# Temporary sandbox for Python PKCS #8 hacks, probably integrate into
# test scripts, libhal.py, etc once have figured this out.
#
# Both PyCrpto and the Python ecdsa package have their own ASN.1, so
# why are we using yet another package?  Because it's easier to
# understand, that's why.  Perhaps once we've debugged this we'll
# recode it using one of the other packages to reduce external
# dependencies, but for now, pyasn1 wins on ease of debugging.
#
# Also see the "native" encode and decode routines in pyasn1, which
# supposedly encode and decode to built-in Python data types instead
# of the fancy types from the pyasn1 library.  Might be simpler, but
# whole new mess so defer for now.

# RFC 5208: PKCS #8
# RFC 2313: PKCS #1.5 [rsa.c]
# RFC 5915: EC keys   [ecdsa.c]

from pyasn1.type.univ           import Sequence, SetOf, Integer, OctetString, ObjectIdentifier, BitString, Any
from pyasn1.type.namedtype      import NamedTypes, NamedType, OptionalNamedType
from pyasn1.type.namedval       import NamedValues
from pyasn1.type.tag            import Tag, tagClassContext, tagFormatSimple, tagFormatConstructed
from pyasn1.type.constraint     import SingleValueConstraint
from pyasn1.codec.der.encoder   import encode as DER_Encode
from pyasn1.codec.der.decoder   import decode as DER_Decode

from ecdsa                      import der as ECDSA_DER
from ecdsa.util                 import oid_ecPublicKey, encoded_oid_ecPublicKey
from ecdsa.keys                 import SigningKey
from ecdsa.curves               import find_curve

class AlgorithmIdentifier(Sequence):
    componentType = NamedTypes(
        NamedType(              "algorithm",            ObjectIdentifier()),
        OptionalNamedType(      "parameters",           Any()))

class AttributeTypeAndValue(Sequence):
    componentType = NamedTypes(
        NamedType(              "type",                 ObjectIdentifier()),
        NamedType(              "value",                Any()))

class Attribute(Sequence):
    componentType = NamedTypes(
        NamedType(              "type",                 ObjectIdentifier()),
        NamedType(              "vals",                 SetOf(componentType = Any())))

# RFC 5208

class PrivateKeyInfo(Sequence):
    componentType = NamedTypes(
        NamedType(              "version",              Integer(namedValues = NamedValues(("v1", 0)))                   .subtype(subtypeSpec = Integer.subtypeSpec + SingleValueConstraint(0))),
        NamedType(              "privateKeyAlgorithm",  AlgorithmIdentifier()),
        NamedType(              "privateKey",           OctetString()),
        OptionalNamedType(      "attributes",           SetOf(componentType = Attribute())                              .subtype(implicitTag = Tag(tagClassContext, tagFormatConstructed, 0))))

class EncryptedPrivateKeyInfo(Sequence):
    componentType = NamedTypes(
        NamedType(              "encryptionAlgorithm",  AlgorithmIdentifier()),
        NamedType(              "encryptedData",        OctetString()))

# RFC 2313

class RSAPrivateKey(Sequence):
    componentType = NamedTypes(
        NamedType(              "version",              Integer()                                                       .subtype(subtypeSpec = Integer.subtypeSpec + SingleValueConstraint(0))),
        NamedType(              "n",                    Integer()),
        NamedType(              "e",                    Integer()),
        NamedType(              "d",                    Integer()),
        NamedType(              "p",                    Integer()),
        NamedType(              "q",                    Integer()),
        NamedType(              "dP",                   Integer()),
        NamedType(              "dQ",                   Integer()),
        NamedType(              "u",                    Integer()))

# RFC 5915

class ECPrivateKey(Sequence):
    componentType = NamedTypes(
        NamedType(              "version",              Integer(namedValues = NamedValues(("ecPrivkeyVer1", 1)))        .subtype(subtypeSpec = Integer.subtypeSpec + SingleValueConstraint(1))),
        NamedType(              "privateKey",           OctetString()),
        OptionalNamedType(      "parameters",           ObjectIdentifier()                                              .subtype(explicitTag = Tag(tagClassContext, tagFormatSimple, 0))),
        OptionalNamedType(      "publicKey",            BitString()                                                     .subtype(explicitTag = Tag(tagClassContext, tagFormatSimple, 1))))

