Skip to content

Commit

Permalink
Merge pull request #19 from VirgilSecurity/v3
Browse files Browse the repository at this point in the history
V3
  • Loading branch information
kmuzychko authored Jan 23, 2019
2 parents 738edaa + bb67bf4 commit 2d74a55
Show file tree
Hide file tree
Showing 4 changed files with 135 additions and 42 deletions.
16 changes: 14 additions & 2 deletions virgil_crypto/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ class VirgilCrypto(object):
"""
def __init__(self):
self.signature_hash_algorithm = HashAlgorithm.SHA512
self.use_sha256_fingerprints = False
self.key_pair_type = KeyPairType.Default

_CUSTOM_PARAM_KEY_SIGNATURE = None
Expand Down Expand Up @@ -400,7 +401,8 @@ def calculate_fingerprint(self, data):
Returns:
Fingerprint of the source data.
"""
hash_data = self.compute_hash(data, HashAlgorithm.SHA256)
hash_data = self.__calculate_hash(data)

return Fingerprint(hash_data)

@staticmethod
Expand Down Expand Up @@ -431,7 +433,8 @@ def compute_public_key_hash(self, public_key):
Hash bytes.
"""
public_key_der = VirgilKeyPair.publicKeyToDER(public_key)
return self.compute_hash(public_key_der, HashAlgorithm.SHA256)
hash_data = self.__calculate_hash(public_key_der)
return hash_data

@property
def custom_param_key_signature(self):
Expand All @@ -445,3 +448,12 @@ def custom_param_key_signature(self):
return self._CUSTOM_PARAM_KEY_SIGNATURE
self._CUSTOM_PARAM_KEY_SIGNATURE = self.strtobytes("VIRGIL-DATA-SIGNATURE")
return self._CUSTOM_PARAM_KEY_SIGNATURE

def __calculate_hash(self, data):
if self.use_sha256_fingerprints:
hash_algorithm = HashAlgorithm.SHA256
calculated_hash = self.compute_hash(data, hash_algorithm)
else:
hash_algorithm = HashAlgorithm.SHA512
calculated_hash = self.compute_hash(data, hash_algorithm)[0:8]
return calculated_hash
4 changes: 4 additions & 0 deletions virgil_crypto/tests/compatibility_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,19 +53,22 @@ def __init__(self, *args, **kwargs):
self.__crypto = None

def test_encrypt_single_recipient(self):
self._crypto.use_sha256_fingerprints = True
data = self._compatibility_data["encrypt_single_recipient"]
private_key = self._crypto.import_private_key(data["private_key"])
decrypted_data = self._crypto.decrypt(data["cipher_data"], private_key)
self.assertEqual(data["original_data"], decrypted_data)

def test_encrypt_multiple_recipients(self):
self._crypto.use_sha256_fingerprints = True
data = self._compatibility_data["encrypt_multiple_recipients"]
private_keys = [self._crypto.import_private_key(pk) for pk in data["private_keys"]]
for private_key in private_keys:
decrypted_data = self._crypto.decrypt(data["cipher_data"], private_key)
self.assertEqual(data["original_data"], decrypted_data)

def test_sign_then_encrypt_single_recipient(self):
self._crypto.use_sha256_fingerprints = True
data = self._compatibility_data["sign_then_encrypt_single_recipient"]
private_key = self._crypto.import_private_key(data["private_key"])
public_key = self._crypto.extract_public_key(private_key)
Expand All @@ -77,6 +80,7 @@ def test_sign_then_encrypt_single_recipient(self):
self.assertEqual(data["original_data"], decrypted_data)

def test_sign_then_encrypt_multiple_recipients(self):
self._crypto.use_sha256_fingerprints = True
data = self._compatibility_data["sign_then_encrypt_multiple_recipients"]
private_keys = [self._crypto.import_private_key(pk) for pk in data["private_keys"]]
public_key = self._crypto.extract_public_key(private_keys[0])
Expand Down
86 changes: 84 additions & 2 deletions virgil_crypto/tests/crypto_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,12 @@
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

import hashlib
import io
import unittest
from base64 import b64decode

from virgil_crypto import crypto
from virgil_crypto import crypto, VirgilKeyPair
from virgil_crypto import VirgilCrypto
from virgil_crypto.hashes import HashAlgorithm

