def test_signatures(self, backend, vector):
        hash_type = _HASH_TYPES[vector['digest_algorithm']]
        curve_type = ec._CURVE_TYPES[vector['curve']]

        _skip_ecdsa_vector(backend, curve_type, hash_type)

        key = ec.EllipticCurvePublicNumbers(
            vector['x'],
            vector['y'],
            curve_type()
        ).public_key(backend)

        signature = encode_dss_signature(vector['r'], vector['s'])

        key.verify(
            signature,
            vector['message'],
            ec.ECDSA(hash_type())
        )
    def test_load_ssh_public_key_ecdsa_nist_p256(self, backend):
        _skip_curve_unsupported(backend, ec.SECP256R1())

        ssh_key = (
            b"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAy"
            b"NTYAAABBBGG2MfkHXp0UkxUyllDzWNBAImsvt5t7pFtTXegZK2WbGxml8zMrgWi5"
            b"teIg1TO03/FD9hbpBFgBeix3NrCFPls= root@cloud-server-01")
        key = load_ssh_public_key(ssh_key, backend)
        assert isinstance(key, ec.EllipticCurvePublicKey)

        expected_x = int(
            "44196257377740326295529888716212621920056478823906609851236662550"
            "785814128027", 10)
        expected_y = int(
            "12257763433170736656417248739355923610241609728032203358057767672"
            "925775019611", 10)

        assert key.public_numbers() == ec.EllipticCurvePublicNumbers(
            expected_x, expected_y, ec.SECP256R1())
示例#3
0
    def test_signature_failures(self, backend, vector):
        hash_type = _HASH_TYPES[vector['digest_algorithm']]
        curve_type = ec._CURVE_TYPES[vector['curve']]

        _skip_ecdsa_vector(backend, curve_type, hash_type)

        key = ec.EllipticCurvePublicNumbers(vector['x'], vector['y'],
                                            curve_type()).public_key(backend)

        signature = encode_dss_signature(vector['r'], vector['s'])

        verifier = key.verifier(signature, ec.ECDSA(hash_type()))
        verifier.update(vector['message'])

        if vector["fail"] is True:
            with pytest.raises(exceptions.InvalidSignature):
                verifier.verify()
        else:
            verifier.verify()
示例#4
0
    def _init_shared_secret(self):
        be = default_backend()
        sk = ec.generate_private_key(ec.SECP256R1(), be)
        pn = sk.public_key().public_numbers()
        key_agreement = {
            1: 2,
            -1: 1,
            -2: int2bytes(pn.x, 32),
            -3: int2bytes(pn.y, 32)
        }

        resp = self.ctap.client_pin(PinProtocolV1.VERSION,
                                    PinProtocolV1.CMD.GET_KEY_AGREEMENT)
        pk = resp[PinProtocolV1.RESULT.KEY_AGREEMENT]
        x = bytes2int(pk[-2])
        y = bytes2int(pk[-3])
        pk = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256R1()).public_key(be)
        shared_secret = sha256(sk.exchange(ec.ECDH(), pk))  # x-coordinate, 32b
        return key_agreement, shared_secret
示例#5
0
    def test_fromPrivateBlobECDSA(self):
        """
        A private EC key is correctly generated from a private key blob.
        """
        from cryptography.hazmat.primitives.asymmetric import ec
        publicNumbers = ec.EllipticCurvePublicNumbers(
            x=keydata.ECDatanistp256['x'], y=keydata.ECDatanistp256['y'],
            curve=ec.SECP256R1())
        ecblob = (
            common.NS(keydata.ECDatanistp256['curve']) +
            common.NS(keydata.ECDatanistp256['curve'][-8:]) +
            common.NS(publicNumbers.encode_point()) +
            common.MP(keydata.ECDatanistp256['privateValue'])
            )

        eckey = keys.Key._fromString_PRIVATE_BLOB(ecblob)

