| Index: third_party/google-endpoints/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py
|
| diff --git a/third_party/google-endpoints/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py b/third_party/google-endpoints/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..accca6132a2f7b34fe55dcc8bb64319fd9a61b2e
|
| --- /dev/null
|
| +++ b/third_party/google-endpoints/Crypto/SelfTest/Cipher/test_pkcs1_oaep.py
|
| @@ -0,0 +1,372 @@
|
| +# -*- coding: utf-8 -*-
|
| +#
|
| +# SelfTest/Cipher/test_pkcs1_oaep.py: Self-test for PKCS#1 OAEP encryption
|
| +#
|
| +# ===================================================================
|
| +# The contents of this file are dedicated to the public domain. To
|
| +# the extent that dedication to the public domain is not available,
|
| +# everyone is granted a worldwide, perpetual, royalty-free,
|
| +# non-exclusive license to exercise all rights associated with the
|
| +# contents of this file for any purpose whatsoever.
|
| +# No rights are reserved.
|
| +#
|
| +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
| +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
| +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
| +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
| +# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
| +# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
| +# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
| +# SOFTWARE.
|
| +# ===================================================================
|
| +
|
| +from __future__ import nested_scopes
|
| +
|
| +__revision__ = "$Id$"
|
| +
|
| +import unittest
|
| +
|
| +from Crypto.SelfTest.st_common import list_test_cases, a2b_hex, b2a_hex
|
| +
|
| +from Crypto.Util.py3compat import *
|
| +from Crypto.PublicKey import RSA
|
| +from Crypto.Cipher import PKCS1_OAEP as PKCS
|
| +from Crypto.Hash import MD2,MD5,SHA as SHA1,SHA256,RIPEMD
|
| +from Crypto import Random
|
| +
|
| +def rws(t):
|
| + """Remove white spaces, tabs, and new lines from a string"""
|
| + for c in ['\n', '\t', ' ']:
|
| + t = t.replace(c,'')
|
| + return t
|
| +
|
| +def t2b(t):
|
| + """Convert a text string with bytes in hex form to a byte string"""
|
| + clean = rws(t)
|
| + if len(clean)%2 == 1:
|
| + raise ValueError("Even number of characters expected")
|
| + return a2b_hex(clean)
|
| +
|
| +class PKCS1_OAEP_Tests(unittest.TestCase):
|
| +
|
| + def setUp(self):
|
| + self.rng = Random.new().read
|
| + self.key1024 = RSA.generate(1024, self.rng)
|
| +
|
| + # List of tuples with test data for PKCS#1 OAEP
|
| + # Each tuple is made up by:
|
| + # Item #0: dictionary with RSA key component
|
| + # Item #1: plaintext
|
| + # Item #2: ciphertext
|
| + # Item #3: random data (=seed)
|
| + # Item #4: hash object
|
| +
|
| + _testData = (
|
| +
|
| + #
|
| + # From in oaep-int.txt to be found in
|
| + # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
|
| + #
|
| + (
|
| + # Private key
|
| + {
|
| + 'n':'''bb f8 2f 09 06 82 ce 9c 23 38 ac 2b 9d a8 71 f7
|
| + 36 8d 07 ee d4 10 43 a4 40 d6 b6 f0 74 54 f5 1f
|
| + b8 df ba af 03 5c 02 ab 61 ea 48 ce eb 6f cd 48
|
| + 76 ed 52 0d 60 e1 ec 46 19 71 9d 8a 5b 8b 80 7f
|
| + af b8 e0 a3 df c7 37 72 3e e6 b4 b7 d9 3a 25 84
|
| + ee 6a 64 9d 06 09 53 74 88 34 b2 45 45 98 39 4e
|
| + e0 aa b1 2d 7b 61 a5 1f 52 7a 9a 41 f6 c1 68 7f
|
| + e2 53 72 98 ca 2a 8f 59 46 f8 e5 fd 09 1d bd cb''',
|
| + # Public key
|
| + 'e':'11',
|
| + # In the test vector, only p and q were given...
