first add files

1 files changed, 283 insertions, 0 deletions

diff --git a/lib/Crypto/SelfTest/Cipher/test_pkcs1_15.py b/lib/Crypto/SelfTest/Cipher/test_pkcs1_15.py
new file mode 100644
index 0000000..e16a543
--- /dev/null
+++ b/lib/Crypto/SelfTest/Cipher/test_pkcs1_15.py
@@ -0,0 +1,283 @@
+# -*- coding: utf-8 -*-
+#
+#  SelfTest/Cipher/test_pkcs1_15.py: Self-test for PKCS#1 v1.5 encryption
+#
+# ===================================================================
+# The contents of this file are dedicated to the public domain.  To
+# the extent that dedication to the public domain is not available,
+# everyone is granted a worldwide, perpetual, royalty-free,
+# non-exclusive license to exercise all rights associated with the
+# contents of this file for any purpose whatsoever.
+# No rights are reserved.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# ===================================================================
+
+from __future__ import print_function
+
+import unittest
+
+from Crypto.PublicKey import RSA
+from Crypto.SelfTest.st_common import list_test_cases, a2b_hex
+from Crypto import Random
+from Crypto.Cipher import PKCS1_v1_5 as PKCS
+from Crypto.Util.py3compat import b
+from Crypto.Util.number import bytes_to_long, long_to_bytes
+from Crypto.SelfTest.loader import load_test_vectors_wycheproof
+
+
+def rws(t):
+    """Remove white spaces, tabs, and new lines from a string"""
+    for c in ['\n', '\t', ' ']:
+        t = t.replace(c, '')
+    return t
+
+
+def t2b(t):
+    """Convert a text string with bytes in hex form to a byte string"""
+    clean = b(rws(t))
+    if len(clean) % 2 == 1:
+        raise ValueError("Even number of characters expected")
+    return a2b_hex(clean)
+
+
+class PKCS1_15_Tests(unittest.TestCase):
+
+        def setUp(self):
+                self.rng = Random.new().read
+                self.key1024 = RSA.generate(1024, self.rng)
+
+        # List of tuples with test data for PKCS#1 v1.5.
+        # Each tuple is made up by:
+        #       Item #0: dictionary with RSA key component, or key to import
+        #       Item #1: plaintext
+        #       Item #2: ciphertext
+        #       Item #3: random data
+
+        _testData = (
+
+                #
+                # Generated with openssl 0.9.8o
+                #
+                (
+                # Private key
+                '''-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDAiAnvIAOvqVwJTaYzsKnefZftgtXGE2hPJppGsWl78yz9jeXY
+W/FxX/gTPURArNhdnhP6n3p2ZaDIBrO2zizbgIXs0IsljTTcr4vnI8fMXzyNUOjA
+zP3nzMqZDZK6757XQAobOssMkBFqRWwilT/3DsBhRpl3iMUhF+wvpTSHewIDAQAB
+AoGAC4HV/inOrpgTvSab8Wj0riyZgQOZ3U3ZpSlsfR8ra9Ib9Uee3jCYnKscu6Gk
+y6zI/cdt8EPJ4PuwAWSNJzbpbVaDvUq25OD+CX8/uRT08yBS4J8TzBitZJTD4lS7
+atdTnKT0Wmwk+u8tDbhvMKwnUHdJLcuIsycts9rwJVapUtkCQQDvDpx2JMun0YKG
+uUttjmL8oJ3U0m3ZvMdVwBecA0eebZb1l2J5PvI3EJD97eKe91Nsw8T3lwpoN40k
+IocSVDklAkEAzi1HLHE6EzVPOe5+Y0kGvrIYRRhncOb72vCvBZvD6wLZpQgqo6c4
+d3XHFBBQWA6xcvQb5w+VVEJZzw64y25sHwJBAMYReRl6SzL0qA0wIYrYWrOt8JeQ
+8mthulcWHXmqTgC6FEXP9Es5GD7/fuKl4wqLKZgIbH4nqvvGay7xXLCXD/ECQH9a
+1JYNMtRen5unSAbIOxRcKkWz92F0LKpm9ZW/S9vFHO+mBcClMGoKJHiuQxLBsLbT
+NtEZfSJZAeS2sUtn3/0CQDb2M2zNBTF8LlM0nxmh0k9VGm5TVIyBEMcipmvOgqIs
+HKukWBcq9f/UOmS0oEhai/6g+Uf7VHJdWaeO5LzuvwU=
+-----END RSA PRIVATE KEY-----''',
+                # Plaintext
+                '''THIS IS PLAINTEXT\x0A''',
+                # Ciphertext
+                '''3f dc fd 3c cd 5c 9b 12  af 65 32 e3 f7 d0 da 36
+                8f 8f d9 e3 13 1c 7f c8  b3 f9 c1 08 e4 eb 79 9c
+                91 89 1f 96 3b 94 77 61  99 a4 b1 ee 5d e6 17 c9
+                5d 0a b5 63 52 0a eb 00  45 38 2a fb b0 71 3d 11
+                f7 a1 9e a7 69 b3 af 61  c0 bb 04 5b 5d 4b 27 44
