Skip to content

Commit

Permalink
Cleaned up rsa module a bit
Browse files Browse the repository at this point in the history
  • Loading branch information
@sbellem
sbellem committed Jun 21, 2017
1 parent 45a15ad commit 01998a6
Showing 1 changed file with 12 additions and 36 deletions.
48 changes: 12 additions & 36 deletions cryptoconditions/types/rsa.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,36 +7,30 @@
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers

#from pyasn1.codec.der.decoder import decode as der_decode
from pyasn1.codec.der.encoder import encode as der_encode
from pyasn1.codec.native.decoder import decode as nat_decode
#from pyasn1.codec.native.encoder import encode as nat_encode
#
#from cryptoconditions.condition import Condition
#from cryptoconditions.fulfillment import Fulfillment

from cryptoconditions.crypto import base64_add_padding
from cryptoconditions.exceptions import MissingDataError, ValidationError
from cryptoconditions.types.base_sha256 import BaseSha256
from cryptoconditions.schemas.fingerprint import RsaFingerprintContents

# Instantiate RSA signer with standard settings
#rsa = Rsa()
PUBLIC_EXPONENT = 65537
#SALT_LENGTH = padding.PSS.MAX_LENGTH
SALT_LENGTH = 32


class RsaSha256(BaseSha256):
"""RSA-SHA-256: RSA signature condition using SHA-256.
This RSA condition uses RSA-PSS padding with SHA-256. The salt length is set
equal the digest length of 32 bytes.
This RSA condition uses RSA-PSS padding with SHA-256. The salt
length is set equal the digest length of 32 bytes.
The public exponent is fixed at 65537 and the public modulus must be between
128 (1017 bits) and 512 bytes (4096 bits) long.
The public exponent is fixed at 65537 and the public modulus must
be between 128 (1017 bits) and 512 bytes (4096 bits) long.
RSA-SHA-256 is assigned the type ID 3. It relies on the SHA-256 and RSA-PSS
feature suites which corresponds to a feature bitmask of 0x11.
RSA-SHA-256 is assigned the type ID 3. It relies on the SHA-256 and
RSA-PSS feature suites which corresponds to a feature bitmask of
0x11.
"""
TYPE_ID = 3
Expand All @@ -48,11 +42,10 @@ class RsaSha256(BaseSha256):

COST_RIGHT_SHIFT = 6 # 2**6 = 64

def __init__(self, asn1=None):
def __init__(self):
super().__init__()
self.modulus = None
self.signature = None
self.asn1 = asn1

def parse_json(self, json):
self.modulus = urlsafe_b64decode(base64_add_padding(json['modulus']))
Expand Down Expand Up @@ -135,11 +128,11 @@ def sign(self, message, private_key):
Args:
message (bytes): Message to sign.
private_key (str): RSA private key.
private_key (bytes): RSA private key.
"""
private_key_obj = serialization.load_pem_private_key(
private_key.encode(),
private_key,
password=None,
backend=default_backend(),
)
Expand All @@ -158,8 +151,6 @@ def sign(self, message, private_key):
hashes.SHA256(),
)
signer.update(message)

#self.signature = rsa.sign(private_key, message)
self.signature = signer.finalize()

def calculate_cost(self):
Expand Down Expand Up @@ -208,18 +199,6 @@ def validate(self, message):
int.from_bytes(self.modulus, byteorder='big'),
)
public_key = public_numbers.public_key(default_backend())
try:
public_key.verify(
self.signature,
message,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=SALT_LENGTH,
),
hashes.SHA256()
)
except InvalidSignature as exc:
raise ValidationError('Invalid RSA signature') from exc
verifier = public_key.verifier(
self.signature,
padding.PSS(
Expand All @@ -234,7 +213,4 @@ def validate(self, message):
except InvalidSignature as exc:
raise ValidationError('Invalid RSA signature') from exc

#pss_result = rsa.verify(self.modulus, message, self.signature)
#if not pss_result:
# raise ValidationError('Invalid RSA signature')
return True

0 comments on commit 01998a6

Please sign in to comment.