prv_key_raw,
curve_name,
hasher,
- mode,
):
content_info, tail = ContentInfo().decode(content_info_raw)
self.assertSequenceEqual(tail, b"")
public_key(curve, prv_unmarshal(prv_key_raw)),
hasher(bytes(signed_data["encapContentInfo"]["eContent"])).digest()[::-1],
bytes(signed_data["signerInfos"][0]["signature"]),
- mode=mode,
))
def test_256(self):
prv_key_raw,
"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
GOST34112012256,
- 2001,
)
def test_512(self):
prv_key_raw,
"id-tc26-gost-3410-12-512-paramSetB",
GOST34112012512,
- 2012,
)
prv_unmarshal(prv),
pub_unmarshal(pub),
ukm_unmarshal(ukm),
- mode=2001,
)
self.process_cms(
return kek_34102012256(
curve,
prv_unmarshal(prv),
- pub_unmarshal(pub, mode=2012),
+ pub_unmarshal(pub),
ukm_unmarshal(ukm),
)
prv_unmarshal(prv),
pub_unmarshal(pub),
ukm_unmarshal(ukm),
- mode=2001,
)
self.process_cms(
return kek_34102012256(
curve,
prv_unmarshal(prv),
- pub_unmarshal(pub, mode=2012),
+ pub_unmarshal(pub),
ukm_unmarshal(ukm),
)
class TestR132356510252019(TestCase):
"""Test vectors from Р 1323565.1.025-2019
"""
- curve256 = CURVES["id-tc26-gost-3410-2012-256-paramSetA"]
- curve512 = CURVES["id-tc26-gost-3410-12-512-paramSetA"]
- psk = hexdec("8F5EEF8814D228FB2BBC5612323730CFA33DB7263CC2C0A01A6C6953F33D61D5")[::-1]
+ def setUp(self):
+ self.curve256 = CURVES["id-tc26-gost-3410-2012-256-paramSetA"]
+ self.curve512 = CURVES["id-tc26-gost-3410-12-512-paramSetA"]
+ self.psk = hexdec("8F5EEF8814D228FB2BBC5612323730CFA33DB7263CC2C0A01A6C6953F33D61D5")[::-1]
- ca_prv = prv_unmarshal(hexdec("092F8D059E97E22B90B1AE99F0087FC4D26620B91550CBB437C191005A290810")[::-1])
- ca_pub = public_key(curve256, ca_prv)
- ca_cert = Certificate().decod(b64decode("""
+ self.ca_prv = prv_unmarshal(hexdec("092F8D059E97E22B90B1AE99F0087FC4D26620B91550CBB437C191005A290810")[::-1])
+ self.ca_pub = public_key(self.curve256, self.ca_prv)
+ self.ca_cert = Certificate().decod(b64decode("""
MIIB8DCCAZ2gAwIBAgIEAYy6gTAKBggqhQMHAQEDAjA4MQ0wCwYDVQQKEwRUSzI2
MScwJQYDVQQDEx5DQSBUSzI2OiBHT1NUIDM0LjEwLTEyIDI1Ni1iaXQwHhcNMDEw
MTAxMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjA4MQ0wCwYDVQQKEwRUSzI2MScwJQYD
Gc2uRn2IwgmSf/LZDrYsKKqZSxk=
"""))
- sender256_prv = prv_unmarshal(hexdec("0B20810E449978C7C3B76C6FF77A16C532421139344A058EF56310B6B6F377E8")[::-1])
- sender256_pub = public_key(curve256, sender256_prv)
- sender256_cert = Certificate().decod(b64decode("""
+ self.sender256_prv = prv_unmarshal(hexdec("0B20810E449978C7C3B76C6FF77A16C532421139344A058EF56310B6B6F377E8")[::-1])
+ self.sender256_pub = public_key(self.curve256, self.sender256_prv)
+ self.sender256_cert = Certificate().decod(b64decode("""
MIIB8zCCAaCgAwIBAgIEAYy6gjAKBggqhQMHAQEDAjA4MQ0wCwYDVQQKEwRUSzI2
MScwJQYDVQQDEx5DQSBUSzI2OiBHT1NUIDM0LjEwLTEyIDI1Ni1iaXQwHhcNMDEw
MTAxMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjA7MQ0wCwYDVQQKEwRUSzI2MSowKAYD
t1O4GoZsxx8r6T/i7VG65UNmQlwdOKQ=