|
| + # d is computed offline as e^{-1} mod (p-1)(q-1)
|
| + 'd':'''a5dafc5341faf289c4b988db30c1cdf83f31251e0
|
| + 668b42784813801579641b29410b3c7998d6bc465745e5c3
|
| + 92669d6870da2c082a939e37fdcb82ec93edac97ff3ad595
|
| + 0accfbc111c76f1a9529444e56aaf68c56c092cd38dc3bef
|
| + 5d20a939926ed4f74a13eddfbe1a1cecc4894af9428c2b7b
|
| + 8883fe4463a4bc85b1cb3c1'''
|
| + }
|
| + ,
|
| + # Plaintext
|
| + '''d4 36 e9 95 69 fd 32 a7 c8 a0 5b bc 90 d3 2c 49''',
|
| + # Ciphertext
|
| + '''12 53 e0 4d c0 a5 39 7b b4 4a 7a b8 7e 9b f2 a0
|
| + 39 a3 3d 1e 99 6f c8 2a 94 cc d3 00 74 c9 5d f7
|
| + 63 72 20 17 06 9e 52 68 da 5d 1c 0b 4f 87 2c f6
|
| + 53 c1 1d f8 23 14 a6 79 68 df ea e2 8d ef 04 bb
|
| + 6d 84 b1 c3 1d 65 4a 19 70 e5 78 3b d6 eb 96 a0
|
| + 24 c2 ca 2f 4a 90 fe 9f 2e f5 c9 c1 40 e5 bb 48
|
| + da 95 36 ad 87 00 c8 4f c9 13 0a de a7 4e 55 8d
|
| + 51 a7 4d df 85 d8 b5 0d e9 68 38 d6 06 3e 09 55''',
|
| + # Random
|
| + '''aa fd 12 f6 59 ca e6 34 89 b4 79 e5 07 6d de c2
|
| + f0 6c b5 8f''',
|
| + # Hash
|
| + SHA1,
|
| + ),
|
| +
|
| + #
|
| + # From in oaep-vect.txt to be found in Example 1.1
|
| + # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
|
| + #
|
| + (
|
| + # Private key
|
| + {
|
| + 'n':'''a8 b3 b2 84 af 8e b5 0b 38 70 34 a8 60 f1 46 c4
|
| + 91 9f 31 87 63 cd 6c 55 98 c8 ae 48 11 a1 e0 ab
|
| + c4 c7 e0 b0 82 d6 93 a5 e7 fc ed 67 5c f4 66 85
|
| + 12 77 2c 0c bc 64 a7 42 c6 c6 30 f5 33 c8 cc 72
|
| + f6 2a e8 33 c4 0b f2 58 42 e9 84 bb 78 bd bf 97
|
| + c0 10 7d 55 bd b6 62 f5 c4 e0 fa b9 84 5c b5 14
|
| + 8e f7 39 2d d3 aa ff 93 ae 1e 6b 66 7b b3 d4 24
|
| + 76 16 d4 f5 ba 10 d4 cf d2 26 de 88 d3 9f 16 fb''',
|
| + 'e':'''01 00 01''',
|
| + 'd':'''53 33 9c fd b7 9f c8 46 6a 65 5c 73 16 ac a8 5c
|
| + 55 fd 8f 6d d8 98 fd af 11 95 17 ef 4f 52 e8 fd
|
| + 8e 25 8d f9 3f ee 18 0f a0 e4 ab 29 69 3c d8 3b
|
| + 15 2a 55 3d 4a c4 d1 81 2b 8b 9f a5 af 0e 7f 55
|
| + fe 73 04 df 41 57 09 26 f3 31 1f 15 c4 d6 5a 73
|
| + 2c 48 31 16 ee 3d 3d 2d 0a f3 54 9a d9 bf 7c bf
|
| + b7 8a d8 84 f8 4d 5b eb 04 72 4d c7 36 9b 31 de
|
| + f3 7d 0c f5 39 e9 cf cd d3 de 65 37 29 ea d5 d1 '''
|
| + }
|
| + ,
|
| + # Plaintext
|
| + '''66 28 19 4e 12 07 3d b0 3b a9 4c da 9e f9 53 23
|
| + 97 d5 0d ba 79 b9 87 00 4a fe fe 34''',
|
