Merge pull request #18 from VirgilSecurity/development-v3

Update compatibility data content
VirgilSecurity · Jan 22, 2019 · bb67bf4 · bb67bf4
2 parents a6c79f3 + b2fa6fb
commit bb67bf4
Show file tree

Hide file tree

Showing 4 changed files with 135 additions and 42 deletions.
diff --git a/virgil_crypto/crypto.py b/virgil_crypto/crypto.py
@@ -57,6 +57,7 @@ class VirgilCrypto(object):
     """
     def __init__(self):
         self.signature_hash_algorithm = HashAlgorithm.SHA512
+        self.use_sha256_fingerprints = False
         self.key_pair_type = KeyPairType.Default
 
     _CUSTOM_PARAM_KEY_SIGNATURE = None
@@ -400,7 +401,8 @@ def calculate_fingerprint(self, data):
         Returns:
             Fingerprint of the source data.
         """
-        hash_data = self.compute_hash(data, HashAlgorithm.SHA256)
+        hash_data = self.__calculate_hash(data)
+
         return Fingerprint(hash_data)
 
     @staticmethod
@@ -431,7 +433,8 @@ def compute_public_key_hash(self, public_key):
             Hash bytes.
         """
         public_key_der = VirgilKeyPair.publicKeyToDER(public_key)
-        return self.compute_hash(public_key_der, HashAlgorithm.SHA256)
+        hash_data = self.__calculate_hash(public_key_der)
+        return hash_data
 
     @property
     def custom_param_key_signature(self):
@@ -445,3 +448,12 @@ def custom_param_key_signature(self):
             return self._CUSTOM_PARAM_KEY_SIGNATURE
         self._CUSTOM_PARAM_KEY_SIGNATURE = self.strtobytes("VIRGIL-DATA-SIGNATURE")
         return self._CUSTOM_PARAM_KEY_SIGNATURE
+
+    def __calculate_hash(self, data):
+        if self.use_sha256_fingerprints:
+            hash_algorithm = HashAlgorithm.SHA256
+            calculated_hash = self.compute_hash(data, hash_algorithm)
+        else:
+            hash_algorithm = HashAlgorithm.SHA512
+            calculated_hash = self.compute_hash(data, hash_algorithm)[0:8]
+        return calculated_hash
diff --git a/virgil_crypto/tests/compatibility_test.py b/virgil_crypto/tests/compatibility_test.py
@@ -53,19 +53,22 @@ def __init__(self, *args, **kwargs):
         self.__crypto = None
 
     def test_encrypt_single_recipient(self):
+        self._crypto.use_sha256_fingerprints = True
         data = self._compatibility_data["encrypt_single_recipient"]
         private_key = self._crypto.import_private_key(data["private_key"])
         decrypted_data = self._crypto.decrypt(data["cipher_data"], private_key)
         self.assertEqual(data["original_data"], decrypted_data)
 
     def test_encrypt_multiple_recipients(self):
+        self._crypto.use_sha256_fingerprints = True
         data = self._compatibility_data["encrypt_multiple_recipients"]
         private_keys = [self._crypto.import_private_key(pk) for pk in data["private_keys"]]
         for private_key in private_keys:
             decrypted_data = self._crypto.decrypt(data["cipher_data"], private_key)
             self.assertEqual(data["original_data"], decrypted_data)
 
     def test_sign_then_encrypt_single_recipient(self):
+        self._crypto.use_sha256_fingerprints = True
         data = self._compatibility_data["sign_then_encrypt_single_recipient"]
         private_key = self._crypto.import_private_key(data["private_key"])
         public_key = self._crypto.extract_public_key(private_key)
@@ -77,6 +80,7 @@ def test_sign_then_encrypt_single_recipient(self):
         self.assertEqual(data["original_data"], decrypted_data)
 
     def test_sign_then_encrypt_multiple_recipients(self):
+        self._crypto.use_sha256_fingerprints = True
         data = self._compatibility_data["sign_then_encrypt_multiple_recipients"]
         private_keys = [self._crypto.import_private_key(pk) for pk in data["private_keys"]]
         public_key = self._crypto.extract_public_key(private_keys[0])

diff --git a/virgil_crypto/tests/crypto_test.py b/virgil_crypto/tests/crypto_test.py
@@ -31,11 +31,12 @@
 # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
 # IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 # POSSIBILITY OF SUCH DAMAGE.
-
+import hashlib
 import io
 import unittest
+from base64 import b64decode
 
-from virgil_crypto import crypto
+from virgil_crypto import crypto, VirgilKeyPair
 from virgil_crypto import VirgilCrypto
 from virgil_crypto.hashes import HashAlgorithm
 
