Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Branch: mergelibs-240905-0836
Branches Tags
ydb
/
contrib
/
python
/
rsa
/
py2
/
tests
/
test_pkcs1.py

test_pkcs1.py 8.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184 
  1. # -*- coding: utf-8 -*-
    2. 

  2. #
    3. 

  3. #  Copyright 2011 Sybren A. Stüvel <sybren@stuvel.eu>
    4. 

  4. #
    5. 

  5. #  Licensed under the Apache License, Version 2.0 (the "License");
    6. 

  6. #  you may not use this file except in compliance with the License.
    7. 

  7. #  You may obtain a copy of the License at
    8. 

  8. #
    9. 

  9. #      https://www.apache.org/licenses/LICENSE-2.0
    10. 

  10. #
    11. 

  11. #  Unless required by applicable law or agreed to in writing, software
    12. 

  12. #  distributed under the License is distributed on an "AS IS" BASIS,
    13. 

  13. #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14. 

  14. #  See the License for the specific language governing permissions and
    15. 

  15. #  limitations under the License.
    16. 

  16. 

  17. """Tests string operations."""
    18. 

  18. 

  19. import struct
    20. 

  20. import sys
    21. 

  21. import unittest
    22. 

  22. 

  23. import rsa
    24. 

  24. from rsa import pkcs1
    25. 

  25. from rsa._compat import byte, is_bytes
    26. 

  26. 

  27. 

  28. class BinaryTest(unittest.TestCase):
    29. 

  29.     def setUp(self):
    30. 

  30.         (self.pub, self.priv) = rsa.newkeys(256)
    31. 

  31. 

  32.     def test_enc_dec(self):
    33. 

  33.         message = struct.pack('>IIII', 0, 0, 0, 1)
    34. 

  34.         print("\tMessage:   %r" % message)
    35. 

  35. 

  36.         encrypted = pkcs1.encrypt(message, self.pub)
    37. 

  37.         print("\tEncrypted: %r" % encrypted)
    38. 

  38. 

  39.         decrypted = pkcs1.decrypt(encrypted, self.priv)
    40. 

  40.         print("\tDecrypted: %r" % decrypted)
    41. 

  41. 

  42.         self.assertEqual(message, decrypted)
    43. 

  43. 

  44.     def test_decoding_failure(self):
    45. 

  45.         message = struct.pack('>IIII', 0, 0, 0, 1)
    46. 

  46.         encrypted = pkcs1.encrypt(message, self.pub)
    47. 

  47. 

  48.         # Alter the encrypted stream
    49. 

  49.         a = encrypted[5]
    50. 

  50.         if is_bytes(a):
    51. 

  51.             a = ord(a)
    52. 

  52.         altered_a = (a + 1) % 256
    53. 

  53.         encrypted = encrypted[:5] + byte(altered_a) + encrypted[6:]
    54. 

  54. 

  55.         self.assertRaises(pkcs1.DecryptionError, pkcs1.decrypt, encrypted,
    56. 

  56.                           self.priv)
    57. 

  57. 

  58.     def test_randomness(self):
    59. 

  59.         """Encrypting the same message twice should result in different
    60. 

  60.         cryptos.
    61. 

  61.         """
    62. 

  62. 

  63.         message = struct.pack('>IIII', 0, 0, 0, 1)
    64. 

  64.         encrypted1 = pkcs1.encrypt(message, self.pub)
    65. 

  65.         encrypted2 = pkcs1.encrypt(message, self.pub)
    66. 

  66. 

  67.         self.assertNotEqual(encrypted1, encrypted2)
    68. 

  68. 

  69. 

  70. class ExtraZeroesTest(unittest.TestCase):
    71. 

  71.     def setUp(self):
    72. 

  72.         # Key, cyphertext, and plaintext taken from https://github.com/sybrenstuvel/python-rsa/issues/146
    73. 

  73.         self.private_key = rsa.PrivateKey.load_pkcs1(
    74. 