| + # Ciphertext
|
| + '''35 4f e6 7b 4a 12 6d 5d 35 fe 36 c7 77 79 1a 3f
|
| + 7b a1 3d ef 48 4e 2d 39 08 af f7 22 fa d4 68 fb
|
| + 21 69 6d e9 5d 0b e9 11 c2 d3 17 4f 8a fc c2 01
|
| + 03 5f 7b 6d 8e 69 40 2d e5 45 16 18 c2 1a 53 5f
|
| + a9 d7 bf c5 b8 dd 9f c2 43 f8 cf 92 7d b3 13 22
|
| + d6 e8 81 ea a9 1a 99 61 70 e6 57 a0 5a 26 64 26
|
| + d9 8c 88 00 3f 84 77 c1 22 70 94 a0 d9 fa 1e 8c
|
| + 40 24 30 9c e1 ec cc b5 21 00 35 d4 7a c7 2e 8a''',
|
| + # Random
|
| + '''18 b7 76 ea 21 06 9d 69 77 6a 33 e9 6b ad 48 e1
|
| + dd a0 a5 ef''',
|
| + SHA1
|
| + ),
|
| +
|
| + #
|
| + # From in oaep-vect.txt to be found in Example 2.1
|
| + # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
|
| + #
|
| + (
|
| + # Private key
|
| + {
|
| + 'n':'''01 94 7c 7f ce 90 42 5f 47 27 9e 70 85 1f 25 d5
|
| + e6 23 16 fe 8a 1d f1 93 71 e3 e6 28 e2 60 54 3e
|
| + 49 01 ef 60 81 f6 8c 0b 81 41 19 0d 2a e8 da ba
|
| + 7d 12 50 ec 6d b6 36 e9 44 ec 37 22 87 7c 7c 1d
|
| + 0a 67 f1 4b 16 94 c5 f0 37 94 51 a4 3e 49 a3 2d
|
| + de 83 67 0b 73 da 91 a1 c9 9b c2 3b 43 6a 60 05
|
| + 5c 61 0f 0b af 99 c1 a0 79 56 5b 95 a3 f1 52 66
|
| + 32 d1 d4 da 60 f2 0e da 25 e6 53 c4 f0 02 76 6f
|
| + 45''',
|
| + 'e':'''01 00 01''',
|
| + 'd':'''08 23 f2 0f ad b5 da 89 08 8a 9d 00 89 3e 21 fa
|
| + 4a 1b 11 fb c9 3c 64 a3 be 0b aa ea 97 fb 3b 93
|
| + c3 ff 71 37 04 c1 9c 96 3c 1d 10 7a ae 99 05 47
|
| + 39 f7 9e 02 e1 86 de 86 f8 7a 6d de fe a6 d8 cc
|
| + d1 d3 c8 1a 47 bf a7 25 5b e2 06 01 a4 a4 b2 f0
|
| + 8a 16 7b 5e 27 9d 71 5b 1b 45 5b dd 7e ab 24 59
|
| + 41 d9 76 8b 9a ce fb 3c cd a5 95 2d a3 ce e7 25
|
| + 25 b4 50 16 63 a8 ee 15 c9 e9 92 d9 24 62 fe 39'''
|
| + },
|
| + # Plaintext
|
| + '''8f f0 0c aa 60 5c 70 28 30 63 4d 9a 6c 3d 42 c6
|
| + 52 b5 8c f1 d9 2f ec 57 0b ee e7''',
|
| + # Ciphertext
|
| + '''01 81 af 89 22 b9 fc b4 d7 9d 92 eb e1 98 15 99
|
| + 2f c0 c1 43 9d 8b cd 49 13 98 a0 f4 ad 3a 32 9a
|
| + 5b d9 38 55 60 db 53 26 83 c8 b7 da 04 e4 b1 2a
|
| + ed 6a ac df 47 1c 34 c9 cd a8 91 ad dc c2 df 34
|
| + 56 65 3a a6 38 2e 9a e5 9b 54 45 52 57 eb 09 9d
|
| + 56 2b be 10 45 3f 2b 6d 13 c5 9c 02 e1 0f 1f 8a
|
| + bb 5d a0 d0 57 09 32 da cf 2d 09 01 db 72 9d 0f
|
| + ef cc 05 4e 70 96 8e a5 40 c8 1b 04 bc ae fe 72
|
| + 0e''',
|
| + # Random
|
