Blame - src/devtools/packer/mt2735/test_pkcs1_pss_mytest.py - T103

rjw

1f88458

2022-01-06 17:20:42 +0800

[diff] [blame^]

1

# -*- coding: utf-8 -*-

2

#

3

# SelfTest/Signature/test_pkcs1_pss.py: Self-test for PKCS#1 PSS signatures

4

#

5

# ===================================================================

6

# The contents of this file are dedicated to the public domain. To

7

# the extent that dedication to the public domain is not available,

8

# everyone is granted a worldwide, perpetual, royalty-free,

9

# non-exclusive license to exercise all rights associated with the

10

# contents of this file for any purpose whatsoever.

11

# No rights are reserved.

12

#

13

# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

14

# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

15

# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

16

# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS

17

# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

18

# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN

19

# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

20

# SOFTWARE.

21

# ===================================================================

22

23

from __future__ import nested_scopes

24

25

__revision__ = "$Id$"

import unittest

from Crypto.PublicKey import RSA

30

from Crypto import Random

31

from Crypto.SelfTest.st_common import list_test_cases, a2b_hex, b2a_hex

32

from Crypto.Hash import *

33

from Crypto.Signature import PKCS1_PSS as PKCS

34

from Crypto.Util.py3compat import *

def isStr(s):

t = ''

try:

t += s

except TypeError:

return 0

return 1

def rws(t):

"""Remove white spaces, tabs, and new lines from a string"""

46

for c in ['\t', '\n', ' ']:

t = t.replace(c,'')

return t

def t2b(t):

"""Convert a text string with bytes in hex form to a byte string"""

52

clean = b(rws(t))

53

if len(clean)%2 == 1:

54

raise ValueError("Even number of characters expected")

55

return a2b_hex(clean)

# dump str to bytes

def rsa_dump(data):

print("-----------pss_mytest dump:----------")

60

for i in range(0, len(data)):

61

print ("0x%02x,"%ord(data[i])),

62

if(((i+1)%16) == 0):

63

print("")

64

print("-----------pss_mytest dump end-----------")

65

66

# Helper class to count how many bytes have been requested

67

# from the key's private RNG, w/o counting those used for blinding

68

class MyKey:

69

def __init__(self, key):

self._key = key

self.n = key.n

self.asked = 0

def _randfunc(self, N):

74

self.asked += N

75

return self._key._randfunc(N)

76

def sign(self, m):

77

return self._key.sign(m)

78

def has_private(self):

79

return self._key.has_private()

80

def decrypt(self, m):

81

return self._key.decrypt(m)

82

def verify(self, m, p):

83

return self._key.verify(m, p)

84

def encrypt(self, m, p):

85

return self._key.encrypt(m, p)

86

87

class PKCS1_PSS_Tests(unittest.TestCase):

88

89

# List of tuples with test data for PKCS#1 PSS

90

# Each tuple is made up by:

91

# Item #0: dictionary with RSA key component, or key to import

92

# Item #1: data to hash and sign

93

# Item #2: signature of the data #1, done with the key #0,

94

# and salt #3 after hashing it with #4

95

# Item #3: salt

96

# Item #4: hash object generator

_testData = (

#

# From in pss-vect.txt to be found in

102

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''a2 ba 40 ee 07 e3 b2 bd 2f 02 ce 22 7f 36 a1 95

108

02 44 86 e4 9c 19 cb 41 bb bd fb ba 98 b2 2b 0e

109

57 7c 2e ea ff a2 0d 88 3a 76 e6 5e 39 4c 69 d4

110

b3 c0 5a 1e 8f ad da 27 ed b2 a4 2b c0 00 fe 88

111

8b 9b 32 c2 2d 15 ad d0 cd 76 b3 e7 93 6e 19 95

112

5b 22 0d d1 7d 4e a9 04 b1 ec 10 2b 2e 4d e7 75

113

12 22 aa 99 15 10 24 c7 cb 41 cc 5e a2 1d 00 ee

114

b4 1f 7c 80 08 34 d2 c6 e0 6b ce 3b ce 7e a9 a5''',

115

'e':'''01 00 01''',

116

# In the test vector, only p and q were given...

117

# d is computed offline as e^{-1} mod (p-1)(q-1)

118

'd':'''50e2c3e38d886110288dfc68a9533e7e12e27d2aa56

119

d2cdb3fb6efa990bcff29e1d2987fb711962860e7391b1ce01

120

ebadb9e812d2fbdfaf25df4ae26110a6d7a26f0b810f54875e

121

17dd5c9fb6d641761245b81e79f8c88f0e55a6dcd5f133abd3

122

5f8f4ec80adf1bf86277a582894cb6ebcd2162f1c7534f1f49

47b129151b71'''

},

# Data to sign

'''85 9e ef 2f d7 8a ca 00 30 8b dc 47 11 93 bf 55

128

bf 9d 78 db 8f 8a 67 2b 48 46 34 f3 c9 c2 6e 64

129

78 ae 10 26 0f e0 dd 8c 08 2e 53 a5 29 3a f2 17

130

3c d5 0c 6d 5d 35 4f eb f7 8b 26 02 1c 25 c0 27

131

12 e7 8c d4 69 4c 9f 46 97 77 e4 51 e7 f8 e9 e0

132

4c d3 73 9c 6b bf ed ae 48 7f b5 56 44 e9 ca 74

133

ff 77 a5 3c b7 29 80 2f 6e d4 a5 ff a8 ba 15 98

134

90 fc''',

135

# Signature

136

'''8d aa 62 7d 3d e7 59 5d 63 05 6c 7e c6 59 e5 44

137

06 f1 06 10 12 8b aa e8 21 c8 b2 a0 f3 93 6d 54

138

dc 3b dc e4 66 89 f6 b7 95 1b b1 8e 84 05 42 76

139

97 18 d5 71 5d 21 0d 85 ef bb 59 61 92 03 2c 42

140

be 4c 29 97 2c 85 62 75 eb 6d 5a 45 f0 5f 51 87

141

6f c6 74 3d ed dd 28 ca ec 9b b3 0e a9 9e 02 c3

142

48 82 69 60 4f e4 97 f7 4c cd 7c 7f ca 16 71 89

143

71 23 cb d3 0d ef 5d 54 a2 b5 53 6a d9 0a 74 7e''',

144

# Salt

145

'''e3 b5 d5 d0 02 c1 bc e5 0c 2b 65 ef 88 a1 88 d8

3b ce 7e 61''',

# Hash algorithm

SHA

),

#

# Example 1.1 to be found in

153

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''a5 6e 4a 0e 70 10 17 58 9a 51 87 dc 7e a8 41 d1

