-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcio.py
116 lines (98 loc) · 4.3 KB
/
cio.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
from cryptography.hazmat.primitives.asymmetric import rsa, dsa
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.asymmetric import padding, utils
from cryptography.exceptions import InvalidSignature
import hashlib
import binascii
def h2hash(f):
if f == hashlib.sha256:
return hashes.SHA256()
elif f == hashlib.sha1:
return hashes.SHA1()
raise ValueError("Unsupported hash: %s" % repr(f))
class Key(object):
KEY_MODULE = None
_BACKEND = default_backend()
@classmethod
def from_pem_data(cls, data=None, filename=None):
if data is None:
with open(filename, "r") as f:
data = f.read()
self = cls.__new__(cls)
self.keyobj = serialization.load_pem_private_key(data, backend=self._BACKEND)
return self
def to_pem_data(self):
return self.keyobj.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption()
).decode("ascii")
def verify(self, signed_data, signature):
raise NotImplementedError
def sign(self, data):
raise NotImplementedError
class RSKey(Key):
KEY_MODULE = None
DIGESTSIZE = None
HASHNAME = None
HASHMOD = None
def __init__(self, data):
if not ("e" in data and "n" in data):
raise ValueError("RSA key mising 'e' and/or 'n'")
if "d" in data:
p, q = rsa.rsa_recover_prime_factors(data["n"], data["e"], data["d"])
self.keyobj = rsa.RSAPrivateNumbers(p, q, data["d"],
rsa.rsa_crt_dmp1(data["d"], p),
rsa.rsa_crt_dmq1(data["d"], q),
rsa.rsa_crt_iqmp(p, q)).private_key(self._BACKEND)
else:
self.keyobj = rsa.RSAPublicNumbers(data["e"], data["n"]).public_key(self._BACKEND)
def verify(self, signed_data, signature):
# pss = padding.PSS(mgf=padding.MGF1(h2hash(self.HASHMOD)), salt_length=padding.PSS.MAX_LENGTH)
pss = padding.PKCS1v15()
public_key = self.keyobj if isinstance(self.keyobj, rsa.RSAPublicKey) else self.keyobj.public_key()
verifier = public_key.verifier(signature, pss, h2hash(self.HASHMOD))
verifier.update(signed_data)
try:
verifier.verify()
return True
except InvalidSignature:
return False
def sign(self, data):
# pss = padding.PSS(mgf=padding.MGF1(h2hash(self.HASHMOD)), salt_length=padding.PSS.MAX_LENGTH)
pss = padding.PKCS1v15()
signer = self.keyobj.signer(pss, h2hash(self.HASHMOD))
signer.update(data)
return signer.finalize()
class DSKey(Key):
KEY_MODULE = None
BITLENGTH = None
HASHMOD = None
def __init__(self, data):
if "x" in data:
# Because I'm a lazy fuck.
# And I doubt there's much reason to possess and actually use a DSA private key in 2016.
raise RuntimeError("DSA private keys are not supported.")
if not ("y" in data and "g" in data and "p" in data and "q" in data):
raise ValueError("DSA key missing one or more parameters. Want 'y', 'g', 'p' and 'q'.")
pn = dsa.DSAParameterNumbers(int(data["p"], 16), int(data["q"], 16), int(data["g"], 16))
self.keyobj = dsa.DSAPublicNumbers(int(data["y"], 16), pn).public_key(self._BACKEND)
def verify(self, signed_data, signature):
# Restore any leading zero bytes that might have been stripped.
signature = binascii.hexlify(signature)
hexlength = self.BITLENGTH // 4
signature = signature.rjust(hexlength * 2, b"0")
if len(signature) != hexlength * 2:
return False
# Split the signature into "r" and "s" components.
r = int(signature[:hexlength], 16)
s = int(signature[hexlength:], 16)
der_signature = utils.encode_dss_signature(r, s)
verifier = self.keyobj.verifier(der_signature, h2hash(self.HASHMOD))
verifier.update(signed_data)
try:
verifier.verify()
return True
except InvalidSignature:
return False