| + '''8c 40 7b 5e c2 89 9e 50 99 c5 3e 8c e7 93 bf 94
|
| + e7 1b 17 82''',
|
| + SHA1
|
| + ),
|
| +
|
| + #
|
| + # From in oaep-vect.txt to be found in Example 10.1
|
| + # ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip
|
| + #
|
| + (
|
| + # Private key
|
| + {
|
| + 'n':'''ae 45 ed 56 01 ce c6 b8 cc 05 f8 03 93 5c 67 4d
|
| + db e0 d7 5c 4c 09 fd 79 51 fc 6b 0c ae c3 13 a8
|
| + df 39 97 0c 51 8b ff ba 5e d6 8f 3f 0d 7f 22 a4
|
| + 02 9d 41 3f 1a e0 7e 4e be 9e 41 77 ce 23 e7 f5
|
| + 40 4b 56 9e 4e e1 bd cf 3c 1f b0 3e f1 13 80 2d
|
| + 4f 85 5e b9 b5 13 4b 5a 7c 80 85 ad ca e6 fa 2f
|
| + a1 41 7e c3 76 3b e1 71 b0 c6 2b 76 0e de 23 c1
|
| + 2a d9 2b 98 08 84 c6 41 f5 a8 fa c2 6b da d4 a0
|
| + 33 81 a2 2f e1 b7 54 88 50 94 c8 25 06 d4 01 9a
|
| + 53 5a 28 6a fe b2 71 bb 9b a5 92 de 18 dc f6 00
|
| + c2 ae ea e5 6e 02 f7 cf 79 fc 14 cf 3b dc 7c d8
|
| + 4f eb bb f9 50 ca 90 30 4b 22 19 a7 aa 06 3a ef
|
| + a2 c3 c1 98 0e 56 0c d6 4a fe 77 95 85 b6 10 76
|
| + 57 b9 57 85 7e fd e6 01 09 88 ab 7d e4 17 fc 88
|
| + d8 f3 84 c4 e6 e7 2c 3f 94 3e 0c 31 c0 c4 a5 cc
|
| + 36 f8 79 d8 a3 ac 9d 7d 59 86 0e aa da 6b 83 bb''',
|
| + 'e':'''01 00 01''',
|
| + 'd':'''05 6b 04 21 6f e5 f3 54 ac 77 25 0a 4b 6b 0c 85
|
| + 25 a8 5c 59 b0 bd 80 c5 64 50 a2 2d 5f 43 8e 59
|
| + 6a 33 3a a8 75 e2 91 dd 43 f4 8c b8 8b 9d 5f c0
|
| + d4 99 f9 fc d1 c3 97 f9 af c0 70 cd 9e 39 8c 8d
|
| + 19 e6 1d b7 c7 41 0a 6b 26 75 df bf 5d 34 5b 80
|
| + 4d 20 1a dd 50 2d 5c e2 df cb 09 1c e9 99 7b be
|
| + be 57 30 6f 38 3e 4d 58 81 03 f0 36 f7 e8 5d 19
|
| + 34 d1 52 a3 23 e4 a8 db 45 1d 6f 4a 5b 1b 0f 10
|
| + 2c c1 50 e0 2f ee e2 b8 8d ea 4a d4 c1 ba cc b2
|
| + 4d 84 07 2d 14 e1 d2 4a 67 71 f7 40 8e e3 05 64
|
| + fb 86 d4 39 3a 34 bc f0 b7 88 50 1d 19 33 03 f1
|
| + 3a 22 84 b0 01 f0 f6 49 ea f7 93 28 d4 ac 5c 43
|
| + 0a b4 41 49 20 a9 46 0e d1 b7 bc 40 ec 65 3e 87
|
| + 6d 09 ab c5 09 ae 45 b5 25 19 01 16 a0 c2 61 01
|
| + 84 82 98 50 9c 1c 3b f3 a4 83 e7 27 40 54 e1 5e
|
| + 97 07 50 36 e9 89 f6 09 32 80 7b 52 57 75 1e 79'''
|
| + },
|
| + # Plaintext
|
| + '''8b ba 6b f8 2a 6c 0f 86 d5 f1 75 6e 97 95 68 70
|
| + b0 89 53 b0 6b 4e b2 05 bc 16 94 ee''',
|
| + # Ciphertext
|
| + '''53 ea 5d c0 8c d2 60 fb 3b 85 85 67 28 7f a9 15
|