        self.assertFalse(eckey.isPublic())
        self.assertEqual(keydata.ECDatanistp256, eckey.data())
示例#6
0
    def encapsulate(self, peer_cose_key):
        be = default_backend()
        sk = ec.generate_private_key(ec.SECP256R1(), be)
        pn = sk.public_key().public_numbers()
        key_agreement = {
            1: 2,
            3:
            -25,  # Per the spec, "although this is NOT the algorithm actually used"
            -1: 1,
            -2: int2bytes(pn.x, 32),
            -3: int2bytes(pn.y, 32),
        }

        x = bytes2int(peer_cose_key[-2])
        y = bytes2int(peer_cose_key[-3])
        pk = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256R1()).public_key(be)
        shared_secret = self.kdf(sk.exchange(ec.ECDH(),
                                             pk))  # x-coordinate, 32b
        return key_agreement, shared_secret
示例#7
0
    def __init__(self,
                 msg=None,
                 data=None,
                 filename=None,
                 password=None,
                 vals=None,
                 file_obj=None,
                 validate_point=True):
        self.verifying_key = None
        self.signing_key = None
        if file_obj is not None:
            self._from_private_key(file_obj, password)
            return
        if filename is not None:
            self._from_private_key_file(filename, password)
            return
        if (msg is None) and (data is not None):
            msg = Message(data)
        if vals is not None:
            self.signing_key, self.verifying_key = vals
        else:
            if msg is None:
                raise SSHException('Key object may not be empty')
            if msg.get_text() != 'ecdsa-sha2-nistp256':
                raise SSHException('Invalid key')
            curvename = msg.get_text()
            if curvename != 'nistp256':
                raise SSHException("Can't handle curve of type %s" % curvename)

            pointinfo = msg.get_binary()
            if pointinfo[0:1] != four_byte:
                raise SSHException('Point compression is being used: %s' %
                                   binascii.hexlify(pointinfo))
            curve = ec.SECP256R1()
            numbers = ec.EllipticCurvePublicNumbers(
                x=inflate_long(pointinfo[1:1 + curve.key_size // 8],
                               always_positive=True),
                y=inflate_long(pointinfo[1 + curve.key_size // 8:],
                               always_positive=True),
                curve=curve)
            self.verifying_key = numbers.public_key(backend=default_backend())
        self.size = 256
示例#8
0
def recover_public_key(digest, signature, i, message=None):
    """ Recover the public key from the the signature
    """

    # See http: //www.secg.org/download/aid-780/sec1-v2.pdf section 4.1.6 primarily
    curve = ecdsa.SECP256k1.curve
    G = ecdsa.SECP256k1.generator
    order = ecdsa.SECP256k1.order
    yp = i % 2
    r, s = ecdsa.util.sigdecode_string(signature, order)
    # 1.1
    x = r + (i // 2) * order
    # 1.3. This actually calculates for either effectively 02||X or 03||X depending on 'k' instead of always for 02||X as specified.
    # This substitutes for the lack of reversing R later on. -R actually is defined to be just flipping the y-coordinate in the elliptic curve.
    alpha = ((x * x * x) + (curve.a() * x) + curve.b()) % curve.p()
    beta = ecdsa.numbertheory.square_root_mod_prime(alpha, curve.p())
    y = beta if (beta - yp) % 2 == 0 else curve.p() - beta
    # 1.4 Constructor of Point is supposed to check if nR is at infinity.
    R = ecdsa.ellipticcurve.Point(curve, x, y, order)
    # 1.5 Compute e
    e = ecdsa.util.string_to_number(digest)
    # 1.6 Compute Q = r^-1(sR - eG)
    Q = ecdsa.numbertheory.inverse_mod(r, order) * (s * R + (-e % order) * G)