159

56 f2 ec 0e 36 ad 52 a4 4d fe b1 e6 1f 7a d9 91

160

d8 c5 10 56 ff ed b1 62 b4 c0 f2 83 a1 2a 88 a3

161

94 df f5 26 ab 72 91 cb b3 07 ce ab fc e0 b1 df

162

d5 cd 95 08 09 6d 5b 2b 8b 6d f5 d6 71 ef 63 77

163

c0 92 1c b2 3c 27 0a 70 e2 59 8e 6f f8 9d 19 f1

164

05 ac c2 d3 f0 cb 35 f2 92 80 e1 38 6b 6f 64 c4

165

ef 22 e1 e1 f2 0d 0c e8 cf fb 22 49 bd 9a 21 37''',

166

'e':'''01 00 01''',

167

'd':'''33 a5 04 2a 90 b2 7d 4f 54 51 ca 9b bb d0 b4 47

168

71 a1 01 af 88 43 40 ae f9 88 5f 2a 4b be 92 e8

169

94 a7 24 ac 3c 56 8c 8f 97 85 3a d0 7c 02 66 c8

170

c6 a3 ca 09 29 f1 e8 f1 12 31 88 44 29 fc 4d 9a

171

e5 5f ee 89 6a 10 ce 70 7c 3e d7 e7 34 e4 47 27

172

a3 95 74 50 1a 53 26 83 10 9c 2a ba ca ba 28 3c

173

31 b4 bd 2f 53 c3 ee 37 e3 52 ce e3 4f 9e 50 3b

174

d8 0c 06 22 ad 79 c6 dc ee 88 35 47 c6 a3 b3 25'''

175

},

176

# Message

177

'''cd c8 7d a2 23 d7 86 df 3b 45 e0 bb bc 72 13 26

178

d1 ee 2a f8 06 cc 31 54 75 cc 6f 0d 9c 66 e1 b6

179

23 71 d4 5c e2 39 2e 1a c9 28 44 c3 10 10 2f 15

180

6a 0d 8d 52 c1 f4 c4 0b a3 aa 65 09 57 86 cb 76

181

97 57 a6 56 3b a9 58 fe d0 bc c9 84 e8 b5 17 a3

182

d5 f5 15 b2 3b 8a 41 e7 4a a8 67 69 3f 90 df b0

183

61 a6 e8 6d fa ae e6 44 72 c0 0e 5f 20 94 57 29

184

cb eb e7 7f 06 ce 78 e0 8f 40 98 fb a4 1f 9d 61

185

93 c0 31 7e 8b 60 d4 b6 08 4a cb 42 d2 9e 38 08

186

a3 bc 37 2d 85 e3 31 17 0f cb f7 cc 72 d0 b7 1c

187

29 66 48 b3 a4 d1 0f 41 62 95 d0 80 7a a6 25 ca

188

b2 74 4f d9 ea 8f d2 23 c4 25 37 02 98 28 bd 16

189

be 02 54 6f 13 0f d2 e3 3b 93 6d 26 76 e0 8a ed

190

1b 73 31 8b 75 0a 01 67 d0''',

191

# Signature

192

'''90 74 30 8f b5 98 e9 70 1b 22 94 38 8e 52 f9 71

193

fa ac 2b 60 a5 14 5a f1 85 df 52 87 b5 ed 28 87

194

e5 7c e7 fd 44 dc 86 34 e4 07 c8 e0 e4 36 0b c2

195

26 f3 ec 22 7f 9d 9e 54 63 8e 8d 31 f5 05 12 15

196

df 6e bb 9c 2f 95 79 aa 77 59 8a 38 f9 14 b5 b9

197

c1 bd 83 c4 e2 f9 f3 82 a0 d0 aa 35 42 ff ee 65

198

98 4a 60 1b c6 9e b2 8d eb 27 dc a1 2c 82 c2 d4

199

c3 f6 6c d5 00 f1 ff 2b 99 4d 8a 4e 30 cb b3 3c''',

200

# Salt

201

'''de e9 59 c7 e0 64 11 36 14 20 ff 80 18 5e d5 7f

3e 67 76 af''',

# Hash

SHA

),

#

# Example 1.2 to be found in

209

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''a5 6e 4a 0e 70 10 17 58 9a 51 87 dc 7e a8 41 d1

215

56 f2 ec 0e 36 ad 52 a4 4d fe b1 e6 1f 7a d9 91

216

d8 c5 10 56 ff ed b1 62 b4 c0 f2 83 a1 2a 88 a3

217

94 df f5 26 ab 72 91 cb b3 07 ce ab fc e0 b1 df

218

d5 cd 95 08 09 6d 5b 2b 8b 6d f5 d6 71 ef 63 77

219

c0 92 1c b2 3c 27 0a 70 e2 59 8e 6f f8 9d 19 f1

220

05 ac c2 d3 f0 cb 35 f2 92 80 e1 38 6b 6f 64 c4

221

ef 22 e1 e1 f2 0d 0c e8 cf fb 22 49 bd 9a 21 37''',

222

'e':'''01 00 01''',

223

'd':'''33 a5 04 2a 90 b2 7d 4f 54 51 ca 9b bb d0 b4 47

224

71 a1 01 af 88 43 40 ae f9 88 5f 2a 4b be 92 e8

225

94 a7 24 ac 3c 56 8c 8f 97 85 3a d0 7c 02 66 c8

226

c6 a3 ca 09 29 f1 e8 f1 12 31 88 44 29 fc 4d 9a

227

e5 5f ee 89 6a 10 ce 70 7c 3e d7 e7 34 e4 47 27

228

a3 95 74 50 1a 53 26 83 10 9c 2a ba ca ba 28 3c

229

31 b4 bd 2f 53 c3 ee 37 e3 52 ce e3 4f 9e 50 3b

230

d8 0c 06 22 ad 79 c6 dc ee 88 35 47 c6 a3 b3 25'''

