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack(
"H",
filebuf[c2_list_offset + 4:c2_list_offset + 6])[0])
if not c2_address or not port:
break
conf_dict.setdefault("address",
[]).append(f"{c2_address}:{port}")
c2found = True
c2_list_offset += 8
elif yara_matches.get("$snippet6"):
c2list_va_offset = int(yara_matches["$snippet6"])
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + 15:c2list_va_offset + 19])[0]
c2_list_rva = c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError:
pass
while True:
preip = filebuf[c2_list_offset:c2_list_offset + 4]
if not preip:
break
try:
ip = struct.unpack("<I", preip)[0]
except Exception as e:
log.error(e)
break
if ip == 0:
break
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack("H", filebuf[c2_list_offset + 4:c2_list_offset +
6])[0])
if not c2_address or not port:
break
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2found = True
c2_list_offset += 8
elif yara_matches.get("$snippet7"):
c2list_va_offset = int(yara_matches["$snippet7"])
delta = 26
hb = struct.unpack(
"b", filebuf[c2list_va_offset + 29:c2list_va_offset + 30])[0]
if hb:
delta += 1
c2_list_va = struct.unpack(
"I",
filebuf[c2list_va_offset + delta:c2list_va_offset + delta + 4])[0]
c2_list_rva = c2_list_va & 0xFFFF if c2_list_va - image_base > 0x20000 else c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError:
pass
while True:
try:
ip = struct.unpack(
"<I", filebuf[c2_list_offset:c2_list_offset + 4])[0]
except Exception:
break
if ip == 0:
break
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack("H", filebuf[c2_list_offset + 4:c2_list_offset +
6])[0])
if not c2_address or not port:
break
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2found = True
c2_list_offset += 8
elif yara_matches.get("$snippetA"):
c2list_va_offset = int(yara_matches["$snippetA"])
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + 24:c2list_va_offset + 28])[0]
c2_list_rva = c2_list_va & 0xFFFF if c2_list_va - image_base > 0x20000 else c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError:
pass
while True:
try:
ip = struct.unpack(
"<I", filebuf[c2_list_offset:c2_list_offset + 4])[0]
except Exception:
break
if ip == 0:
break
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(
struct.unpack("H", filebuf[c2_list_offset + 4:c2_list_offset +
6])[0])
if not c2_address or not port:
break
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2found = True
c2_list_offset += 8
elif yara_matches.get("$snippetD"):
delta = 6
c2list_va_offset = int(yara_matches["$snippetD"])
elif yara_matches.get("$snippetE"):
delta = 13
c2list_va_offset = int(yara_matches["$snippetE"])
elif yara_matches.get("$snippetF"):
delta = 9
c2list_va_offset = int(yara_matches["$snippetF"])
elif yara_matches.get("$snippetG"):
delta = -4
c2list_va_offset = int(yara_matches["$snippetG"])
elif yara_matches.get("$snippetH"):
delta = 12
c2list_va_offset = int(yara_matches["$snippetH"])
elif yara_matches.get("$snippetI"):
delta = -4
c2list_va_offset = int(yara_matches["$snippetI"])
elif yara_matches.get("$snippetJ"):
delta = 14
c2list_va_offset = int(yara_matches["$snippetJ"])
elif yara_matches.get("$snippetK"):
delta = -5
c2list_va_offset = int(yara_matches["$snippetK"])
elif yara_matches.get("$snippetL"):
delta = -4
c2list_va_offset = int(yara_matches["$snippetL"])
elif yara_matches.get("$snippetM"):
delta = 12
c2list_va_offset = int(yara_matches["$snippetM"])
elif yara_matches.get("$snippetN"):
delta = 9
c2list_va_offset = int(yara_matches["$snippetN"])
elif yara_matches.get("$snippetO"):
delta = 5
c2list_va_offset = int(yara_matches["$snippetO"])
elif yara_matches.get("$snippetP"):
delta = 17
c2list_va_offset = int(yara_matches["$snippetP"])
elif yara_matches.get("$snippetQ"):
delta = 5
c2list_va_offset = int(yara_matches["$snippetQ"])
elif yara_matches.get("$snippetR"):
delta = 18
c2list_va_offset = int(yara_matches["$snippetR"])
elif yara_matches.get("$snippetS"):
delta = -4
