def get_existing_keys(private, public):
with open(private, 'rb') as file:
private_key = file.read()
key = DSA.import_key(private_key)
with open(public, 'rb') as file:
public_key = file.read()
public = DSA.import_key(public_key)
return key, public
def testExportKey8(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
encoded = key.export_key('PEM', pkcs8=False, passphrase="PWDTEST")
key = DSA.importKey(encoded, "PWDTEST")
self.assertEqual(self.y, key.y)
self.assertEqual(self.p, key.p)
self.assertEqual(self.q, key.q)
self.assertEqual(self.g, key.g)
self.assertEqual(self.x, key.x)
def test_domain1(self):
"""Verify we can generate new keys in a given domain"""
dsa_key_1 = DSA.generate(1024)
domain_params = dsa_key_1.domain()
dsa_key_2 = DSA.generate(1024, domain=domain_params)
self.assertEqual(dsa_key_1.p, dsa_key_2.p)
self.assertEqual(dsa_key_1.q, dsa_key_2.q)
self.assertEqual(dsa_key_1.g, dsa_key_2.g)
self.assertEqual(dsa_key_1.domain(), dsa_key_2.domain())
def testExportKey6(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
encoded = key.export_key('PEM')
self.assertEqual(self.pem_pkcs8, encoded)
encoded = key.export_key('PEM', pkcs8=True)
self.assertEqual(self.pem_pkcs8, encoded)
def testImportKey1(self):
key_obj = DSA.importKey(self.der_public)
self.assertFalse(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
def generate_keys(bits, private, public):
key = DSA.generate(bits=bits)
with open(private, "wb") as input_file_pr:
input_file_pr.write(key.exportKey())
with open(public, "wb") as input_file_pb:
input_file_pb.write(key.publickey().exportKey())
return key, key.publickey()
def testImportKey10(self):
key_obj = DSA.importKey(self.der_pkcs8_encrypted, "PWDTEST")
self.assertTrue(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
self.assertEqual(self.x, key_obj.x)
def testImportKey5(self):
key_obj = DSA.importKey(self.der_pkcs8)
self.assertTrue(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
self.assertEqual(self.x, key_obj.x)
def testImportKey7(self):
for ssh in (self.ssh_pub, tostr(self.ssh_pub)):
key_obj = DSA.importKey(ssh)
self.assertFalse(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
def testImportKey2(self):
for pem in (self.pem_public, tostr(self.pem_public)):
key_obj = DSA.importKey(pem)
self.assertFalse(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
def test_import_key(self):
"""Verify importKey is an alias to import_key"""
key_obj = DSA.import_key(self.der_public)
self.assertFalse(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
def testImportKey6(self):
for pem in (self.pem_pkcs8, tostr(self.pem_pkcs8)):
key_obj = DSA.importKey(pem)
self.assertTrue(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
self.assertEqual(self.x, key_obj.x)
def testImportKey9(self):
for pem in (self.pem_pkcs8_encrypted, tostr(self.pem_pkcs8_encrypted)):
key_obj = DSA.importKey(pem, "PWDTEST")
self.assertTrue(key_obj.has_private())
self.assertEqual(self.y, key_obj.y)
self.assertEqual(self.p, key_obj.p)
self.assertEqual(self.q, key_obj.q)
self.assertEqual(self.g, key_obj.g)
self.assertEqual(self.x, key_obj.x)
def test2(self):
for sig in self.signatures:
tk = sig.test_key
key = DSA.construct([tk.y, tk.g, tk.p, tk.q, tk.x], False)
signer = DSS.new(key, 'deterministic-rfc6979')
hash_obj = sig.module.new(sig.message)
result = signer.sign(hash_obj)
self.assertEqual(sig.result, result)
def test1(self):
q = 0x4000000000000000000020108A2E0CC0D99F8A5EF
x = 0x09A4D6792295A7F730FC3F2B49CBC0F62E862272F
p = 2 * q + 1
y = pow(2, x, p)
key = DSA.construct([pow(y, 2, p), 2, p, q, x], False)
signer = DSS.new(key, 'deterministic-rfc6979')
# Test _int2octets
self.assertEqual(hexlify(signer._int2octets(x)),
b("009a4d6792295a7f730fc3f2b49cbc0f"
"62e862272f"))
# Test _bits2octets
h1 = SHA256.new(b("sample")).digest()
self.assertEqual(hexlify(signer._bits2octets(h1)),
b("01795edf0d54db760f156d0dac04c032"
"2b3a204224"))
def setUp(self):
comps = "Crypto.SelfTest.Signature.test_vectors.wycheproof".split(".")