# Test data, generated by OpenSSL

der_test_keys = dict(

    ec_rfc5915 = '''
        MHcCAQEEIFWaZOsQxLwZmIK4YAuf1d8S9Pnznvzcl9TjiMpvXkCYoAoGCCqGSM49
        AwEHoUQDQgAEC/8vH5bL+3KNNF/NL+VmUKZQtjA59UsGtKP6FP4ZqFc3Y7Gie77/
        lG1/L+s/6ircB1JkI8zaE3KYd7s+7IYIEQ==
    '''.decode("base64"),

    ec_pkcs8 = '''
        MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgVZpk6xDEvBmYgrhg
        C5/V3xL0+fOe/NyX1OOIym9eQJihRANCAAQL/y8flsv7co00X80v5WZQplC2MDn1
        Swa0o/oU/hmoVzdjsaJ7vv+UbX8v6z/qKtwHUmQjzNoTcph3uz7shggR
    '''.decode("base64"),

    rsa_rfc2313 = '''
        MIIEpAIBAAKCAQEAx/N9ee3u6Z6qjw5waPhuUBYy7m6+kRfNYB8KSERGd5K2xD96
        IeyvEv<style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/*</span>
<span class="cm"> * test-rpc_get_version.c</span>
<span class="cm"> * ----------------------</span>
<span class="cm"> * Test code for RPC interface to Cryptech hash cores.</span>
<span class="cm"> *</span>
<span class="cm"> * Copyright (c) 2016, NORDUnet A/S</span>
<span class="cm"> * All rights reserved.</span>
<span class="cm"> *</span>
<span class="cm"> * Redistribution and use in source and binary forms, with or without</span>
<span class="cm"> * modification, are permitted provided that the following conditions are</span>
<span class="cm"> * met:</span>
<span class="cm"> * - Redistributions of source code must retain the above copyright notice,</span>
<span class="cm"> *   this list of conditions and the following disclaimer.</span>
<span class="cm"> *</span>
<span class="cm"> * - Redistributions in binary form must reproduce the above copyright</span>
<span class="cm"> *   notice, this list of conditions and the following disclaimer in the</span>
<span class="cm"> *   documentation and/or other materials provided with the distribution.</span>
<span class="cm"> *</span>
<span class="cm"> * - Neither the name of the NORDUnet nor the names of its contributors may</span>
<span class="cm"> *   be used to endorse or promote products derived from this software</span>
<span class="cm"> *   without specific prior written permission.</span>
<span class="cm"> *</span>
<span class="cm"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS &quot;AS</span>
<span class="cm"> * IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A</span>
<span class="cm"> * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="cm"> * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="cm"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR</span>
<span class="cm"> * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF</span>
<span class="cm"> * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING</span>
<span class="cm"> * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS</span>
<span class="cm"> * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="cm"> */</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdio.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;hal.h&gt;</span>

<span class="kt">int</span><span class="w"> </span><span class="nf">main</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">argc</span><span class="p">,</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">argv</span><span class="p">[])</span>
<span class="p">{</span>
<span class="w">    </span><span class="kt">uint32_t</span><span class="w"> </span><span class="n">version</span><span class="p">;</span>

<span class="cp">#define check(op) { hal_error_t err; if ((err = (op)) != HAL_OK) { printf(&quot;%s: %s\n&quot;, #op, hal_error_string(err)); return 1; } }</span>

<span class="w">    </span><span class="n">check</span><span class="p">(</span><span class="n">hal_rpc_client_init</span><span class="p">());</span>
<span class="w">    </span><span class="n">check</span><span class="p">(</span><span class="n">hal_rpc_get_version</span><span class="p">(</span><span class="o">&amp;</span><span class="n">version</span><span class="p">));</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;%08x</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">version</span><span class="p">);</span>

<span class="w">    </span><span class="n">check</span><span class="p">(</span><span class="n">hal_rpc_client_close</span><span class="p">());</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>
<span class="p">}</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2024-10-05 20:56:45 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>
t_keys["ec_rfc5915"] else "doesn't match")

    # Paranoia: Make sure we really can load the RFC 5915 we just generated.
    sk = SigningKey.from_der(der)
    print; print "ECDSA Python library parse of reencoded PKCS #8 data: {!r}".format(sk)

    # Same thing with ecdsa package ASN.1 utilities.
    car, cdr = ECDSA_DER.remove_sequence(der_test_keys["ec_pkcs8"])
    assert cdr == ""
    version, cdr = ECDSA_DER.remove_integer(car)
    assert version == 0
    car, ec = ECDSA_DER.remove_sequence(cdr)
    oid, cdr = ECDSA_DER.remove_object(car)
    assert oid == oid_ecPublicKey
    oid, cdr = ECDSA_DER.remove_object(cdr)
    curve = find_curve(oid)
    assert cdr == ""
    car, cdr = ECDSA_DER.remove_octet_string(ec)
    assert cdr == ""
    car, cdr = ECDSA_DER.remove_sequence(car)
    assert cdr == ""
    version, cdr = ECDSA_DER.remove_integer(car)
    assert version == 1
    privkey, cdr = ECDSA_DER.remove_octet_string(cdr)
    tag, car, cdr = ECDSA_DER.remove_constructed(cdr)
    assert tag == 1
    assert cdr == ""
    pubkey, cdr = ECDSA_DER.remove_bitstring(car)
    assert cdr == ""
    assert pubkey[:2] == "\x00\x04"
    sk = SigningKey.from_string(privkey, curve)
    print; print "ECDSA-library PKCS #8 decoding {} pyasn1 PKCS #8 decoding".format(
        "matches" if der == sk.to_der() else "doesn't match")