prv_key_raw,
curve_name,
hasher,
- mode,
):
content_info, tail = ContentInfo().decode(content_info_raw)
self.assertSequenceEqual(tail, b"")
public_key(curve, prv_unmarshal(prv_key_raw)),
hasher(bytes(signed_data["encapContentInfo"]["eContent"])).digest()[::-1],
bytes(signed_data["signerInfos"][0]["signature"]),
- mode=mode,
))
def test_256(self):
prv_key_raw,
"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
GOST34112012256,
- 2001,
)
def test_512(self):
prv_key_raw,
"id-tc26-gost-3410-12-512-paramSetB",
GOST34112012512,
- 2012,
)
prv_unmarshal(prv),
pub_unmarshal(pub),
ukm_unmarshal(ukm),
- mode=2001,
)
self.process_cms(
return kek_34102012256(
curve,
prv_unmarshal(prv),
- pub_unmarshal(pub, mode=2012),
+ pub_unmarshal(pub),
ukm_unmarshal(ukm),
)
prv_unmarshal(prv),
pub_unmarshal(pub),
ukm_unmarshal(ukm),
- mode=2001,
)
self.process_cms(
return kek_34102012256(
curve,
prv_unmarshal(prv),
- pub_unmarshal(pub, mode=2012),
+ pub_unmarshal(pub),
ukm_unmarshal(ukm),
)
def test_certs(self):
"""Certificates signatures
"""
- for prv, pub, curve, mode, cert in (
- (self.ca_prv, self.ca_pub, self.curve256, 2001, self.ca_cert),
- (self.sender256_prv, self.sender256_pub, self.curve256, 2001, self.sender256_cert),
- (self.recipient256_prv, self.recipient256_pub, self.curve256, 2001, self.recipient256_cert),
- (self.sender512_prv, self.sender512_pub, self.curve512, 2012, self.sender512_cert),
- (self.recipient512_prv, self.recipient512_pub, self.curve512, 2012, self.recipient512_cert),
+ for prv, pub, curve, cert in (
+ (self.ca_prv, self.ca_pub, self.curve256, self.ca_cert),
+ (self.sender256_prv, self.sender256_pub, self.curve256, self.sender256_cert),
+ (self.recipient256_prv, self.recipient256_pub, self.curve256, self.recipient256_cert),
+ (self.sender512_prv, self.sender512_pub, self.curve512, self.sender512_cert),
+ (self.recipient512_prv, self.recipient512_pub, self.curve512, self.recipient512_cert),
):
pub_our = public_key(curve, prv)
self.assertEqual(pub_our, pub)
self.assertSequenceEqual(
- pub_marshal(pub_our, mode=mode),
+ pub_marshal(pub_our),
bytes(OctetString().decod(bytes(
cert["tbsCertificate"]["subjectPublicKeyInfo"]["subjectPublicKey"]
))),
self.ca_pub,
GOST34112012256(cert["tbsCertificate"].encode()).digest()[::-1],
bytes(cert["signatureValue"]),
- mode=2001,
))
def test_signed_with_attrs(self):
SignedAttributes(si["signedAttrs"]).encode()
).digest()[::-1],
bytes(si["signature"]),
- mode=2012,
))
def test_signed_without_attrs(self):
self.sender256_pub,
GOST34112012256(content).digest()[::-1],
bytes(si["signature"]),
- mode=2001,
))
def test_kari_ephemeral(self):
)
orig_pub = pub_unmarshal(
bytes(OctetString().decod(bytes(orig_key["publicKey"]))),
- mode=2012,
)
ukm = bytes(kari["ukm"])
self.assertEqual(
id_tc26_agreement_gost3410_2012_512,
)
kexp = bytes(kari["recipientEncryptedKeys"][0]["encryptedKey"])
- keymat = keg(self.curve512, self.recipient512_prv, orig_pub, ukm, mode=2012)
+ keymat = keg(self.curve512, self.recipient512_prv, orig_pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Kuznechik(kek).encrypt,
self.recipient256_prv,
self.sender256_pub,
ukm,
- mode=2001,
)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
)
pub = pub_unmarshal(bytes(OctetString().decod(
bytes(encrypted_key["ephemeralPublicKey"]["subjectPublicKey"])
- )), mode=2001)
+ )))
ukm = bytes(encrypted_key["ukm"])
kexp = bytes(encrypted_key["encryptedKey"])
- keymat = keg(self.curve256, self.recipient256_prv, pub, ukm, mode=2001)
+ keymat = keg(self.curve256, self.recipient256_prv, pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Kuznechik(kek).encrypt,
bytes(OctetString().decod(
bytes(encrypted_key["ephemeralPublicKey"]["subjectPublicKey"])
)),
- mode=2012,
)
ukm = bytes(encrypted_key["ukm"])
kexp = bytes(encrypted_key["encryptedKey"])
- keymat = keg(self.curve512, self.recipient512_prv, pub, ukm, mode=2012)
+ keymat = keg(self.curve512, self.recipient512_prv, pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Magma(kek).encrypt,