    if SECP256K1_MODULE == "cryptography" and message is not None:
        if not isinstance(message, bytes):
            message = bytes(message, "utf-8")  # pragma: no cover
        sigder = encode_dss_signature(r, s)
        public_key = ec.EllipticCurvePublicNumbers(Q._Point__x, Q._Point__y,
                                                   ec.SECP256K1()).public_key(
                                                       default_backend())
        public_key.verify(sigder, message, ec.ECDSA(hashes.SHA256()))
        return public_key
    else:
        # Not strictly necessary, but let's verify the message for paranoia's sake.
        if not ecdsa.VerifyingKey.from_public_point(
                Q, curve=ecdsa.SECP256k1).verify_digest(
                    signature, digest,
                    sigdecode=ecdsa.util.sigdecode_string):  # pragma: no cover
            return None  # pragma: no cover
        return ecdsa.VerifyingKey.from_public_point(
            Q, curve=ecdsa.SECP256k1)  # pragma: no cover
示例#9
0
 def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature, key_value, signature_alg):
     if "ecdsa-" in signature_alg:
         ec_key_value = self._find(key_value, "ECKeyValue", namespace="dsig11")
         named_curve = self._find(ec_key_value, "NamedCurve", namespace="dsig11")
         public_key = self._find(ec_key_value, "PublicKey", namespace="dsig11")
         key_data = b64decode(public_key.text)[1:]
         x = bytes_to_long(key_data[:len(key_data)//2])
         y = bytes_to_long(key_data[len(key_data)//2:])
         curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
         key = ec.EllipticCurvePublicNumbers(x=x, y=y, curve=curve_class()).public_key(backend=default_backend())
         dss_signature = self._encode_dss_signature(raw_signature, key.key_size)
         key.verify(
             dss_signature,
             data=signed_info_c14n,
             signature_algorithm=ec.ECDSA(
                 self._get_signature_digest_method(signature_alg)
             ),
         )
     elif "dsa-" in signature_alg:
         dsa_key_value = self._find(key_value, "DSAKeyValue")
         p = self._get_long(dsa_key_value, "P")
         q = self._get_long(dsa_key_value, "Q")
         g = self._get_long(dsa_key_value, "G", require=False)
         y = self._get_long(dsa_key_value, "Y")
         pn = dsa.DSAPublicNumbers(y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
         key = pn.public_key(backend=default_backend())
         # TODO: supply meaningful key_size_bits for signature length assertion
         dss_signature = self._encode_dss_signature(raw_signature, len(raw_signature) * 8 / 2)
         key.verify(dss_signature,
                    data=signed_info_c14n,
                    algorithm=self._get_signature_digest_method(signature_alg))
     elif "rsa-" in signature_alg:
         rsa_key_value = self._find(key_value, "RSAKeyValue")
         modulus = self._get_long(rsa_key_value, "Modulus")
         exponent = self._get_long(rsa_key_value, "Exponent")
         key = rsa.RSAPublicNumbers(e=exponent, n=modulus).public_key(backend=default_backend())
         key.verify(raw_signature,
                    data=signed_info_c14n,
                    padding=PKCS1v15(),
                    algorithm=self._get_signature_digest_method(signature_alg))
     else:
         raise NotImplementedError()
示例#10
0
    def get_pubkey(self):
        """Get the public key of an asymmetric key"""
        msg = struct.pack('!H', self.id)
        ret = self.session.send_secure_cmd(COMMAND.GET_PUBKEY, msg)
        algo = six.indexbytes(ret, 0)
        raw_key = ret[1:]
        if algo in [ALGO.RSA_2048, ALGO.RSA_3072, ALGO.RSA_4096]:
            num = int_from_bytes(raw_key, 'big')
            pubkey = rsa.RSAPublicNumbers(e=0x10001, n=num)
        elif algo in [ALGO.EC_P224, ALGO.EC_P256, ALGO.EC_P384, ALGO.EC_P521, ALGO.EC_K256,
                      ALGO.EC_BP256, ALGO.EC_BP384, ALGO.EC_BP512]:
            clen = len(raw_key) // 2
            x = int_from_bytes(raw_key[:clen], 'big')
            y = int_from_bytes(raw_key[clen:], 'big')
            curve = ALGO.to_curve(algo)
            pubkey = ec.EllipticCurvePublicNumbers(curve=curve(), x=x, y=y)
        elif algo in [ALGO.EC_ED25519]:
            return Ed25519PublicKey(raw_key)

        return pubkey.public_key(backend=default_backend())
示例#11
0
    def from_point(cls,
                   x,
                   y,
                   network=network.default,
                   compressed=True,
                   backend=default_backend()):
        """Create a public key from its point coordinates.

