def test_asn1(self): """Unit test ASN.1 module""" for value, data in self.tests: data = codecs.decode(data, 'hex') with self.subTest(msg='encode', value=value): self.assertEqual(der_encode(value), data) with self.subTest(msg='decode', data=data): decoded_value = der_decode(data) self.assertEqual(decoded_value, value) self.assertEqual(hash(decoded_value), hash(value)) self.assertEqual(repr(decoded_value), repr(value)) self.assertEqual(str(decoded_value), str(value)) for cls, args in self.encode_errors: with self.subTest(msg='encode error', cls=cls.__name__, args=args): with self.assertRaises(ASN1EncodeError): der_encode(cls(*args)) for data in self.decode_errors: with self.subTest(msg='decode error', data=data): with self.assertRaises(ASN1DecodeError): der_decode(codecs.decode(data, 'hex'))
def sign(self, data, mechanism): """Sign a block of data with this key""" sig = self._priv.sign_raw(data, _hash_algs[mechanism]) if self.key_type == KeyType.EC: r, s = der_decode(sig) length = (max(r.bit_length(), s.bit_length()) + 7) // 8 sig = r.to_bytes(length, 'big') + s.to_bytes(length, 'big') return sig
def _sign(message_hash, app_hash, key_handle, flags): """Sign a message with a security key""" alg, public_value, private_value = der_decode(key_handle) if alg == SSH_SK_ECDSA: key = ECDSAPrivateKey.construct( b'nistp256', public_value, int.from_bytes(private_value, 'big')) else: key = EdDSAPrivateKey.construct(b'ed25519', private_value) counter = 0x12345678 sig = key.sign(app_hash + Byte(flags) + UInt32(counter) + message_hash) return flags, counter, sig
def sign(self, data): signer = self._key.signer(SHA1()) signer.update(data) return der_decode(signer.finalize())