231

},

232

# Message

233

'''85 13 84 cd fe 81 9c 22 ed 6c 4c cb 30 da eb 5c

234

f0 59 bc 8e 11 66 b7 e3 53 0c 4c 23 3e 2b 5f 8f

235

71 a1 cc a5 82 d4 3e cc 72 b1 bc a1 6d fc 70 13

236

22 6b 9e''',

237

# Signature

238

'''3e f7 f4 6e 83 1b f9 2b 32 27 41 42 a5 85 ff ce

239

fb dc a7 b3 2a e9 0d 10 fb 0f 0c 72 99 84 f0 4e

240

f2 9a 9d f0 78 07 75 ce 43 73 9b 97 83 83 90 db

241

0a 55 05 e6 3d e9 27 02 8d 9d 29 b2 19 ca 2c 45

242

17 83 25 58 a5 5d 69 4a 6d 25 b9 da b6 60 03 c4

243

cc cd 90 78 02 19 3b e5 17 0d 26 14 7d 37 b9 35

244

90 24 1b e5 1c 25 05 5f 47 ef 62 75 2c fb e2 14

245

18 fa fe 98 c2 2c 4d 4d 47 72 4f db 56 69 e8 43''',

246

# Salt

247

'''ef 28 69 fa 40 c3 46 cb 18 3d ab 3d 7b ff c9 8f

d5 6d f4 2d''',

# Hash

SHA

),

#

# Example 2.1 to be found in

255

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''01 d4 0c 1b cf 97 a6 8a e7 cd bd 8a 7b f3 e3 4f

261

a1 9d cc a4 ef 75 a4 74 54 37 5f 94 51 4d 88 fe

262

d0 06 fb 82 9f 84 19 ff 87 d6 31 5d a6 8a 1f f3

263

a0 93 8e 9a bb 34 64 01 1c 30 3a d9 91 99 cf 0c

264

7c 7a 8b 47 7d ce 82 9e 88 44 f6 25 b1 15 e5 e9

265

c4 a5 9c f8 f8 11 3b 68 34 33 6a 2f d2 68 9b 47

266

2c bb 5e 5c ab e6 74 35 0c 59 b6 c1 7e 17 68 74

267

fb 42 f8 fc 3d 17 6a 01 7e dc 61 fd 32 6c 4b 33

268

c9''',

269

'e':'''01 00 01''',

270

'd':'''02 7d 14 7e 46 73 05 73 77 fd 1e a2 01 56 57 72

271

17 6a 7d c3 83 58 d3 76 04 56 85 a2 e7 87 c2 3c

272

15 57 6b c1 6b 9f 44 44 02 d6 bf c5 d9 8a 3e 88

273

ea 13 ef 67 c3 53 ec a0 c0 dd ba 92 55 bd 7b 8b

274

b5 0a 64 4a fd fd 1d d5 16 95 b2 52 d2 2e 73 18

275

d1 b6 68 7a 1c 10 ff 75 54 5f 3d b0 fe 60 2d 5f

276

2b 7f 29 4e 36 01 ea b7 b9 d1 ce cd 76 7f 64 69

277

2e 3e 53 6c a2 84 6c b0 c2 dd 48 6a 39 fa 75 b1'''

278

},

279

# Message

280

'''da ba 03 20 66 26 3f ae db 65 98 48 11 52 78 a5

281

2c 44 fa a3 a7 6f 37 51 5e d3 36 32 10 72 c4 0a

282

9d 9b 53 bc 05 01 40 78 ad f5 20 87 51 46 aa e7

283

0f f0 60 22 6d cb 7b 1f 1f c2 7e 93 60''',

284

# Signature

285

'''01 4c 5b a5 33 83 28 cc c6 e7 a9 0b f1 c0 ab 3f

286

d6 06 ff 47 96 d3 c1 2e 4b 63 9e d9 13 6a 5f ec

287

6c 16 d8 88 4b dd 99 cf dc 52 14 56 b0 74 2b 73

288

68 68 cf 90 de 09 9a db 8d 5f fd 1d ef f3 9b a4

289

00 7a b7 46 ce fd b2 2d 7d f0 e2 25 f5 46 27 dc

290

65 46 61 31 72 1b 90 af 44 53 63 a8 35 8b 9f 60

291

76 42 f7 8f ab 0a b0 f4 3b 71 68 d6 4b ae 70 d8

292

82 78 48 d8 ef 1e 42 1c 57 54 dd f4 2c 25 89 b5

293

b3''',

294

# Salt

295

'''57 bf 16 0b cb 02 bb 1d c7 28 0c f0 45 85 30 b7

d2 83 2f f7''',

SHA

),

#

# Example 8.1 to be found in

302

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''49 53 70 a1 fb 18 54 3c 16 d3 63 1e 31 63 25 5d

308

f6 2b e6 ee e8 90 d5 f2 55 09 e4 f7 78 a8 ea 6f

309

bb bc df 85 df f6 4e 0d 97 20 03 ab 36 81 fb ba

310

6d d4 1f d5 41 82 9b 2e 58 2d e9 f2 a4 a4 e0 a2

311

d0 90 0b ef 47 53 db 3c ee 0e e0 6c 7d fa e8 b1

312

d5 3b 59 53 21 8f 9c ce ea 69 5b 08 66 8e de aa

313

dc ed 94 63 b1 d7 90 d5 eb f2 7e 91 15 b4 6c ad

314

4d 9a 2b 8e fa b0 56 1b 08 10 34 47 39 ad a0 73

315

3f''',

316

'e':'''01 00 01''',

317

'd':'''6c 66 ff e9 89 80 c3 8f cd ea b5 15 98 98 83 61

318

65 f4 b4 b8 17 c4 f6 a8 d4 86 ee 4e a9 13 0f e9

319

b9 09 2b d1 36 d1 84 f9 5f 50 4a 60 7e ac 56 58

320

46 d2 fd d6 59 7a 89 67 c7 39 6e f9 5a 6e ee bb

321

45 78 a6 43 96 6d ca 4d 8e e3 de 84 2d e6 32 79

322

c6 18 15 9c 1a b5 4a 89 43 7b 6a 61 20 e4 93 0a

323

fb 52 a4 ba 6c ed 8a 49 47 ac 64 b3 0a 34 97 cb

324

e7 01 c2 d6 26 6d 51 72 19 ad 0e c6 d3 47 db e9'''

