def test_import_public_key_ed25519_from_corrupted_data(self):
key_provider = KeyProvider()
key_provider.setup_defaults()
test_data = bytearray(
"Lorem Ipsum is simply dummy text of the printing and typesetting industry."
.encode())
self.assertRaises(VirgilCryptoFoundationError,
key_provider.import_public_key, test_data)
def test_generate_private_key_ed25519(self):
key_provider = KeyProvider()
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.ED25519)
self.assertIsNotNone(private_key)
self.assertEqual(VscfAlgId.ED25519, private_key.alg_id())
self.assertEqual(32, len(private_key))
def test_generate_private_key_ed25519_and_then_do_encrypt_decrypt(self):
ed25519_alg = Ed25519()
ed25519_alg.setup_defaults()
key_provider = KeyProvider()
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.ED25519)
public_key = private_key.extract_public_key()
plain_message = "test data"
encrypted_data = ed25519_alg.encrypt(public_key, plain_message)
decrypted_data = ed25519_alg.decrypt(private_key, encrypted_data)
self.assertEqual(plain_message, decrypted_data.decode())
def import_private_key(self, key_data):
# type: (Union[Tuple[int], List[int]], bytearray) -> VirgilKeyPair
"""Imports private key from DER or PEM format
Args:
key_data: Private key in DER or PEM format.
Returns:
VirgilKeyPair.
"""
key_provider = KeyProvider()
key_provider.set_random(self.rng)
key_provider.setup_defaults()
private_key = key_provider.import_private_key(bytearray(key_data))
if private_key.alg_id() == AlgId.RSA:
key_type = KeyPairType.KeyType(private_key.alg_id(), private_key.bitlen())
else:
key_type = KeyPairType.KeyType(private_key.alg_id())
public_key = private_key.extract_public_key()
key_id = self.compute_public_key_identifier(public_key)
return VirgilKeyPair(
private_key=VirgilPrivateKey(identifier=key_id, private_key=private_key, key_type=key_type),
public_key=VirgilPublicKey(identifier=key_id, public_key=public_key, key_type=key_type)
)
def import_public_key(self, key_data):
# type: (Union[Tuple[int], List[int]]) -> VirgilPublicKey
"""Imports the Public key from material representation.
Args:
key_data: key material representation bytes.
Returns:
Imported public key.
"""
if not key_data:
raise ValueError("Key data missing")
key_provider = KeyProvider()
key_provider.set_random(self.rng)
key_provider.setup_defaults()
public_key = key_provider.import_public_key(bytearray(key_data))
if public_key.alg_id() == AlgId.RSA:
key_type = KeyPairType.KeyType(public_key.alg_id(), public_key.bitlen())
else:
key_type = KeyPairType.KeyType(public_key.alg_id())
key_id = self.compute_public_key_identifier(public_key)
return VirgilPublicKey(
identifier=key_id,
public_key=public_key,
key_type=key_type
)
def test_decrypt_with_ed25519_public_key(self):
key_provider = KeyProvider()
key_provider.setup_defaults()
key_deserializer = KeyAsn1Deserializer()
key_deserializer.setup_defaults()
private_key = key_provider.import_private_key(TestData.RECIPIENT_CIPHER_ED25519_PRIVATE_KEY)
recipient_cipher = RecipientCipher()
message_info = bytearray()
recipient_cipher.start_decryption_with_key(TestData.RECIPIENT_CIPHER_ED25519_RECIPIENT_ID, private_key, message_info)
decrypted_message = recipient_cipher.process_decryption(TestData.RECIPIENT_CIPHER_ENCRYPTED_MESSAGE)
decrypted_message += recipient_cipher.finish_decryption()
self.assertEqual(TestData.RECIPIENT_CIPHER_MESSAGE_2, decrypted_message)
def test_generate_private_key_ed25519_and_then_do_sign_hash_and_verify_hash(
self):
ed25519_alg = Ed25519()
ed25519_alg.setup_defaults()
key_provider = KeyProvider()
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.ED25519)
public_key = private_key.extract_public_key()
signature = ed25519_alg.sign_hash(
private_key, VscfAlgId.SHA512,
TestData.KEY_PROVIDER_MESSAGE_SHA512_DIGEST)
verified = ed25519_alg.verify_hash(
public_key, VscfAlgId.SHA512,
TestData.KEY_PROVIDER_MESSAGE_SHA512_DIGEST, signature)
self.assertTrue(verified)
def test_generate_private_key_rsa_2048(self):
key_provider = KeyProvider()
key_provider.set_rsa_params(2048)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.RSA)
self.assertIsNotNone(private_key)
self.assertEqual(VscfAlgId.RSA, private_key.alg_id())
self.assertEqual(2048, private_key.bitlen())
def compute_public_key_identifier(self, public_key):
# type: (PublicKey) -> Tuple[int]
"""Computes public key identifier.
Note: Takes first 8 bytes of SHA512 of public key DER if use_sha256_fingerprints=False
and SHA256 of public key der if use_sha256_fingerprints=True
Args:
public_key: public key for compute.
Returns:
Public key identifier.
