def test_dh():
a_rng = botan2.rng('user')
b_rng = botan2.rng('user')
for dh_grp in ['secp256r1', 'curve25519']:
dh_kdf = 'KDF2(SHA-384)'.encode('utf-8')
a_dh_priv = botan2.private_key('ecdh', dh_grp, botan2.rng())
b_dh_priv = botan2.private_key('ecdh', dh_grp, botan2.rng())
a_dh = botan2.pk_op_key_agreement(a_dh_priv, dh_kdf)
b_dh = botan2.pk_op_key_agreement(b_dh_priv, dh_kdf)
a_dh_pub = a_dh.public_value()
b_dh_pub = b_dh.public_value()
a_salt = a_rng.get(8)
b_salt = b_rng.get(8)
print("ecdh %s pubs:\n %s (salt %s)\n %s (salt %s)\n" %
(dh_grp,
hex_encode(a_dh_pub), hex_encode(a_salt),
hex_encode(b_dh_pub), hex_encode(b_salt)))
a_key = a_dh.agree(b_dh_pub, 32, a_salt + b_salt)
b_key = b_dh.agree(a_dh_pub, 32, a_salt + b_salt)
print("ecdh %s shared:\n %s\n %s\n" %
(dh_grp, hex_encode(a_key), hex_encode(b_key)))
def test_dh():
a_rng = botan2.rng('user')
b_rng = botan2.rng('user')
for dh_grp in ['secp256r1', 'curve25519']:
dh_kdf = 'KDF2(SHA-384)'.encode('utf-8')
a_dh_priv = botan2.private_key('ecdh', dh_grp, botan2.rng())
b_dh_priv = botan2.private_key('ecdh', dh_grp, botan2.rng())
a_dh = botan2.pk_op_key_agreement(a_dh_priv, dh_kdf)
b_dh = botan2.pk_op_key_agreement(b_dh_priv, dh_kdf)
a_dh_pub = a_dh.public_value()
b_dh_pub = b_dh.public_value()
a_salt = a_rng.get(8)
b_salt = b_rng.get(8)
print("ecdh %s pubs:\n %s (salt %s)\n %s (salt %s)\n" %
(dh_grp,
hex_encode(a_dh_pub), hex_encode(a_salt),
hex_encode(b_dh_pub), hex_encode(b_salt)))
a_key = a_dh.agree(b_dh_pub, 32, a_salt + b_salt)
b_key = b_dh.agree(a_dh_pub, 32, a_salt + b_salt)
print("ecdh %s shared:\n %s\n %s\n" %
(dh_grp, hex_encode(a_key), hex_encode(b_key)))
def test_mceliece():
mce_priv = botan2.private_key('mce', [2960, 57], botan2.rng())
mce_pub = mce_priv.get_public_key()
mce_plaintext = 'mce plaintext'
mce_ad = 'mce AD'
mce_ciphertext = botan2.mceies_encrypt(mce_pub, botan2.rng(), 'ChaCha20Poly1305', mce_plaintext, mce_ad)
print("mceies len(pt)=%d len(ct)=%d" % (len(mce_plaintext), len(mce_ciphertext)))
mce_decrypt = botan2.mceies_decrypt(mce_priv, 'ChaCha20Poly1305', mce_ciphertext, mce_ad)
print(" mceies plaintext \'%s\' (%d)" % (mce_plaintext, len(mce_plaintext)))
# Since mceies_decrypt() returns bytes in Python3, the following line
# needs .decode('utf-8') to convert mce_decrypt from bytes to a
# text string (Unicode).
# You don't need to add .decode() if
# (a) your expected output is bytes rather than a text string, or
# (b) you are using Python2 rather than Python3.
print(" mceies decrypted \'%s\' (%d)" % (mce_decrypt.decode('utf-8'), len(mce_decrypt)))
print("mce_pub %s/SHA-1 fingerprint: %s\nEstimated strength %s bits (len %d)\n" % (
mce_pub.algo_name(), mce_pub.fingerprint("SHA-1"),
mce_pub.estimated_strength(), len(mce_pub.encoding())
))
def test_mceliece():
mce_priv = botan2.private_key('mce', [2960, 57], botan2.rng())
mce_pub = mce_priv.get_public_key()
mce_plaintext = 'mce plaintext'
mce_ad = 'mce AD'
mce_ciphertext = botan2.mceies_encrypt(mce_pub, botan2.rng(), 'ChaCha20Poly1305', mce_plaintext, mce_ad)
print("mceies len(pt)=%d len(ct)=%d" % (len(mce_plaintext), len(mce_ciphertext)))
mce_decrypt = botan2.mceies_decrypt(mce_priv, 'ChaCha20Poly1305', mce_ciphertext, mce_ad)
print(" mceies plaintext \'%s\' (%d)" % (mce_plaintext, len(mce_plaintext)))
