From 8d1c76ec7caf247d5675e14260d20fc508977ffb Mon Sep 17 00:00:00 2001 From: Determinant Date: Fri, 23 Aug 2024 03:14:03 +0000 Subject: release v0.1.8 --- frozen_deps/Cryptodome/Signature/PKCS1_PSS.pyi | 27 ++++++++++++++++++++++--- frozen_deps/Cryptodome/Signature/PKCS1_v1_5.pyi | 14 +++++++++++-- frozen_deps/Cryptodome/Signature/eddsa.py | 12 ++++++----- frozen_deps/Cryptodome/Signature/eddsa.pyi | 2 +- frozen_deps/Cryptodome/Signature/pkcs1_15.py | 11 +++++----- frozen_deps/Cryptodome/Signature/pss.py | 11 +++++----- frozen_deps/Cryptodome/Signature/pss.pyi | 2 +- 7 files changed, 57 insertions(+), 22 deletions(-) (limited to 'frozen_deps/Cryptodome/Signature') diff --git a/frozen_deps/Cryptodome/Signature/PKCS1_PSS.pyi b/frozen_deps/Cryptodome/Signature/PKCS1_PSS.pyi index 7ed68e6..e7424f5 100644 --- a/frozen_deps/Cryptodome/Signature/PKCS1_PSS.pyi +++ b/frozen_deps/Cryptodome/Signature/PKCS1_PSS.pyi @@ -1,7 +1,28 @@ -from typing import Optional, Callable +from typing import Union, Callable, Optional +from typing_extensions import Protocol from Cryptodome.PublicKey.RSA import RsaKey -from Cryptodome.Signature.pss import PSS_SigScheme -def new(rsa_key: RsaKey, mgfunc: Optional[Callable]=None, saltLen: Optional[int]=None, randfunc: Optional[Callable]=None) -> PSS_SigScheme: ... +class Hash(Protocol): + def digest(self) -> bytes: ... + def update(self, bytes) -> None: ... + + +class HashModule(Protocol): + @staticmethod + def new(data: Optional[bytes]) -> Hash: ... + + +MaskFunction = Callable[[bytes, int, Union[Hash, HashModule]], bytes] +RndFunction = Callable[[int], bytes] + +class PSS_SigScheme: + def __init__(self, key: RsaKey, mgfunc: MaskFunction, saltLen: int, randfunc: RndFunction) -> None: ... + def can_sign(self) -> bool: ... + def sign(self, msg_hash: Hash) -> bytes: ... + def verify(self, msg_hash: Hash, signature: bytes) -> bool: ... + + + +def new(rsa_key: RsaKey, mgfunc: Optional[MaskFunction]=None, saltLen: Optional[int]=None, randfunc: Optional[RndFunction]=None) -> PSS_SigScheme: ... diff --git a/frozen_deps/Cryptodome/Signature/PKCS1_v1_5.pyi b/frozen_deps/Cryptodome/Signature/PKCS1_v1_5.pyi index 5851e5b..d02555c 100644 --- a/frozen_deps/Cryptodome/Signature/PKCS1_v1_5.pyi +++ b/frozen_deps/Cryptodome/Signature/PKCS1_v1_5.pyi @@ -1,6 +1,16 @@ +from typing import Optional +from typing_extensions import Protocol + from Cryptodome.PublicKey.RSA import RsaKey -from Cryptodome.Signature.pkcs1_15 import PKCS115_SigScheme +class Hash(Protocol): + def digest(self) -> bytes: ... + +class PKCS115_SigScheme: + def __init__(self, rsa_key: RsaKey) -> None: ... + def can_sign(self) -> bool: ... + def sign(self, msg_hash: Hash) -> bytes: ... + def verify(self, msg_hash: Hash, signature: bytes) -> bool: ... -def new(rsa_key: RsaKey) -> PKCS115_SigScheme: ... \ No newline at end of file +def new(rsa_key: RsaKey) -> PKCS115_SigScheme: ... diff --git a/frozen_deps/Cryptodome/Signature/eddsa.py b/frozen_deps/Cryptodome/Signature/eddsa.py index e80a866..638b96b 100644 --- a/frozen_deps/Cryptodome/Signature/eddsa.py +++ b/frozen_deps/Cryptodome/Signature/eddsa.py @@ -39,8 +39,9 @@ from Cryptodome.PublicKey.ECC import (EccKey, def import_public_key(encoded): - """Import an EdDSA ECC public key, when encoded as raw ``bytes`` as described - in RFC8032. + """Create a new Ed25519 or Ed448 public key object, + starting from the key encoded as raw ``bytes``, + in the format described in RFC8032. Args: encoded (bytes): @@ -66,8 +67,9 @@ def import_public_key(encoded): def import_private_key(encoded): - """Import an EdDSA ECC private key, when encoded as raw ``bytes`` as described - in RFC8032. + """Create a new Ed25519 or Ed448 private key object, + starting from the key encoded as raw ``bytes``, + in the format described in RFC8032. Args: encoded (bytes): @@ -313,7 +315,7 @@ def new(key, mode, context=None): can perform or verify an EdDSA signature. Args: - key (:class:`Cryptodome.PublicKey.ECC` object: + key (:class:`Cryptodome.PublicKey.ECC` object): The key to use for computing the signature (*private* keys only) or for verifying one. The key must be on the curve ``Ed25519`` or ``Ed448``. diff --git a/frozen_deps/Cryptodome/Signature/eddsa.pyi b/frozen_deps/Cryptodome/Signature/eddsa.pyi index bf985c4..809a7ad 100644 --- a/frozen_deps/Cryptodome/Signature/eddsa.pyi +++ b/frozen_deps/Cryptodome/Signature/eddsa.pyi @@ -18,4 +18,4 @@ class EdDSASigScheme(object): def sign(self, msg_or_hash: Union[bytes, Hash, XOF]) -> bytes: ... def verify(self, msg_or_hash: Union[bytes, Hash, XOF], signature: bytes) -> None: ... -def new(key: EccKey, mode: bytes, context: Optional[bytes]=None) -> EdDSASigScheme: ... +def new(key: EccKey, mode: str, context: Optional[bytes]=None) -> EdDSASigScheme: ... diff --git a/frozen_deps/Cryptodome/Signature/pkcs1_15.py b/frozen_deps/Cryptodome/Signature/pkcs1_15.py index ae9257e..bdde78a 100644 --- a/frozen_deps/Cryptodome/Signature/pkcs1_15.py +++ b/frozen_deps/Cryptodome/Signature/pkcs1_15.py @@ -77,10 +77,11 @@ class PKCS115_SigScheme: em = _EMSA_PKCS1_V1_5_ENCODE(msg_hash, k) # Step 2a (OS2IP) em_int = bytes_to_long(em) - # Step 2b (RSASP1) - m_int = self._key._decrypt(em_int) - # Step 2c (I2OSP) - signature = long_to_bytes(m_int, k) + # Step 2b (RSASP1) and Step 2c (I2OSP) + signature = self._key._decrypt_to_bytes(em_int) + # Verify no faults occurred + if em_int != pow(bytes_to_long(signature), self._key.e, self._key.n): + raise ValueError("Fault detected in RSA private key operation") return signature def verify(self, msg_hash, signature): @@ -202,7 +203,7 @@ def _EMSA_PKCS1_V1_5_ENCODE(msg_hash, emLen, with_hash_parameters=True): # We need at least 11 bytes for the remaining data: 3 fixed bytes and # at least 8 bytes of padding). if emLen None: ... + def __init__(self, key: RsaKey, mgfunc: MaskFunction, saltLen: int, randfunc: RndFunction) -> None: ... def can_sign(self) -> bool: ... def sign(self, msg_hash: Hash) -> bytes: ... def verify(self, msg_hash: Hash, signature: bytes) -> None: ... -- cgit v1.2.3-70-g09d2