1 files changed, 35 insertions, 37 deletions

diff --git a/unit-tests.py b/unit-tests.py
index 526379c..bdb6f77 100644
--- a/unit-tests.py
+++ b/unit-tests.py
@@ -49,19 +49,17 @@ from struct import pack, unpack
 from cryptech.libhal import *
 
 try:
-    from Crypto.Util.number             import inverse
-    from Crypto.PublicKey               import RSA
-    from Crypto.Cipher                  import AES
-    from Crypto.Cipher.PKCS1_v1_5       import PKCS115_Cipher
-    from Crypto.Signature.PKCS1_v1_5    import PKCS115_SigScheme
-    from Crypto.Hash.SHA256             import SHA256Hash as SHA256
-    from Crypto.Hash.SHA384             import SHA384Hash as SHA384
-    from Crypto.Hash.SHA512             import SHA512Hash as SHA512
+    from Cryptodome.Util.number             import inverse
+    from Cryptodome.PublicKey               import RSA
+    from Cryptodome.Cipher                  import AES, PKCS1_v1_5
+    from Cryptodome.Signature               import pkcs1_15
+    from Cryptodome.Hash.SHA256             import new as SHA256
+    from Cryptodome.Hash.SHA384             import new as SHA384
+    from Cryptodome.Hash.SHA512             import new as SHA512
     pycrypto_loaded = True
 except ImportError:
     pycrypto_loaded = False
 
-
 try:
     from ecdsa                          import der as ECDSA_DER
     from ecdsa.keys                     import SigningKey as ECDSA_SigningKey
@@ -998,15 +996,15 @@ class TestPKeyHashing(TestCaseLoggedIn):
         k1.verify(signature = sig, hash = self.h(alg, mixed_mode = True))
         k2.verify(signature = sig, hash = self.h(alg, mixed_mode = True))
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_1024_sha256_data(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_data)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_2048_sha384_data(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_data)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_4096_sha512_data(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_data)
 
@@ -1022,15 +1020,15 @@ class TestPKeyHashing(TestCaseLoggedIn):
     def test_load_sign_verify_ecdsa_p521_sha512_data(self):
         self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_data)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_1024_sha256_remote_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_remote_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_2048_sha384_remote_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_remote_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_4096_sha512_remote_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_remote_remote)
 
@@ -1046,15 +1044,15 @@ class TestPKeyHashing(TestCaseLoggedIn):
     def test_load_sign_verify_ecdsa_p521_sha512_remote_remote(self):
         self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_remote_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_1024_sha256_remote_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_remote_local)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_2048_sha384_remote_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_remote_local)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_4096_sha512_remote_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_remote_local)
 
@@ -1070,15 +1068,15 @@ class TestPKeyHashing(TestCaseLoggedIn):
     def test_load_sign_verify_ecdsa_p521_sha512_remote_local(self):
         self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_remote_local)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_1024_sha256_local_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_local_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_2048_sha384_local_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_local_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_4096_sha512_local_remote(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_local_remote)
 
@@ -1094,15 +1092,15 @@ class TestPKeyHashing(TestCaseLoggedIn):
     def test_load_sign_verify_ecdsa_p521_sha512_local_remote(self):
         self.load_sign_verify_ecdsa(HAL_DIGEST_ALGORITHM_SHA512, HAL_CURVE_P521, self.sign_verify_local_remote)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_1024_sha256_local_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA256, 1024, self.sign_verify_local_local)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_2048_sha384_local_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA384, 2048, self.sign_verify_local_local)
 
-    @unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+    @unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
     def test_load_sign_verify_rsa_4096_sha512_local_local(self):
         self.load_sign_verify_rsa(HAL_DIGEST_ALGORITHM_SHA512, 4096, self.sign_verify_local_local)
 
@@ -1131,7 +1129,7 @@ class TestPKeyHashing(TestCaseLoggedIn):
         self.gen_sign_verify_hashsig(1, HAL_LMS_SHA256_N32_H5, HAL_LMOTS_SHA256_N32_W4, 2352, self.sign_verify_local_local)
 
 
-@unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+@unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
 class TestPKeyRSAInterop(TestCaseLoggedIn):
 
     @staticmethod
@@ -1575,7 +1573,7 @@ class TestPkeyECDSAVerificationNIST(TestCaseLoggedIn):
             py_hash   = SHA384)
 