@@ -212,3 +213,84 @@ def test_calculate_fingerprint(self):
         fingerprint = self._crypto().calculate_fingerprint(data)
         self.assertTrue(fingerprint.value)
         self.assertIsInstance(fingerprint, crypto.Fingerprint)
+
+    def test_private_key_identifier_is_correct(self):
+        # STC-33
+        crypto_1 = VirgilCrypto()
+        key_pair_1 = crypto_1.generate_keys()
+
+        self.assertEqual(
+            hashlib.sha512(bytearray(crypto_1.export_public_key(key_pair_1.public_key))).digest()[0:8],
+            bytearray(key_pair_1.private_key.identifier)
+        )
+
+        crypto_2 = VirgilCrypto()
+        crypto_2.use_sha256_fingerprints = True
+        key_pair_2 = crypto_2.generate_keys()
+
+        self.assertEqual(
+            hashlib.sha256(bytearray(crypto_2.export_public_key(key_pair_2.public_key))).digest(),
+            bytearray(key_pair_2.private_key.identifier)
+        )
+
+    def test_public_key_identifier_is_correct(self):
+        # STC-33
+        crypto_1 = VirgilCrypto()
+        key_pair_1 = crypto_1.generate_keys()
+        public_key_1 = crypto_1.extract_public_key(key_pair_1.private_key)
+        self.assertEqual(public_key_1.identifier, key_pair_1.public_key.identifier)
+        self.assertEqual(crypto_1.export_public_key(public_key_1), crypto_1.export_public_key(key_pair_1.public_key))
+        self.assertEqual(
+            hashlib.sha512(bytearray(crypto_1.export_public_key(key_pair_1.public_key))).digest()[0:8],
+            bytearray(key_pair_1.public_key.identifier)
+        )
+
+        crypto_2 = VirgilCrypto()
+        crypto_2.use_sha256_fingerprints = True
+        key_pair_2 = crypto_2.generate_keys()
+        public_key_2 = crypto_2.extract_public_key(key_pair_2.private_key)
+        self.assertEqual(public_key_2.identifier, key_pair_2.public_key.identifier)
+        self.assertEqual(crypto_1.export_public_key(public_key_2), crypto_1.export_public_key(key_pair_2.public_key))
+        self.assertEqual(
+            hashlib.sha256(bytearray(crypto_1.export_public_key(key_pair_2.public_key))).digest(),
+            bytearray(key_pair_2.public_key.identifier)
+        )
+
+    def test_private_key_is_der(self):
+        # STC-31
+        crypto = VirgilCrypto()
+        key_pair_1 = crypto.generate_keys()
+        private_key_data_1 = crypto.export_private_key(key_pair_1.private_key)
+        self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_data_1), private_key_data_1)
+
+        private_key_2_bytes = "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUg4bnIyV05nblkya1ZScjRValp4UnJWVGpiMW4wWGdBZkhOWE1ocVkwaVAKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
+        private_key_2 = crypto.import_private_key(bytearray(b64decode(private_key_2_bytes)))
+        private_key_2 = key_pair_1.private_key
+        private_key_2_data = crypto.export_private_key(private_key_2)
+        self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_2_data), private_key_2_data)
+
+        private_key_3_bytes = "LS0tLS1CRUdJTiBFTkNSWVBURUQgUFJJVkFURSBLRVktLS0tLQpNSUdoTUYwR0NTcUdTSWIzRFFFRkRUQlFNQzhHQ1NxR1NJYjNEUUVGRERBaUJCQ3kzSkk3V0VDcGVHZGFIdEc2CktHcjRBZ0lkWXpBS0JnZ3Foa2lHOXcwQ0NqQWRCZ2xnaGtnQlpRTUVBU29FRUp1Wlpqb0oyZGJGdUpZN0ZNSisKN3g0RVFEcnRpZjNNb29rQk5PRTBUaGZmSEtrV0R3K3lvZ0ZRRk1RRFJtU0kwSXl2T2w4RTVnck5QcFNxU3dQNApIL2lzYzJvQVJzSW03alVRQXkrQjl5aTRZK3c9Ci0tLS0tRU5EIEVOQ1JZUFRFRCBQUklWQVRFIEtFWS0tLS0tCg=="
+        private_key_3 = crypto.import_private_key(bytearray(b64decode(private_key_3_bytes)), password="qwerty")
+        private_key_3_data = crypto.export_private_key(private_key_3)
+        self.assertEqual(VirgilKeyPair.privateKeyToDER(private_key_3_data), private_key_3_data)
+
+    def test_public_key_is_der(self):
+        # STC-32
+        crypto = VirgilCrypto()
+        key_pair_1 = crypto.generate_keys()
+        public_key_data_1 = crypto.export_public_key(key_pair_1.public_key)
+        self.assertEqual(VirgilKeyPair.publicKeyToDER(public_key_data_1), public_key_data_1)
+
+        public_key_bytes = "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUNvd0JRWURLMlZ3QXlFQXYycWRHa0w2RmRxc0xpLzdPQTA1NjJPOVYvVDhFN3F6RmF0RjZMcW9TY3M9Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo="
+        public_key_2 = crypto.import_public_key(bytearray(b64decode(public_key_bytes)))
+        public_key_data_2 = crypto.export_public_key(public_key_2)
+        self.assertEqual(VirgilKeyPair.publicKeyToDER(public_key_data_2), public_key_data_2)
+
+    def test_signature_hash(self):
+        # STC-30
+        crypto = VirgilCrypto()
+        key_pair = crypto.generate_keys()
+        test_data = bytearray("test".encode())
+        signature = crypto.sign(test_data, key_pair.private_key)
+
+        self.assertEqual(bytearray(signature[0:17]), b64decode("MFEwDQYJYIZIAWUDBAIDBQA="))