        A public key is a point on an elliptic curve, i.e. a pair (x, y) that
        satisfies the curve equation.
        """

        public_numbers = ec.EllipticCurvePublicNumbers(x, y, network.curve)

        try:
            key = public_numbers.public_key(backend)
        except ValueError:
            raise InvalidPoint()

        return cls(key, network, compressed)
示例#12
0
    def _ecdh(cls, curve: 'CoseCurve', private_key: 'EC2', public_key: 'EC2') -> bytes:
        if curve == curves.P256():
            curve_instance = SECP256R1()
        elif curve == curves.P384():
            curve_instance = SECP384R1()
        elif curve == curves.P521():
            curve_instance = SECP521R1()
        else:
            raise CoseIllegalCurve()

        d_value = int(hexlify(private_key.d), 16)
        x_value = int(hexlify(public_key.x), 16)
        y_value = int(hexlify(public_key.y), 16)

        d = ec.derive_private_key(d_value, curve_instance, default_backend())
        p = ec.EllipticCurvePublicNumbers(x_value, y_value, curve_instance)
        p = p.public_key(default_backend())

        shared_key = d.exchange(ECDH(), p)
        return shared_key
示例#13
0
    def test_with_numbers(self, backend, vector, hash_type):
        curve_type = ec._CURVE_TYPES[vector['curve']]

        _skip_ecdsa_vector(backend, curve_type, hash_type)

        key = ec.EllipticCurvePrivateNumbers(
            vector['d'],
            ec.EllipticCurvePublicNumbers(
                vector['x'],
                vector['y'],
                curve_type()
            )
        ).private_key(backend)
        assert key

        priv_num = key.private_numbers()
        assert priv_num.private_value == vector['d']
        assert priv_num.public_numbers.x == vector['x']
        assert priv_num.public_numbers.y == vector['y']
        assert curve_type().name == priv_num.public_numbers.curve.name
示例#14
0
    def test_signing_with_example_keys(self, backend, vector, hash_type):
        curve_type = ec._CURVE_TYPES[vector['curve']]

        _skip_ecdsa_vector(backend, curve_type, hash_type)

        key = ec.EllipticCurvePrivateNumbers(
            vector['d'],
            ec.EllipticCurvePublicNumbers(vector['x'], vector['y'],
                                          curve_type())).private_key(backend)
        assert key

        pkey = key.public_key()
        assert pkey

        signer = key.signer(ec.ECDSA(hash_type()))
        signer.update(b"YELLOW SUBMARINE")
        signature = signer.finalize()

        verifier = pkey.verifier(signature, ec.ECDSA(hash_type()))
        verifier.update(b"YELLOW SUBMARINE")
        verifier.verify()
示例#15
0
    def test_load_ssh_public_key_ecdsa_nist_p521(self, backend):
        _skip_curve_unsupported(backend, ec.SECP521R1())
        ssh_key = (
            b"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1"
            b"MjEAAACFBAGTrRhMSEgF6Ni+PXNz+5fjS4lw3ypUILVVQ0Av+0hQxOx+MyozELon"
            b"I8NKbrbBjijEs1GuImsmkTmWsMXS1j2A7wB4Kseh7W9KA9IZJ1+TMrzWUEwvOOXi"
            b"wT23pbaWWXG4NaM7vssWfZBnvz3S174TCXnJ+DSccvWBFnKP0KchzLKxbg== "
            b"root@cloud-server-01")
        key = load_ssh_public_key(ssh_key, backend)

        expected_x = int(
            "54124123120178189598842622575230904027376313369742467279346415219"
            "77809037378785192537810367028427387173980786968395921877911964629"
            "142163122798974160187785455", 10)
        expected_y = int(
            "16111775122845033200938694062381820957441843014849125660011303579"
            "15284560361402515564433711416776946492019498546572162801954089916"
            "006665939539407104638103918", 10)

