aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--unit_tests.py34
1 files changed, 32 insertions, 2 deletions
diff --git a/unit_tests.py b/unit_tests.py
index fb8446f..c9d3886 100644
--- a/unit_tests.py
+++ b/unit_tests.py
@@ -13,8 +13,10 @@ from py11 import *
from py11.mutex import MutexDB
try:
- from Crypto.Util.number import inverse
- from Crypto.PublicKey import RSA
+ from Crypto.Util.number import inverse
+ from Crypto.PublicKey import RSA
+ from Crypto.Signature import PKCS1_v1_5
+ from Crypto.Hash import SHA256
pycrypto_loaded = True
except ImportError:
pycrypto_loaded = False
@@ -560,6 +562,34 @@ class TestKeys(TestCase):
p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
p11.C_Verify(self.session, hamster, sig)
+ @unittest.skipUnless(pycrypto_loaded, "requires PyCrypto")
+ def test_load_sign_verify_rsa_1024_with_rpki_data(self):
+ "Load/sign/verify with RSA-1024-SHA-256, externally-supplied key"
+ public_key, private_key = self._load_rsa_keypair(rsa_1024_pem, "RSA-1024")
+ tbs = '''
+ 31 6B 30 1A 06 09 2A 86 48 86 F7 0D 01 09 03 31
+ 0D 06 0B 2A 86 48 86 F7 0D 01 09 10 01 1A 30 1C
+ 06 09 2A 86 48 86 F7 0D 01 09 05 31 0F 17 0D 31
+ 36 30 37 31 36 30 39 35 32 35 37 5A 30 2F 06 09
+ 2A 86 48 86 F7 0D 01 09 04 31 22 04 20 11 A2 E6
+ 0F 1F 86 AF 45 25 4D 8F E1 1F C9 EA B3 83 4A 41
+ 17 C1 42 B7 43 AD 51 5E F5 A2 F8 E3 25
+ '''
+ tbs = "".join(chr(int(i, 16)) for i in tbs.split())
+ p11.C_SignInit(self.session, CKM_SHA256_RSA_PKCS, private_key)
+ p11.C_SignUpdate(self.session, tbs)
+ sig = p11.C_SignFinal(self.session)
+ self.assertIsInstance(sig, str)
+ p11.C_VerifyInit(self.session, CKM_SHA256_RSA_PKCS, public_key)
+ p11.C_Verify(self.session, tbs, sig)
+ verifier = PKCS1_v1_5.new(RSA.importKey(rsa_1024_pem))
+ digest = SHA256.new(tbs)
+ self.assertTrue(verifier.verify(digest, sig))
+ p11.C_SignInit(self.session, CKM_SHA256_RSA_PKCS, private_key)
+ self.assertEqual(sig, p11.C_Sign(self.session, tbs))
+ p11.C_VerifyInit(self.session, CKM_SHA256_RSA_PKCS, public_key)
+ p11.C_VerifyUpdate(self.session, tbs)
+ p11.C_VerifyFinal(self.session, sig)
# Keys for preload tests, here rather than inline because they're
# bulky. These are in PKCS #8 format, see PyCrypto or the "pkey" and