325

},

326

# Message

327

'''81 33 2f 4b e6 29 48 41 5e a1 d8 99 79 2e ea cf

328

6c 6e 1d b1 da 8b e1 3b 5c ea 41 db 2f ed 46 70

329

92 e1 ff 39 89 14 c7 14 25 97 75 f5 95 f8 54 7f

330

73 56 92 a5 75 e6 92 3a f7 8f 22 c6 99 7d db 90

331

fb 6f 72 d7 bb 0d d5 74 4a 31 de cd 3d c3 68 58

332

49 83 6e d3 4a ec 59 63 04 ad 11 84 3c 4f 88 48

333

9f 20 97 35 f5 fb 7f da f7 ce c8 ad dc 58 18 16

334

8f 88 0a cb f4 90 d5 10 05 b7 a8 e8 4e 43 e5 42

335

87 97 75 71 dd 99 ee a4 b1 61 eb 2d f1 f5 10 8f

336

12 a4 14 2a 83 32 2e db 05 a7 54 87 a3 43 5c 9a

337

78 ce 53 ed 93 bc 55 08 57 d7 a9 fb''',

338

# Signature

339

'''02 62 ac 25 4b fa 77 f3 c1 ac a2 2c 51 79 f8 f0

340

40 42 2b 3c 5b af d4 0a 8f 21 cf 0f a5 a6 67 cc

341

d5 99 3d 42 db af b4 09 c5 20 e2 5f ce 2b 1e e1

342

e7 16 57 7f 1e fa 17 f3 da 28 05 2f 40 f0 41 9b

343

23 10 6d 78 45 aa f0 11 25 b6 98 e7 a4 df e9 2d

344

39 67 bb 00 c4 d0 d3 5b a3 55 2a b9 a8 b3 ee f0

345

7c 7f ec db c5 42 4a c4 db 1e 20 cb 37 d0 b2 74

346

47 69 94 0e a9 07 e1 7f bb ca 67 3b 20 52 23 80

347

c5''',

348

# Salt

349

'''1d 65 49 1d 79 c8 64 b3 73 00 9b e6 f6 f2 46 7b

ac 4c 78 fa''',

SHA

)

)

def testSign1(self):

for i in range(len(self._testData)):

357

# Build the key

358

comps = [ long(rws(self._testData[i][0][x]),16) for x in ('n','e','d') ]

359

key = MyKey(RSA.construct(comps))

360

# Hash function

361

h = self._testData[i][4].new()

362

# Data to sign

363

h.update(t2b(self._testData[i][1]))

364

# Salt

365

test_salt = t2b(self._testData[i][3])

366

key._randfunc = lambda N: test_salt

367

# The real test

368

signer = PKCS.new(key)

369

self.failUnless(signer.can_sign())

370

s = signer.sign(h)

371

self.assertEqual(s, t2b(self._testData[i][2]))

372

373

def testVerify1(self):

374

for i in range(len(self._testData)):

375

# Build the key

376

comps = [ long(rws(self._testData[i][0][x]),16) for x in ('n','e') ]

377

key = MyKey(RSA.construct(comps))

378

# Hash function

379

h = self._testData[i][4].new()

380

# Data to sign

381

h.update(t2b(self._testData[i][1]))

382

# Salt

383

test_salt = t2b(self._testData[i][3])

384

# The real test

385

key._randfunc = lambda N: test_salt

386

verifier = PKCS.new(key)

387

self.failIf(verifier.can_sign())

388

result = verifier.verify(h, t2b(self._testData[i][2]))

389

self.failUnless(result)

390

391

def testSignVerify(self):

392

h = SHA.new()

393

h.update(b('blah blah blah'))

394

395

rng = Random.new().read

396

key = MyKey(RSA.generate(1024,rng))

397

398

# Helper function to monitor what's request from MGF

399

global mgfcalls

400

def newMGF(seed,maskLen):

401

global mgfcalls

402

mgfcalls += 1

403

return bchr(0x00)*maskLen

404

405

# Verify that PSS is friendly to all ciphers

406

for hashmod in (MD2,MD5,SHA,SHA224,SHA256,SHA384,RIPEMD):

407

h = hashmod.new()

408

h.update(b('blah blah blah'))

409

410

# Verify that sign() asks for as many random bytes

411

# as the hash output size

412

key.asked = 0

413

signer = PKCS.new(key)

414

s = signer.sign(h)

415

self.failUnless(signer.verify(h, s))

416

self.assertEqual(key.asked, h.digest_size)

417

418

h = SHA.new()

419

h.update(b('blah blah blah'))

420

421

# Verify that sign() uses a different salt length

422

for sLen in (0,3,21):

423

key.asked = 0

424

signer = PKCS.new(key, saltLen=sLen)

425

s = signer.sign(h)

426

self.assertEqual(key.asked, sLen)

427

self.failUnless(signer.verify(h, s))

428

429

# Verify that sign() uses the custom MGF

430

mgfcalls = 0

431

signer = PKCS.new(key, newMGF)

432

s = signer.sign(h)

433

self.assertEqual(mgfcalls, 1)

434

self.failUnless(signer.verify(h, s))

435

436

# Verify that sign() does not call the RNG

437

# when salt length is 0, even when a new MGF is provided

438

key.asked = 0

439

mgfcalls = 0

440

signer = PKCS.new(key, newMGF, 0)

441

s = signer.sign(h)

442

self.assertEqual(key.asked,0)

443

self.assertEqual(mgfcalls, 1)

444

self.failUnless(signer.verify(h, s))

445

446

447

class testSign1_mytest():

448

449

# List of tuples with test data for PKCS#1 PSS

450

# Each tuple is made up by:

451

# Item #0: dictionary with RSA key component, or key to import

452

# Item #1: data to hash and sign

453

# Item #2: signature of the data #1, done with the key #0,

454

# and salt #3 after hashing it with #4

455

# Item #3: salt

456

# Item #4: hash object generator

457

458

def __init__(self, rsa_parse, msg):

_testData = (

#

# From in pss-vect.txt to be found in

463

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''a2 ba 40 ee 07 e3 b2 bd 2f 02 ce 22 7f 36 a1 95

469

02 44 86 e4 9c 19 cb 41 bb bd fb ba 98 b2 2b 0e

470

57 7c 2e ea ff a2 0d 88 3a 76 e6 5e 39 4c 69 d4

471

b3 c0 5a 1e 8f ad da 27 ed b2 a4 2b c0 00 fe 88

472

8b 9b 32 c2 2d 15 ad d0 cd 76 b3 e7 93 6e 19 95

473

5b 22 0d d1 7d 4e a9 04 b1 ec 10 2b 2e 4d e7 75

474

12 22 aa 99 15 10 24 c7 cb 41 cc 5e a2 1d 00 ee

475

b4 1f 7c 80 08 34 d2 c6 e0 6b ce 3b ce 7e a9 a5''',

476

'e':'''01 00 01''',

477

# In the test vector, only p and q were given...

478

# d is computed offline as e^{-1} mod (p-1)(q-1)

479

'd':'''50e2c3e38d886110288dfc68a9533e7e12e27d2aa56

480

d2cdb3fb6efa990bcff29e1d2987fb711962860e7391b1ce01

481

ebadb9e812d2fbdfaf25df4ae26110a6d7a26f0b810f54875e

482

17dd5c9fb6d641761245b81e79f8c88f0e55a6dcd5f133abd3

483

5f8f4ec80adf1bf86277a582894cb6ebcd2162f1c7534f1f49

47b129151b71'''