with open(pycryptodome_filename(comps, "dsa_test.json"),
"rt") as file_in:
tv_tree = json.load(file_in)
class TestVector(object):
pass
self.tv = []
for group in tv_tree['testGroups']:
key = DSA.import_key(group['keyPem'])
hash_name = group['sha']
if hash_name == "SHA-256":
hash_module = SHA256
elif hash_name == "SHA-224":
hash_module = SHA224
elif hash_name == "SHA-1":
hash_module = SHA1
else:
assert False
assert group['type'] == "DSAVer"
for test in group['tests']:
tv = TestVector()
tv.id = test['tcId']
tv.comment = test['comment']
for attr in 'msg', 'sig':
setattr(tv, attr, unhexlify(test[attr]))
tv.key = key
tv.hash_module = hash_module
tv.valid = test['result'] != "invalid"
tv.warning = test['result'] == "acceptable"
self.tv.append(tv)
def testExportKey10(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
randfunc = BytesIO(unhexlify(b("27A1C66C42AFEECE") + b("D725BF1B6B8239F4"))).read
encoded = key.export_key('DER', pkcs8=True, passphrase="PWDTEST", randfunc=randfunc)
self.assertEqual(self.der_pkcs8_encrypted, encoded)
def testExportKey1(self):
tup = (self.y, self.g, self.p, self.q)
key = DSA.construct(tup)
encoded = key.export_key('DER')
self.assertEqual(self.der_public, encoded)
class FIPS_DSA_Tests(unittest.TestCase):
# 1st 1024 bit key from SigGen.txt
P = 0xa8f9cd201e5e35d892f85f80e4db2599a5676a3b1d4f190330ed3256b26d0e80a0e49a8fffaaad2a24f472d2573241d4d6d6c7480c80b4c67bb4479c15ada7ea8424d2502fa01472e760241713dab025ae1b02e1703a1435f62ddf4ee4c1b664066eb22f2e3bf28bb70a2a76e4fd5ebe2d1229681b5b06439ac9c7e9d8bde283
Q = 0xf85f0f83ac4df7ea0cdf8f469bfeeaea14156495
G = 0x2b3152ff6c62f14622b8f48e59f8af46883b38e79b8c74deeae9df131f8b856e3ad6c8455dab87cc0da8ac973417ce4f7878557d6cdf40b35b4a0ca3eb310c6a95d68ce284ad4e25ea28591611ee08b8444bd64b25f3f7c572410ddfb39cc728b9c936f85f419129869929cdb909a6a3a99bbe089216368171bd0ba81de4fe33
X = 0xc53eae6d45323164c7d07af5715703744a63fc3a
Y = 0x313fd9ebca91574e1c2eebe1517c57e0c21b0209872140c5328761bbb2450b33f1b18b409ce9ab7c4cd8fda3391e8e34868357c199e16a6b2eba06d6749def791d79e95d3a4d09b24c392ad89dbf100995ae19c01062056bb14bce005e8731efde175f95b975089bdcdaea562b32786d96f5a31aedf75364008ad4fffebb970b
key_pub = DSA.construct((Y, G, P, Q))
key_priv = DSA.construct((Y, G, P, Q, X))
def shortDescription(self):
return "FIPS DSA Tests"
def test_loopback(self):
hashed_msg = SHA512.new(b("test"))
signer = DSS.new(self.key_priv, 'fips-186-3')
signature = signer.sign(hashed_msg)
verifier = DSS.new(self.key_pub, 'fips-186-3')
verifier.verify(hashed_msg, signature)