c2list_va_offset = int(yara_matches["$snippetS"])
elif yara_matches.get("$snippetT"):
delta = 13
c2list_va_offset = int(yara_matches["$snippetT"])
elif yara_matches.get("$snippetU"):
delta = 13
c2list_va_offset = int(yara_matches["$snippetU"])
elif yara_matches.get("$snippetV"):
delta = 14
c2list_va_offset = int(yara_matches["$snippetV"])
elif yara_matches.get("$snippetW"):
delta = 10
c2_delta_offset = int(yara_matches["$snippetW"])
elif yara_matches.get("$snippetX"):
delta = 3
c2_delta_offset = int(yara_matches["$snippetX"])
if delta:
if c2list_va_offset:
c2_list_va = struct.unpack(
"I", filebuf[c2list_va_offset + delta:c2list_va_offset +
delta + 4])[0]
c2_list_rva = c2_list_va - image_base
try:
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
except pefile.PEFormatError as err:
log.error(err)
return
elif c2_delta_offset:
c2_delta = struct.unpack(
"i", filebuf[c2_delta_offset + delta:c2_delta_offset + delta +
4])[0]
c2_list_rva = pe.get_rva_from_offset(
c2_delta_offset) + c2_delta + delta + 4
c2_list_offset = pe.get_offset_from_rva(c2_list_rva)
key = filebuf[c2_list_offset:c2_list_offset + 4]
presize = filebuf[c2_list_offset + 4:c2_list_offset + 8]
if not presize:
return
size = struct.unpack("I", presize)[0] ^ struct.unpack("I", key)[0]
if size > 1000:
log.info("Anomalous C2 list size 0x%x", size)
return
c2_list_offset += 8
c2_list = xor_data(filebuf[c2_list_offset:], key)
offset = 0
while offset < size:
try:
ip = struct.unpack(">I", c2_list[offset:offset + 4])[0]
except Exception:
break
if ip == struct.unpack(">I", key)[0]:
break
c2_address = socket.inet_ntoa(struct.pack("!L", ip))
port = str(struct.unpack(">H", c2_list[offset + 4:offset + 6])[0])
if not c2_address or not port:
break
conf_dict.setdefault("address", []).append(f"{c2_address}:{port}")
c2found = True
offset += 8
if not c2found:
return
pem_key = False
try:
pem_key = extract_emotet_rsakey(pe)
except ValueError as e:
log.error(e)
if pem_key:
# self.reporter.add_metadata("other", {"RSA public key": pem_key.exportKey().decode()})
conf_dict.setdefault("RSA public key", pem_key.exportKey().decode())
else:
if yara_matches.get("$ref_rsa"):
ref_rsa_offset = int(yara_matches["$ref_rsa"])
ref_rsa_va = 0
zb = struct.unpack(
"b", filebuf[ref_rsa_offset + 31:ref_rsa_offset + 32])[0]
if not zb:
ref_rsa_va = struct.unpack(
"I", filebuf[ref_rsa_offset + 28:ref_rsa_offset + 32])[0]
else:
zb = struct.unpack(
"b", filebuf[ref_rsa_offset + 29:ref_rsa_offset + 30])[0]
if not zb:
ref_rsa_va = struct.unpack(
"I",
filebuf[ref_rsa_offset + 26:ref_rsa_offset + 30])[0]
else:
zb = struct.unpack(
"b",
filebuf[ref_rsa_offset + 28:ref_rsa_offset + 29])[0]
if not zb:
ref_rsa_va = struct.unpack(
"I", filebuf[ref_rsa_offset + 25:ref_rsa_offset +
29])[0]
else:
zb = struct.unpack(
"b", filebuf[ref_rsa_offset + 38:ref_rsa_offset +
39])[0]
if not zb:
ref_rsa_va = struct.unpack(
"I", filebuf[ref_rsa_offset +
35:ref_rsa_offset + 39])[0]
if not ref_rsa_va:
return
ref_rsa_rva = ref_rsa_va - image_base
try:
ref_rsa_offset = pe.get_offset_from_rva(ref_rsa_rva)
except Exception:
return
key = struct.unpack("<I",
filebuf[ref_rsa_offset:ref_rsa_offset + 4])[0]
xorsize = key ^ struct.unpack(
"<I", filebuf[ref_rsa_offset + 4:ref_rsa_offset + 8])[0]
rsa_key = xor_data(
filebuf[ref_rsa_offset + 8:ref_rsa_offset + 8 + xorsize],
struct.pack("<I", key))
seq = asn1.DerSequence()
seq.decode(rsa_key)
# self.reporter.add_metadata("other", {"RSA public key": RSA.construct((seq[0], seq[1])).exportKey()})
conf_dict.setdefault("RSA public key",
RSA.construct((seq[0], seq[1])).exportKey())
else:
ref_ecc_offset = 0
delta1 = 0
delta2 = 0
if yara_matches.get("$ref_ecc1"):
ref_ecc_offset = int(yara_matches["$ref_ecc1"])
delta1 = 9
delta2 = 62
elif yara_matches.get("$ref_ecc2"):
ref_ecc_offset = int(yara_matches["$ref_ecc2"])
delta1 = 22
delta2 = 71
elif yara_matches.get("$ref_ecc3"):
ref_ecc_offset = int(yara_matches["$ref_ecc3"])
delta1 = 8
delta2 = 47
elif yara_matches.get("$ref_ecc4"):
