• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# -*- coding: utf-8 -*-
2#
3#  Copyright 2011 Sybren A. Stüvel <sybren@stuvel.eu>
4#
5#  Licensed under the Apache License, Version 2.0 (the "License");
6#  you may not use this file except in compliance with the License.
7#  You may obtain a copy of the License at
8#
9#      https://www.apache.org/licenses/LICENSE-2.0
10#
11#  Unless required by applicable law or agreed to in writing, software
12#  distributed under the License is distributed on an "AS IS" BASIS,
13#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14#  See the License for the specific language governing permissions and
15#  limitations under the License.
16
17"""Tests string operations."""
18
19import struct
20import unittest
21
22import rsa
23from rsa import pkcs1
24from rsa._compat import byte, is_bytes
25
26
27class BinaryTest(unittest.TestCase):
28    def setUp(self):
29        (self.pub, self.priv) = rsa.newkeys(256)
30
31    def test_enc_dec(self):
32        message = struct.pack('>IIII', 0, 0, 0, 1)
33        print("\tMessage:   %r" % message)
34
35        encrypted = pkcs1.encrypt(message, self.pub)
36        print("\tEncrypted: %r" % encrypted)
37
38        decrypted = pkcs1.decrypt(encrypted, self.priv)
39        print("\tDecrypted: %r" % decrypted)
40
41        self.assertEqual(message, decrypted)
42
43    def test_decoding_failure(self):
44        message = struct.pack('>IIII', 0, 0, 0, 1)
45        encrypted = pkcs1.encrypt(message, self.pub)
46
47        # Alter the encrypted stream
48        a = encrypted[5]
49        if is_bytes(a):
50            a = ord(a)
51        altered_a = (a + 1) % 256
52        encrypted = encrypted[:5] + byte(altered_a) + encrypted[6:]
53
54        self.assertRaises(pkcs1.DecryptionError, pkcs1.decrypt, encrypted,
55                          self.priv)
56
57    def test_randomness(self):
58        """Encrypting the same message twice should result in different
59        cryptos.
60        """
61
62        message = struct.pack('>IIII', 0, 0, 0, 1)
63        encrypted1 = pkcs1.encrypt(message, self.pub)
64        encrypted2 = pkcs1.encrypt(message, self.pub)
65
66        self.assertNotEqual(encrypted1, encrypted2)
67
68
69class SignatureTest(unittest.TestCase):
70    def setUp(self):
71        (self.pub, self.priv) = rsa.newkeys(512)
72
73    def test_sign_verify(self):
74        """Test happy flow of sign and verify"""
75
76        message = b'je moeder'
77        signature = pkcs1.sign(message, self.priv, 'SHA-256')
78
79        self.assertEqual('SHA-256', pkcs1.verify(message, signature, self.pub))
80
81    def test_find_signature_hash(self):
82        """Test happy flow of sign and find_signature_hash"""
83
84        message = b'je moeder'
85        signature = pkcs1.sign(message, self.priv, 'SHA-256')
86
87        self.assertEqual('SHA-256', pkcs1.find_signature_hash(signature, self.pub))
88
89    def test_alter_message(self):
90        """Altering the message should let the verification fail."""
91
92        signature = pkcs1.sign(b'je moeder', self.priv, 'SHA-256')
93        self.assertRaises(pkcs1.VerificationError, pkcs1.verify,
94                          b'mijn moeder', signature, self.pub)
95
96    def test_sign_different_key(self):
97        """Signing with another key should let the verification fail."""
98
99        (otherpub, _) = rsa.newkeys(512)
100
101        message = b'je moeder'
102        signature = pkcs1.sign(message, self.priv, 'SHA-256')
103        self.assertRaises(pkcs1.VerificationError, pkcs1.verify,
104                          message, signature, otherpub)
105
106    def test_multiple_signings(self):
107        """Signing the same message twice should return the same signatures."""
108
109        message = struct.pack('>IIII', 0, 0, 0, 1)
110        signature1 = pkcs1.sign(message, self.priv, 'SHA-1')
111        signature2 = pkcs1.sign(message, self.priv, 'SHA-1')
112
113        self.assertEqual(signature1, signature2)
114
115    def test_split_hash_sign(self):
116        """Hashing and then signing should match with directly signing the message. """
117
118        message = b'je moeder'
119        msg_hash = pkcs1.compute_hash(message, 'SHA-256')
120        signature1 = pkcs1.sign_hash(msg_hash, self.priv, 'SHA-256')
121
122        # Calculate the signature using the unified method
123        signature2 = pkcs1.sign(message, self.priv, 'SHA-256')
124
125        self.assertEqual(signature1, signature2)
126
127    def test_hash_sign_verify(self):
128        """Test happy flow of hash, sign, and verify"""
129
130        message = b'je moeder'
131        msg_hash = pkcs1.compute_hash(message, 'SHA-224')
132        signature = pkcs1.sign_hash(msg_hash, self.priv, 'SHA-224')
133
134        self.assertTrue(pkcs1.verify(message, signature, self.pub))
135