"""))
- recipient256_prv = prv_unmarshal(hexdec("0DC8DC1FF2BC114BABC3F1CA8C51E4F58610427E197B1C2FBDBA4AE58CBFB7CE")[::-1])
- recipient256_pub = public_key(curve256, recipient256_prv)
- recipient256_cert = Certificate().decod(b64decode("""
+ self.recipient256_prv = prv_unmarshal(hexdec("0DC8DC1FF2BC114BABC3F1CA8C51E4F58610427E197B1C2FBDBA4AE58CBFB7CE")[::-1])
+ self.recipient256_pub = public_key(self.curve256, self.recipient256_prv)
+ self.recipient256_cert = Certificate().decod(b64decode("""
MIIB8jCCAZ+gAwIBAgIEAYy6gzAKBggqhQMHAQEDAjA4MQ0wCwYDVQQKEwRUSzI2
MScwJQYDVQQDEx5DQSBUSzI2OiBHT1NUIDM0LjEwLTEyIDI1Ni1iaXQwHhcNMDEw
MTAxMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjA6MQ0wCwYDVQQKEwRUSzI2MSkwJwYD
I/BDkbZNDNE27TU1p3t5rE9NMEeViA==
"""))
- sender512_prv = prv_unmarshal(hexdec("F95A5D44C5245F63F2E7DF8E782C1924EADCB8D06C52D91023179786154CBDB1561B4DF759D69F67EE1FBD5B68800E134BAA12818DA4F3AC75B0E5E6F9256911")[::-1])
- sender512_pub = public_key(curve512, sender512_prv)
- sender512_cert = Certificate().decod(b64decode("""
+ self.sender512_prv = prv_unmarshal(hexdec("F95A5D44C5245F63F2E7DF8E782C1924EADCB8D06C52D91023179786154CBDB1561B4DF759D69F67EE1FBD5B68800E134BAA12818DA4F3AC75B0E5E6F9256911")[::-1])
+ self.sender512_pub = public_key(self.curve512, self.sender512_prv)
+ self.sender512_cert = Certificate().decod(b64decode("""
MIICNjCCAeOgAwIBAgIEAYy6hDAKBggqhQMHAQEDAjA4MQ0wCwYDVQQKEwRUSzI2
MScwJQYDVQQDEx5DQSBUSzI2OiBHT1NUIDM0LjEwLTEyIDI1Ni1iaXQwHhcNMDEw
MTAxMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjA7MQ0wCwYDVQQKEwRUSzI2MSowKAYD
/PKXg2JaStthmw99bdtwwkU/qDbcje2tF6mt+XWyQBXwvfeES1GFY9fJ
"""))
- recipient512_prv = prv_unmarshal(hexdec("A50315981F0A7C7FC05B4EB9591A62B1F84BD6FD518ACFCEDF0A7C9CF388D1F18757C056ADA5B38CBF24CDDB0F1519EF72DB1712CEF1920952E94AF1F9C575DC")[::-1])
- recipient512_pub = public_key(curve512, recipient512_prv)
- recipient512_cert = Certificate().decod(b64decode("""
+ self.recipient512_prv = prv_unmarshal(hexdec("A50315981F0A7C7FC05B4EB9591A62B1F84BD6FD518ACFCEDF0A7C9CF388D1F18757C056ADA5B38CBF24CDDB0F1519EF72DB1712CEF1920952E94AF1F9C575DC")[::-1])
+ self.recipient512_pub = public_key(self.curve512, self.recipient512_prv)
+ self.recipient512_cert = Certificate().decod(b64decode("""
MIICNTCCAeKgAwIBAgIEAYy6hTAKBggqhQMHAQEDAjA4MQ0wCwYDVQQKEwRUSzI2
MScwJQYDVQQDEx5DQSBUSzI2OiBHT1NUIDM0LjEwLTEyIDI1Ni1iaXQwHhcNMDEw
MTAxMDAwMDAwWhcNNDkxMjMxMDAwMDAwWjA6MQ0wCwYDVQQKEwRUSzI2MSkwJwYD
def test_certs(self):
"""Certificates signatures
"""
- for prv, pub, curve, mode, cert in (
- (self.ca_prv, self.ca_pub, self.curve256, 2001, self.ca_cert),
- (self.sender256_prv, self.sender256_pub, self.curve256, 2001, self.sender256_cert),
- (self.recipient256_prv, self.recipient256_pub, self.curve256, 2001, self.recipient256_cert),
- (self.sender512_prv, self.sender512_pub, self.curve512, 2012, self.sender512_cert),