def test_negative_unapproved_hashes(self):
"""Verify that unapproved hashes are rejected"""
from crypto.Hash import RIPEMD160
self.description = "Unapproved hash (RIPEMD160) test"
hash_obj = RIPEMD160.new()
signer = DSS.new(self.key_priv, 'fips-186-3')
self.assertRaises(ValueError, signer.sign, hash_obj)
self.assertRaises(ValueError, signer.verify, hash_obj, b("\x00") * 40)
def test_negative_unknown_modes_encodings(self):
"""Verify that unknown modes/encodings are rejected"""
self.description = "Unknown mode test"
self.assertRaises(ValueError, DSS.new, self.key_priv, 'fips-186-0')
self.description = "Unknown encoding test"
self.assertRaises(ValueError, DSS.new, self.key_priv, 'fips-186-3',
'xml')
def test_asn1_encoding(self):
"""Verify ASN.1 encoding"""
self.description = "ASN.1 encoding test"
hash_obj = SHA1.new()
signer = DSS.new(self.key_priv, 'fips-186-3', 'der')
signature = signer.sign(hash_obj)
# Verify that output looks like a DER SEQUENCE
self.assertEqual(bord(signature[0]), 48)
signer.verify(hash_obj, signature)
# Verify that ASN.1 parsing fails as expected
signature = bchr(7) + signature[1:]
self.assertRaises(ValueError, signer.verify, hash_obj, signature)
def test_sign_verify(self):
"""Verify public/private method"""
self.description = "can_sign() test"
signer = DSS.new(self.key_priv, 'fips-186-3')
self.assertTrue(signer.can_sign())
signer = DSS.new(self.key_pub, 'fips-186-3')
self.assertFalse(signer.can_sign())
def test_x509v3(self):
# Sample V3 certificate with a 1024 bit DSA key
x509_v3_cert = """
-----BEGIN CERTIFICATE-----
MIIFhjCCA26gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEL
MAkGA1UECAwCTUQxEjAQBgNVBAcMCUJhbHRpbW9yZTEQMA4GA1UEAwwHVGVzdCBD
QTEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxlLmNvbTAeFw0xNDA3MTMyMDUz
MjBaFw0xNzA0MDgyMDUzMjBaMEAxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNRDES
MBAGA1UEBwwJQmFsdGltb3JlMRAwDgYDVQQDDAdhdXN0cmlhMIIBtjCCASsGByqG
SM44BAEwggEeAoGBALfd8gyEpVPA0ZI69Kp3nyJcu5N0ZZ3K1K9hleQLNqKEcZOh
7a/C2J1TPdmHTLJ0rAwBZ1nWxnARSgRphziGDFspKCYQwYcSMz8KoFgvXbXpuchy
oFACiQ2LqZnc5MakuLQtLcQciSYGYj3zmZdYMoa904F1aDWr+DxQI6DVC3/bAhUA
hqXMCJ6fQK3G2O9S3/CC/yVZXCsCgYBRXROl3R2khX7l10LQjDEgo3B1IzjXU/jP
McMBl6XO+nBJXxr/scbq8Ajiv7LTnGpSjgryHtvfj887kfvo8QbSS3kp3vq5uSqI
ui7E7r3jguWaLj616AG1HWOctXJUjqsiabZwsp2h09gHTzmHEXBOmiARu8xFxKAH
xsuo7onAbwOBhAACgYBylWjWSnKHE8mHx1A5m/0GQx6xnhWIe3+MJAnEhRGxA2J4
SCsfWU0OwglIQToh1z5uUU9oDi9cYgNPBevOFRnDhc2yaJY6VAYnI+D+6J5IU6Yd
0iaG/iSc4sV4bFr0axcPpse3SN0XaQxiKeSFBfFnoMqL+dd9Gb3QPZSllBcVD6OB