# Since mceies_decrypt() returns bytes in Python3, the following line
# needs .decode('utf-8') to convert mce_decrypt from bytes to a
# text string (Unicode).
# You don't need to add .decode() if
# (a) your expected output is bytes rather than a text string, or
# (b) you are using Python2 rather than Python3.
print(" mceies decrypted \'%s\' (%d)" % (mce_decrypt.decode('utf-8'), len(mce_decrypt)))
print("mce_pub %s/SHA-1 fingerprint: %s\nEstimated strength %s bits (len %d)\n" % (
mce_pub.algo_name(), mce_pub.fingerprint("SHA-1"),
mce_pub.estimated_strength(), len(mce_pub.encoding())
))
def test_dh(self):
a_rng = botan2.rng('user')
b_rng = botan2.rng('user')
for dh_grp in ['secp256r1', 'curve25519']:
dh_kdf = 'KDF2(SHA-384)'.encode('utf-8')
a_dh_priv = botan2.private_key('ecdh', dh_grp, a_rng)
b_dh_priv = botan2.private_key('ecdh', dh_grp, b_rng)
a_dh = botan2.pk_op_key_agreement(a_dh_priv, dh_kdf)
b_dh = botan2.pk_op_key_agreement(b_dh_priv, dh_kdf)
a_dh_pub = a_dh.public_value()
b_dh_pub = b_dh.public_value()
salt = a_rng.get(8) + b_rng.get(8)
a_key = a_dh.agree(b_dh_pub, 32, salt)
b_key = b_dh.agree(a_dh_pub, 32, salt)
self.assertEqual(a_key, b_key)
def test_dh(self):
a_rng = botan2.rng('user')
b_rng = botan2.rng('user')
for dh_grp in ['secp256r1', 'curve25519']:
dh_kdf = 'KDF2(SHA-384)'.encode('utf-8')
a_dh_priv = botan2.private_key('ecdh', dh_grp, a_rng)
b_dh_priv = botan2.private_key('ecdh', dh_grp, b_rng)
a_dh = botan2.pk_op_key_agreement(a_dh_priv, dh_kdf)
b_dh = botan2.pk_op_key_agreement(b_dh_priv, dh_kdf)
a_dh_pub = a_dh.public_value()
b_dh_pub = b_dh.public_value()
salt = a_rng.get(8) + b_rng.get(8)
a_key = a_dh.agree(b_dh_pub, 32, salt)
b_key = b_dh.agree(a_dh_pub, 32, salt)
self.assertEqual(a_key, b_key)
def test_mceliece(self):
rng = botan2.rng()
mce_priv = botan2.private_key('mce', [2960, 57], rng)
mce_pub = mce_priv.get_public_key()
self.assertEqual(mce_pub.estimated_strength(), 128)
mce_plaintext = rng.get(16)
mce_ad = rng.get(48)
mce_ciphertext = botan2.mceies_encrypt(mce_pub, botan2.rng(), 'ChaCha20Poly1305', mce_plaintext, mce_ad)
mce_decrypt = botan2.mceies_decrypt(mce_priv, 'ChaCha20Poly1305', mce_ciphertext, mce_ad)
self.assertEqual(mce_plaintext, mce_decrypt)
def test_mceliece(self):
rng = botan2.rng()
mce_priv = botan2.private_key('mce', [2960, 57], rng)
mce_pub = mce_priv.get_public_key()
self.assertEqual(mce_pub.estimated_strength(), 128)
mce_plaintext = rng.get(16)
mce_ad = rng.get(48)
mce_ciphertext = botan2.mceies_encrypt(mce_pub, botan2.rng(),
'ChaCha20Poly1305',
mce_plaintext, mce_ad)
mce_decrypt = botan2.mceies_decrypt(mce_priv, 'ChaCha20Poly1305',
mce_ciphertext, mce_ad)
self.assertEqual(mce_plaintext, mce_decrypt)
def test_rsa():
rsapriv = botan2.private_key('rsa', 1536, botan2.rng())
rsapub = rsapriv.get_public_key()
print("rsapub %s SHA-1 fingerprint: %s estimated strength %d (len %d)" % (
rsapub.algo_name(), rsapub.fingerprint("SHA-1"),
rsapub.estimated_strength(), len(rsapub.encoding())
))
dec = botan2.pk_op_decrypt(rsapriv, "EME1(SHA-256)")
enc = botan2.pk_op_encrypt(rsapub, "EME1(SHA-256)")
sys_rng = botan2.rng()
symkey = sys_rng.get(32)
ctext = enc.encrypt(symkey, sys_rng)
print("ptext \'%s\' (%d)" % (hex_encode(symkey), len(symkey)))
print("ctext \'%s\' (%d)" % (hex_encode(ctext), len(ctext)))
print("decrypt \'%s\' (%d)\n" % (hex_encode(dec.decrypt(ctext)),
len(dec.decrypt(ctext))))
signer = botan2.pk_op_sign(rsapriv, 'EMSA4(SHA-384)')
signer.update('messa')
signer.update('ge')
sig = signer.finish(botan2.rng())
