X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb-python/blobdiff_plain/e91150b266bbd768905258166601fdf333d3d987..553d59fec08fd9102b21fd0dc83ba708862a6090:/t/t-pubkey.py diff --git a/t/t-pubkey.py b/t/t-pubkey.py new file mode 100644 index 0000000..5b930b0 --- /dev/null +++ b/t/t-pubkey.py @@ -0,0 +1,192 @@ +### -*-python-*- +### +### Testing public-key crypto functionality +### +### (c) 2019 Straylight/Edgeware +### + +###----- Licensing notice --------------------------------------------------- +### +### This file is part of the Python interface to Catacomb. +### +### Catacomb/Python is free software: you can redistribute it and/or +### modify it under the terms of the GNU General Public License as +### published by the Free Software Foundation; either version 2 of the +### License, or (at your option) any later version. +### +### Catacomb/Python is distributed in the hope that it will be useful, but +### WITHOUT ANY WARRANTY; without even the implied warranty of +### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +### General Public License for more details. +### +### You should have received a copy of the GNU General Public License +### along with Catacomb/Python. If not, write to the Free Software +### Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, +### USA. + +###-------------------------------------------------------------------------- +### Imported modules. + +import catacomb as C +import unittest as U +import testutils as T + +###-------------------------------------------------------------------------- +class TestDSA (U.TestCase): + + def check(me, privcls, pubcls, rng, H, G): + msg = T.bin("A simple test message") + wrong = T.bin("This is not the message you're looking for") + a = privcls(G, rng.range(G.r), hash = H, rng = rng) + me.assertEqual(a.hash, H) + me.assertEqual(a.rng, rng) + A = pubcls(G, a.p, hash = H, rng = rng) + h = a.endhash(a.beginhash().hash(msg)) + me.assertEqual(h, A.endhash(a.beginhash().hash(msg))) + sig = a.sign(h) + me.assertTrue(A.verify(h, sig)) + me.assertFalse(A.verify(A.endhash(A.beginhash().hash(wrong)), sig)) + + me.assertRaises(ValueError, a.sign, h + C.bytes("00")) + me.assertRaises(ValueError, a.verify, h + C.bytes("00"), sig) + + def test_dsa(me): + me.check(C.DSAPriv, C.DSAPub, T.detrand("dsa"), C.sha256, + C.primegroups["catacomb-ll-256-3072"].group()) + def test_ecdsa(me): + me.check(C.DSAPriv, C.DSAPub, T.detrand("ecdsa"), C.sha256, + C.eccurves["nist-p256"].group()) + def test_kcdsa(me): + me.check(C.KCDSAPriv, C.KCDSAPub, T.detrand("kcdsa"), C.has160, + C.primegroups["catacomb-ll-160-1024"].group()) + def test_eckcdsa(me): + me.check(C.KCDSAPriv, C.KCDSAPub, T.detrand("eckcdsa"), C.sha256, + C.eccurves["nist-p256"].group()) + +###-------------------------------------------------------------------------- +class TestRSA (U.TestCase): + + def test(me): + rng = T.detrand("rsa") + ev = T.EventRecorder() + msg = T.bin("A simple test message") + h = C.sha256().hash(msg).done() + wrong = T.bin("This is not the message you're looking for") + hh = C.sha256().hash(wrong).done() + + a = C.RSAPriv.generate(1536, event = ev, rng = rng) + A = C.RSAPub(n = a.n, e = a.e) + me.assertEqual(a.n.nbits, 1536) + me.assertEqual(a.rng, None) + a.rng = rng + me.assertEqual(a.rng, rng) + me.assertEqual(ev.events, + "[p [s]:F6/P7/D]" + "[p [t]:F68/P7/D]" + "[p [r]:F20/P7/D]" + "[p:F35/P3/D]" + "[q [s]:F47/P7/D]" + "[q [t]:F4/P7/D]" + "[q [r]:F8/P7/D]" + "[q:F22/P3/D]") + + C.RSAPriv(n = a.n, e = a.e, d = a.d) + C.RSAPriv(n = a.n, p = a.p, d = a.d) + C.RSAPriv(n = a.n, q = a.q, e = a.e) + C.RSAPriv(p = a.p, q = a.q, e = a.e) + me.assertRaises(ValueError, C.RSAPriv, p = a.p, q = a.q, dp = a.dp) + + me.assertTrue(a.p.primep()) + me.assertTrue(a.q.primep()) + me.assertEqual(a.n, a.p*a.q) + me.assertEqual(a.dp, a.d%(a.p - 1)) + me.assertEqual(a.dq, a.d%(a.q - 1)) + me.assertEqual((a.e*a.dp)%(a.p - 1), 1) + me.assertEqual((a.e*a.dq)%(a.q - 1), 1) + me.assertEqual((a.q*a.q_inv)%a.p, 1) + + x = rng.range(a.n) + y = a.privop(x) + me.assertEqual(x, a.pubop(y)) + me.assertEqual(x, A.pubop(y)) + z = a.pubop(x) + me.assertEqual(z, A.pubop(x)) + me.assertEqual(x, a.privop(z)) + + pad = C.PKCS1Crypt(rng = rng) + ct = A.encrypt(msg, pad) + me.assertEqual(a.decrypt(ct, pad), msg) + me.assertRaises(ValueError, a.decrypt, ct ^ 1, pad) + + pad = C.PKCS1Sig(ep = C.bytes("3031300d060960864801650304020105000420")) + sig = a.sign(h, pad) + me.assertTrue(A.verify(h, sig, pad)) + me.assertFalse(A.verify(hh, sig, pad)) + + pad = C.OAEP(mgf = C.sha256_mgf, hash = C.sha256, rng = rng) + ct = A.encrypt(msg, pad) + me.assertEqual(a.decrypt(ct, pad), msg) + me.assertRaises(ValueError, a.decrypt, ct ^ 1, pad) + + pad = C.PSS(mgf = C.sha256_mgf, hash = C.sha256, rng = rng) + sig = a.sign(h, pad) + me.assertTrue(A.verify(h, sig, pad)) + me.assertFalse(A.verify(hh, sig, pad)) + +###-------------------------------------------------------------------------- +class TestXDH (U.TestCase): + + def check(me, privcls, pubcls, rng): + msg = T.bin("A simple test message") + n = rng.block(24) + n1 = rng.block(24) + + a = privcls.generate(rng) + A = pubcls(a.pub) + b = privcls.generate(rng) + B = pubcls(b.pub) + Z = a.agree(B) + me.assertEqual(b.agree(A), Z) + me.assertEqual(b.agree(a), Z) + + ct = a.box(B, n, msg) + me.assertEqual(b.unbox(A, n, ct), msg) + me.assertRaises(ValueError, b.unbox, A, n1, ct) + + def test_x25519(me): + me.check(C.X25519Priv, C.X25519Pub, T.detrand("x25519")) + def test_x448(me): + me.check(C.X448Priv, C.X448Pub, T.detrand("x448")) + +###-------------------------------------------------------------------------- +class TestEdDSA (U.TestCase): + + def check(me, privcls, pubcls, rng): + msg = T.bin("A simple test message") + wrong = T.bin("This is not the message you're looking for") + perso = T.bin("Catacomb/Python test") + a = privcls.generate(rng) + A = pubcls(a.pub) + + sig = a.sign(msg) + me.assertTrue(a.verify(msg, sig)) + me.assertTrue(A.verify(msg, sig)) + me.assertFalse(A.verify(wrong, sig)) + + sig = a.sign(msg, perso = perso) + me.assertTrue(a.verify(msg, sig, perso = perso)) + me.assertFalse(A.verify(msg, sig)) + + h = a.endhash(a.beginhash().hash(msg)) + sig = a.sign(h, phflag = True) + me.assertTrue(a.verify(h, sig, phflag = True)) + me.assertFalse(A.verify(h, sig)) + + def test_ed25519(me): + me.check(C.Ed25519Priv, C.Ed25519Pub, T.detrand("ed25519")) + def test_ed448(me): + me.check(C.Ed448Priv, C.Ed448Pub, T.detrand("ed448")) + +###----- That's all, folks -------------------------------------------------- + +if __name__ == "__main__": U.main()