},

# Data to sign

'''85 9e ef 2f d7 8a ca 00 30 8b dc 47 11 93 bf 55

489

bf 9d 78 db 8f 8a 67 2b 48 46 34 f3 c9 c2 6e 64

490

78 ae 10 26 0f e0 dd 8c 08 2e 53 a5 29 3a f2 17

491

3c d5 0c 6d 5d 35 4f eb f7 8b 26 02 1c 25 c0 27

492

12 e7 8c d4 69 4c 9f 46 97 77 e4 51 e7 f8 e9 e0

493

4c d3 73 9c 6b bf ed ae 48 7f b5 56 44 e9 ca 74

494

ff 77 a5 3c b7 29 80 2f 6e d4 a5 ff a8 ba 15 98

495

90 fc''',

496

# Signature

497

'''8d aa 62 7d 3d e7 59 5d 63 05 6c 7e c6 59 e5 44

498

06 f1 06 10 12 8b aa e8 21 c8 b2 a0 f3 93 6d 54

499

dc 3b dc e4 66 89 f6 b7 95 1b b1 8e 84 05 42 76

500

97 18 d5 71 5d 21 0d 85 ef bb 59 61 92 03 2c 42

501

be 4c 29 97 2c 85 62 75 eb 6d 5a 45 f0 5f 51 87

502

6f c6 74 3d ed dd 28 ca ec 9b b3 0e a9 9e 02 c3

503

48 82 69 60 4f e4 97 f7 4c cd 7c 7f ca 16 71 89

504

71 23 cb d3 0d ef 5d 54 a2 b5 53 6a d9 0a 74 7e''',

505

# Salt

506

'''e3 b5 d5 d0 02 c1 bc e5 0c 2b 65 ef 88 a1 88 d8

3b ce 7e 61''',

# Hash algorithm

SHA

),

#

# Example 1.1 to be found in

514

# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip

#

(

# Private key

{

'n':'''a5 6e 4a 0e 70 10 17 58 9a 51 87 dc 7e a8 41 d1

520

56 f2 ec 0e 36 ad 52 a4 4d fe b1 e6 1f 7a d9 91

521

d8 c5 10 56 ff ed b1 62 b4 c0 f2 83 a1 2a 88 a3

522

94 df f5 26 ab 72 91 cb b3 07 ce ab fc e0 b1 df

523

d5 cd 95 08 09 6d 5b 2b 8b 6d f5 d6 71 ef 63 77

524

c0 92 1c b2 3c 27 0a 70 e2 59 8e 6f f8 9d 19 f1

525

05 ac c2 d3 f0 cb 35 f2 92 80 e1 38 6b 6f 64 c4

526

ef 22 e1 e1 f2 0d 0c e8 cf fb 22 49 bd 9a 21 37''',

527

'e':'''01 00 01''',

528

'd':'''33 a5 04 2a 90 b2 7d 4f 54 51 ca 9b bb d0 b4 47

529

71 a1 01 af 88 43 40 ae f9 88 5f 2a 4b be 92 e8

530

94 a7 24 ac 3c 56 8c 8f 97 85 3a d0 7c 02 66 c8

531

c6 a3 ca 09 29 f1 e8 f1 12 31 88 44 29 fc 4d 9a

532

e5 5f ee 89 6a 10 ce 70 7c 3e d7 e7 34 e4 47 27

533

a3 95 74 50 1a 53 26 83 10 9c 2a ba ca ba 28 3c

534

31 b4 bd 2f 53 c3 ee 37 e3 52 ce e3 4f 9e 50 3b

535

d8 0c 06 22 ad 79 c6 dc ee 88 35 47 c6 a3 b3 25'''