print("EMSA4(SHA-384) signature: %s" % hex_encode(sig))
verify = botan2.pk_op_verify(rsapub, 'EMSA4(SHA-384)')
verify.update('mess')
verify.update('age')
print("good sig accepted? %s" % verify.check_signature(sig))
verify.update('mess of things')
verify.update('age')
print("bad sig accepted? %s" % verify.check_signature(sig))
verify.update('message')
print("good sig accepted? %s\n" % verify.check_signature(sig))
def test_rsa():
rsapriv = botan2.private_key('rsa', 1536, botan2.rng())
rsapub = rsapriv.get_public_key()
print("rsapub %s SHA-1 fingerprint: %s estimated strength %d (len %d)" % (
rsapub.algo_name(), rsapub.fingerprint("SHA-1"),
rsapub.estimated_strength(), len(rsapub.encoding())
))
dec = botan2.pk_op_decrypt(rsapriv, "EME1(SHA-256)")
enc = botan2.pk_op_encrypt(rsapub, "EME1(SHA-256)")
sys_rng = botan2.rng()
symkey = sys_rng.get(32)
ctext = enc.encrypt(symkey, sys_rng)
print("ptext \'%s\' (%d)" % (hex_encode(symkey), len(symkey)))
print("ctext \'%s\' (%d)" % (hex_encode(ctext), len(ctext)))
print("decrypt \'%s\' (%d)\n" % (hex_encode(dec.decrypt(ctext)),
len(dec.decrypt(ctext))))
signer = botan2.pk_op_sign(rsapriv, 'EMSA4(SHA-384)')
signer.update('messa')
signer.update('ge')
sig = signer.finish(botan2.rng())
print("EMSA4(SHA-384) signature: %s" % hex_encode(sig))
verify = botan2.pk_op_verify(rsapub, 'EMSA4(SHA-384)')
verify.update('mess')
verify.update('age')
print("good sig accepted? %s" % verify.check_signature(sig))
verify.update('mess of things')
verify.update('age')
print("bad sig accepted? %s" % verify.check_signature(sig))
verify.update('message')
print("good sig accepted? %s\n" % verify.check_signature(sig))
def test_rsa(self):
rng = botan2.rng()
rsapriv = botan2.private_key('RSA', '1024', rng)
self.assertEqual(rsapriv.algo_name(), 'RSA')
rsapub = rsapriv.get_public_key()
self.assertEqual(rsapub.algo_name(), 'RSA')
self.assertEqual(rsapub.estimated_strength(), 80)
enc = botan2.pk_op_encrypt(rsapub, "OAEP(SHA-256)")
dec = botan2.pk_op_decrypt(rsapriv, "OAEP(SHA-256)")
symkey = rng.get(32)
ctext = enc.encrypt(symkey, rng)
ptext = dec.decrypt(ctext)
self.assertEqual(ptext, symkey)
signer = botan2.pk_op_sign(rsapriv, 'EMSA4(SHA-384)')
signer.update('messa')
signer.update('ge')
sig = signer.finish(botan2.rng())
verify = botan2.pk_op_verify(rsapub, 'EMSA4(SHA-384)')
verify.update('mess')
verify.update('age')
self.assertTrue(verify.check_signature(sig))
verify.update('mess of things')
verify.update('age')
self.assertFalse(verify.check_signature(sig))
verify.update('message')
self.assertTrue(verify.check_signature(sig))
def test_rsa(self):
rng = botan2.rng()
rsapriv = botan2.private_key('RSA', '1024', rng)
self.assertEqual(rsapriv.algo_name(), 'RSA')
rsapub = rsapriv.get_public_key()
self.assertEqual(rsapub.algo_name(), 'RSA')
self.assertEqual(rsapub.estimated_strength(), 80)
enc = botan2.pk_op_encrypt(rsapub, "OAEP(SHA-256)")
dec = botan2.pk_op_decrypt(rsapriv, "OAEP(SHA-256)")
symkey = rng.get(32)
ctext = enc.encrypt(symkey, rng)
ptext = dec.decrypt(ctext)
self.assertEqual(ptext, symkey)
signer = botan2.pk_op_sign(rsapriv, 'EMSA4(SHA-384)')
signer.update('messa')
signer.update('ge')
sig = signer.finish(botan2.rng())
verify = botan2.pk_op_verify(rsapub, 'EMSA4(SHA-384)')
verify.update('mess')
verify.update('age')
self.assertTrue(verify.check_signature(sig))
verify.update('mess of things')
verify.update('age')
self.assertFalse(verify.check_signature(sig))
verify.update('message')
self.assertTrue(verify.check_signature(sig))