-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PKCS#1 2.0: Implementation of MGF1 #89
Conversation
@sybrenstuvel any feedback about this? |
Hey dude! Sorry, had a crazy busy period. I'm looking forward to diving into your code this weekend ;-) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good! I only have a few minor comments.
rsa/pkcs1_v2.py
Outdated
|
||
# If l > 2^32(hLen), output "mask too long" and stop. | ||
if length > (2**32 * hash_length): | ||
raise OverflowError |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a message to the OverflowError with description of the error.
rsa/pkcs1_v2.py
Outdated
:param hasher: hash function (hLen denotes the length in octets of the hash | ||
function output) | ||
|
||
:return: mask, an octet string of length `length` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add :rtype: bytes
so that it's clear bytes are returned. This also helps IDEs that parse the docstring to perform autocompletion and linting.
rsa/pkcs1_v2.py
Outdated
c = transform.int2bytes(counter, fill_size=4) | ||
|
||
# Concatenate the hash of the `seed` and C to the octet string `output` | ||
output += pkcs1._hash(seed + c, method_name=hasher) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a bad idea. output
is stored using a fixed-length array, and concatenating to that will cause a copy to be made. Instead, append each output of pkcs1._hash()
to a list, then return b''.join(thelist)
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch! Moved the whole thing to a joined generator solution
rsa/pkcs1_v2.py
Outdated
the output of the mask generation function, which in turn relies on the | ||
random nature of the underlying hash. | ||
|
||
:param seed: seed from which mask is generated, an octet string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Document parameter types using :type:
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found a compact syntax for this! http://www.sphinx-doc.org/en/stable/domains.html#info-field-lists
"""Tests PKCS #1 version 2 functionality. | ||
|
||
Most of the mocked values come from the test vectors found at: | ||
http://www.itomorrowmag.com/emc-plus/rsa-labs/standards-initiatives/pkcs-rsa-cryptography-standard.htm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
@sybrenstuvel ready to review! |
Implementation of the Mask Generation Function `MGF1` used in the OAEP encoding step. For more information, the MGF1 specification is at https://tools.ietf.org/html/rfc2437#section-10.2.1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks very good! I wish all programmers wrote such well-commented and well-motivated code ;-)
Sorry for the wait -- this code is good to go!
Implementation of the Mask Generation Function
MGF1
used in the OAEP encoding step.For more information, the MGF1 specification is at https://tools.ietf.org/html/rfc2437#section-10.2.1