def miller_rabin_primality_testing(n, k): """Calculates whether n is composite (which is always correct) or prime (which theoretically is incorrect with error probability 4**-k), by applying Miller-Rabin primality testing. For reference and implementation example, see: https://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test :param n: Integer to be tested for primality. :type n: int :param k: Number of rounds (witnesses) of Miller-Rabin testing. :type k: int :return: False if the number is composite, True if it's probably prime. :rtype: bool """ # prevent potential infinite loop when d = 0 if n < 2: return False # Decompose (n - 1) to write it as (2 ** r) * d # While d is even, divide it by 2 and increase the exponent. d = n - 1 r = 0 while not (d & 1): r += 1 d >>= 1 # Test k witnesses. for _ in range(k): # Generate random integer a, where 2 <= a <= (n - 2) a = third_party.rsa.randnum.randint(n - 3) + 1 x = pow(a, d, n) if x == 1 or x == n - 1: continue for _ in range(r - 1): x = pow(x, 2, n) if x == 1: # n is composite. return False if x == n - 1: # Exit inner loop and continue with next witness. break else: # If loop doesn't break, n is composite. return False return True
def save_pem(contents, pem_marker): """Saves a PEM file. :param contents: the contents to encode in PEM format :param pem_marker: the marker of the PEM content, such as 'RSA PRIVATE KEY' when your file has '-----BEGIN RSA PRIVATE KEY-----' and '-----END RSA PRIVATE KEY-----' markers. :return: the base64-encoded content between the start and end markers, as bytes. """ (pem_start, pem_end) = _markers(pem_marker) b64 = ubinascii.b2a_base64(contents).replace(b'\n', b'') pem_lines = [pem_start] for block_start in range(0, len(b64), 64): block = b64[block_start:block_start + 64] pem_lines.append(block) pem_lines.append(pem_end) pem_lines.append(b'') return b'\n'.join(pem_lines)
def mgf1(seed, length, hasher='SHA-1'): """ MGF1 is a Mask Generation Function based on a hash function. A mask generation function takes an octet string of variable length and a desired output length as input, and outputs an octet string of the desired length. The plaintext-awareness of RSAES-OAEP relies on the random nature of the output of the mask generation function, which in turn relies on the random nature of the underlying hash. :param bytes seed: seed from which mask is generated, an octet string :param int length: intended length in octets of the mask, at most 2^32(hLen) :param str hasher: hash function (hLen denotes the length in octets of the hash function output) :return: mask, an octet string of length `length` :rtype: bytes :raise OverflowError: when `length` is too large for the specified `hasher` :raise ValueError: when specified `hasher` is invalid """ try: hash_length = pkcs1.HASH_METHODS[hasher]().digest_size except KeyError: raise ValueError( 'Invalid `hasher` specified. Please select one of: {hash_list}'. format(hash_list=', '.join(sorted(pkcs1.HASH_METHODS.keys())))) # If l > 2^32(hLen), output "mask too long" and stop. if length > (2**32 * hash_length): raise OverflowError( "Desired length should be at most 2**32 times the hasher's output " "length ({hash_length} for {hasher} function)".format( hash_length=hash_length, hasher=hasher, )) # Looping `counter` from 0 to ceil(l / hLen)-1, build `output` based on the # hashes formed by (`seed` + C), being `C` an octet string of length 4 # generated by converting `counter` with the primitive I2OSP output = b''.join( pkcs1.compute_hash( seed + transform.int2bytes(counter, fill_size=4), method_name=hasher, ) for counter in range(common.ceil_div(length, hash_length) + 1)) # Output the leading `length` octets of `output` as the octet string mask. return output[:length]
def getprime(nbits, poolsize): """Returns a prime number that can be stored in 'nbits' bits. Works in multiple threads at the same time. >>> p = getprime(128, 3) >>> rsa.prime.is_prime(p-1) False >>> rsa.prime.is_prime(p) True >>> rsa.prime.is_prime(p+1) False >>> from rsa import common >>> common.bit_size(p) == 128 True """ (pipe_recv, pipe_send) = mp.Pipe(duplex=False) # Create processes try: procs = [mp.Process(target=_find_prime, args=(nbits, pipe_send)) for _ in range(poolsize)] # Start processes for p in procs: p.start() result = pipe_recv.recv() finally: pipe_recv.close() pipe_send.close() # Terminate processes for p in procs: p.terminate() return result
# Generate the key components (p, q, e, d) = gen_keys(nbits, getprime_func, accurate=accurate, exponent=exponent) # Create the key objects n = p * q return (PublicKey(n, e), PrivateKey(n, e, d, p, q)) __all__ = ['PublicKey', 'PrivateKey', 'newkeys'] if __name__ == '__main__': import doctest try: for count in range(100): (failures, tests) = doctest.testmod() if failures: break if (count % 10 == 0 and count) or count == 1: print('%i times' % count) except KeyboardInterrupt: print('Aborted') else: print('Doctests done')