        assert key.public_numbers() == ec.EllipticCurvePublicNumbers(
            expected_x, expected_y, ec.SECP521R1())
    def pubobjToKey(self, pubkey, session):
        t = session.getAttributeValue(pubkey, [PyKCS11.CKA_KEY_TYPE])[0]
        if t == PyKCS11.CKK_RSA:
            (modulus, pubexp) = session.getAttributeValue(
                pubkey, [PyKCS11.CKA_MODULUS, PyKCS11.CKA_PUBLIC_EXPONENT]
            )
            n = bytes(modulus)
            e = bytes(pubexp)
            key = rsa.RSAPublicNumbers(
                e=int(b2a_hex(e), 16), n=int(b2a_hex(n), 16)
            )
        elif t == PyKCS11.CKK_EC:
            (param, point) = session.getAttributeValue(
                pubkey, [PyKCS11.CKA_EC_PARAMS, PyKCS11.CKA_EC_POINT]
            )
            param = bytes(param)
            point = point[1:]
            if point[0] == 0x81:
                point = point[1:]
            self.assertEqual(point[0] + 1, len(point))
            point = bytes(point[1:])  # length byte
            if param == P256_PARAMS:
                curve = ec.SECP256R1()
                clen = 32
            elif param == P384_PARAMS:
                curve = ec.SECP384R1()
                clen = 48
            elif param == P521_PARAMS:
                curve = ec.SECP521R1()
                clen = 66
            else:
                print("no curve.. %d - %d" % (len(param), len(P256_PARAMS)))
                return
            x = point[1 : 1 + len(point) // 2]
            y = point[1 + len(point) // 2 :]
            key = ec.EllipticCurvePublicNumbers(
                curve=curve, x=int(b2a_hex(x), 16), y=int(b2a_hex(y), 16)
            )

        return key.public_key(backend=default_backend())
示例#17
0
    def shared_secret(private_key: 'CK', public_key: 'CK') -> bytes:
        """ Compute the shared secret. """

        if public_key.crv == X25519:
            d = X25519PrivateKey.from_private_bytes(private_key.d)
            x = X25519PublicKey.from_public_bytes(public_key.x)
        elif public_key.crv == X448:
            d = X448PrivateKey.from_private_bytes(private_key.d)

            x = X448PublicKey.from_public_bytes(public_key.x)
        elif public_key.crv == P256:
            d = ec.derive_private_key(int(hexlify(private_key.d), 16),
                                      SECP256R1(), default_backend())

            x = ec.EllipticCurvePublicNumbers(int(hexlify(public_key.x), 16),
                                              int(hexlify(public_key.y), 16),
                                              SECP256R1())
        else:
            raise CoseIllegalCurve(f"{public_key.crv} is unsupported")

        secret = d.exchange(x)
        return secret
示例#18
0
    def check_signature(self, message, signature):
        byte_message = pickle.dumps(message)

        if message['sender_address'] == "system":
            return True

        if not message['sender_address'] == self.generate_address(message['public_key']):
            print("Sender Address isn't the same as the generate addresss")
            return False

        pub = ec.EllipticCurvePublicNumbers(
                message['public_key'].x,
                message['public_key'].y,
                self.CURVE
            ).public_key(default_backend())

        try:
            pub.verify(signature, byte_message, self.SIGNATURE_ALGORITHM)
        except cryptography.exceptions.InvalidSignature:
            return False
        else:
            return True
示例#19
0
def get_key(url, key_id):
    print('\nRequesting key with id = ' + key_id)
    try:
        rsp = requests.get('%s/keys/%s' % (url, key_id))
    except:
        return Fail.NODE_OFFLINE

    if rsp.status_code != 200:
        print(rsp.text)
        return Fail.KEY_GET

    key = rsp.json()
    print('Received:\n' + json.dumps(key, indent=2))

    # Construct public key
    x = int.from_bytes(b64url_decode_without_padding(key['pub_key']['x']),
                       'big')
    y = int.from_bytes(b64url_decode_without_padding(key['pub_key']['y']),
                       'big')

    return ec.EllipticCurvePublicNumbers(x, y, ec.SECP256K1()).public_key(
        default_backend())
    def test_load_ssh_public_key_ecdsa_nist_p384(self, backend):
        _skip_curve_unsupported(backend, ec.SECP384R1())
        ssh_key = (
            b"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAz"
            b"ODQAAABhBMzucOm9wbwg4iMr5QL0ya0XNQGXpw4wM5f12E3tWhdcrzyGHyel71t1"
            b"4bvF9JZ2/WIuSxUr33XDl8jYo+lMQ5N7Vanc7f7i3AR1YydatL3wQfZStQ1I3rBa"
            b"qQtRSEU8Tg== root@cloud-server-01"
        )
        key = load_ssh_public_key(ssh_key, backend)