"""
key_provider = KeyProvider()
key_provider.setup_defaults()
public_key_data = key_provider.export_public_key(public_key)
if self.use_sha256_fingerprints:
return self.compute_hash(public_key_data, HashAlgorithm.SHA256)
return self.compute_hash(public_key_data)[:8]
def test_generate_private_key_rsa_4096_with_key_material_rng(self):
rsa_alg = Rsa()
rsa_alg.setup_defaults()
key_material_rng = KeyMaterialRng()
key_material_rng.reset_key_material(
TestData.DETERMINISTIC_KEY_KEY_MATERIAL)
key_provider = KeyProvider()
key_provider.set_random(key_material_rng)
key_provider.set_rsa_params(4096)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.RSA)
self.assertIsNotNone(private_key)
exported_private_key = rsa_alg.export_private_key(private_key)
self.assertIsNotNone(exported_private_key)
self.assertEqual(TestData.DETERMINISTIC_KEY_RSA4096_PRIVATE_KEY,
exported_private_key.data())
def generate_key_pair(self, key_type=KeyPairType.ED25519, seed=None):
# type: (KeyPairType.KeyType, Union[Tuple[int], bytearray]) -> VirgilKeyPair
"""Generates asymmetric key pair that is comprised of both public and private keys by specified type.
Args:
key_type: type of the generated keys.
The possible values can be found in KeyPairType enum.
seed: random value used to generate key
Returns:
Generated key pair.
"""
if seed:
if KeyMaterialRng.KEY_MATERIAL_LEN_MIN > len(seed) > KeyMaterialRng.KEY_MATERIAL_LEN_MAX:
raise VirgilCryptoErrors.INVALID_SEED_SIZE
key_material_rng = KeyMaterialRng()
key_material_rng.reset_key_material(seed)
rng = key_material_rng
else:
rng = self.rng
key_provider = KeyProvider()
key_provider.set_random(rng)
if key_type.rsa_bitlen:
key_provider.set_rsa_params(key_type.rsa_bitlen)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(key_type.alg_id)
public_key = private_key.extract_public_key()
key_id = self.compute_public_key_identifier(public_key)
return VirgilKeyPair(
private_key=VirgilPrivateKey(identifier=key_id, private_key=private_key, key_type=key_type),
public_key=VirgilPublicKey(identifier=key_id, public_key=public_key, key_type=key_type)
)
def export_public_key(public_key):
# type: (VirgilPrivateKey) -> Union[Tuple[int], bytearray]
"""Exports the Public key into material representation.
Args:
public_key: public key for export.
Returns:
Key material representation bytes.
"""
key_provider = KeyProvider()
rand = CtrDrbg()
key_provider.set_random(rand)
key_provider.setup_defaults()
return key_provider.export_public_key(public_key.public_key)
def test_import_private_key_ed25519_and_then_export(self):
key_provider = KeyProvider()
key_provider.setup_defaults()
private_key = key_provider.import_private_key(
TestData.ED25519_PRIVATE_KEY_PKCS8_DER)
self.assertIsNotNone(private_key)
exported_private_key = key_provider.export_private_key(private_key)
self.assertIsNotNone(exported_private_key)
self.assertEqual(TestData.ED25519_PRIVATE_KEY_PKCS8_DER,
exported_private_key)
def test_import_private_key_rsa2048_and_then_export(self):
key_provider = KeyProvider()
key_provider.setup_defaults()
private_key = key_provider.import_private_key(
TestData.RSA_PCKS8_2048_PRIVATE_KEY_DER)
self.assertIsNotNone(private_key)
exported_private_key = key_provider.export_private_key(private_key)
self.assertIsNotNone(exported_private_key)
self.assertEqual(TestData.RSA_PCKS8_2048_PRIVATE_KEY_DER,
exported_private_key)
def export_private_key(private_key):
# type: (VirgilPrivateKey) -> Union[Tuple[int], bytearray]
"""Exports private key to DER format
Args:
private_key: private key for export.
Returns:
Private key in DER format
"""
key_provider = KeyProvider()
rand = CtrDrbg()
key_provider.set_random(rand)
key_provider.setup_defaults()
return key_provider.export_private_key(private_key.private_key)
def test_generate_private_key_rsa_2048_and_then_do_encrypt_decrypt(self):
rsa_alg = Rsa()
rsa_alg.setup_defaults()
key_provider = KeyProvider()
key_provider.set_rsa_params(2048)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.RSA)
self.assertIsNotNone(private_key)
public_key = private_key.extract_public_key()
self.assertIsNotNone(public_key)
plain_message = "test data"
encrypted_data = rsa_alg.encrypt(public_key, plain_message)
decrypted_data = rsa_alg.decrypt(private_key, encrypted_data)
self.assertEqual(plain_message, decrypted_data.decode())
def test_generate_private_key_ed25519_with_key_material_rng(self):
ed25519_alg = Ed25519()
ed25519_alg.setup_defaults()
key_material_rng = KeyMaterialRng()
key_material_rng.reset_key_material(
TestData.DETERMINISTIC_KEY_KEY_MATERIAL)
key_provider = KeyProvider()
key_provider.set_random(key_material_rng)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.ED25519)
self.assertIsNotNone(private_key)
exported_private_key = ed25519_alg.export_private_key(private_key)
self.assertIsNotNone(exported_private_key)
self.assertEqual(TestData.DETERMINISTIC_KEY_ED25519_PRIVATE_KEY,
exported_private_key.data())
def test_generate_private_key_rsa_2048_and_then_do_sign_hash_and_verify_hash(
self):
rsa_alg = Rsa()
rsa_alg.setup_defaults()
key_provider = KeyProvider()
key_provider.set_rsa_params(2048)
key_provider.setup_defaults()
private_key = key_provider.generate_private_key(VscfAlgId.RSA)
self.assertIsNotNone(private_key)
public_key = private_key.extract_public_key()
self.assertIsNotNone(public_key)
signature = rsa_alg.sign_hash(
private_key, VscfAlgId.SHA512,
TestData.KEY_PROVIDER_MESSAGE_SHA512_DIGEST)
verified = rsa_alg.verify_hash(
public_key, VscfAlgId.SHA512,
TestData.KEY_PROVIDER_MESSAGE_SHA512_DIGEST, signature)
self.assertTrue(verified)