 
-@unittest.skipUnless(pycrypto_loaded, "Requires Python Crypto package")
+@unittest.skipUnless(pycrypto_loaded, "Requires Python Cryptodome package")
 class TestPKeyBackup(TestCaseLoggedIn):
 
     oid_rsaEncryption = b"\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
@@ -1583,7 +1581,7 @@ class TestPKeyBackup(TestCaseLoggedIn):
 
     @staticmethod
     def parse_EncryptedPrivateKeyInfo(der, oid):
-        from Crypto.Util.asn1 import DerObject, DerSequence, DerOctetString, DerObjectId
+        from Cryptodome.Util.asn1 import DerObject, DerSequence, DerOctetString, DerObjectId
         encryptedPrivateKeyInfo = DerSequence()
         encryptedPrivateKeyInfo.decode(der)
         encryptionAlgorithm = DerSequence()
@@ -1606,7 +1604,7 @@ class TestPKeyBackup(TestCaseLoggedIn):
 
     @staticmethod
     def encode_EncryptedPrivateKeyInfo(der, oid):
-        from Crypto.Util.asn1 import DerSequence, DerOctetString
+        from Cryptodome.Util.asn1 import DerSequence, DerOctetString
         return DerSequence([
             DerSequence([pack("BB", 0x06, len(oid)) + oid]).encode(),
             DerOctetString(der).encode()
@@ -1614,15 +1612,15 @@ class TestPKeyBackup(TestCaseLoggedIn):
 
     @staticmethod
     def make_kek():
-        import Crypto.Random
-        return Crypto.Random.new().read(256//8)
+        import Cryptodome.Random
+        return Cryptodome.Random.new().read(256//8)
 
     def sig_check(self, pkey, der):
-        from Crypto.Util.asn1 import DerSequence, DerNull, DerOctetString
-        p115 = PKCS115_SigScheme(RSA.importKey(der))
+        from Cryptodome.Util.asn1 import DerSequence, DerNull, DerOctetString, DerObjectId
+        p115 = pkcs1_15.new(RSA.importKey(der))
         hash = SHA256("Your mother was a hamster".encode())
         data = DerSequence([
-            DerSequence([hash.oid, DerNull().encode()]).encode(),
+            DerSequence([DerObjectId(hash.oid).encode(), DerNull().encode()]).encode(),
             DerOctetString(hash.digest()).encode()
         ]).encode()
         sig1 = p115.sign(hash)
@@ -1643,7 +1641,7 @@ class TestPKeyBackup(TestCaseLoggedIn):
             flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_EXPORTABLE)
         self.addCleanup(pkey.delete)
         pkcs8_der, kek_der = kekek.export_pkey(pkey)
-        kek = PKCS115_Cipher(PreloadedKey.db[HAL_KEY_TYPE_RSA_PRIVATE, 1024].obj).decrypt(
+        kek = PKCS1_v1_5.new(PreloadedKey.db[HAL_KEY_TYPE_RSA_PRIVATE, 1024].obj).decrypt(
             self.parse_EncryptedPrivateKeyInfo(kek_der, self.oid_rsaEncryption),
             self.make_kek())
         der = AESKeyWrapWithPadding(kek).unwrap(
@@ -1662,7 +1660,7 @@ class TestPKeyBackup(TestCaseLoggedIn):
                 AESKeyWrapWithPadding(kek).wrap(der),
                 self.oid_aesKeyWrap),
             kek = self.encode_EncryptedPrivateKeyInfo(
-                PKCS115_Cipher(RSA.importKey(kekek.public_key)).encrypt(kek),
+                PKCS1_v1_5.new(RSA.importKey(kekek.public_key)).encrypt(kek),
                 self.oid_rsaEncryption),
             flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE)
         self.addCleanup(pkey.delete)
@@ -1800,10 +1798,10 @@ class PreloadedRSAKey(PreloadedKey):
                 k2, k2.exportKey(format = "DER"          ), keylen = keylen)
 
     def sign(self, text, hash):
-        return PKCS115_SigScheme(self.obj).sign(hash(text))
+        return pkcs1_15.new(self.obj).sign(hash(text))
 
     def verify(self, text, hash, signature):
-        return PKCS115_SigScheme(self.obj).verify(hash(text), signature)
+        return pkcs1_15.new(self.obj).verify(hash(text), signature)
 
 class PreloadedECKey(PreloadedKey):