Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
parsing of DSA keys from X.509 certificates
- Loading branch information
1 parent
b4f059a
commit 95e9881
Showing
7 changed files
with
260 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,6 +22,7 @@ | |
"python_aes", | ||
"python_rc4", | ||
"python_rsakey", | ||
"python_dsakey", | ||
"rc4", | ||
"rijndael", | ||
"rsakey", | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
|
||
|
||
"""Abstract class for DSA.""" | ||
|
||
from .cryptomath import secureHash | ||
|
||
|
||
class DSAKey(object): | ||
"""This is an abstract base class for ECDSA keys. | ||
Particular implementations of ECDSA keys, such as | ||
:py:class:`~.python_ecdsakey.Python_ECDSAKey` | ||
... more coming | ||
inherit from this. | ||
To create or parse an ECDSA key, don't use one of these classes | ||
directly. Instead, use the factory functions in | ||
:py:class:`~tlslite.utils.keyfactory`. | ||
""" | ||
|
||
def __init__(self, public_key, private_key): | ||
raise NotImplementedError() | ||
|
||
def __len__(self): | ||
raise NotImplementedError() | ||
|
||
def hasPrivateKey(self): | ||
raise NotImplementedError() | ||
|
||
def sign(self, data, hash_alg): | ||
raise NotImplementedError() | ||
|
||
def hashAndSign(self, data, hAlg): | ||
raise NotImplementedError() | ||
|
||
def verify(self, signature, hash_bytes): | ||
raise NotImplementedError() | ||
|
||
@staticmethod | ||
def generate(bits): | ||
raise NotImplementedError() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
from .dsakey import DSAKey | ||
from .cryptomath import * | ||
|
||
class Python_DSAKey(DSAKey): | ||
|
||
def __init__(self, p = 0, q = 0, g = 0, A = 0, a = 0): | ||
# TODO: add asserts | ||
self.p = p | ||
self.q = q | ||
self.g = g | ||
self.private_key = a | ||
self.public_key = A | ||
self.key_type = "dsa" | ||
|
||
|
||
def __len__(self): | ||
return numBits(self.public_key) | ||
|
||
def hasPrivateKey(self): | ||
return bool(self.private_key) | ||
|
||
@staticmethod | ||
def generate(L, N): | ||
# TODO: add asserts | ||
key = Python_DSAKey() | ||
(q,p) = Python_DSAKey.generate_qp(L, N) | ||
|
||
x = getRandomNumber(1, (p-1)) | ||
g = powMod(x,((p-1)/q),p) | ||
a = getRandomNumber(1,q-1) | ||
A = powMod(g, a, p) | ||
key.q = q | ||
key.p = p | ||
key.g = g | ||
key.private_key = a | ||
key.public_key = A | ||
return key | ||
|
||
@staticmethod | ||
def generate_qp(L, N): | ||
# TODO: optimize | ||
q = getRandomPrime(N) | ||
while True: | ||
p = getRandomPrime(L) | ||
if ((p-1) % q): | ||
break | ||
return (q, p) | ||
|
||
|
||
def hashAndSign(self, data, hAlg = "sha1"): | ||
# TODO: add assert for hash size < (q-1) constrain | ||
hashBytes = secureHash(bytearray(data), hAlg) | ||
k = getRandomNumber(1,(self.q-1)) | ||
r = powMod(self.g, k, self.p) % self.q | ||
s = ((k ** -1) * (bytesToNumber(hashBytes) + self.private_key * r)) % self.q | ||
print(r,s) | ||
return (r, s) | ||
|
||
def verify(self, signature, hash_bytes): | ||
raise NotImplementedError | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
|
||
try: | ||
import unittest2 as unittest | ||
except ImportError: | ||
import unittest | ||
|
||
try: | ||
import mock | ||
from mock import call | ||
except ImportError: | ||
import unittest.mock as mock | ||
from unittest.mock import call | ||
|
||
from tlslite.utils.python_key import Python_Key | ||
from tlslite.utils.python_dsakey import Python_DSAKey | ||
|
||
class TestDSAKey(unittest.TestCase): | ||
@classmethod | ||
def setUpClass(cls): | ||
# TODO: probably change the size for faster testing | ||
cls.key = Python_DSAKey(p=283, q = 47, g = 60, A = 158, a = 24) | ||
|
||
# sha1 signature of message 'some message to sign' | ||
cls.sha1_sig = \ | ||
bytearray(b'0E\x02!\x00\xf7Q\x97.\xcfv\x03\xf0\xff,^\xb9' | ||
b'\nZ\xbd\x0e\xaaf\xf2]\xe0\xb0\x91\xa6cY\xa9\xff' | ||
b'{@\x18\xc8\x02 <\x80\x1a\xfa\x14\xd2\\\x02\xfe' | ||
b'\x1a\xb7\x07X\xba\xd8`\xd4\x1d\xa9\x9cm\xc7\xcd' | ||
b'\x11\xbb\x1b\xd1A\xcdO\xa2?') | ||
|
||
def test_parse_from_pem(self): | ||
# TODO: change the bit size from 2048 to smaller? | ||
key = ( | ||
"-----BEGIN DSA PRIVATE KEY-----\n" | ||
"MIIBvQIBAAKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR\n" | ||
"+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb\n" | ||
"+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdg\n" | ||
"UI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlX\n" | ||
"TAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj\n" | ||
"rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQB\n" | ||
"TDv+z0kqAoGBAISYj2hobCdcblJ3nDyVJ99CLlWJIkm3kZBpBsA0RQ2q2sKRWM7L\n" | ||
"HgLUgKgX02slDEp2LkJg0H1ccuzUbphcFRP3iqY88mK74R9evDM2tani3NCA/ZLK\n" | ||
"GI58gJqqNmdoDd6nKIrz0NarBinR0j3UTfXncRdkCwVLFa88FhmXGR19AhUAjuz0\n" | ||
"M8NFitlfzW/FpFUWV7hYfRs=\n" | ||
"-----END DSA PRIVATE KEY-----") | ||
|
||
parsed_key = Python_Key.parsePEM(key) | ||
self.assertIsInstance(parsed_key, Python_DSAKey) | ||
self.assertTrue(parsed_key.hasPrivateKey()) | ||
|
||
def test_generate(self): | ||
key = Python_DSAKey.generate(1024, 160) | ||
self.assertIsInstance(key, Python_DSAKey) | ||
self.assertTrue(key.hasPrivateKey()) | ||
# TODO: test length | ||
|
||
def test_sign_default(self): | ||
msg = b"some message to sign" | ||
|
||
sig = self.key.hashAndSign(msg) | ||
|