- (self.recipient512_prv, self.recipient512_pub, self.curve512, 2012, self.recipient512_cert),
+ for prv, pub, curve, cert in (
+ (self.ca_prv, self.ca_pub, self.curve256, self.ca_cert),
+ (self.sender256_prv, self.sender256_pub, self.curve256, self.sender256_cert),
+ (self.recipient256_prv, self.recipient256_pub, self.curve256, self.recipient256_cert),
+ (self.sender512_prv, self.sender512_pub, self.curve512, self.sender512_cert),
+ (self.recipient512_prv, self.recipient512_pub, self.curve512, self.recipient512_cert),
):
pub_our = public_key(curve, prv)
self.assertEqual(pub_our, pub)
self.assertSequenceEqual(
- pub_marshal(pub_our, mode=mode),
+ pub_marshal(pub_our),
bytes(OctetString().decod(bytes(
cert["tbsCertificate"]["subjectPublicKeyInfo"]["subjectPublicKey"]
))),
self.ca_pub,
GOST34112012256(cert["tbsCertificate"].encode()).digest()[::-1],
bytes(cert["signatureValue"]),
- mode=2001,
))
def test_signed_with_attrs(self):
SignedAttributes(si["signedAttrs"]).encode()
).digest()[::-1],
bytes(si["signature"]),
- mode=2012,
))
def test_signed_without_attrs(self):
self.sender256_pub,
GOST34112012256(content).digest()[::-1],
bytes(si["signature"]),
- mode=2001,
))
def test_kari_ephemeral(self):
)
orig_pub = pub_unmarshal(
bytes(OctetString().decod(bytes(orig_key["publicKey"]))),
- mode=2012,
)
ukm = bytes(kari["ukm"])
self.assertEqual(
id_tc26_agreement_gost3410_2012_512,
)
kexp = bytes(kari["recipientEncryptedKeys"][0]["encryptedKey"])
- keymat = keg(self.curve512, self.recipient512_prv, orig_pub, ukm, mode=2012)
+ keymat = keg(self.curve512, self.recipient512_prv, orig_pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Kuznechik(kek).encrypt,
self.recipient256_prv,
self.sender256_pub,
ukm,
- mode=2001,
)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
)
pub = pub_unmarshal(bytes(OctetString().decod(
bytes(encrypted_key["ephemeralPublicKey"]["subjectPublicKey"])
- )), mode=2001)
+ )))
ukm = bytes(encrypted_key["ukm"])
kexp = bytes(encrypted_key["encryptedKey"])
- keymat = keg(self.curve256, self.recipient256_prv, pub, ukm, mode=2001)
+ keymat = keg(self.curve256, self.recipient256_prv, pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Kuznechik(kek).encrypt,
text_type(u"Контрольный пример для структуры EnvelopedData."),
)
- def test_ktri_ephemeral512(self):
+ def test_ktri_512(self):
ci = ContentInfo().decod(b64decode("""
MIIB5wYJKoZIhvcNAQcDoIIB2DCCAdQCAQAxggFXMIIBUwIBADBAMDgxDTALBgNVBAoTBFRL
MjYxJzAlBgNVBAMTHkNBIFRLMjY6IEdPU1QgMzQuMTAtMTIgMjU2LWJpdAIEAYy6hTAXBgkq
bytes(OctetString().decod(
bytes(encrypted_key["ephemeralPublicKey"]["subjectPublicKey"])
)),
- mode=2012,
)
ukm = bytes(encrypted_key["ukm"])
kexp = bytes(encrypted_key["encryptedKey"])
- keymat = keg(self.curve512, self.recipient512_prv, pub, ukm, mode=2012)
+ keymat = keg(self.curve512, self.recipient512_prv, pub, ukm)
kim, kek = keymat[:KEYSIZE], keymat[KEYSIZE:]
cek = kimp15(
GOST3412Magma(kek).encrypt,