        expected_x = int(
            "31541830871345183397582554827482786756220448716666815789487537666"
            "592636882822352575507883817901562613492450642523901", 10
        )
        expected_y = int(
            "15111413269431823234030344298767984698884955023183354737123929430"
            "995703524272335782455051101616329050844273733614670", 10
        )

        assert key.public_numbers() == ec.EllipticCurvePublicNumbers(
            expected_x, expected_y, ec.SECP384R1()
        )
示例#21
0
文件: ec.py 项目: docovarr2020/DIYnow
    def public_numbers(self):
        set_func, get_func, group = (
            self._backend._ec_key_determine_group_get_set_funcs(self._ec_key)
        )
        point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
        self._backend.openssl_assert(point != self._backend._ffi.NULL)

        with self._backend._tmp_bn_ctx() as bn_ctx:
            bn_x = self._backend._lib.BN_CTX_get(bn_ctx)
            bn_y = self._backend._lib.BN_CTX_get(bn_ctx)

            res = get_func(group, point, bn_x, bn_y, bn_ctx)
            self._backend.openssl_assert(res == 1)

            x = self._backend._bn_to_int(bn_x)
            y = self._backend._bn_to_int(bn_y)

        return ec.EllipticCurvePublicNumbers(
            x=x,
            y=y,
            curve=self._curve
        )
示例#22
0
def public_to_key(obj):
    key = None
    if obj.type == TPM2_ALG.RSA:
        b = obj.unique.rsa.buffer
        n = int.from_bytes(b, byteorder="big")
        e = obj.parameters.rsaDetail.exponent
        if e == 0:
            e = 65537
        nums = rsa.RSAPublicNumbers(e, n)
        key = nums.public_key(backend=default_backend())
    elif obj.type == TPM2_ALG.ECC:
        curve = _get_curve(obj.parameters.eccDetail.curveID)
        if curve is None:
            raise ValueError(
                f"unsupported curve: {obj.parameters.eccDetail.curveID}")
        x = int.from_bytes(obj.unique.ecc.x, byteorder="big")
        y = int.from_bytes(obj.unique.ecc.y, byteorder="big")
        nums = ec.EllipticCurvePublicNumbers(x, y, curve())
        key = nums.public_key(backend=default_backend())
    else:
        raise ValueError(f"unsupported key type: {obj.type}")

    return key
示例#23
0
文件: jwk.py 项目: revensky/psion
    def __init__(self,
                 crv: str,
                 x: str,
                 y: str,
                 d: Optional[str] = None,
                 **ignore) -> None:
        if crv not in self.CURVES.keys():
            raise InvalidKey(f'Unknown curve: "{crv}".')

        self._private = None
        self._public = None

        curve = self.CURVES[crv]
        x_coord = b64_to_int(x)
        y_coord = b64_to_int(y)

        public = ec.EllipticCurvePublicNumbers(x_coord, y_coord, curve)
        self._public: EC_PUBLIC = public.public_key(default_backend())