536

},

537

# Message

538

'''cd c8 7d a2 23 d7 86 df 3b 45 e0 bb bc 72 13 26

539

d1 ee 2a f8 06 cc 31 54 75 cc 6f 0d 9c 66 e1 b6

540

23 71 d4 5c e2 39 2e 1a c9 28 44 c3 10 10 2f 15

541

6a 0d 8d 52 c1 f4 c4 0b a3 aa 65 09 57 86 cb 76

542

97 57 a6 56 3b a9 58 fe d0 bc c9 84 e8 b5 17 a3

543

d5 f5 15 b2 3b 8a 41 e7 4a a8 67 69 3f 90 df b0

544

61 a6 e8 6d fa ae e6 44 72 c0 0e 5f 20 94 57 29

545

cb eb e7 7f 06 ce 78 e0 8f 40 98 fb a4 1f 9d 61

546

93 c0 31 7e 8b 60 d4 b6 08 4a cb 42 d2 9e 38 08

547

a3 bc 37 2d 85 e3 31 17 0f cb f7 cc 72 d0 b7 1c

548

29 66 48 b3 a4 d1 0f 41 62 95 d0 80 7a a6 25 ca

549

b2 74 4f d9 ea 8f d2 23 c4 25 37 02 98 28 bd 16

550

be 02 54 6f 13 0f d2 e3 3b 93 6d 26 76 e0 8a ed

551

1b 73 31 8b 75 0a 01 67 d0''',

552

# Signature

553

'''90 74 30 8f b5 98 e9 70 1b 22 94 38 8e 52 f9 71

554

fa ac 2b 60 a5 14 5a f1 85 df 52 87 b5 ed 28 87

555

e5 7c e7 fd 44 dc 86 34 e4 07 c8 e0 e4 36 0b c2

556

26 f3 ec 22 7f 9d 9e 54 63 8e 8d 31 f5 05 12 15

557

df 6e bb 9c 2f 95 79 aa 77 59 8a 38 f9 14 b5 b9

558

c1 bd 83 c4 e2 f9 f3 82 a0 d0 aa 35 42 ff ee 65

559

98 4a 60 1b c6 9e b2 8d eb 27 dc a1 2c 82 c2 d4

560

c3 f6 6c d5 00 f1 ff 2b 99 4d 8a 4e 30 cb b3 3c''',

561

# Salt

562

'''de e9 59 c7 e0 64 11 36 14 20 ff 80 18 5e d5 7f

3e 67 76 af''',

# Hash

SHA

),

(

# Private key

"""-----BEGIN RSA PRIVATE KEY-----

571

MIICXQIBAAKBgQC1OZn2ExXQ5z/1XhBomiy7j6YGQU7EuBXcvnvizU6fGkdcLWKA

572

MBQJxHOnCJwUSvCecea58P4WSDaAGk/Rbd3y1b1Akr7ilcpW+l0ymfF95pBIMBt1

573

gXDaHtaM1GgR4H0FisR68fHm2LDMNdGdVdGz3vqpUBboVx7fmLyEAxswuQIDAQAB

574

AoGBAKkGWW/mqxFVrhSnL/yv14r0VvA8lz/pRhLF4vxNasgAFZCGj/lpXjch8JBY

575

+mH+51+Qcpb4i7OylIp0f/+gTkGuSAYPYwzwqG3ALwAF4Z5i8qKmklQtEJ+9p7lu

576

POivMzla4Qx7bvBp+Bq4/8lyg5o+D279MN68455wub516+7RAkEAz+InzJO8H8lN

577

OKpysNCPx9WQNkpMLODRlOYxDg6/QiHNBshT+Kd8tU9xT8fqPWCybfrYNKDWEahz

578

C/QVPWR5JQJBAN8r1qZo0KWvOay81ogC6aLoLauJX6UHuhxN1U1cS/AjdSJezWZp

579

L3zmS9iSJbTyojzwGTly6e+2kGHYafLwlwUCQGD+Ujd/jrz9/Yu863pYNV215W2P

580

SO9/jgn9RVIby10dzD2n5pYT/3nRMTtaOY6duWLbMVmM2ZSvlc4z+l0ErgkCQA8F

581

SVY7+ccdCxm4QAw5ffYsAF7qSRi3c2xSRMgHLUlFaa3diZ+Z9stGSNaTx5vtNMQ7

582

OMdoF5y9wewD/+WNEe0CQQCPXCxOab5++0AB25wqwP2Zk/nFiNznd7+Rk/TIS4c+

583

+C8/NPfkYJD7aNcpflFvyeLAWJgtSs+ebVHYpEZpUnY5

584

-----END RSA PRIVATE KEY-----""",

# Data to sign

"abc",

# Signature

'''7e a9 02 59 20 eb a1 b1 67 99 56 44 72 88 00 3d

589

11 4a 3d 16 40 d2 77 6b 60 62 06 b6 19 f0 7e de

590

52 93 0d d9 74 25 44 fd b3 4f 5c cf fb b7 98 34

591

ae ad e3 9e 79 93 fc 5f 4b 48 d0 08 95 c4 66 5e

592

d5 17 7a 5b 05 a2 7e fb 21 72 68 12 f7 6d 3b fe

593

97 30 81 c5 75 de e4 26 6c d6 d8 28 0b ae 33 a0

594

f6 9d f0 23 2f f7 12 0b 40 a3 37 7d 25 bf 60 c9

595

84 d4 19 27 61 27 f6 a0 62 8b 52 32 26 9a 0c 77''',

596

# Salt

597

'''25 5a 3c e4 34 ae e1 41 09 a5 96 f6 a6 7e 34 b6

598

8e 56 3f 2d 92 07 41 55 f3 e4 a5 9e 47 98 d2 e4''',

# Hash algorithm

SHA256

),

(

# Private key

"""-----BEGIN RSA PRIVATE KEY-----

606

MIIJKwIBAAKCAgEA3zT2hUJNVJPMixm5F6GJl1oNIVPyV3AlcSmSdHkpPZH9LuRd

607

NEQ1Yv5PuHSFw8PSKmySg+5uMeZudconbCOAoF2pnHgMAw2unm4wc7GJf//E/k7f

608

UwCG6VD/8aO2U0Fkiwo5XpbSe91fmtqXAsyoqBvAsJAdGGGtede7httEa/PhHf2R

609

qzzDdyx5VUnZm4IolN7Q25J730L5mOlkwOzH0uuE7zlnwDnMV6sbsFopwiyI012l

610

Tmj0gIVC2nTCRiJxctRT7Hxiqtq+/PR1rLTzN/80uhN0nHGkHJKHtyJRojjkkwPR

611

1QugU3A5P569i6ZvncOYq7o5gpaPzmaR7el1h7z057oIiHPo+bSfhhnN8Lc1qo0D

612

BNkKhxLuC3W8yd0nndGzNYAKK1VCxL06zYIyyokrx/Q1+RSkKcvmcJcHVQRkSlh9

613

QSyoUTCGdVRcOugP1wXoPkAFFfjep8+xLNnS61Rb58O+P7Jr/0970eMz0ZlM16aq

614

P3jpyBy16vv/EVPsBcQR29W4Xl7ngJzXIXpWG8YKZ2n9zTOVhXQgdEevUhREIE8o

615

fsKA8NnAsKbaKixplR86HXCE3fLiJxICDHHfXDRxsAyDCAav7u1I6P0Z8MVaQWGx

616

XApyljlViaV1xDKgqhfMqKA488Butza5RV9/rJjDtcl/ANK5yza7tlSKYr0CAwEA

617

AQKCAgEAnrz71Smh9VRnU0Wn7LZlM85HKDybTLPk7OWz0kGYosEAXijqYBFiJlTW

618

PUghGWhaPvGYAVu/4p0OUZbDEpTtFR+HUE/Puxwv41xZ+O157B3p6zIMgOsPBz8j

619

xqW3NN58sqVCx5Jbftug8nAilUsXZvbVwru69WwCA3T5WJ73ug5nOvzqa+161XY7

620

k/xBVebrFXSg9IbosY7gE29oyAuc0NPOZpNcxchVGsQFnRWCPSWO6ULgHTNnLz+W

621

