diff options
author | Sybren A. St?vel <sybren@stuvel.eu> | 2011-07-30 20:39:02 +0200 |
---|---|---|
committer | Sybren A. St?vel <sybren@stuvel.eu> | 2011-07-30 20:39:02 +0200 |
commit | 3075cf854b5f5cace8e27d28d79f96b52aeef052 (patch) | |
tree | 9407f56cb1ef21a4c17d71dbe8c071759de9b6cb | |
parent | fb247e9ff4b87988ccb34e9333658fbf90908a50 (diff) | |
download | rsa-3075cf854b5f5cace8e27d28d79f96b52aeef052.tar.gz |
Removed insecure code from rsa/__init__.py
-rw-r--r-- | rsa/__init__.py | 129 | ||||
-rw-r--r-- | tests/test_integers.py | 10 | ||||
-rw-r--r-- | tests/test_strings.py | 15 |
3 files changed, 10 insertions, 144 deletions
diff --git a/rsa/__init__.py b/rsa/__init__.py index b616d7a..59ff8e8 100644 --- a/rsa/__init__.py +++ b/rsa/__init__.py @@ -31,135 +31,14 @@ __author__ = "Sybren Stuvel, Marloes de Boer, Ivo Tamboer, and Barry Mead" __date__ = "2010-02-08" __version__ = '2.1-beta0' -from rsa import common, key, transform -from rsa.core import encrypt_int, decrypt_int -from rsa.key import newkeys - -def encode64chops(chops): - """base64encodes chops and combines them into a ',' delimited string""" - - # chips are character chops - chips = [transform.int2str64(chop) for chop in chops] - - # delimit chops with comma - encoded = ','.join(chips) - - return encoded - -def decode64chops(string): - """base64decodes and makes a ',' delimited string into chops""" - - # split chops at commas - chips = string.split(',') - - # make character chips into numeric chops - chops = [transform.str642int(chip) for chip in chips] - - return chops - -def block_size(n): - '''Returns the block size in bytes, given the public key. - - The block size is determined by the 'n=p*q' component of the key. - ''' - - # Set aside 2 bits so setting of safebit won't overflow modulo n. - nbits = common.bit_size(n) - 2 - nbytes = nbits // 8 - - return nbytes - - -def chopstring(message, key, n, int_op): - """Chops the 'message' into integers that fit into n. - - Leaves room for a safebit to be added to ensure that all messages fold - during exponentiation. The MSB of the number n is not independent modulo n - (setting it could cause overflow), so use the next lower bit for the - safebit. Therefore this function reserves 2 bits in the number n for - non-data bits. - - Calls specified encryption function 'int_op' for each chop before storing. - - Used by 'encrypt' and 'sign'. - """ - - - nbytes = block_size(n) - - msglen = len(message) - blocks = msglen // nbytes - - if msglen % nbytes > 0: - blocks += 1 - - cypher = [] - - for bindex in range(blocks): - offset = bindex * nbytes - block = message[offset:offset + nbytes] - - value = transform.bytes2int(block) - to_store = int_op(value, key, n) - - cypher.append(to_store) - - return encode64chops(cypher) #Encode encrypted ints to base64 strings - -def gluechops(string, key, n, funcref): - """Glues chops back together into a string. calls - funcref(integer, key, n) for each chop. - - Used by 'decrypt' and 'verify'. - """ - - messageparts = [] - chops = decode64chops(string) #Decode base64 strings into integer chops - - for chop in chops: - value = funcref(chop, key, n) #Decrypt each chop - block = transform.int2bytes(value) - messageparts.append(block) - - # Combine decrypted strings into a msg - return ''.join(messageparts) - -def encrypt(message, pub_key): - """Encrypts a string 'message' with the public key 'pub_key'""" - - if not isinstance(pub_key, key.PublicKey): - raise TypeError("You must use the public key with encrypt") - - return chopstring(message, pub_key.e, pub_key.n, encrypt_int) - -def sign(message, priv_key): - """Signs a string 'message' with the private key 'priv_key'""" - - if not isinstance(priv_key, key.PrivateKey): - raise TypeError("You must use the private key with sign") - - return chopstring(message, priv_key.d, priv_key.n, encrypt_int) - -def decrypt(cypher, priv_key): - """Decrypts a string 'cypher' with the private key 'priv_key'""" - - if not isinstance(priv_key, key.PrivateKey): - raise TypeError("You must use the private key with decrypt") - - return gluechops(cypher, priv_key.d, priv_key.n, decrypt_int) - -def verify(cypher, pub_key): - """Verifies a string 'cypher' with the public key 'pub_key'""" - - if not isinstance(pub_key, key.PublicKey): - raise TypeError("You must use the public pub_key with verify") - - return gluechops(cypher, pub_key.e, pub_key.n, decrypt_int) +from rsa.key import newkeys, PrivateKey, PublicKey +from rsa.pkcs1 import encrypt, decrypt, sign, verify # Do doctest if we're run directly if __name__ == "__main__": import doctest doctest.testmod() -__all__ = ["newkeys", "encrypt", "decrypt", "sign", "verify"] +__all__ = ["newkeys", "encrypt", "decrypt", "sign", "verify", 'PublicKey', + 'PrivateKey'] diff --git a/tests/test_integers.py b/tests/test_integers.py index 1e318ab..111f8ab 100644 --- a/tests/test_integers.py +++ b/tests/test_integers.py @@ -2,7 +2,7 @@ import unittest -import rsa +import rsa.core class IntegerTest(unittest.TestCase): @@ -14,10 +14,10 @@ class IntegerTest(unittest.TestCase): message = 42 print "\tMessage: %d" % message - encrypted = rsa.encrypt_int(message, self.pub['e'], self.pub['n']) + encrypted = rsa.core.encrypt_int(message, self.pub.e, self.pub.n) print "\tEncrypted: %d" % encrypted - decrypted = rsa.decrypt_int(encrypted, self.priv['d'], self.pub['n']) + decrypted = rsa.core.decrypt_int(encrypted, self.priv.d, self.pub.n) print "\tDecrypted: %d" % decrypted self.assertEqual(message, decrypted) @@ -26,10 +26,10 @@ class IntegerTest(unittest.TestCase): message = 42 - signed = rsa.encrypt_int(message,self.priv['d'], self.pub['n']) + signed = rsa.core.encrypt_int(message,self.priv.d, self.pub.n) print "\tSigned: %d" % signed - verified = rsa.decrypt_int(signed, self.pub['e'],self.pub['n']) + verified = rsa.core.decrypt_int(signed, self.pub.e,self.pub.n) print "\tVerified: %d" % verified self.assertEqual(message, verified) diff --git a/tests/test_strings.py b/tests/test_strings.py index 8baa63d..38fae06 100644 --- a/tests/test_strings.py +++ b/tests/test_strings.py @@ -7,7 +7,7 @@ import rsa class StringTest(unittest.TestCase): def setUp(self): - (self.pub, self.priv) = rsa.newkeys(64) + (self.pub, self.priv) = rsa.newkeys(384) def test_enc_dec(self): @@ -22,16 +22,3 @@ class StringTest(unittest.TestCase): self.assertEqual(message, decrypted) - def test_sign_verify(self): - - message = u"Euro=\u20ac ABCDEFGHIJKLMNOPQRSTUVWXYZ".encode('utf-8') - print "\tMessage: %s" % message - - signed = rsa.sign(message, self.priv) - print "\tSigned: %s" % signed - - verified = rsa.verify(signed, self.pub) - print "\tVerified: %s" % verified - - self.assertEqual(message, verified) - |