| + 52 c3 0b 2f eb fb a2 13 f0 ae 87 70 2d 06 8d 19
|
| + ba b0 7f e5 74 52 3d fb 42 13 9d 68 c3 c5 af ee
|
| + e0 bf e4 cb 79 69 cb f3 82 b8 04 d6 e6 13 96 14
|
| + 4e 2d 0e 60 74 1f 89 93 c3 01 4b 58 b9 b1 95 7a
|
| + 8b ab cd 23 af 85 4f 4c 35 6f b1 66 2a a7 2b fc
|
| + c7 e5 86 55 9d c4 28 0d 16 0c 12 67 85 a7 23 eb
|
| + ee be ff 71 f1 15 94 44 0a ae f8 7d 10 79 3a 87
|
| + 74 a2 39 d4 a0 4c 87 fe 14 67 b9 da f8 52 08 ec
|
| + 6c 72 55 79 4a 96 cc 29 14 2f 9a 8b d4 18 e3 c1
|
| + fd 67 34 4b 0c d0 82 9d f3 b2 be c6 02 53 19 62
|
| + 93 c6 b3 4d 3f 75 d3 2f 21 3d d4 5c 62 73 d5 05
|
| + ad f4 cc ed 10 57 cb 75 8f c2 6a ee fa 44 12 55
|
| + ed 4e 64 c1 99 ee 07 5e 7f 16 64 61 82 fd b4 64
|
| + 73 9b 68 ab 5d af f0 e6 3e 95 52 01 68 24 f0 54
|
| + bf 4d 3c 8c 90 a9 7b b6 b6 55 32 84 eb 42 9f cc''',
|
| + # Random
|
| + '''47 e1 ab 71 19 fe e5 6c 95 ee 5e aa d8 6f 40 d0
|
| + aa 63 bd 33''',
|
| + SHA1
|
| + ),
|
| + )
|
| +
|
| + def testEncrypt1(self):
|
| + # Verify encryption using all test vectors
|
| + for test in self._testData:
|
| + # Build the key
|
| + comps = [ long(rws(test[0][x]),16) for x in ('n','e') ]
|
| + key = RSA.construct(comps)
|
| + # RNG that takes its random numbers from a pool given
|
| + # at initialization
|
| + class randGen:
|
| + def __init__(self, data):
|
| + self.data = data
|
| + self.idx = 0
|
| + def __call__(self, N):
|
| + r = self.data[self.idx:N]
|
| + self.idx += N
|
| + return r
|
| + # The real test
|
| + key._randfunc = randGen(t2b(test[3]))
|
| + cipher = PKCS.new(key, test[4])
|
| + ct = cipher.encrypt(t2b(test[1]))
|
| + self.assertEqual(ct, t2b(test[2]))
|
| +
|
| + def testEncrypt2(self):
|
| + # Verify that encryption fails if plaintext is too long
|
| + pt = '\x00'*(128-2*20-2+1)
|
| + cipher = PKCS.new(self.key1024)
|
| + self.assertRaises(ValueError, cipher.encrypt, pt)
|
| +
|
| + def testDecrypt1(self):
|
| + # Verify decryption using all test vectors
|
| + for test in self._testData:
|
| + # Build the key
|
| + comps = [ long(rws(test[0][x]),16) for x in ('n','e','d') ]
|
| + key = RSA.construct(comps)
|
| + # The real test
|
| + cipher = PKCS.new(key, test[4])
|
| + pt = cipher.decrypt(t2b(test[2]))
|
| + self.assertEqual(pt, t2b(test[1]))
|
| +
|
| + def testDecrypt2(self):
|
| + # Simplest possible negative tests