1TCB0jAdBgNVHQ4EFgQUx5wN0Puotv388M9Tp/fsPbZpzAUwHwYDVR0jBBgwFoAU
a0hkif3RMaraiWtsOOZZlLu9wJwwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwSgYD
VR0RBEMwQYILZXhhbXBsZS5jb22CD3d3dy5leGFtcGxlLmNvbYIQbWFpbC5leGFt
cGxlLmNvbYIPZnRwLmV4YW1wbGUuY29tMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NM
IEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAgEAyWf1TiJI
aNEIA9o/PG8/JiGASTS2/HBVTJbkq03k6NkJVk/GxC1DPziTUJ+CdWlHWcAi1EOW
Ach3QxNDRrVfCOfCMDgElIO1094/reJgdFYG00LRi8QkRJuxANV7YS4tLudhyHJC
kR2lhdMNmEuzWK+s2y+5cLrdm7qdvdENQCcV67uvGPx4sc+EaE7x13SczKjWBtbo
QCs6JTOW+EkPRl4Zo27K4OIZ43/J+GxvwU9QUVH3wPVdbbLNw+QeTFBYMTEcxyc4
kv50HPBFaithziXBFyvdIs19FjkFzu0Uz/e0zb1+vMzQlJMD94HVOrMnIj5Sb2cL
KKdYXS4uhxFJmdV091Xur5JkYYwEzuaGav7J3zOzYutrIGTgDluLCvA+VQkRcTsy
jZ065SkY/v+38QHp+cmm8WRluupJTs8wYzVp6Fu0iFaaK7ztFmaZmHpiPIfDFjva
aCIgzzT5NweJd/b71A2SyzHXJ14zBXsr1PMylMp2TpHIidhuuNuQL6I0HaollB4M
Z3FsVBMhVDw4Z76qnFPr8mZE2tar33hSlJI/3pS/bBiukuBk8U7VB0X8OqaUnP3C
7b2Z4G8GtqDVcKGMzkvMjT4n9rKd/Le+qHSsQOGO9W/0LB7UDAZSwUsfAPnoBgdS
5t9tIomLCOstByXi+gGZue1TcdCa3Ph4kO0=
-----END CERTIFICATE-----
""".strip()
# DSA public key as dumped by openssl
y_str = """
72:95:68:d6:4a:72:87:13:c9:87:c7:50:39:9b:fd:
06:43:1e:b1:9e:15:88:7b:7f:8c:24:09:c4:85:11:
b1:03:62:78:48:2b:1f:59:4d:0e:c2:09:48:41:3a:
21:d7:3e:6e:51:4f:68:0e:2f:5c:62:03:4f:05:eb:
ce:15:19:c3:85:cd:b2:68:96:3a:54:06:27:23:e0:
fe:e8:9e:48:53:a6:1d:d2:26:86:fe:24:9c:e2:c5:
78:6c:5a:f4:6b:17:0f:a6:c7:b7:48:dd:17:69:0c:
62:29:e4:85:05:f1:67:a0:ca:8b:f9:d7:7d:19:bd:
d0:3d:94:a5:94:17:15:0f
"""
p_str = """
00:b7:dd:f2:0c:84:a5:53:c0:d1:92:3a:f4:aa:77:
9f:22:5c:bb:93:74:65:9d:ca:d4:af:61:95:e4:0b:
36:a2:84:71:93:a1:ed:af:c2:d8:9d:53:3d:d9:87:
4c:b2:74:ac:0c:01:67:59:d6:c6:70:11:4a:04:69:
87:38:86:0c:5b:29:28:26:10:c1:87:12:33:3f:0a:
a0:58:2f:5d:b5:e9:b9:c8:72:a0:50:02:89:0d:8b:
a9:99:dc:e4:c6:a4:b8:b4:2d:2d:c4:1c:89:26:06:
62:3d:f3:99:97:58:32:86:bd:d3:81:75:68:35:ab:
f8:3c:50:23:a0:d5:0b:7f:db
"""
q_str = """
00:86:a5:cc:08:9e:9f:40:ad:c6:d8:ef:52:df:f0:
82:ff:25:59:5c:2b
"""
g_str = """
51:5d:13:a5:dd:1d:a4:85:7e:e5:d7:42:d0:8c:31:
20:a3:70:75:23:38:d7:53:f8:cf:31:c3:01:97:a5:
ce:fa:70:49:5f:1a:ff:b1:c6:ea:f0:08:e2:bf:b2:
d3:9c:6a:52:8e:0a:f2:1e:db:df:8f:cf:3b:91:fb:
e8:f1:06:d2:4b:79:29:de:fa:b9:b9:2a:88:ba:2e:
c4:ee:bd:e3:82:e5:9a:2e:3e:b5:e8:01:b5:1d:63:
9c:b5:72:54:8e:ab:22:69:b6:70:b2:9d:a1:d3:d8:
07:4f:39:87:11:70:4e:9a:20:11:bb:cc:45:c4:a0:
07:c6:cb:a8:ee:89:c0:6f
"""
key = DSA.importKey(x509_v3_cert)
for comp_name in ('y', 'p', 'q', 'g'):
