Commit | Line | Data |
---|---|---|
553d59fe MW |
1 | ### -*-python-*- |
2 | ### | |
3 | ### Testing public-key crypto functionality | |
4 | ### | |
5 | ### (c) 2019 Straylight/Edgeware | |
6 | ### | |
7 | ||
8 | ###----- Licensing notice --------------------------------------------------- | |
9 | ### | |
10 | ### This file is part of the Python interface to Catacomb. | |
11 | ### | |
12 | ### Catacomb/Python is free software: you can redistribute it and/or | |
13 | ### modify it under the terms of the GNU General Public License as | |
14 | ### published by the Free Software Foundation; either version 2 of the | |
15 | ### License, or (at your option) any later version. | |
16 | ### | |
17 | ### Catacomb/Python is distributed in the hope that it will be useful, but | |
18 | ### WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
20 | ### General Public License for more details. | |
21 | ### | |
22 | ### You should have received a copy of the GNU General Public License | |
23 | ### along with Catacomb/Python. If not, write to the Free Software | |
24 | ### Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
25 | ### USA. | |
26 | ||
27 | ###-------------------------------------------------------------------------- | |
28 | ### Imported modules. | |
29 | ||
30 | import catacomb as C | |
31 | import unittest as U | |
32 | import testutils as T | |
33 | ||
34 | ###-------------------------------------------------------------------------- | |
35 | class TestDSA (U.TestCase): | |
36 | ||
37 | def check(me, privcls, pubcls, rng, H, G): | |
38 | msg = T.bin("A simple test message") | |
39 | wrong = T.bin("This is not the message you're looking for") | |
40 | a = privcls(G, rng.range(G.r), hash = H, rng = rng) | |
41 | me.assertEqual(a.hash, H) | |
42 | me.assertEqual(a.rng, rng) | |
43 | A = pubcls(G, a.p, hash = H, rng = rng) | |
44 | h = a.endhash(a.beginhash().hash(msg)) | |
45 | me.assertEqual(h, A.endhash(a.beginhash().hash(msg))) | |
46 | sig = a.sign(h) | |
47 | me.assertTrue(A.verify(h, sig)) | |
48 | me.assertFalse(A.verify(A.endhash(A.beginhash().hash(wrong)), sig)) | |
49 | ||
50 | me.assertRaises(ValueError, a.sign, h + C.bytes("00")) | |
51 | me.assertRaises(ValueError, a.verify, h + C.bytes("00"), sig) | |
52 | ||
53 | def test_dsa(me): | |
54 | me.check(C.DSAPriv, C.DSAPub, T.detrand("dsa"), C.sha256, | |
55 | C.primegroups["catacomb-ll-256-3072"].group()) | |
56 | def test_ecdsa(me): | |
57 | me.check(C.DSAPriv, C.DSAPub, T.detrand("ecdsa"), C.sha256, | |
58 | C.eccurves["nist-p256"].group()) | |
59 | def test_kcdsa(me): | |
60 | me.check(C.KCDSAPriv, C.KCDSAPub, T.detrand("kcdsa"), C.has160, | |
61 | C.primegroups["catacomb-ll-160-1024"].group()) | |
62 | def test_eckcdsa(me): | |
63 | me.check(C.KCDSAPriv, C.KCDSAPub, T.detrand("eckcdsa"), C.sha256, | |
64 | C.eccurves["nist-p256"].group()) | |
65 | ||
66 | ###-------------------------------------------------------------------------- | |
67 | class TestRSA (U.TestCase): | |
68 | ||
69 | def test(me): | |
70 | rng = T.detrand("rsa") | |
71 | ev = T.EventRecorder() | |
72 | msg = T.bin("A simple test message") | |
73 | h = C.sha256().hash(msg).done() | |
74 | wrong = T.bin("This is not the message you're looking for") | |
75 | hh = C.sha256().hash(wrong).done() | |
76 | ||
77 | a = C.RSAPriv.generate(1536, event = ev, rng = rng) | |
78 | A = C.RSAPub(n = a.n, e = a.e) | |
79 | me.assertEqual(a.n.nbits, 1536) | |
80 | me.assertEqual(a.rng, None) | |
81 | a.rng = rng | |
82 | me.assertEqual(a.rng, rng) | |
83 | me.assertEqual(ev.events, | |
84 | "[p [s]:F6/P7/D]" | |
85 | "[p [t]:F68/P7/D]" | |
86 | "[p [r]:F20/P7/D]" | |
87 | "[p:F35/P3/D]" | |
88 | "[q [s]:F47/P7/D]" | |
89 | "[q [t]:F4/P7/D]" | |
90 | "[q [r]:F8/P7/D]" | |
91 | "[q:F22/P3/D]") | |
92 | ||
93 | C.RSAPriv(n = a.n, e = a.e, d = a.d) | |