+                1f 5b 97 89 ba 6a 08 95  ee 4f a2 eb 56 64 e5 0f
+                da 7c f9 9a 61 61 06 62  ed a0 bc 5f aa 6c 31 78
+                70 28 1a bb 98 3c e3 6a  60 3c d1 0b 0f 5a f4 75''',
+                # Random data
+                '''eb d7 7d 86 a4 35 23 a3 54 7e 02 0b 42 1d
+                61 6c af 67 b8 4e 17 56 80 66 36 04 64 34 26 8a
+                47 dd 44 b3 1a b2 17 60 f4 91 2e e2 b5 95 64 cc
+                f9 da c8 70 94 54 86 4c ef 5b 08 7d 18 c4 ab 8d
+                04 06 33 8f ca 15 5f 52 60 8a a1 0c f5 08 b5 4c
+                bb 99 b8 94 25 04 9c e6 01 75 e6 f9 63 7a 65 61
+                13 8a a7 47 77 81 ae 0d b8 2c 4d 50 a5'''
+                ),
+        )
+
+        def testEncrypt1(self):
+                for test in self._testData:
+                        # Build the key
+                        key = RSA.importKey(test[0])
+                        # RNG that takes its random numbers from a pool given
+                        # at initialization
+                        class randGen:
+                            def __init__(self, data):
+                                self.data = data
+                                self.idx = 0
+                            def __call__(self, N):
+                                r = self.data[self.idx:self.idx+N]
+                                self.idx += N
+                                return r
+                        # The real test
+                        cipher = PKCS.new(key, randfunc=randGen(t2b(test[3])))
+                        ct = cipher.encrypt(b(test[1]))
+                        self.assertEqual(ct, t2b(test[2]))
+
+        def testEncrypt2(self):
+                # Verify that encryption fail if plaintext is too long
+                pt = '\x00'*(128-11+1)
+                cipher = PKCS.new(self.key1024)
+                self.assertRaises(ValueError, cipher.encrypt, pt)
+
+        def testVerify1(self):
+            for test in self._testData:
+                key = RSA.importKey(test[0])
+                expected_pt = b(test[1])
+                ct = t2b(test[2])
+                cipher = PKCS.new(key)
+
+                # The real test
+                pt = cipher.decrypt(ct, None)
+                self.assertEqual(pt, expected_pt)
+
+                pt = cipher.decrypt(ct, b'\xFF' * len(expected_pt))
+                self.assertEqual(pt, expected_pt)
+
+        def testVerify2(self):
+            # Verify that decryption fails if ciphertext is not as long as
+            # RSA modulus
+            cipher = PKCS.new(self.key1024)
+            self.assertRaises(ValueError, cipher.decrypt, '\x00'*127, "---")
+            self.assertRaises(ValueError, cipher.decrypt, '\x00'*129, "---")
+
+            # Verify that decryption fails if there are less then 8 non-zero padding
+            # bytes
+            pt = b('\x00\x02' + '\xFF'*7 + '\x00' + '\x45'*118)
+            pt_int = bytes_to_long(pt)
+            ct_int = self.key1024._encrypt(pt_int)
+            ct = long_to_bytes(ct_int, 128)
+            self.assertEqual(b"---", cipher.decrypt(ct, b"---"))
+
+        def testEncryptVerify1(self):
+            # Encrypt/Verify messages of length [0..RSAlen-11]
+            # and therefore padding [8..117]
+            for pt_len in range(0, 128 - 11 + 1):
+                pt = self.rng(pt_len)
+                cipher = PKCS.new(self.key1024)
+                ct = cipher.encrypt(pt)
+                pt2 = cipher.decrypt(ct, b'\xAA' * pt_len)
+                self.assertEqual(pt, pt2)
+
+        def test_encrypt_verify_exp_pt_len(self):
+
+            cipher = PKCS.new(self.key1024)