        if d:
            private_value = b64_to_int(d)
            private = ec.EllipticCurvePrivateNumbers(private_value, public)
            self._private: EC_PRIVATE = private.private_key(default_backend())
示例#24
0
    def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature, key_value, signature_alg):
        if "ecdsa-" in signature_alg:
            ec_key_value = self._find(key_value, "ECKeyValue", namespace="ds11")
            named_curve = self._find(ec_key_value, "NamedCurve", namespace="ds11")
            public_key = self._find(ec_key_value, "PublicKey", namespace="ds11")
            key_data = b64decode(public_key.text)[1:]
            x = bytes_to_long(key_data[:len(key_data)//2])
            y = bytes_to_long(key_data[len(key_data)//2:])
            curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
            key = ec.EllipticCurvePublicNumbers(x=x, y=y, curve=curve_class()).public_key(backend=default_backend())
            verifier = key.verifier(raw_signature, ec.ECDSA(self._get_signature_digest_method(signature_alg)))
        elif "dsa-" in signature_alg:
            dsa_key_value = self._find(key_value, "DSAKeyValue")
            p = self._get_long(dsa_key_value, "P")
            q = self._get_long(dsa_key_value, "Q")
            g = self._get_long(dsa_key_value, "G", require=False)
            y = self._get_long(dsa_key_value, "Y")
            pn = dsa.DSAPublicNumbers(y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
            key = pn.public_key(backend=default_backend())
            def as_der_sequence(r, s):
                return long_to_bytes(0x30) + long_to_bytes(len(r) + len(s)) + r + s
            def as_der_integer(i):
                return long_to_bytes(0x02) + long_to_bytes(len(i)) + i
            sig_as_der_seq = as_der_sequence(as_der_integer(raw_signature[:len(raw_signature)//2]),
                                             as_der_integer(raw_signature[len(raw_signature)//2:]))
            verifier = key.verifier(sig_as_der_seq, self._get_signature_digest_method(signature_alg))
        elif "rsa-" in signature_alg:
            rsa_key_value = self._find(key_value, "RSAKeyValue")
            modulus = self._get_long(rsa_key_value, "Modulus")
            exponent = self._get_long(rsa_key_value, "Exponent")
            key = rsa.RSAPublicNumbers(e=exponent, n=modulus).public_key(backend=default_backend())
            verifier = key.verifier(raw_signature, padding=PKCS1v15(), algorithm=self._get_signature_digest_method(signature_alg))
        else:
            raise NotImplementedError()

        verifier.update(signed_info_c14n)
        verifier.verify()
示例#25
0
 def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature, key_value, signature_alg):
     if "ecdsa-" in signature_alg:
         ec_key_value = self._find(key_value, "ECKeyValue", namespace="dsig11")
         named_curve = self._find(ec_key_value, "NamedCurve", namespace="dsig11")
         public_key = self._find(ec_key_value, "PublicKey", namespace="dsig11")
         key_data = b64decode(public_key.text)[1:]
         x = bytes_to_long(key_data[:len(key_data)//2])
         y = bytes_to_long(key_data[len(key_data)//2:])
         curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
         key = ec.EllipticCurvePublicNumbers(x=x, y=y, curve=curve_class()).public_key(backend=default_backend())
         key.verify(raw_signature,
                    data=signed_info_c14n,
                    signature_algorithm=ec.ECDSA(self._get_signature_digest_method(signature_alg)))
     elif "dsa-" in signature_alg:
         dsa_key_value = self._find(key_value, "DSAKeyValue")
         p = self._get_long(dsa_key_value, "P")
         q = self._get_long(dsa_key_value, "Q")
         g = self._get_long(dsa_key_value, "G", require=False)
         y = self._get_long(dsa_key_value, "Y")
         pn = dsa.DSAPublicNumbers(y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
         key = pn.public_key(backend=default_backend())
         from asn1crypto.algos import DSASignature
         sig_as_der_seq = DSASignature.from_p1363(raw_signature).dump()
         key.verify(sig_as_der_seq,
                    data=signed_info_c14n,
                    algorithm=self._get_signature_digest_method(signature_alg))
     elif "rsa-" in signature_alg:
         rsa_key_value = self._find(key_value, "RSAKeyValue")
         modulus = self._get_long(rsa_key_value, "Modulus")
         exponent = self._get_long(rsa_key_value, "Exponent")
         key = rsa.RSAPublicNumbers(e=exponent, n=modulus).public_key(backend=default_backend())
         key.verify(raw_signature,
                    data=signed_info_c14n,
                    padding=PKCS1v15(),
                    algorithm=self._get_signature_digest_method(signature_alg))
     else:
         raise NotImplementedError()
示例#26
0
    def test_signature_failures(self, backend, subtests):
        vectors = load_vectors_from_file(
            os.path.join("asymmetric", "ECDSA", "FIPS_186-3", "SigVer.rsp"),
            load_fips_ecdsa_signing_vectors,
        )
        for vector in vectors:
            with subtests.test():
                hash_type = _HASH_TYPES[vector["digest_algorithm"]]
                curve_type = ec._CURVE_TYPES[vector["curve"]]

