diff options
author | Dwayne Litzenberger <dlitz@dlitz.net> | 2013-02-17 11:21:28 -0800 |
---|---|---|
committer | Dwayne Litzenberger <dlitz@dlitz.net> | 2013-02-17 19:00:50 -0800 |
commit | 59018ff99c97261f9bbaee33f919938871e05118 (patch) | |
tree | a07cdc2d6404d983314e1b5cbae78757e5a7a9be /lib/Crypto/Signature | |
parent | 4e4cc0beefbb316db2a8750e747e697df0b754d7 (diff) | |
download | pycrypto-59018ff99c97261f9bbaee33f919938871e05118.tar.gz |
Hash: Remove "oid" attributes; add "name" attribute
In PyCrypto v2.5, the "oid" attribute was added to hash objects. In
retrospect, this was not a good idea, since the OID is not really a
property of the hash algorithm, it's a protocol-specific identifer for
the hash functions. PKCS#1 v1.5 uses it, but other protocols (e.g.
OpenPGP, DNSSEC, SSH, etc.) use different identifiers, and it doesn't make
sense to add these to Crypto.Hash.* every time a new algorithm is added.
This also has the benefit of being compatible with the Python standard
library's "hashlib" objects, which also have a name attribute.
Diffstat (limited to 'lib/Crypto/Signature')
-rw-r--r-- | lib/Crypto/Signature/PKCS1_v1_5.py | 72 |
1 files changed, 71 insertions, 1 deletions
diff --git a/lib/Crypto/Signature/PKCS1_v1_5.py b/lib/Crypto/Signature/PKCS1_v1_5.py index 73ac251..22bb340 100644 --- a/lib/Crypto/Signature/PKCS1_v1_5.py +++ b/lib/Crypto/Signature/PKCS1_v1_5.py @@ -208,7 +208,7 @@ def EMSA_PKCS1_V1_5_ENCODE(hash, emLen): # { OID id-sha512 PARAMETERS NULL } # } # - digestAlgo = DerSequence([hash.oid, DerNull().encode()]) + digestAlgo = DerSequence([_HASH_OIDS[hash.name], DerNull().encode()]) digest = DerOctetString(hash.digest()) digestInfo = DerSequence([ digestAlgo.encode(), @@ -234,3 +234,73 @@ def new(key): """ return PKCS115_SigScheme(key) +# AlgorithmIdentifier OIDs for use with PKCS#1 v1.5. +# +# These map names to the associated OIDs. We should try to be compatible +# with the standard library's hashlib modules, where possible. +# +# XXX - These will probably be moved somewhere else soon. +_HASH_OIDS = { + #: id-md2 OBJECT IDENTIFIER ::= { + #: iso(1) member-body(2) us(840) rsadsi(113549) + #: digestAlgorithm(2) 2 + #: } + "MD2": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02'), + "md2": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02'), + + #: id-md4 OBJECT IDENTIFIER ::= { + #: iso(1) member-body(2) us(840) rsadsi(113549) + #: digestAlgorithm(2) 4 + #: } + "MD4": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x04'), + "md4": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x04'), + + #: id-md5 OBJECT IDENTIFIER ::= { + #: iso(1) member-body(2) us(840) rsadsi(113549) + #: digestAlgorithm(2) 5 + #: } + "MD5": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05'), + "md5": b('\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05'), + + #: id-ripemd160 OBJECT IDENTIFIER ::= { + #: iso(1) identified-organization(3) teletrust(36) + #: algorithm(3) hashAlgorithm(2) ripemd160(1) + #: } + "RIPEMD160": b("\x06\x05\x2b\x24\x03\x02\x01"), + "ripemd160": b("\x06\x05\x2b\x24\x03\x02\x01"), + + #: id-sha1 OBJECT IDENTIFIER ::= { + #: iso(1) identified-organization(3) oiw(14) secsig(3) + #: algorithms(2) 26 + #: } + "SHA1": b('\x06\x05\x2b\x0e\x03\x02\x1a'), + "sha1": b('\x06\x05\x2b\x0e\x03\x02\x1a'), + + #: id-sha224 OBJECT IDENTIFIER ::= { + #: joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) + #: nistalgorithm(4) hashalgs(2) 4 + #: } + "SHA224": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04'), + "sha224": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04'), + + #: id-sha256 OBJECT IDENTIFIER ::= { + #: joint-iso-itu-t(2) country(16) us(840) organization(1) + #: gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 + #: } + "SHA256": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01'), + "sha256": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01'), + + #: id-sha384 OBJECT IDENTIFIER ::= { + #: joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) + #: nistalgorithm(4) hashalgs(2) 2 + #: } + "SHA384": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02'), + "sha384": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02'), + + #: id-sha512 OBJECT IDENTIFIER ::= { + #: joint-iso-itu-t(2) + #: country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 + #: } + "SHA512": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03'), + "sha512": b('\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03'), +} |