  74.             "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAs1EKK81M5kTFtZSuUFnhKy8FS2WNXaWVmi/fGHG4CLw98+Yo\n0nkuUarVwSS0O9pFPcpc3kvPKOe9Tv+6DLS3Qru21aATy2PRqjqJ4CYn71OYtSwM\n/ZfSCKvrjXybzgu+sBmobdtYm+sppbdL+GEHXGd8gdQw8DDCZSR6+dPJFAzLZTCd\nB+Ctwe/RXPF+ewVdfaOGjkZIzDoYDw7n+OHnsYCYozkbTOcWHpjVevipR+IBpGPi\n1rvKgFnlcG6d/tj0hWRl/6cS7RqhjoiNEtxqoJzpXs/Kg8xbCxXbCchkf11STA8u\ndiCjQWuWI8rcDwl69XMmHJjIQAqhKvOOQ8rYTQIDAQABAoIBABpQLQ7qbHtp4h1Y\nORAfcFRW7Q74UvtH/iEHH1TF8zyM6wZsYtcn4y0mxYE3Mp+J0xlTJbeVJkwZXYVH\nL3UH29CWHSlR+TWiazTwrCTRVJDhEoqbcTiRW8fb+o/jljVxMcVDrpyYUHNo2c6w\njBxhmKPtp66hhaDpds1Cwi0A8APZ8Z2W6kya/L/hRBzMgCz7Bon1nYBMak5PQEwV\nF0dF7Wy4vIjvCzO6DSqA415DvJDzUAUucgFudbANNXo4HJwNRnBpymYIh8mHdmNJ\n/MQ0YLSqUWvOB57dh7oWQwe3UsJ37ZUorTugvxh3NJ7Tt5ZqbCQBEECb9ND63gxo\n/a3YR/0CgYEA7BJc834xCi/0YmO5suBinWOQAF7IiRPU+3G9TdhWEkSYquupg9e6\nK9lC5k0iP+t6I69NYF7+6mvXDTmv6Z01o6oV50oXaHeAk74O3UqNCbLe9tybZ/+F\ndkYlwuGSNttMQBzjCiVy0+y0+Wm3rRnFIsAtd0RlZ24aN3bFTWJINIsCgYEAwnQq\nvNmJe9SwtnH5c/yCqPhKv1cF/4jdQZSGI6/p3KYNxlQzkHZ/6uvrU5V27ov6YbX8\nvKlKfO91oJFQxUD6lpTdgAStI3GMiJBJIZNpyZ9EWNSvwUj28H34cySpbZz3s4Xd\nhiJBShgy+fKURvBQwtWmQHZJ3EGrcOI7PcwiyYcCgYEAlql5jSUCY0ALtidzQogW\nJ+B87N+RGHsBuJ/0cxQYinwg+ySAAVbSyF1WZujfbO/5+YBN362A/1dn3lbswCnH\nK/bHF9+fZNqvwprPnceQj5oK1n4g6JSZNsy6GNAhosT+uwQ0misgR8SQE4W25dDG\nkdEYsz+BgCsyrCcu8J5C+tUCgYAFVPQbC4f2ikVyKzvgz0qx4WUDTBqRACq48p6e\n+eLatv7nskVbr7QgN+nS9+Uz80ihR0Ev1yCAvnwmM/XYAskcOea87OPmdeWZlQM8\nVXNwINrZ6LMNBLgorfuTBK1UoRo1pPUHCYdqxbEYI2unak18mikd2WB7Fp3h0YI4\nVpGZnwKBgBxkAYnZv+jGI4MyEKdsQgxvROXXYOJZkWzsKuKxVkVpYP2V4nR2YMOJ\nViJQ8FUEnPq35cMDlUk4SnoqrrHIJNOvcJSCqM+bWHAioAsfByLbUPM8sm3CDdIk\nXVJl32HuKYPJOMIWfc7hIfxLRHnCN+coz2M6tgqMDs0E/OfjuqVZ\n-----END RSA PRIVATE KEY-----",
    75. 

  75.             format='PEM')
    76. 

  76.         cyphertext = "4501b4d669e01b9ef2dc800aa1b06d49196f5a09fe8fbcd037323c60eaf027bfb98432be4e4a26c567ffec718bcbea977dd26812fa071c33808b4d5ebb742d9879806094b6fbeea63d25ea3141733b60e31c6912106e1b758a7fe0014f075193faa8b4622bfd5d3013f0a32190a95de61a3604711bc62945f95a6522bd4dfed0a994ef185b28c281f7b5e4c8ed41176d12d9fc1b837e6a0111d0132d08a6d6f0580de0c9eed8ed105531799482d1e466c68c23b0c222af7fc12ac279bc4ff57e7b4586d209371b38c4c1035edd418dc5f960441cb21ea2bedbfea86de0d7861e81021b650a1de51002c315f1e7c12debe4dcebf790caaa54a2f26b149cf9e77d"
    77. 

  77.         plaintext = "54657374"
    78. 

  78. 

  79.         if sys.version_info < (3, 0):
    80. 

  80.             self.cyphertext = cyphertext.decode("hex")
    81. 

  81.             self.plaintext = plaintext.decode('hex')
    82. 

  82.         else:
    83. 

  83.             self.cyphertext = bytes.fromhex(cyphertext)
    84. 

  84.             self.plaintext = bytes.fromhex(plaintext)
    85. 

  85. 

  86.     def test_unmodified(self):
    87. 

  87.         message = rsa.decrypt(self.cyphertext, self.private_key)
    88. 

  88.         self.assertEqual(message, self.plaintext)
    89. 

  89. 

  90.     def test_prepend_zeroes(self):
    91. 

  91.         cyphertext = b'\00\00' + self.cyphertext
    92. 

  92.         with self.assertRaises(rsa.DecryptionError):
    93. 

  93.             rsa.decrypt(cyphertext, self.private_key)
    94. 

  94. 