ref_ecc_offset = int(yara_matches["$ref_ecc4"])
delta1 = -4
delta2 = 49
elif yara_matches.get("$ref_ecc5"):
ref_ecc_offset = int(yara_matches["$ref_ecc5"])
delta1 = 15
delta2 = 65
elif yara_matches.get("$ref_ecc6"):
ref_ecc_offset = int(yara_matches["$ref_ecc6"])
delta1 = -4
delta2 = 48
elif yara_matches.get("$ref_ecc7"):
ref_ecc_offset = int(yara_matches["$ref_ecc7"])
delta1 = 23
delta2 = 47
elif yara_matches.get("$ref_ecc8"):
ref_ecc_offset = int(yara_matches["$ref_ecc8"])
delta1 = -5
delta2 = 44
elif yara_matches.get("$ref_ecc9"):
ref_ecc_offset = int(yara_matches["$ref_ecc9"])
delta1 = -4
delta2 = 24
elif yara_matches.get("$ref_eccA"):
ref_ecc_offset = int(yara_matches["$ref_eccA"])
delta1 = 12
delta2 = 55
elif yara_matches.get("$ref_eccB"):
ref_ecc_offset = int(yara_matches["$ref_eccB"])
delta1 = 15
delta2 = 58
elif yara_matches.get("$ref_eccC"):
ref_ecc_offset = int(yara_matches["$ref_eccC"])
delta1 = 8
delta2 = 37
elif yara_matches.get("$ref_eccD"):
ref_ecc_offset = int(yara_matches["$ref_eccD"])
delta1 = 26
delta2 = 72
elif yara_matches.get("$ref_eccE"):
ref_ecc_offset = int(yara_matches["$ref_eccE"])
delta1 = 8
delta2 = 36
elif yara_matches.get("$ref_eccF"):
ref_ecc_offset = int(yara_matches["$ref_eccF"])
delta1 = -4
delta2 = 48
elif yara_matches.get("$ref_eccG"):
ref_ecc_offset = int(yara_matches["$ref_eccG"])
delta1 = 30
delta2 = 76
if yara_matches.get("$ref_eccH"):
ref_ecc_offset = int(yara_matches["$ref_eccH"])
delta1 = 9
delta2 = 59
if yara_matches.get("$ref_eccI"):
ref_ecc_offset = int(yara_matches["$ref_eccI"])
delta1 = 22
delta2 = 58
if yara_matches.get("$ref_eccJ"):
ref_ecc_offset = int(yara_matches["$ref_eccJ"])
delta1 = 10
delta2 = 245
if yara_matches.get("$ref_eccK"):
ref_ecc_offset = int(yara_matches["$ref_eccK"])
delta1 = 14
delta2 = 166
if yara_matches.get("$ref_eccK"):
ref_ecc_offset = int(yara_matches["$ref_eccK"])
delta1 = 14
delta2 = 166
if yara_matches.get("$ref_eccL"):
ecc_delta_offset = int(yara_matches["$ref_eccL"])
delta1 = 8
delta2 = 97
if yara_matches.get("$ref_eccM"):
ecc_delta_offset = int(yara_matches["$ref_eccM"])
delta1 = 3
delta2 = 234
if yara_matches.get("$ref_eccN"):
ecc_delta_offset = int(yara_matches["$ref_eccN"])
delta1 = 3
delta2 = 107
if yara_matches.get("$ref_eccO"):
ecc_delta_offset = int(yara_matches["$ref_eccO"])
delta1 = 3
delta2 = 206
if delta1 or delta2:
if ref_ecc_offset:
ref_eck_rva = struct.unpack(
"I", filebuf[ref_ecc_offset + delta1:ref_ecc_offset +
delta1 + 4])[0] - image_base
ref_ecs_rva = struct.unpack(
"I", filebuf[ref_ecc_offset + delta2:ref_ecc_offset +
delta2 + 4])[0] - image_base
try:
eck_offset = pe.get_offset_from_rva(ref_eck_rva)
ecs_offset = pe.get_offset_from_rva(ref_ecs_rva)
except Exception as e:
log.error(e)
return
elif ecc_delta_offset:
eck_delta = struct.unpack(
"i", filebuf[ecc_delta_offset +
delta1:ecc_delta_offset + delta1 + 4])[0]
ecs_delta = struct.unpack(
"i", filebuf[ecc_delta_offset +
delta2:ecc_delta_offset + delta2 + 4])[0]
ref_eck_rva = pe.get_rva_from_offset(
ecc_delta_offset) + eck_delta + delta1 + 4
ref_ecs_rva = pe.get_rva_from_offset(
ecc_delta_offset) + ecs_delta + delta2 + 4
eck_offset = pe.get_offset_from_rva(ref_eck_rva)
ecs_offset = pe.get_offset_from_rva(ref_ecs_rva)
key = filebuf[eck_offset:eck_offset + 4]
size = struct.unpack("I", filebuf[eck_offset + 4:eck_offset +
8])[0] ^ struct.unpack(
"I", key)[0]
eck_offset += 8
eck_key = xor_data(filebuf[eck_offset:eck_offset + size], key)
key_len = struct.unpack("<I", eck_key[4:8])[0]
conf_dict.setdefault(
"ECC ECK1",
ECC.construct(
curve="p256",
point_x=int.from_bytes(eck_key[8:8 + key_len], "big"),
point_y=int.from_bytes(eck_key[8 + key_len:], "big"),
).export_key(format="PEM"),
)
key = filebuf[ecs_offset:ecs_offset + 4]
size = struct.unpack("I", filebuf[ecs_offset + 4:ecs_offset +
8])[0] ^ struct.unpack(
"I", key)[0]
ecs_offset += 8
ecs_key = xor_data(filebuf[ecs_offset:ecs_offset + size], key)
key_len = struct.unpack("<I", ecs_key[4:8])[0]