|
| + for ct_size in (127,128,129):
|
| + cipher = PKCS.new(self.key1024)
|
| + self.assertRaises(ValueError, cipher.decrypt, bchr(0x00)*ct_size)
|
| +
|
| + def testEncryptDecrypt1(self):
|
| + # Encrypt/Decrypt messages of length [0..128-2*20-2]
|
| + for pt_len in xrange(0,128-2*20-2):
|
| + pt = self.rng(pt_len)
|
| + ct = PKCS.encrypt(pt, self.key1024)
|
| + pt2 = PKCS.decrypt(ct, self.key1024)
|
| + self.assertEqual(pt,pt2)
|
| +
|
| + def testEncryptDecrypt1(self):
|
| + # Helper function to monitor what's requested from RNG
|
| + global asked
|
| + def localRng(N):
|
| + global asked
|
| + asked += N
|
| + return self.rng(N)
|
| + # Verify that OAEP is friendly to all hashes
|
| + for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD):
|
| + # Verify that encrypt() asks for as many random bytes
|
| + # as the hash output size
|
| + asked = 0
|
| + pt = self.rng(40)
|
| + self.key1024._randfunc = localRng
|
| + cipher = PKCS.new(self.key1024, hashmod)
|
| + ct = cipher.encrypt(pt)
|
| + self.assertEqual(cipher.decrypt(ct), pt)
|
| + self.failUnless(asked > hashmod.digest_size)
|
| +
|
| + def testEncryptDecrypt2(self):
|
| + # Verify that OAEP supports labels
|
| + pt = self.rng(35)
|
| + xlabel = self.rng(22)
|
| + cipher = PKCS.new(self.key1024, label=xlabel)
|
| + ct = cipher.encrypt(pt)
|
| + self.assertEqual(cipher.decrypt(ct), pt)
|
| +
|
| + def testEncryptDecrypt3(self):
|
| + # Verify that encrypt() uses the custom MGF
|
| + global mgfcalls
|
| + # Helper function to monitor what's requested from MGF
|
| + def newMGF(seed,maskLen):
|
| + global mgfcalls
|
| + mgfcalls += 1
|
| + return bchr(0x00)*maskLen
|
| + mgfcalls = 0
|
| + pt = self.rng(32)
|
| + cipher = PKCS.new(self.key1024, mgfunc=newMGF)
|
| + ct = cipher.encrypt(pt)
|
| + self.assertEqual(mgfcalls, 2)
|
| + self.assertEqual(cipher.decrypt(ct), pt)
|
| +
|
| +def get_tests(config={}):
|
| + tests = []
|
| + tests += list_test_cases(PKCS1_OAEP_Tests)
|
| + return tests
|
| +
|
| +if __name__ == '__main__':
|
| + suite = lambda: unittest.TestSuite(get_tests())
|
| + unittest.main(defaultTest='suite')
|
| +
|
| +# vim:set ts=4 sw=4 sts=4 expandtab:
|
|
|
Chromium Code Reviews
Issue 2666783008:
Add google-endpoints to third_party/. (Closed)