comp_str = locals()[comp_name + "_str"]
comp = int(re.sub("[^0-9a-f]", "", comp_str), 16)
self.assertEqual(getattr(key, comp_name), comp)
self.assertFalse(key.has_private())
def test_x509v1(self):
# Sample V1 certificate with a 1024 bit DSA key
x509_v1_cert = """
-----BEGIN CERTIFICATE-----
MIIDUjCCArsCAQIwDQYJKoZIhvcNAQEFBQAwfjENMAsGA1UEChMEQWNtZTELMAkG
A1UECxMCUkQxHDAaBgkqhkiG9w0BCQEWDXNwYW1AYWNtZS5vcmcxEzARBgNVBAcT
Ck1ldHJvcG9saXMxETAPBgNVBAgTCE5ldyBZb3JrMQswCQYDVQQGEwJVUzENMAsG
A1UEAxMEdGVzdDAeFw0xNDA3MTEyMDM4NDNaFw0xNzA0MDYyMDM4NDNaME0xCzAJ
BgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazENMAsGA1UEChMEQWNtZTELMAkG
A1UECxMCUkQxDzANBgNVBAMTBnBvbGFuZDCCAbYwggErBgcqhkjOOAQBMIIBHgKB
gQDOrN4Ox4+t3T6wKeHfhzArhcrNEFMQ4Ss+4PIKyimDy9Bn64WPkL1B/9dvYIga
23GLu6tVJmXo6EdJnVOHEMhr99EeOwuDWWeP7Awq7RSlKEejokr4BEzMTW/tExSD
cO6/GI7xzh0eTH+VTTPDfyrJMYCkh0rJAfCP+5xrmPNetwIVALtXYOV1yoRrzJ2Q
M5uEjidH6GiZAoGAfUqA1SAm5g5U68SILMVX9l5rq0OpB0waBMpJQ31/R/yXNDqo
c3gGWZTOJFU4IzwNpGhrGNADUByz/lc1SAOAdEJIr0JVrhbGewQjB4pWqoLGbBKz
RoavTNDc/zD7SYa12evWDHADwvlXoeQg+lWop1zS8OqaDC7aLGKpWN3/m8kDgYQA
AoGAKoirPAfcp1rbbl4y2FFAIktfW8f4+T7d2iKSg73aiVfujhNOt1Zz1lfC0NI2
eonLWO3tAM4XGKf1TLjb5UXngGn40okPsaA81YE6ZIKm20ywjlOY3QkAEdMaLVY3
9PJvM8RGB9m7pLKxyHfGMfF40MVN4222zKeGp7xhM0CNiCUwDQYJKoZIhvcNAQEF
BQADgYEAfbNZfpYa2KlALEM1FZnwvQDvJHntHz8LdeJ4WM7CXDlKi67wY2HKM30w
s2xej75imkVOFd1kF2d0A8sjfriXLVIt1Hwq9ANZomhu4Edx0xpH8tqdh/bDtnM2
TmduZNY9OWkb07h0CtWD6Zt8fhRllVsSSrlWd/2or7FXNC5weFQ=
-----END CERTIFICATE-----
""".strip()
# DSA public key as dumped by openssl
y_str = """
2a:88:ab:3c:07:dc:a7:5a:db:6e:5e:32:d8:51:40:
22:4b:5f:5b:c7:f8:f9:3e:dd:da:22:92:83:bd:da:
89:57:ee:8e:13:4e:b7:56:73:d6:57:c2:d0:d2:36:
7a:89:cb:58:ed:ed:00:ce:17:18:a7:f5:4c:b8:db:
e5:45:e7:80:69:f8:d2:89:0f:b1:a0:3c:d5:81:3a:
64:82:a6:db:4c:b0:8e:53:98:dd:09:00:11:d3:1a:
2d:56:37:f4:f2:6f:33:c4:46:07:d9:bb:a4:b2:b1:
c8:77:c6:31:f1:78:d0:c5:4d:e3:6d:b6:cc:a7:86:
a7:bc:61:33:40:8d:88:25
"""
p_str = """
00:ce:ac:de:0e:c7:8f:ad:dd:3e:b0:29:e1:df:87:
30:2b:85:ca:cd:10:53:10:e1:2b:3e:e0:f2:0a:ca:
29:83:cb:d0:67:eb:85:8f:90:bd:41:ff:d7:6f:60:
88:1a:db:71:8b:bb:ab:55:26:65:e8:e8:47:49:9d:
53:87:10:c8:6b:f7:d1:1e:3b:0b:83:59:67:8f:ec:
0c:2a:ed:14:a5:28:47:a3:a2:4a:f8:04:4c:cc:4d:
6f:ed:13:14:83:70:ee:bf:18:8e:f1:ce:1d:1e:4c:
7f:95:4d:33:c3:7f:2a:c9:31:80:a4:87:4a:c9:01:
f0:8f:fb:9c:6b:98:f3:5e:b7
"""
q_str = """
00:bb:57:60:e5:75:ca:84:6b:cc:9d:90:33:9b:84:
8e:27:47:e8:68:99
"""
g_str = """
7d:4a:80:d5:20:26:e6:0e:54:eb:c4:88:2c:c5:57:
f6:5e:6b:ab:43:a9:07:4c:1a:04:ca:49:43:7d:7f:
47:fc:97:34:3a:a8:73:78:06:59:94:ce:24:55:38:
23:3c:0d:a4:68:6b:18:d0:03:50:1c:b3:fe:57:35:
48:03:80:74:42:48:af:42:55:ae:16:c6:7b:04:23:
07:8a:56:aa:82:c6:6c:12:b3:46:86:af:4c:d0:dc:
ff:30:fb:49:86:b5:d9:eb:d6:0c:70:03:c2:f9:57:
a1:e4:20:fa:55:a8:a7:5c:d2:f0:ea:9a:0c:2e:da:
2c:62:a9:58:dd:ff:9b:c9
"""
key = DSA.importKey(x509_v1_cert)
for comp_name in ('y', 'p', 'q', 'g'):
comp_str = locals()[comp_name + "_str"]
comp = int(re.sub("[^0-9a-f]", "", comp_str), 16)
self.assertEqual(getattr(key, comp_name), comp)
self.assertFalse(key.has_private())
def test_exportKey(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
self.assertEqual(key.exportKey(), key.export_key())
from crypto.PublicKey import DSA
from crypto.Signature import DSS
from crypto.Hash import SHA256
key = DSA.generate(2048)
f = open("public_key.pem", "w")
f.write(key.publickey().export_key())
f.close()
message = b"Hello"
hash_obj = SHA256.new(message)
signer = DSS.new(key, 'fips-186-3')
signature = signer.sign(hash_obj)
f = open("public_key.pem", "r")
hash_obj = SHA256.new(message)
pub_key = DSA.import_key(f.read())
verifier = DSS.new(pub_key, 'fips-186-3')
try:
verifier.verify(hash_obj, signature)
print("The message is authentic.")
except ValueError:
print("The message is not authentic.")
def testExportKey7(self):
tup = (self.y, self.g, self.p, self.q)
key = DSA.construct(tup)
encoded = key.export_key('OpenSSH')
self.assertEqual(self.ssh_pub, encoded)
if isinstance(tv, str):
res = re.match(r"\[mod = L=([0-9]+), N=([0-9]+), ([a-zA-Z0-9-]+)\]",
tv)
hash_name = res.group(3).replace("-", "")
hash_module = load_hash_by_name(hash_name)
continue
if hasattr(tv, "p"):
modulus = tv.p
generator = tv.g
suborder = tv.q
continue
hash_obj = hash_module.new(tv.msg)
key = DSA.construct(
[bytes_to_long(x) for x in (tv.y, generator, modulus, suborder)],
False)
verifier = DSS.new(key, 'fips-186-3')
def positive_test(self,
verifier=verifier,
hash_obj=hash_obj,
signature=tv.r + tv.s):
verifier.verify(hash_obj, signature)
def negative_test(self,
verifier=verifier,
hash_obj=hash_obj,
signature=tv.r + tv.s):
self.assertRaises(ValueError, verifier.verify, hash_obj, signature)
def testExportError2(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
self.assertRaises(ValueError, key.export_key, 'DER', pkcs8=False, passphrase="PWDTEST")
def testExportKey4(self):
tup = (self.y, self.g, self.p, self.q, self.x)
key = DSA.construct(tup)
encoded = key.export_key('PEM', pkcs8=False)
self.assertEqual(self.pem_private, encoded)