94 | C.RSAPriv(n = a.n, p = a.p, d = a.d) | |
95 | C.RSAPriv(n = a.n, q = a.q, e = a.e) | |
96 | C.RSAPriv(p = a.p, q = a.q, e = a.e) | |
97 | me.assertRaises(ValueError, C.RSAPriv, p = a.p, q = a.q, dp = a.dp) | |
98 | ||
99 | me.assertTrue(a.p.primep()) | |
100 | me.assertTrue(a.q.primep()) | |
101 | me.assertEqual(a.n, a.p*a.q) | |
102 | me.assertEqual(a.dp, a.d%(a.p - 1)) | |
103 | me.assertEqual(a.dq, a.d%(a.q - 1)) | |
104 | me.assertEqual((a.e*a.dp)%(a.p - 1), 1) | |
105 | me.assertEqual((a.e*a.dq)%(a.q - 1), 1) | |
106 | me.assertEqual((a.q*a.q_inv)%a.p, 1) | |
107 | ||
108 | x = rng.range(a.n) | |
109 | y = a.privop(x) | |
110 | me.assertEqual(x, a.pubop(y)) | |
111 | me.assertEqual(x, A.pubop(y)) | |
112 | z = a.pubop(x) | |
113 | me.assertEqual(z, A.pubop(x)) | |
114 | me.assertEqual(x, a.privop(z)) | |
115 | ||
116 | pad = C.PKCS1Crypt(rng = rng) | |
117 | ct = A.encrypt(msg, pad) | |
118 | me.assertEqual(a.decrypt(ct, pad), msg) | |
119 | me.assertRaises(ValueError, a.decrypt, ct ^ 1, pad) | |
120 | ||
121 | pad = C.PKCS1Sig(ep = C.bytes("3031300d060960864801650304020105000420")) | |
122 | sig = a.sign(h, pad) | |
123 | me.assertTrue(A.verify(h, sig, pad)) | |
124 | me.assertFalse(A.verify(hh, sig, pad)) | |
125 | ||
126 | pad = C.OAEP(mgf = C.sha256_mgf, hash = C.sha256, rng = rng) | |
127 | ct = A.encrypt(msg, pad) | |
128 | me.assertEqual(a.decrypt(ct, pad), msg) | |
129 | me.assertRaises(ValueError, a.decrypt, ct ^ 1, pad) | |
130 | ||
131 | pad = C.PSS(mgf = C.sha256_mgf, hash = C.sha256, rng = rng) | |
132 | sig = a.sign(h, pad) | |
133 | me.assertTrue(A.verify(h, sig, pad)) | |
134 | me.assertFalse(A.verify(hh, sig, pad)) | |
135 | ||
136 | ###-------------------------------------------------------------------------- | |
137 | class TestXDH (U.TestCase): | |
138 | ||
139 | def check(me, privcls, pubcls, rng): | |
140 | msg = T.bin("A simple test message") | |
141 | n = rng.block(24) | |
142 | n1 = rng.block(24) | |
143 | ||
144 | a = privcls.generate(rng) | |
145 | A = pubcls(a.pub) | |
146 | b = privcls.generate(rng) | |
147 | B = pubcls(b.pub) | |
148 | Z = a.agree(B) | |
149 | me.assertEqual(b.agree(A), Z) | |
150 | me.assertEqual(b.agree(a), Z) | |
151 | ||
152 | ct = a.box(B, n, msg) | |
153 | me.assertEqual(b.unbox(A, n, ct), msg) | |
154 | me.assertRaises(ValueError, b.unbox, A, n1, ct) | |
155 | ||
156 | def test_x25519(me): | |
157 | me.check(C.X25519Priv, C.X25519Pub, T.detrand("x25519")) | |
158 | def test_x448(me): | |
159 | me.check(C.X448Priv, C.X448Pub, T.detrand("x448")) | |
160 | ||
161 | ###-------------------------------------------------------------------------- | |
162 | class TestEdDSA (U.TestCase): | |
163 | ||
164 | def check(me, privcls, pubcls, rng): | |
165 | msg = T.bin("A simple test message") | |
166 | wrong = T.bin("This is not the message you're looking for") | |
167 | perso = T.bin("Catacomb/Python test") | |
168 | a = privcls.generate(rng) | |
169 | A = pubcls(a.pub) | |
170 | ||
171 | sig = a.sign(msg) | |
172 | me.assertTrue(a.verify(msg, sig)) | |
173 | me.assertTrue(A.verify(msg, sig)) | |
174 | me.assertFalse(A.verify(wrong, sig)) | |
175 | ||
176 | sig = a.sign(msg, perso = perso) | |
177 | me.assertTrue(a.verify(msg, sig, perso = perso)) | |
178 | me.assertFalse(A.verify(msg, sig)) | |
179 | ||
180 | h = a.endhash(a.beginhash().hash(msg)) | |
181 | sig = a.sign(h, phflag = True) | |
182 | me.assertTrue(a.verify(h, sig, phflag = True)) | |
183 | me.assertFalse(A.verify(h, sig)) | |
184 | ||
185 | def test_ed25519(me): | |
186 | me.check(C.Ed25519Priv, C.Ed25519Pub, T.detrand("ed25519")) | |
187 | def test_ed448(me): | |
188 | me.check(C.Ed448Priv, C.Ed448Pub, T.detrand("ed448")) | |
189 | ||
190 | ###----- That's all, folks -------------------------------------------------- | |
191 | ||
192 | if __name__ == "__main__": U.main() |