m+YNg/Na219FkBml0fxfd2Yjif/mORy2Ut8jP19SZz+OZR9zDvuHE0bUI79w9eYJ

622

0MUD6B0lo/1GxlpaLBUHkLJBdgFiIyJ6kbt0ol0TAL6oHxvK/m/6K8hKmlnsyf2J

623

OJV4ijzWotP9Ogwb2ZoXncRvD8m28MAYXbLOVVJEEWqxaGFti62CR7dDAZ3dNg8t

624

IotGC1OlYJlCuGIUvBQC9SHeaFCrRofEPKBJjpuYSpj1RmwR9LQIJLDg2xeiEMj8

625

3uiSZu81ygClaFaMwHiedV/gASSXYqhcVF9dvzvQ+M7oG8b7TLJ8MhWB+cUjA5we

626

Yq47uOSmW9wS1rid3YuHtsZEZ9wzXaaM8yX2ELlaJ3GiaMGB/ww/T0St8VEwdG9J

627

DKWWlcIFy2p1TlpA69G8nv7oI4Im3kLJlQa10/f44hQ7UaFOh8ECggEBAOb8rD+9

628

P1IGWPwbe1AG7U8PtbJs0g+jldJ/WIxG9T9hIhO5QTVBgQoSmBE6weedbO0EydVf

629

QIE1yJ8aRCukL5j5X1drXKJbbdC4z569aRPZwcRRdgQ3DbZImgK/JUwNaVwB6lMe

630

QLU84CXDPZAufakKKeBQvxXSJ+WqxlFh7adcRePwS70KtJuoLkP0/8AVIhZE79bj

631

pZxYBa7zD4UV9Dvyu0QWYnOVo29cCxgWiA61o8hZn0d5QFpe1fnuayNrzDNEttnb

632

8Mw7WhsbO7dAri7/SkCY16HyhWXXypEM6VcvdHSV5McqO+bo1Bnv1VPyPTLr38W/

633

8PlYB41DcJ8/HeMCggEBAPdgnOfZDRmByz8aKB6HJ6RM0tR837ak4KxVcXJ2RYPY

634

acF9ybS8rpE5LuP/lS2/qtHMT4aPqvNvPPl1gUw+mmrmzYLmhKgCyD0SiYqC1kH4

635

zlfODQTOe1ZdaGFbyIwrf8GhPPQmdiDqAzWsdIDv4WU/pJXlboAb4sTPVxSuGnAH

636

ZOHkWQRDBhjZp0ASMpNc+EgqBZ2MaKijxKuZQP9JX7Pi0Gzy6p2t0y03ZOUpL4QW

637

5RxET7Idr3jYua9Ckb9+Z+A/5xQE6XHv4BIwshW33Kdp147Jp3pUnwU/BWSKRo2a

638

cLFb5APcJxf17rzH17BzJ/wT/f/R5dqKqX0xDkXyXt8CggEBAKW+lRK/hxoid+Of

639

DKLl9Y6PpT88mpaiOTVsL2uo1v39guhIPCQstp01rmxejxjVe32vu+whhzWwFB8m

640

R9hQ3d6UwfcGkNfnZysoEcLEAww9aq6mDVsE7g/olKp34hlqXjmpHi06PhBOeEBg

641

kmJNGdob8uSEzDiqLfq8ycVH0bIPog7nNFGXxvUSfvBAcuuvvl/gY4D8pK9E8f8R

642

ZgeHM1N43ysCLO7nZvjXQRatxD9Z0wZGWOZ+eNDf0AahL7ug9EuteM9m5KiHxiZB

643

Kl5aSSJsCSnFAqWwUkw7xZzDeQQYhyXJEPpgsc8FLnzV/WtZHNTXMCDDk/Q3WGPj

644

CoMaVSUCggEBAO2hnjhNVXsaJo7QZpekx1zZ+3DpH9IIolaJoXgNywszGawoVFnN

645

IngYkUWtn7UZuFLey8n8OoCsa8tKqFEAlj94xRQosmfefFHGe99VfdJT2ouYQQNM

646

AkjdY8aab5TOuGPdqnryc2l8wmaN6kBtrnwfXdAsXDCuGPFsJz+TW4wgXjVssGIa

647

rEG02yf+Ex1iIpLX4xsL5QGSh/s7NafF6SwZBpSR6PRdJU37N223WZCumZnEuTXl

648

tEkHD6Ae93kXSVuupyCg80ti3UE8C+Y2/7zGPK5KYhpuLW/RsTF6bvnZ0MVe+zMG

649

CXvH4HTyF+zFQjSxU76p9/4uU1ASjp58i8sCggEBANdzShhwJnaxKW7e7hiLA5k1

650

G579ubQfDZy/UJOMeDzmrhpcVN5+cH5afFHMHQczzY0GkBkHz4zgN2euOY/Vh/RR

651

F+rwzwBisLKq2Oiwu5oPKLD5aIFxbOahzSI8N8Upk7J/pBGlFYeg/13bJtb1DrMV

652

tslxK8cJa2RFUesi2Jy9kz2bFaKIub8rSBCoXhLbccjZwV2W93oDOU44KnXauFvt

653

UJlFTRbTsf1YII46Zl4dFstWAb+R6DYHNU+xFpJpSVAeOW7R4i4pq7FKl1Xrr0nu

654

X7iTAH08FfZMzQxQ/jazDvc22rgMGbGuGkjHqFntiBsEkFDW9s3lMjrMy8xPcLk=

655

-----END RSA PRIVATE KEY-----""",

# Data to sign

"abc",

# Signature

'''70 1b 61 7e 96 cf b5 9e 59 af ed eb c2 b3 55 fd

660

64 c2 6c b4 c7 ad 62 19 af ed f3 b0 82 fa 1d e7

661

8f 6f 01 a1 74 67 48 9b a6 c0 ba 7f dc ce 91 49

662

7c da d3 d0 aa c8 e9 4d be 9f ea 1f 62 0e 11 55

663

4e 82 03 c3 fb 4a f4 ba d9 ab 08 e4 8f 07 ba f0

664

ed 5d 6e f7 8b 27 9d 08 dd b4 36 b5 3b 89 b2 e0

665

f3 43 b2 9b 4a e6 b1 03 b4 87 5d a9 58 3c 2b 6f

666

fa 22 0c 28 d9 28 7a b6 c4 7f 03 f0 21 55 d0 be

667

12 0a 8a e9 c5 3c e5 d2 6b e3 9a ce 92 87 e4 10

668

5f e0 66 db 46 66 e5 72 be b4 3c d1 8e cf 1a ea

669

ba 69 65 09 e9 a1 04 55 3c b5 92 87 57 97 00 cf

670

47 20 e8 8a df 93 18 6a cf 2b d3 af 55 8f 55 d5

671

78 a0 fa 27 e8 f5 f5 a6 3b b5 ec f1 c2 8d b5 f9

672

68 de ca b4 e2 4a 00 cd f5 19 47 8e 36 f4 0e 4f

673

5d 34 a3 ec 63 39 08 15 69 b2 83 6d f7 b0 99 3b

674

b0 bf 2b e6 ae 9a 60 5b 43 e4 18 18 ec be 09 ba

675

85 8a dc 77 75 cd c6 eb 98 d6 b0 9c de a4 d7 1a

676

df 2c 3f aa 7c 52 ff 3e 0f 87 20 2b dd 93 92 49

677

43 f8 b9 d4 8e de c5 3b 37 a5 ee 8c 68 cc 6d ff

678

c6 98 c6 af 00 b8 f4 bf b7 7f 51 b0 53 a5 68 fb

679

bf b2 62 57 2e cd 7c c0 0e cc 3e 69 3b a5 a2 bf

680

3f ad c6 1b 66 39 57 71 e3 b7 c8 20 b6 51 46 58

681

70 be 64 96 38 c4 e1 51 3b 63 68 3c 38 fb d4 b2

682

60 ed 0f 2e b5 cf 1e 2c 9c ec 7f b9 19 51 3b 4c

683

30 0d 74 a0 e6 f6 14 ea ff cd c5 2e 6a cd c2 f5

684

53 3b f4 64 1a 44 9e 16 64 d6 82 f5 7d 1a 47 00

685

51 04 90 1b 8e b7 91 d6 73 91 46 74 bd ea 08 86

686

41 e4 f5 e5 04 61 f8 bd a4 b7 56 6a 0b a2 b3 ee

687

00 f8 cc 04 28 36 de 99 05 2b e2 eb 92 ff 26 1d

688

db 29 5a 72 51 a4 b7 f7 ea 5c 27 53 68 0d 89 8c