                _skip_ecdsa_vector(backend, curve_type, hash_type)

                key = ec.EllipticCurvePublicNumbers(
                    vector["x"], vector["y"], curve_type()).public_key(backend)

                signature = encode_dss_signature(vector["r"], vector["s"])

                if vector["fail"] is True:
                    with pytest.raises(exceptions.InvalidSignature):
                        key.verify(signature, vector["message"],
                                   ec.ECDSA(hash_type()))
                else:
                    key.verify(signature, vector["message"],
                               ec.ECDSA(hash_type()))
    def _process_jwk(self, jwk_dict):
        if not jwk_dict.get('kty') == 'EC':
            raise JWKError("Incorrect key type. Expected: 'EC', Received: %s" % jwk_dict.get('kty'))

        if not all(k in jwk_dict for k in ['x', 'y', 'crv']):
            raise JWKError('Mandatory parameters are missing')

        x = base64_to_long(jwk_dict.get('x'))
        y = base64_to_long(jwk_dict.get('y'))
        curve = {
            'P-256': ec.SECP256R1,
            'P-384': ec.SECP384R1,
            'P-521': ec.SECP521R1,
        }[jwk_dict['crv']]

        public = ec.EllipticCurvePublicNumbers(x, y, curve())

        if 'd' in jwk_dict:
            d = base64_to_long(jwk_dict.get('d'))
            private = ec.EllipticCurvePrivateNumbers(d, public)

            return private.private_key(self.cryptography_backend())
        else:
            return public.public_key(self.cryptography_backend())
示例#28
0
    def test_signing_with_example_keys(self, backend, vector, hash_type):
        curve_type = ec._CURVE_TYPES[vector["curve"]]

        _skip_ecdsa_vector(backend, curve_type, hash_type)

        key = ec.EllipticCurvePrivateNumbers(
            vector["d"],
            ec.EllipticCurvePublicNumbers(vector["x"], vector["y"],
                                          curve_type()),
        ).private_key(backend)
        assert key

        pkey = key.public_key()
        assert pkey

        with pytest.warns(CryptographyDeprecationWarning):
            signer = key.signer(ec.ECDSA(hash_type()))
        signer.update(b"YELLOW SUBMARINE")
        signature = signer.finalize()

        with pytest.warns(CryptographyDeprecationWarning):
            verifier = pkey.verifier(signature, ec.ECDSA(hash_type()))
        verifier.update(b"YELLOW SUBMARINE")
        verifier.verify()
示例#29
0
    def test_signing_with_example_keys(self, backend, subtests):
        vectors = itertools.product(
            load_vectors_from_file(
                os.path.join(
                    "asymmetric", "ECDSA", "FIPS_186-3", "KeyPair.rsp"
                ),
                load_fips_ecdsa_key_pair_vectors,
            ),
            _HASH_TYPES.values(),
        )
        for vector, hash_type in vectors:
            with subtests.test():
                curve_type = ec._CURVE_TYPES[vector["curve"]]

                _skip_ecdsa_vector(backend, curve_type, hash_type)

                key = ec.EllipticCurvePrivateNumbers(
                    vector["d"],
                    ec.EllipticCurvePublicNumbers(
                        vector["x"], vector["y"], curve_type()
                    ),
                ).private_key(backend)
                assert key

                pkey = key.public_key()
                assert pkey

                with pytest.warns(CryptographyDeprecationWarning):
                    signer = key.signer(ec.ECDSA(hash_type()))
                signer.update(b"YELLOW SUBMARINE")
                signature = signer.finalize()

                with pytest.warns(CryptographyDeprecationWarning):
                    verifier = pkey.verifier(signature, ec.ECDSA(hash_type()))
                verifier.update(b"YELLOW SUBMARINE")
                verifier.verify()
示例#30
0
 def test_private_numbers_eq(self):
     pub = ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
     priv = ec.EllipticCurvePrivateNumbers(1, pub)
     assert priv == ec.EllipticCurvePrivateNumbers(
         1, ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1()))