  95.     def test_append_zeroes(self):
    96. 

  96.         cyphertext = self.cyphertext + b'\00\00'
    97. 

  97.         with self.assertRaises(rsa.DecryptionError):
    98. 

  98.             rsa.decrypt(cyphertext, self.private_key)
    99. 

  99. 

  100. 

  101. class SignatureTest(unittest.TestCase):
    102. 

  102.     def setUp(self):
    103. 

  103.         (self.pub, self.priv) = rsa.newkeys(512)
    104. 

  104. 

  105.     def test_sign_verify(self):
    106. 

  106.         """Test happy flow of sign and verify"""
    107. 

  107. 

  108.         message = b'je moeder'
    109. 

  109.         signature = pkcs1.sign(message, self.priv, 'SHA-256')
    110. 

  110. 

  111.         self.assertEqual('SHA-256', pkcs1.verify(message, signature, self.pub))
    112. 

  112. 

  113.     def test_find_signature_hash(self):
    114. 

  114.         """Test happy flow of sign and find_signature_hash"""
    115. 

  115. 

  116.         message = b'je moeder'
    117. 

  117.         signature = pkcs1.sign(message, self.priv, 'SHA-256')
    118. 

  118. 

  119.         self.assertEqual('SHA-256', pkcs1.find_signature_hash(signature, self.pub))
    120. 

  120. 

  121.     def test_alter_message(self):
    122. 

  122.         """Altering the message should let the verification fail."""
    123. 

  123. 

  124.         signature = pkcs1.sign(b'je moeder', self.priv, 'SHA-256')
    125. 

  125.         self.assertRaises(pkcs1.VerificationError, pkcs1.verify,
    126. 

  126.                           b'mijn moeder', signature, self.pub)
    127. 

  127. 

  128.     def test_sign_different_key(self):
    129. 

  129.         """Signing with another key should let the verification fail."""
    130. 

  130. 

  131.         (otherpub, _) = rsa.newkeys(512)
    132. 

  132. 

  133.         message = b'je moeder'
    134. 

  134.         signature = pkcs1.sign(message, self.priv, 'SHA-256')
    135. 

  135.         self.assertRaises(pkcs1.VerificationError, pkcs1.verify,
    136. 

  136.                           message, signature, otherpub)
    137. 

  137. 

  138.     def test_multiple_signings(self):
    139. 

  139.         """Signing the same message twice should return the same signatures."""
    140. 

  140. 

  141.         message = struct.pack('>IIII', 0, 0, 0, 1)
    142. 

  142.         signature1 = pkcs1.sign(message, self.priv, 'SHA-1')
    143. 

  143.         signature2 = pkcs1.sign(message, self.priv, 'SHA-1')
    144. 

  144. 

  145.         self.assertEqual(signature1, signature2)
    146. 

  146. 

  147.     def test_split_hash_sign(self):
    148. 

  148.         """Hashing and then signing should match with directly signing the message. """
    149. 

  149. 

  150.         message = b'je moeder'
    151. 

  151.         msg_hash = pkcs1.compute_hash(message, 'SHA-256')
    152. 

  152.         signature1 = pkcs1.sign_hash(msg_hash, self.priv, 'SHA-256')
    153. 

  153. 

  154.         # Calculate the signature using the unified method
    155. 

  155.         signature2 = pkcs1.sign(message, self.priv, 'SHA-256')
    156. 

  156. 

  157.         self.assertEqual(signature1, signature2)
    158. 

  158. 

  159.     def test_hash_sign_verify(self):
    160. 

  160.         """Test happy flow of hash, sign, and verify"""
    161. 

  161. 

  162.         message = b'je moeder'
    163. 

  163.         msg_hash = pkcs1.compute_hash(message, 'SHA-224')
    164. 

  164.         signature = pkcs1.sign_hash(msg_hash, self.priv, 'SHA-224')
    165. 

  165. 

  166.         self.assertTrue(pkcs1.verify(message, signature, self.pub))
    167. 

  167. 

  168.     def test_prepend_zeroes(self):
    169. 

  169.         """Prepending the signature with zeroes should be detected."""
    170. 

  170. 

  171.         message = b'je moeder'
    172. 

  172.         signature = pkcs1.sign(message, self.priv, 'SHA-256')
    173. 

  173.         signature = b'\00\00' + signature
    174. 

  174.         with self.assertRaises(rsa.VerificationError):
    175. 

  175.             pkcs1.verify(message, signature, self.pub)
    176. 

  176. 

  177.     def test_apppend_zeroes(self):
    178. 

  178.         """Apppending the signature with zeroes should be detected."""
    179. 

  179. 

  180.         message = b'je moeder'
    181. 

  181.         signature = pkcs1.sign(message, self.priv, 'SHA-256')
    182. 

  182.         signature = signature + b'\00\00'
    183. 

  183.         with self.assertRaises(rsa.VerificationError):
    184. 

  184.             pkcs1.verify(message, signature, self.pub)
    185.