689

1f 17 87 85 9c 1d 8d 42 b4 cb 42 49 c7 0c 1e df

690

e0 8e ee e3 1e 77 5d 16 5f 75 31 1c 5c af 3e 02

691

''',

692

# Salt

693

'''c8 e6 96 a2 a5 5b ab 2f eb b8 42 89 f8 de 0c 8d

694

8d 82 99 b8 25 b8 f2 35 73 2c 49 d4 d1 f3 04 4d''',

# Hash algorithm

SHA256

),

)

self._testData = _testData

701

self.rsa_parse = rsa_parse

702

self.msg = msg

703

704

def sign1_mytest(self):

705

for i in range(len(self._testData)):

706

print("Test vector[%d]" %i)

707

# Build the key

708

if isStr(self._testData[i][0]):

709

print("pem")

710

key = RSA.importKey(self._testData[i][0])

711

else:

712

comps = [ long(rws(self._testData[i][0][x]),16) for x in ('n','e','d') ]

713

key = MyKey(RSA.construct(comps))

714

# Hash function

715

h = self._testData[i][4].new()

# Data to sign

try:

print("try")

h.update(t2b(self._testData[i][1]))

720

except:

721

print("except")

722

h.update(b(self._testData[i][1]))

723

# Salt

724

test_salt = t2b(self._testData[i][3])

725

key._randfunc = lambda N: test_salt

726

# The real test

727

signer = PKCS.new(key)

728

t_flag = signer.can_sign()

729

if t_flag:

730

print("mytest: can sign")

731

else:

732

print("mytest: can't sign")

s = signer.sign(h)

print("salt:")

#rsa_dump(test_salt)

rsa_dump(key._randfunc(test_salt))

print("signature:")

rsa_dump(s)

if s == t2b(self._testData[i][2]):

741

print("[Pass] RSA PSS signature compare pass")

742

else:

743

print("[Fail] PSA PSS signature compare fail")

744

745

def sbc_rsa_sign1_json(self):

row = self.rsa_parse

# Build the key

if isStr(row[0]):

print("pem")

key = RSA.importKey(row[0])

751

else:

752

comps = [ long(rws(row[0][x]),16) for x in ('n','e','d') ]

753

key = MyKey(RSA.construct(comps))

# Hash function

if(row[4] == "SHA"):

h = SHA.new()

elif(row[4] == "SHA256"):

758

h = SHA256.new()

759

elif(row[4] == "SHA384"):

760

h = SHA384.new()

761

elif(row[4] == "SHA512"):

h = SHA512.new()

else:

h = SHA256.new()

# Data to sign

if(row[5] == 1):

try:

print("try")

h.update(t2b(row[1]))

except:

print("except")

h.update(b(row[1]))

else:

h.update(self.msg)

rsa_dump(h.digest())

# Salt

test_salt = t2b(row[3])

779

key._randfunc = lambda N: test_salt

780

# The real test

781

signer = PKCS.new(key)

782

t_flag = signer.can_sign()

783

if t_flag:

784

print("mytest: can sign")

785

else:

786

print("mytest: can't sign")

s = signer.sign(h)

print("salt:")

#rsa_dump(test_salt)

rsa_dump(key._randfunc(test_salt))

print("signature:")

rsa_dump(s)

if s == t2b(row[2]):

print("[Pass] RSA PSS signature compare pass")

796

else:

797

print("[Fail] PSA PSS signature compare fail")

798

return s

799

800

def verify1_mytest(self):

801

for i in range(len(self._testData)):

802

print("Test vector[%d]" %i)

803

row = self._testData[i]

804

# Build the key

805

if isStr(row[0]):

806

key = RSA.importKey(row[0]).publickey()

807

else:

808

comps = [ long(rws(self._testData[i][0][x]),16) for x in ('n','e') ]

809

key = MyKey(RSA.construct(comps))

810

# Hash function

811

h = self._testData[i][4].new()

812

# Data to sign

813

try:

814

h.update(t2b(self._testData[i][1]))

815

# Salt

816

test_salt = t2b(self._testData[i][3])

817

except:

818

h.update(b(self._testData[i][1]))

819

# Salt

820

test_salt = b(self._testData[i][3])

821

# The real test

822

key._randfunc = lambda N: test_salt

823

verifier = PKCS.new(key)

824

t_flag = verifier.can_sign()

825

if t_flag:

826

print("mytest: can't verify")

827

else:

828

print("mytest: can verify")

829

result = verifier.verify(h, t2b(self._testData[i][2]))

830

if result:

831

print("[Pass] RSA PSS verify pass")

832

else:

833

print("[Fail] RSA PSS verify fail")

834

835

836

def get_tests(config={}):

837

tests = []

838

tests += list_test_cases(PKCS1_PSS_Tests)

839

return tests

840

841

if __name__ == '__main__':

842

suite = lambda: unittest.TestSuite(get_tests())

843

unittest.main(defaultTest='suite')

844

845

# vim:set ts=4 sw=4 sts=4