conf_dict.setdefault(
"ECC ECS1",
ECC.construct(
curve="p256",
point_x=int.from_bytes(ecs_key[8:8 + key_len], "big"),
point_y=int.from_bytes(ecs_key[8 + key_len:], "big"),
).export_key(format="PEM"),
)
return conf_dict
class Det_ECDSA_Tests(unittest.TestCase):
key_priv = ECC.construct(
curve="P-256",
d=0xC9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721)
key_pub = key_priv.public_key()
# This is a sequence of items:
# message, k, r, s, hash module
# taken from RFC6979
signatures_ = (
("sample",
"882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32",
"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
SHA1),
("sample",
"103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F",
"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
SHA224),
("sample",
"A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716",
"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
SHA256),
("sample",
"09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719",
"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
SHA384),
("sample",
"5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00",
"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
SHA512),
("test",
"8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89",
"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
SHA1),
("test",
"669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692",
"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
SHA224),
("test",
"D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367",
"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
SHA256),
("test",
"16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6",
"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
SHA384),
("test",
"6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04",
"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
SHA512))
signatures = []
for a, b, c, d, e in signatures_:
new_tv = (tobytes(a), unhexlify(b), unhexlify(c), unhexlify(d), e)
signatures.append(new_tv)
def shortDescription(self):
return "Deterministic ECDSA Tests"
def test_loopback(self):
hashed_msg = SHA512.new(b("test"))
signer = DSS.new(self.key_priv, 'deterministic-rfc6979')
signature = signer.sign(hashed_msg)
verifier = DSS.new(self.key_pub, 'deterministic-rfc6979')
verifier.verify(hashed_msg, signature)
def test_data_rfc6979(self):
signer = DSS.new(self.key_priv, 'deterministic-rfc6979')
for message, k, r, s, module in self.signatures:
hash_obj = module.new(message)
result = signer.sign(hash_obj)
self.assertEqual(r + s, result)
'result': lambda x: x,
'qx': lambda x: int(x, 16),
'qy': lambda x: int(x, 16),
})
for idx, tv in enumerate(test_vectors_verify):
if isinstance(tv, str):
res = re.match("\[P-256,(SHA-[0-9]+)\]", tv)
assert res
hash_name = res.group(1).replace("-", "")
hash_module = load_hash_by_name(hash_name)
continue
hash_obj = hash_module.new(tv.msg)
key = ECC.construct(curve="P-256", point_x=tv.qx, point_y=tv.qy)
verifier = DSS.new(key, 'fips-186-3')
def positive_test(self,
verifier=verifier,
hash_obj=hash_obj,
signature=tv.r + tv.s):
verifier.verify(hash_obj, signature)
def negative_test(self,
verifier=verifier,
hash_obj=hash_obj,
signature=tv.r + tv.s):
self.assertRaises(ValueError, verifier.verify, hash_obj, signature)
if tv.result.startswith('p'):
from pathlib import Path
from subprocess import PIPE, Popen
from Cryptodome.Hash import SHA256
from Cryptodome.PublicKey import ECC
from loguru import logger
from private import *
from sgx_ias import IntelAttestationService
from sgx_ra import QuoteType, RemoteAttestation
SERVICE_PRIVATE_KEY = int.from_bytes(
unhexlify(
'90e76cbb2d52a1ce3b66de11439c87ec1f866a3b65b6aeeaad573453d1038c01'),
'little')
SERVICE_KEY = ECC.construct(curve=RemoteAttestation.CURVE_NAME,
d=SERVICE_PRIVATE_KEY)
BUILD_PATH = Path('/home/lx/CLionProjects/EnclaveCoin/cmake-build-debug/')
EXECUTABLE = BUILD_PATH / 'LxApp'
SIGNED_ENCLAVE = BUILD_PATH / 'LxEnclave.signed.so'
class InteractiveEnclave:
_p: Popen
def __init__(self, elf: Path, signed_enclave: Path) -> None:
assert (elf.exists())
assert (signed_enclave.exists())
self._p = Popen([elf, str(signed_enclave.absolute())],
stdin=PIPE,
elif "S = " in linea: #Lee la firma s del archivo
fs = linea.lstrip("S = ")
listS.append(fs.rstrip("\n"))
elif "d = " in linea: #Lee el parametro Y del archivo
fd = linea.lstrip("d = ")
listd.append(fd.rstrip("\n"))
archivo.close()
for i in range(0, 4):
for i in range(0, len(listMsg)):
Msg = bytearray.fromhex(listMsg[i])
Qx = int(listQX[i], 16)
Qy = int(listQY[i], 16)
d = int(listd[i], 16)
key = ECC.construct(curve="P-521", d=d, point_x=Qx,
point_y=Qy) #llave privada
timeI = time()
h = SHA3_512.new(
Msg) #Ocupamos este hash porque ECDSA pide más seguridad
firma = DSS.new(key, "fips-186-3")
sign_fir = firma.sign(h)
timeF = time()
timeGenECC_521.append(timeF - timeI)
#print(sign_fir.hex(),"\n")
#VERIFICAR FIRMA
listQX = [] #Lista del punto X
listQY = [] #Lista del punto Y
listMsg = [] #Lista de los mensajes
listR = [] #Lista de firmas R
listS = [] #Lista de firmas S
{'result': lambda x: x,
'qx': lambda x: int(x, 16),
'qy': lambda x: int(x, 16),
})
for idx, tv in enumerate(test_vectors_verify):
if isinstance(tv, basestring):
res = re.match("\[P-256,(SHA-[0-9]+)\]", tv)
assert res
hash_name = res.group(1).replace("-", "")
hash_module = load_hash_by_name(hash_name)
continue
hash_obj = hash_module.new(tv.msg)
key = ECC.construct(curve="P-256", point_x=tv.qx, point_y=tv.qy)
verifier = DSS.new(key, 'fips-186-3')
def positive_test(self, verifier=verifier, hash_obj=hash_obj, signature=tv.r+tv.s):
verifier.verify(hash_obj, signature)
def negative_test(self, verifier=verifier, hash_obj=hash_obj, signature=tv.r+tv.s):
self.assertRaises(ValueError, verifier.verify, hash_obj, signature)
if tv.result.startswith('p'):
setattr(FIPS_ECDSA_Tests, "test_verify_positive_%d" % idx, positive_test)
else:
setattr(FIPS_ECDSA_Tests, "test_verify_negative_%d" % idx, negative_test)
test_vectors_sign = load_tests(("Cryptodome", "SelfTest", "Signature", "test_vectors", "ECDSA"),
class Det_ECDSA_Tests(unittest.TestCase):
key_priv_p256 = ECC.construct(curve="P-256", d=0xC9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721)
key_pub_p256 = key_priv_p256.public_key()
key_priv_p384 = ECC.construct(curve="P-384", d=0x6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5)
key_pub_p384 = key_priv_p384.public_key()
key_priv_p521 = ECC.construct(curve="P-521", d=0x0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538)
key_pub_p521 = key_priv_p521.public_key()
# This is a sequence of items:
# message, k, r, s, hash module
# taken from RFC6979
signatures_p256_ = (
(
"sample",
"882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4",
"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32",
"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB",
SHA1
),
(
"sample",
"103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473",
"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F",
"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C",
SHA224
),
(
"sample",
"A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60",
"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716",
"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8",
SHA256
),
(
"sample",
"09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4",
"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719",
"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954",
SHA384
),
(
"sample",
"5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5",
"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00",
"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE",
SHA512
),
(
"test",
"8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2E",
"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89",
"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1",
SHA1
),
(
"test",
"669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7",
"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692",
"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D",
SHA224
),
(
"test",
"D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0",
"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367",
"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083",
SHA256
),
(
"test",
"16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8",
"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6",
"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C",
SHA384
),
(
"test",
"6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7F",
"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04",
"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55",
SHA512
)
)
signatures_p384_ = (
(
"sample",
"4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7",
"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2",
"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443",
SHA1
),
(
"sample",
"A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879",
"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122",
"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D",
SHA224
),
(
"sample",
"180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60",
"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD",
"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0",
SHA256
),
(
"sample",
"94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9",
"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46",
"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8",
SHA384
),
(
"sample",
"92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3",
"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709",
"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5",
SHA512
),
(
"test",
"66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497",
"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7",
"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282",
SHA1
),
(
"test",
"18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726",
"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72",
"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66",
SHA224
),
(
"test",
"0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7",
"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B",
"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265",
SHA256
),
(
"test",
"015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EA",
"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB",
"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5",
SHA384
),
(
"test",
"3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6C",
"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277",
"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736",
SHA512
),
)
signatures_p521_ = (
(
"sample",
"0089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",
"00343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D",
"00E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16",
SHA1
),
(
"sample",
"0121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3",
"01776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E",
"0050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F",
SHA224
),
(
"sample",
"00EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",
"01511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7",
"004A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC",
SHA256
),
(
"sample",
"01546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211",
"01EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451",
"01F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61",
SHA384
),
(
"sample",
"01DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3",
"00C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA",
"00617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A",
SHA512
),
(
"test",
"00BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222",
"013BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367",
"01E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF",
SHA1
),
(
"test",
"0040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706",
"01C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB",
"0177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4",
SHA224
),
(
"test",
"001DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258",
"000E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8",
"00CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86",
SHA256
),
(
"test",
"01F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88",
"014BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C",
"0133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979",
SHA384
),
(
"test",
"016200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",
"013E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D",
"01FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3",
SHA512
),
)
signatures_p256 = []
for a, b, c, d, e in signatures_p256_:
new_tv = (tobytes(a), unhexlify(b), unhexlify(c), unhexlify(d), e)
signatures_p256.append(new_tv)
signatures_p384 = []
for a, b, c, d, e in signatures_p384_:
new_tv = (tobytes(a), unhexlify(b), unhexlify(c), unhexlify(d), e)
signatures_p384.append(new_tv)
signatures_p521 = []
for a, b, c, d, e in signatures_p521_:
new_tv = (tobytes(a), unhexlify(b), unhexlify(c), unhexlify(d), e)
signatures_p521.append(new_tv)
def shortDescription(self):
return "Deterministic ECDSA Tests"
def test_loopback_p256(self):
hashed_msg = SHA512.new(b"test")
signer = DSS.new(self.key_priv_p256, 'deterministic-rfc6979')
signature = signer.sign(hashed_msg)
verifier = DSS.new(self.key_pub_p256, 'deterministic-rfc6979')
verifier.verify(hashed_msg, signature)
def test_loopback_p384(self):
hashed_msg = SHA512.new(b"test")
signer = DSS.new(self.key_priv_p384, 'deterministic-rfc6979')
signature = signer.sign(hashed_msg)
verifier = DSS.new(self.key_pub_p384, 'deterministic-rfc6979')
verifier.verify(hashed_msg, signature)
def test_loopback_p521(self):
hashed_msg = SHA512.new(b"test")
signer = DSS.new(self.key_priv_p521, 'deterministic-rfc6979')
signature = signer.sign(hashed_msg)
verifier = DSS.new(self.key_pub_p521, 'deterministic-rfc6979')
verifier.verify(hashed_msg, signature)
def test_data_rfc6979_p256(self):
signer = DSS.new(self.key_priv_p256, 'deterministic-rfc6979')
for message, k, r, s, module in self.signatures_p256:
hash_obj = module.new(message)
result = signer.sign(hash_obj)
self.assertEqual(r + s, result)
def test_data_rfc6979_p384(self):
signer = DSS.new(self.key_priv_p384, 'deterministic-rfc6979')
for message, k, r, s, module in self.signatures_p384:
hash_obj = module.new(message)
result = signer.sign(hash_obj)
self.assertEqual(r + s, result)
def test_data_rfc6979_p521(self):
signer = DSS.new(self.key_priv_p521, 'deterministic-rfc6979')
for message, k, r, s, module in self.signatures_p521:
hash_obj = module.new(message)
result = signer.sign(hash_obj)
self.assertEqual(r + s, result)
'qx': lambda x: int(x, 16),
'qy': lambda x: int(x, 16),
}) or []
for idx, tv in enumerate(test_vectors_verify):
if isinstance(tv, str):
res = re.match(r"\[(P-[0-9]+),(SHA-[0-9]+)\]", tv)
assert res
curve_name = res.group(1)
hash_name = res.group(2).replace("-", "")
hash_module = load_hash_by_name(hash_name)
continue
hash_obj = hash_module.new(tv.msg)
ecc_key = ECC.construct(curve=curve_name, point_x=tv.qx, point_y=tv.qy)
verifier = DSS.new(ecc_key, 'fips-186-3')
def positive_test(self, verifier=verifier, hash_obj=hash_obj, signature=tv.r+tv.s):
verifier.verify(hash_obj, signature)
def negative_test(self, verifier=verifier, hash_obj=hash_obj, signature=tv.r+tv.s):
self.assertRaises(ValueError, verifier.verify, hash_obj, signature)
if tv.result.startswith('p'):
setattr(FIPS_ECDSA_Tests_KAT, "test_verify_positive_%d" % idx, positive_test)
else:
setattr(FIPS_ECDSA_Tests_KAT, "test_verify_negative_%d" % idx, negative_test)
test_vectors_sign = load_test_vectors(("Signature", "ECDSA"),
