diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2020-07-20 14:06:29 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-20 13:06:29 -0500 |
| commit | 60aa04481fb187334a783c2d9facc3fe814af5d1 (patch) | |
| tree | d8098c0c30f89c768cbcda42d27974abb8bab89d /docs/development | |
| parent | 4a245a657a071dff959d30eff1d214c7ff88eada (diff) | |
| download | cryptography-60aa04481fb187334a783c2d9facc3fe814af5d1.tar.gz | |
Paint it Black by the Rolling Stones (#5324)
Diffstat (limited to 'docs/development')
10 files changed, 97 insertions, 98 deletions
diff --git a/docs/development/custom-vectors/arc4/generate_arc4.py b/docs/development/custom-vectors/arc4/generate_arc4.py index 3dee44a30..2ca85c98d 100644 --- a/docs/development/custom-vectors/arc4/generate_arc4.py +++ b/docs/development/custom-vectors/arc4/generate_arc4.py @@ -12,10 +12,14 @@ from cryptography.hazmat.primitives.ciphers import algorithms _RFC6229_KEY_MATERIALS = [ - (True, - 8 * '0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20'), - (False, - 8 * '1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a') + ( + True, + 8 * "0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20", + ), + ( + False, + 8 * "1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a", + ), ] @@ -37,42 +41,43 @@ _RFC6229_OFFSETS = [ 3056, 3072, 4080, - 4096 + 4096, ] -_SIZES_TO_GENERATE = [ - 160 -] +_SIZES_TO_GENERATE = [160] def _key_for_size(size, keyinfo): msb, key = keyinfo if msb: - return key[:size // 4] + return key[: size // 4] else: - return key[-size // 4:] + return key[-size // 4 :] def _build_vectors(): count = 0 output = [] key = None - plaintext = binascii.unhexlify(32 * '0') + plaintext = binascii.unhexlify(32 * "0") for size in _SIZES_TO_GENERATE: for keyinfo in _RFC6229_KEY_MATERIALS: key = _key_for_size(size, keyinfo) cipher = ciphers.Cipher( algorithms.ARC4(binascii.unhexlify(key)), None, - default_backend()) + default_backend(), + ) encryptor = cipher.encryptor() current_offset = 0 for offset in _RFC6229_OFFSETS: if offset % 16 != 0: raise ValueError( - "Offset {} is not evenly divisible by 16" - .format(offset)) + "Offset {} is not evenly divisible by 16".format( + offset + ) + ) while current_offset < offset: encryptor.update(plaintext) current_offset += len(plaintext) @@ -80,19 +85,23 @@ def _build_vectors(): count += 1 output.append("KEY = {}".format(key)) output.append("OFFSET = {}".format(offset)) - output.append("PLAINTEXT = {}".format( - binascii.hexlify(plaintext))) - output.append("CIPHERTEXT = {}".format( - binascii.hexlify(encryptor.update(plaintext)))) + output.append( + "PLAINTEXT = {}".format(binascii.hexlify(plaintext)) + ) + output.append( + "CIPHERTEXT = {}".format( + binascii.hexlify(encryptor.update(plaintext)) + ) + ) current_offset += len(plaintext) assert not encryptor.finalize() return "\n".join(output) def _write_file(data, filename): - with open(filename, 'w') as f: + with open(filename, "w") as f: f.write(data) -if __name__ == '__main__': - _write_file(_build_vectors(), 'arc4.txt') +if __name__ == "__main__": + _write_file(_build_vectors(), "arc4.txt") diff --git a/docs/development/custom-vectors/cast5/generate_cast5.py b/docs/development/custom-vectors/cast5/generate_cast5.py index ce046b0f0..5208b90d8 100644 --- a/docs/development/custom-vectors/cast5/generate_cast5.py +++ b/docs/development/custom-vectors/cast5/generate_cast5.py @@ -14,7 +14,7 @@ def encrypt(mode, key, iv, plaintext): cipher = base.Cipher( algorithms.CAST5(binascii.unhexlify(key)), mode(binascii.unhexlify(iv)), - default_backend() + default_backend(), ) encryptor = cipher.encryptor() ct = encryptor.update(binascii.unhexlify(plaintext)) @@ -34,8 +34,10 @@ def build_vectors(mode, filename): line = line.strip() if line.startswith("KEY"): if count != 0: - output.append("CIPHERTEXT = {}".format( - encrypt(mode, key, iv, plaintext)) + output.append( + "CIPHERTEXT = {}".format( + encrypt(mode, key, iv, plaintext) + ) ) output.append("\nCOUNT = {}".format(count)) count += 1 diff --git a/docs/development/custom-vectors/hkdf/generate_hkdf.py b/docs/development/custom-vectors/hkdf/generate_hkdf.py index 8976effdd..aa2fc274f 100644 --- a/docs/development/custom-vectors/hkdf/generate_hkdf.py +++ b/docs/development/custom-vectors/hkdf/generate_hkdf.py @@ -13,8 +13,11 @@ from cryptography.hazmat.primitives.kdf.hkdf import HKDF IKM = binascii.unhexlify(b"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") L = 1200 OKM = HKDF( - algorithm=hashes.SHA256(), length=L, salt=None, info=None, - backend=default_backend() + algorithm=hashes.SHA256(), + length=L, + salt=None, + info=None, + backend=default_backend(), ).derive(IKM) @@ -23,7 +26,8 @@ def _build_vectors(): "COUNT = 0", "Hash = SHA-256", "IKM = " + binascii.hexlify(IKM).decode("ascii"), - "salt = ", "info = ", + "salt = ", + "info = ", "L = {}".format(L), "OKM = " + binascii.hexlify(OKM).decode("ascii"), ] @@ -31,9 +35,9 @@ def _build_vectors(): def _write_file(data, filename): - with open(filename, 'w') as f: + with open(filename, "w") as f: f.write(data) -if __name__ == '__main__': - _write_file(_build_vectors(), 'hkdf.txt') +if __name__ == "__main__": + _write_file(_build_vectors(), "hkdf.txt") diff --git a/docs/development/custom-vectors/idea/generate_idea.py b/docs/development/custom-vectors/idea/generate_idea.py index 2eb6996ef..00309567b 100644 --- a/docs/development/custom-vectors/idea/generate_idea.py +++ b/docs/development/custom-vectors/idea/generate_idea.py @@ -8,7 +8,7 @@ def encrypt(mode, key, iv, plaintext): cipher = base.Cipher( algorithms.IDEA(binascii.unhexlify(key)), mode(binascii.unhexlify(iv)), - backend + backend, ) encryptor = cipher.encryptor() ct = encryptor.update(binascii.unhexlify(plaintext)) @@ -29,8 +29,10 @@ def build_vectors(mode, filename): line = line.strip() if line.startswith("KEY"): if count != 0: - output.append("CIPHERTEXT = {0}".format( - encrypt(mode, key, iv, plaintext)) + output.append( + "CIPHERTEXT = {0}".format( + encrypt(mode, key, iv, plaintext) + ) ) output.append("\nCOUNT = {0}".format(count)) count += 1 diff --git a/docs/development/custom-vectors/idea/verify_idea.py b/docs/development/custom-vectors/idea/verify_idea.py index 89713c801..d356de0ba 100644 --- a/docs/development/custom-vectors/idea/verify_idea.py +++ b/docs/development/custom-vectors/idea/verify_idea.py @@ -8,11 +8,13 @@ BLOCK_SIZE = 64 def encrypt(mode, key, iv, plaintext): - encryptor = botan.Cipher("IDEA/{0}/NoPadding".format(mode), "encrypt", - binascii.unhexlify(key)) + encryptor = botan.Cipher( + "IDEA/{0}/NoPadding".format(mode), "encrypt", binascii.unhexlify(key) + ) - cipher_text = encryptor.cipher(binascii.unhexlify(plaintext), - binascii.unhexlify(iv)) + cipher_text = encryptor.cipher( + binascii.unhexlify(plaintext), binascii.unhexlify(iv) + ) return binascii.hexlify(cipher_text) @@ -22,12 +24,7 @@ def verify_vectors(mode, filename): vectors = load_nist_vectors(vector_file) for vector in vectors: - ct = encrypt( - mode, - vector["key"], - vector["iv"], - vector["plaintext"] - ) + ct = encrypt(mode, vector["key"], vector["iv"], vector["plaintext"]) assert ct == vector["ciphertext"] diff --git a/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py