+            pt = b'5' * 16
+            ct = cipher.encrypt(pt)
+            sentinel = b'\xAA' * 16
+
+            pt_A = cipher.decrypt(ct, sentinel, 16)
+            self.assertEqual(pt, pt_A)
+
+            pt_B = cipher.decrypt(ct, sentinel, 15)
+            self.assertEqual(sentinel, pt_B)
+
+            pt_C = cipher.decrypt(ct, sentinel, 17)
+            self.assertEqual(sentinel, pt_C)
+
+        def testByteArray(self):
+            pt = b"XER"
+            cipher = PKCS.new(self.key1024)
+            ct = cipher.encrypt(bytearray(pt))
+            pt2 = cipher.decrypt(bytearray(ct), '\xFF' * len(pt))
+            self.assertEqual(pt, pt2)
+
+        def testMemoryview(self):
+            pt = b"XER"
+            cipher = PKCS.new(self.key1024)
+            ct = cipher.encrypt(memoryview(bytearray(pt)))
+            pt2 = cipher.decrypt(memoryview(bytearray(ct)), b'\xFF' * len(pt))
+            self.assertEqual(pt, pt2)
+
+        def test_return_type(self):
+            pt = b"XYZ"
+            cipher = PKCS.new(self.key1024)
+            ct = cipher.encrypt(pt)
+            self.assertTrue(isinstance(ct, bytes))
+            pt2 = cipher.decrypt(ct, b'\xAA' * 3)
+            self.assertTrue(isinstance(pt2, bytes))
+
+
+class TestVectorsWycheproof(unittest.TestCase):
+
+    def __init__(self, wycheproof_warnings, skip_slow_tests):
+        unittest.TestCase.__init__(self)
+        self._wycheproof_warnings = wycheproof_warnings
+        self._skip_slow_tests = skip_slow_tests
+        self._id = "None"
+
+    def load_tests(self, filename):
+
+        def filter_rsa(group):
+            return RSA.import_key(group['privateKeyPem'])
+
+        result = load_test_vectors_wycheproof(("Cipher", "wycheproof"),
+                                              filename,
+                                              "Wycheproof PKCS#1v1.5 (%s)" % filename,
+                                              group_tag={'rsa_key': filter_rsa}
+                                              )
+        return result
+
+    def setUp(self):
+        self.tv = []
+        self.tv.extend(self.load_tests("rsa_pkcs1_2048_test.json"))
+        if not self._skip_slow_tests:
+            self.tv.extend(self.load_tests("rsa_pkcs1_3072_test.json"))
+            self.tv.extend(self.load_tests("rsa_pkcs1_4096_test.json"))
+
+    def shortDescription(self):
+        return self._id
+
+    def warn(self, tv):
+        if tv.warning and self._wycheproof_warnings:
+            import warnings
+            warnings.warn("Wycheproof warning: %s (%s)" % (self._id, tv.comment))
+
+    def test_decrypt(self, tv):
+        self._id = "Wycheproof Decrypt PKCS#1v1.5 Test #%s" % tv.id
+        sentinel = b'\xAA' * max(3, len(tv.msg))
+        cipher = PKCS.new(tv.rsa_key)
+        try:
+            pt = cipher.decrypt(tv.ct, sentinel=sentinel)
+        except ValueError:
+            assert not tv.valid
+        else:
+            if pt == sentinel:
+                assert not tv.valid
+            else:
+                assert tv.valid
+                self.assertEqual(pt, tv.msg)
+                self.warn(tv)
+
+    def runTest(self):
+
+        for tv in self.tv:
+            self.test_decrypt(tv)
+
+
+def get_tests(config={}):
+    skip_slow_tests = not config.get('slow_tests')
+    wycheproof_warnings = config.get('wycheproof_warnings')
+
+    tests = []
+    tests += list_test_cases(PKCS1_15_Tests)
+    tests += [TestVectorsWycheproof(wycheproof_warnings, skip_slow_tests)]
+    return tests
+
+
+if __name__ == '__main__':
+    def suite():
+        return unittest.TestSuite(get_tests())
+    unittest.main(defaultTest='suite')
+
+# vim:set ts=4 sw=4 sts=4 expandtab: