Пример #1
0
def main():
    afl.init()

    try:
        decode_rfc6979_signature(sys.stdin.read())
    except ValueError:
        pass
Пример #2
0
def test_decode_rfc6979_invalid_asn1():
    with pytest.raises(ValueError):
        # This byte sequence has an invalid ASN.1 sequence length as well as
        # an invalid integer length for the second integer.
        decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01")

    with pytest.raises(ValueError):
        # This is the BER "end-of-contents octets," which older versions of
        # pyasn1 are wrongly willing to return from top-level DER decoding.
        decode_rfc6979_signature(b"\x00\x00")
Пример #3
0
def test_decode_rfc6979_invalid_asn1():
    with pytest.raises(ValueError):
        # This byte sequence has an invalid ASN.1 sequence length as well as
        # an invalid integer length for the second integer.
        decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01")

    with pytest.raises(ValueError):
        # This is the BER "end-of-contents octets," which older versions of
        # pyasn1 are wrongly willing to return from top-level DER decoding.
        decode_rfc6979_signature(b"\x00\x00")
Пример #4
0
def der_to_raw_signature(der_sig, curve):
    num_bits = curve.key_size
    num_bytes = (num_bits + 7) // 8

    r, s = decode_rfc6979_signature(der_sig)

    return number_to_bytes(r, num_bytes) + number_to_bytes(s, num_bytes)
Пример #5
0
def der_to_raw_signature(der_sig, curve):
    num_bits = curve.key_size
    num_bytes = (num_bits + 7) // 8

    r, s = decode_rfc6979_signature(der_sig)

    return number_to_bytes(r, num_bytes) + number_to_bytes(s, num_bytes)
Пример #6
0
def test_deprecated_rfc6979_signature():
    with pytest.warns(CryptographyDeprecationWarning):
        sig = encode_rfc6979_signature(1, 1)
    assert sig == b"0\x06\x02\x01\x01\x02\x01\x01"
    with pytest.warns(CryptographyDeprecationWarning):
        decoded = decode_rfc6979_signature(sig)
    assert decoded == (1, 1)
Пример #7
0
def test_deprecated_rfc6979_signature():
    with pytest.warns(CryptographyDeprecationWarning):
        sig = encode_rfc6979_signature(1, 1)
    assert sig == b"0\x06\x02\x01\x01\x02\x01\x01"
    with pytest.warns(CryptographyDeprecationWarning):
        decoded = decode_rfc6979_signature(sig)
    assert decoded == (1, 1)
Пример #8
0
    def sign_ssh_data(self, data):
        key = dsa.DSAPrivateNumbers(
            x=self.x,
            public_numbers=dsa.DSAPublicNumbers(
                y=self.y,
                parameter_numbers=dsa.DSAParameterNumbers(
                    p=self.p,
                    q=self.q,
                    g=self.g
                )
            )
        ).private_key(backend=default_backend())
        signer = key.signer(hashes.SHA1())
        signer.update(data)
        r, s = decode_rfc6979_signature(signer.finalize())

        m = Message()
        m.add_string('ssh-dss')
        # apparently, in rare cases, r or s may be shorter than 20 bytes!
        rstr = util.deflate_long(r, 0)
        sstr = util.deflate_long(s, 0)
        if len(rstr) < 20:
            rstr = zero_byte * (20 - len(rstr)) + rstr
        if len(sstr) < 20:
            sstr = zero_byte * (20 - len(sstr)) + sstr
        m.add_string(rstr + sstr)
        return m
Пример #9
0
 def sign(self, key, payload):
     skey = key.get_op_key('sign', self.curve)
     signer = skey.signer(ec.ECDSA(self.hashfn))
     signer.update(payload)
     signature = signer.finalize()
     r, s = ec_utils.decode_rfc6979_signature(signature)
     l = key.get_curve(self.curve).key_size
     return self.encode_int(r, l) + self.encode_int(s, l)
Пример #10
0
 def sign(self, key, payload):
     skey = key.get_op_key('sign', self.curve)
     signer = skey.signer(ec.ECDSA(self.hashfn))
     signer.update(payload)
     signature = signer.finalize()
     r, s = ec_utils.decode_rfc6979_signature(signature)
     l = key.get_curve(self.curve).key_size
     return self.encode_int(r, l) + self.encode_int(s, l)
Пример #11
0
    def sign_ssh_data(self, data):
        signer = self.signing_key.signer(ec.ECDSA(hashes.SHA256()))
        signer.update(data)
        sig = signer.finalize()
        r, s = decode_rfc6979_signature(sig)

        m = Message()
        m.add_string('ecdsa-sha2-nistp256')
        m.add_string(self._sigencode(r, s))
        return m
Пример #12
0
    def sign_ssh_data(self, data):
        signer = self.signing_key.signer(ec.ECDSA(hashes.SHA256()))
        signer.update(data)
        sig = signer.finalize()
        r, s = decode_rfc6979_signature(sig)

        m = Message()
        m.add_string('ecdsa-sha2-nistp256')
        m.add_string(self._sigencode(r, s))
        return m
Пример #13
0
def test_rfc6979_signature():
    sig = encode_rfc6979_signature(1, 1)
    assert sig == b"0\x06\x02\x01\x01\x02\x01\x01"
    assert decode_rfc6979_signature(sig) == (1, 1)

    r_s1 = (1037234182290683143945502320610861668562885151617,
            559776156650501990899426031439030258256861634312)
    sig2 = encode_rfc6979_signature(*r_s1)
    assert sig2 == (
        b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b'
        b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08')
    assert decode_rfc6979_signature(sig2) == r_s1

    sig3 = encode_rfc6979_signature(0, 0)
    assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00"
    assert decode_rfc6979_signature(sig3) == (0, 0)

    sig4 = encode_rfc6979_signature(-1, 0)
    assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00"
    assert decode_rfc6979_signature(sig4) == (-1, 0)
Пример #14
0
def test_rfc6979_signature():
    sig = encode_rfc6979_signature(1, 1)
    assert sig == b"0\x06\x02\x01\x01\x02\x01\x01"
    assert decode_rfc6979_signature(sig) == (1, 1)

    r_s1 = (
        1037234182290683143945502320610861668562885151617,
        559776156650501990899426031439030258256861634312
    )
    sig2 = encode_rfc6979_signature(*r_s1)
    assert sig2 == (
        b'0-\x02\x15\x00\xb5\xaf0xg\xfb\x8bT9\x00\x13\xccg\x02\r\xdf\x1f,\x0b'
        b'\x81\x02\x14b\r;"\xabP1D\x0c>5\xea\xb6\xf4\x81)\x8f\x9e\x9f\x08'
    )
    assert decode_rfc6979_signature(sig2) == r_s1

    sig3 = encode_rfc6979_signature(0, 0)
    assert sig3 == b"0\x06\x02\x01\x00\x02\x01\x00"
    assert decode_rfc6979_signature(sig3) == (0, 0)

    sig4 = encode_rfc6979_signature(-1, 0)
    assert sig4 == b"0\x06\x02\x01\xFF\x02\x01\x00"
    assert decode_rfc6979_signature(sig4) == (-1, 0)
Пример #15
0
    def sign_ssh_data(self, data):
        key = dsa.DSAPrivateNumbers(
            x=self.x,
            public_numbers=dsa.DSAPublicNumbers(
                y=self.y,
                parameter_numbers=dsa.DSAParameterNumbers(
                    p=self.p, q=self.q,
                    g=self.g))).private_key(backend=default_backend())
        signer = key.signer(hashes.SHA1())
        signer.update(data)
        r, s = decode_rfc6979_signature(signer.finalize())

        m = Message()
        m.add_string('ssh-dss')
        # apparently, in rare cases, r or s may be shorter than 20 bytes!
        rstr = util.deflate_long(r, 0)
        sstr = util.deflate_long(s, 0)
        if len(rstr) < 20:
            rstr = zero_byte * (20 - len(rstr)) + rstr
        if len(sstr) < 20:
            sstr = zero_byte * (20 - len(sstr)) + sstr
        m.add_string(rstr + sstr)
        return m
Пример #16
0
 def sign(self, key, payload):
     skey = key.get_op_key('sign', self._curve)
     signature = skey.sign(payload, ec.ECDSA(self.hashfn))
     r, s = ec_utils.decode_rfc6979_signature(signature)
     l = key.get_curve(self._curve).key_size
     return _encode_int(r, l) + _encode_int(s, l)
Пример #17
0
def test_decode_rfc6979_trailing_bytes():
    with pytest.raises(ValueError):
        decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00")
Пример #18
0
import sys

import afl

from cryptography.hazmat.primitives.asymmetric.utils import (
    decode_rfc6979_signature,
)

afl.start()

try:
    decode_rfc6979_signature(sys.stdin.read())
except ValueError:
    pass

sys.exit(0)
Пример #19
0
def test_decode_rfc6979_invalid_asn1():
    with pytest.raises(ValueError):
        # This byte sequence has an invalid ASN.1 sequence length as well as
        # an invalid integer length for the second integer.
        decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01")
Пример #20
0
def test_decode_rfc6979_trailing_bytes():
    with pytest.raises(ValueError):
        decode_rfc6979_signature(b"0\x06\x02\x01\x01\x02\x01\x01\x00\x00\x00")
Пример #21
0
def test_decode_rfc6979_invalid_asn1():
    with pytest.raises(ValueError):
        # This byte sequence has an invalid ASN.1 sequence length as well as
        # an invalid integer length for the second integer.
        decode_rfc6979_signature(b"0\x07\x02\x01\x01\x02\x02\x01")