b/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py index bd5148f54..a43e1506d 100644 --- a/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py +++ b/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py @@ -62,9 +62,8 @@ def build_vectors(mgf1alg, hashalg, filename): dmq1=private["dmq1"], iqmp=private["iqmp"], public_numbers=rsa.RSAPublicNumbers( - e=private["public_exponent"], - n=private["modulus"] - ) + e=private["public_exponent"], n=private["modulus"] + ), ).private_key(backend) count = 1 @@ -74,8 +73,8 @@ def build_vectors(mgf1alg, hashalg, filename): padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), - label=None - ) + label=None, + ), ) assert message == binascii.unhexlify(example["message"]) ct = pkey.encrypt( @@ -83,8 +82,8 @@ def build_vectors(mgf1alg, hashalg, filename): padding.OAEP( mgf=padding.MGF1(algorithm=mgf1alg), algorithm=hashalg, - label=None - ) + label=None, + ), ) output.append( b"# OAEP Example {0} alg={1} mgf1={2}".format( @@ -116,13 +115,12 @@ hashalgs = [ hashes.SHA512(), ] for hashtuple in itertools.product(hashalgs, hashalgs): - if ( - isinstance(hashtuple[0], hashes.SHA1) and - isinstance(hashtuple[1], hashes.SHA1) + if isinstance(hashtuple[0], hashes.SHA1) and isinstance( + hashtuple[1], hashes.SHA1 ): continue write_file( build_vectors(hashtuple[0], hashtuple[1], oaep_path), - "oaep-{0}-{1}.txt".format(hashtuple[0].name, hashtuple[1].name) + "oaep-{0}-{1}.txt".format(hashtuple[0].name, hashtuple[1].name), ) diff --git a/docs/development/custom-vectors/secp256k1/generate_secp256k1.py b/docs/development/custom-vectors/secp256k1/generate_secp256k1.py index d6a2071ac..bfb150ba6 100644 --- a/docs/development/custom-vectors/secp256k1/generate_secp256k1.py +++ b/docs/development/custom-vectors/secp256k1/generate_secp256k1.py @@ -10,9 +10,7 @@ from ecdsa.util import sigdecode_der, sigencode_der from cryptography_vectors import open_vector_file -from tests.utils import ( - load_fips_ecdsa_signing_vectors, load_vectors_from_file -) +from tests.utils import load_fips_ecdsa_signing_vectors, load_vectors_from_file HASHLIB_HASH_TYPES = { "SHA-1": hashlib.sha1, @@ -32,13 +30,13 @@ class TruncatedHash(object): return self def digest(self): - return self.hasher.digest()[:256 // 8] + return self.hasher.digest()[: 256 // 8] def build_vectors(fips_vectors): vectors = defaultdict(list) for vector in fips_vectors: - vectors[vector['digest_algorithm']].append(vector['message']) + vectors[vector["digest_algorithm"]].append(vector["message"]) for digest_algorithm, messages in vectors.items(): if digest_algorithm not in HASHLIB_HASH_TYPES: @@ -55,8 +53,9 @@ def build_vectors(fips_vectors): # Sign the message using warner/ecdsa secret_key = SigningKey.generate(curve=SECP256k1) public_key = secret_key.get_verifying_key() - signature = secret_key.sign(message, hashfunc=hash_func, - sigencode=sigencode_der) + signature = secret_key.sign( + message, hashfunc=hash_func, sigencode=sigencode_der + ) r, s = sigdecode_der(signature, None) @@ -79,12 +78,8 @@ source_path = os.path.join("asymmetric", "ECDSA", "FIPS_186-3", "SigGen.txt") dest_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") fips_vectors = load_vectors_from_file( - source_path, - load_fips_ecdsa_signing_vectors + source_path, load_fips_ecdsa_signing_vectors ) with open_vector_file(dest_path, "w") as dest_file: - write_file( - build_vectors(fips_vectors), - dest_file - ) + write_file(build_vectors(fips_vectors), dest_file) diff --git a/docs/development/custom-vectors/secp256k1/verify_secp256k1.py b/docs/development/custom-vectors/secp256k1/verify_secp256k1.py index b236d77fc..485f0718b 