Expand Down Expand Up @@ -212,3 +213,84 @@ def test_calculate_fingerprint(self):
fingerprint = self._crypto().calculate_fingerprint(data)
self.assertTrue(fingerprint.value)
self.assertIsInstance(fingerprint, crypto.Fingerprint)

def test_private_key_identifier_is_correct(self):
# STC-33
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_keys()

self.assertEqual(
hashlib.sha512(bytearray(crypto_1.export_public_key(key_pair_1.public_key))).digest()[0:8],
bytearray(key_pair_1.private_key.identifier)
)

crypto_2 = VirgilCrypto()
crypto_2.use_sha256_fingerprints = True
key_pair_2 = crypto_2.generate_keys()

self.assertEqual(
hashlib.sha256(bytearray(crypto_2.export_public_key(key_pair_2.public_key))).digest(),
bytearray(key_pair_2.private_key.identifier)
)

def test_public_key_identifier_is_correct(self):
# STC-33
crypto_1 = VirgilCrypto()
key_pair_1 = crypto_1.generate_keys()
public_key_1 = crypto_1.extract_public_key(key_pair_1.private_key)
self.assertEqual(public_key_1.identifier, key_pair_1.public_key.identifier)
self.assertEqual(crypto_1.export_public_key(public_key_1), crypto_1.export_public_key(key_pair_1.public_key))
self.assertEqual(
hashlib.sha512(bytearray(crypto_1.export_public_key(key_pair_1.public_key))).digest()[0:8],
bytearray(key_pair_1.public_key.identifier)
)

crypto_2 = VirgilCrypto()
crypto_2.use_sha256_fingerprints = True
key_pair_2 = crypto_2.generate_keys()
public_key_2 = crypto_2.extract_public_key(key_pair_2.private_key)
self.assertEqual(public_key_2.identifier, key_pair_2.public_key.identifier)
self.assertEqual(crypto_1.export_public_key(public_key_2), crypto_1.export_public_key(key_pair_2.public_key))
self.assertEqual(
hashlib.sha256(bytearray(crypto_1.export_public_key(key_pair_2.public_key))).digest(),
bytearray(key_pair_2.public_key.identifier)
)

def test_private_key_is_der(self):
# STC-31
crypto = VirgilCrypto()
key_pair_1 = crypto.generate_keys()
private_key_data_1 = crypto.export_private_key(key_pair_1.private_key)
self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_data_1), private_key_data_1)

private_key_2_bytes = "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUg4bnIyV05nblkya1ZScjRValp4UnJWVGpiMW4wWGdBZkhOWE1ocVkwaVAKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
private_key_2 = crypto.import_private_key(bytearray(b64decode(private_key_2_bytes)))
private_key_2 = key_pair_1.private_key
private_key_2_data = crypto.export_private_key(private_key_2)
self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_2_data), private_key_2_data)

private_key_3_bytes = "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUdoTUYwR0NTcUdTSWIzRFFFRkRUQlFNQzhHQ1NxR1NJYjNEUUVGRERBaUJCQ3kzSkk3V0VDcGVHZGFIdEc2CktHcjRBZ0lkWXpBS0JnZ3Foa2lHOXcwQ0NqQWRCZ2xnaGtnQlpRTUVBU29FRUp1Wlpqb0oyZGJGdUpZN0ZNSisKN3g0RVFEcnRpZjNNb29rQk5PRTBUaGZmSEtrV0R3K3lvZ0ZRRk1RRFJtU0kwSXl2T2w4RTVnck5QcFNxU3dQNApIL2lzYzJvQVJzSW03alVRQXkrQjl5aTRZK3c9Ci0tLS0tRU5EIEVOQ1JZUFRFRCBQUklWQVRFIEtFWS0tLS0tCg=="
private_key_3 = crypto.import_private_key(bytearray(b64decode(private_key_3_bytes)), password="qwerty")
private_key_3_data = crypto.export_private_key(private_key_3)
self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_3_data), private_key_3_data)

def test_public_key_is_der(self):
# STC-32
crypto = VirgilCrypto()
key_pair_1 = crypto.generate_keys()
public_key_data_1 = crypto.export_public_key(key_pair_1.public_key)
self.assertEqual(VirgilKeyPair.publicKeyToDER(public_key_data_1), public_key_data_1)

public_key_bytes = "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQXYycWRHa0w2RmRxc0xpLzdPQTA1NjJPOVYvVDhFN3F6RmF0RjZMcW9TY3M9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
public_key_2 = crypto.import_public_key(bytearray(b64decode(public_key_bytes)))
public_key_data_2 = crypto.export_public_key(public_key_2)
self.assertEqual(VirgilKeyPair.publicKeyToDER(public_key_data_2), public_key_data_2)

def test_signature_hash(self):
# STC-30
crypto = VirgilCrypto()
key_pair = crypto.generate_keys()
test_data = bytearray("test".encode())
signature = crypto.sign(test_data, key_pair.private_key)

self.assertEqual(bytearray(signature[0:17]), b64decode("MFEwDQYJYIZIAWUDBAIDBQA="))
Loading

0 comments on commit 2d74a55

Please sign in to comment.