100644 --- a/docs/development/custom-vectors/secp256k1/verify_secp256k1.py +++ b/docs/development/custom-vectors/secp256k1/verify_secp256k1.py @@ -6,12 +6,10 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.asymmetric.utils import ( - encode_dss_signature + encode_dss_signature, ) -from tests.utils import ( - load_fips_ecdsa_signing_vectors, load_vectors_from_file -) +from tests.utils import load_fips_ecdsa_signing_vectors, load_vectors_from_file CRYPTOGRAPHY_HASH_TYPES = { "SHA-1": hashes.SHA1, @@ -23,22 +21,18 @@ CRYPTOGRAPHY_HASH_TYPES = { def verify_one_vector(vector): - digest_algorithm = vector['digest_algorithm'] - message = vector['message'] - x = vector['x'] - y = vector['y'] - signature = encode_dss_signature(vector['r'], vector['s']) - - numbers = ec.EllipticCurvePublicNumbers( - x, y, - ec.SECP256K1() - ) + digest_algorithm = vector["digest_algorithm"] + message = vector["message"] + x = vector["x"] + y = vector["y"] + signature = encode_dss_signature(vector["r"], vector["s"]) + + numbers = ec.EllipticCurvePublicNumbers(x, y, ec.SECP256K1()) key = numbers.public_key(default_backend()) verifier = key.verifier( - signature, - ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]()) + signature, ec.ECDSA(CRYPTOGRAPHY_HASH_TYPES[digest_algorithm]()) ) verifier.update(message) return verifier.verify() @@ -52,8 +46,7 @@ def verify_vectors(vectors): vector_path = os.path.join("asymmetric", "ECDSA", "SECP256K1", "SigGen.txt") secp256k1_vectors = load_vectors_from_file( - vector_path, - load_fips_ecdsa_signing_vectors + vector_path, load_fips_ecdsa_signing_vectors ) verify_vectors(secp256k1_vectors) diff --git a/docs/development/custom-vectors/seed/generate_seed.py b/docs/development/custom-vectors/seed/generate_seed.py index 5c62d6713..046fcfb87 100644 --- a/docs/development/custom-vectors/seed/generate_seed.py +++ b/docs/development/custom-vectors/seed/generate_seed.py @@ -8,7 +8,7 @@ def encrypt(mode, key, iv, plaintext): cipher = base.Cipher( algorithms.SEED(binascii.unhexlify(key)), mode(binascii.unhexlify(iv)), - backend + backend, ) encryptor = cipher.encryptor() ct = encryptor.update(binascii.unhexlify(plaintext)) @@ -29,8 +29,10 @@ def build_vectors(mode, filename): line = line.strip() if line.startswith("KEY"): if count != 0: - output.append("CIPHERTEXT = {0}".format( - encrypt(mode, key, iv, plaintext)) + output.append( + "CIPHERTEXT = {0}".format( + encrypt(mode, key, iv, plaintext) + ) ) output.append("\nCOUNT = {0}".format(count)) count += 1 diff --git a/docs/development/custom-vectors/seed/verify_seed.py b/docs/development/custom-vectors/seed/verify_seed.py index e626428cb..252088d08 100644 --- a/docs/development/custom-vectors/seed/verify_seed.py +++ b/docs/development/custom-vectors/seed/verify_seed.py @@ -6,11 +6,13 @@ from tests.utils import load_nist_vectors def encrypt(mode, key, iv, plaintext): - encryptor = botan.Cipher("SEED/{0}/NoPadding".format(mode), "encrypt", - binascii.unhexlify(key)) + encryptor = botan.Cipher( + "SEED/{0}/NoPadding".format(mode), "encrypt", binascii.unhexlify(key) + ) - cipher_text = encryptor.cipher(binascii.unhexlify(plaintext), - binascii.unhexlify(iv)) + cipher_text = encryptor.cipher( + binascii.unhexlify(plaintext), binascii.unhexlify(iv) + ) return binascii.hexlify(cipher_text) @@ -20,12 +22,7 @@ def verify_vectors(mode, filename): vectors = load_nist_vectors(vector_file) for vector in vectors: - ct = encrypt( - mode, - vector["key"], - vector["iv"], - vector["plaintext"] - ) + ct = encrypt(mode, vector["key"], vector["iv"], vector["plaintext"]) assert ct == vector["ciphertext"] |