Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_RSAPUBLIC_BLOB
magic = BcryptConst.BCRYPT_RSAPUBLIC_MAGIC
parsed_key = key_info['public_key'].parsed
prime1_size = 0
prime2_size = 0
else:
blob_type = BcryptConst.BCRYPT_RSAFULLPRIVATE_BLOB
magic = BcryptConst.BCRYPT_RSAFULLPRIVATE_MAGIC
parsed_key = key_info['private_key'].parsed
prime1 = int_to_bytes(parsed_key['prime1'].native)
prime2 = int_to_bytes(parsed_key['prime2'].native)
exponent1 = int_to_bytes(parsed_key['exponent1'].native)
exponent2 = int_to_bytes(parsed_key['exponent2'].native)
coefficient = int_to_bytes(parsed_key['coefficient'].native)
private_exponent = int_to_bytes(parsed_key['private_exponent'].native)
prime1_size = len(prime1)
prime2_size = len(prime2)
public_exponent = int_to_bytes(parsed_key['public_exponent'].native)
modulus = int_to_bytes(parsed_key['modulus'].native)
blob_struct_pointer = struct(bcrypt, 'BCRYPT_RSAKEY_BLOB')
blob_struct = unwrap(blob_struct_pointer)
blob_struct.Magic = magic
blob_struct.BitLength = key_info.bit_size
blob_struct.cbPublicExp = len(public_exponent)
blob_struct.cbModulus = len(modulus)
blob_struct.cbPrime1 = prime1_size
blob_struct.cbPrime2 = prime2_size
blob = struct_bytes(blob_struct_pointer) + public_exponent + modulus
blob += fill_width(exponent2, prime2_size)
blob += fill_width(coefficient, prime1_size)
blob += fill_width(private_exponent, len(modulus))
elif algo == 'dsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_DSA_PUBLIC_BLOB
public_key = key_info['public_key'].parsed.native
params = key_info['algorithm']['parameters']
else:
blob_type = BcryptConst.BCRYPT_DSA_PRIVATE_BLOB
public_key = _unwrap_private_key_info(key_info)['public_key'].native
private_bytes = int_to_bytes(key_info['private_key'].parsed.native)
params = key_info['private_key_algorithm']['parameters']
public_bytes = int_to_bytes(public_key)
p = int_to_bytes(params['p'].native)
g = int_to_bytes(params['g'].native)
q = int_to_bytes(params['q'].native)
if key_info.bit_size > 1024:
q_len = len(q)
else:
q_len = 20
key_width = max(len(public_bytes), len(g), len(p))
public_bytes = fill_width(public_bytes, key_width)
p = fill_width(p, key_width)
g = fill_width(g, key_width)
q = fill_width(q, q_len)
# We don't know the count or seed, so we set them to the max value
blob += fill_width(private_exponent, len(modulus))
elif algo == 'dsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_DSA_PUBLIC_BLOB
public_key = key_info['public_key'].parsed.native
params = key_info['algorithm']['parameters']
else:
blob_type = BcryptConst.BCRYPT_DSA_PRIVATE_BLOB
public_key = _unwrap_private_key_info(key_info)['public_key'].native
private_bytes = int_to_bytes(key_info['private_key'].parsed.native)
params = key_info['private_key_algorithm']['parameters']
public_bytes = int_to_bytes(public_key)
p = int_to_bytes(params['p'].native)
g = int_to_bytes(params['g'].native)
q = int_to_bytes(params['q'].native)
if key_info.bit_size > 1024:
q_len = len(q)
else:
q_len = 20
key_width = max(len(public_bytes), len(g), len(p))
public_bytes = fill_width(public_bytes, key_width)
p = fill_width(p, key_width)
g = fill_width(g, key_width)
q = fill_width(q, q_len)
# We don't know the count or seed, so we set them to the max value
# since setting them to 0 results in a parameter error
count = b'\xff' * 4
if algo == 'rsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_RSAPUBLIC_BLOB
magic = BcryptConst.BCRYPT_RSAPUBLIC_MAGIC
parsed_key = key_info['public_key'].parsed
prime1_size = 0
prime2_size = 0
else:
blob_type = BcryptConst.BCRYPT_RSAFULLPRIVATE_BLOB
magic = BcryptConst.BCRYPT_RSAFULLPRIVATE_MAGIC
parsed_key = key_info['private_key'].parsed
prime1 = int_to_bytes(parsed_key['prime1'].native)
prime2 = int_to_bytes(parsed_key['prime2'].native)
exponent1 = int_to_bytes(parsed_key['exponent1'].native)
exponent2 = int_to_bytes(parsed_key['exponent2'].native)
coefficient = int_to_bytes(parsed_key['coefficient'].native)
private_exponent = int_to_bytes(parsed_key['private_exponent'].native)
prime1_size = len(prime1)
prime2_size = len(prime2)
public_exponent = int_to_bytes(parsed_key['public_exponent'].native)
modulus = int_to_bytes(parsed_key['modulus'].native)
blob_struct_pointer = struct(bcrypt, 'BCRYPT_RSAKEY_BLOB')
blob_struct = unwrap(blob_struct_pointer)
blob_struct.Magic = magic
blob_struct.BitLength = key_info.bit_size
blob_struct.cbPublicExp = len(public_exponent)
blob_struct.cbModulus = len(modulus)
blob_struct.cbPrime1 = prime1_size
blob_struct.cbPrime2 = prime2_size
if not isinstance(data, byte_cls):
raise TypeError(pretty_message(
'''
data must be a byte string, not %s
''',
type_name(data)
))
rsa_public_key = certificate_or_public_key.asn1['public_key'].parsed
transformed_int = pow(
int_from_bytes(data),
rsa_public_key['public_exponent'].native,
rsa_public_key['modulus'].native
)
return int_to_bytes(
transformed_int,
width=certificate_or_public_key.asn1.byte_size
)
elif algo == 'dsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_DSA_PUBLIC_BLOB
public_key = key_info['public_key'].parsed.native
params = key_info['algorithm']['parameters']
else:
blob_type = BcryptConst.BCRYPT_DSA_PRIVATE_BLOB
public_key = _unwrap_private_key_info(key_info)['public_key'].native
private_bytes = int_to_bytes(key_info['private_key'].parsed.native)
params = key_info['private_key_algorithm']['parameters']
public_bytes = int_to_bytes(public_key)
p = int_to_bytes(params['p'].native)
g = int_to_bytes(params['g'].native)
q = int_to_bytes(params['q'].native)
if key_info.bit_size > 1024:
q_len = len(q)
else:
q_len = 20
key_width = max(len(public_bytes), len(g), len(p))
public_bytes = fill_width(public_bytes, key_width)
p = fill_width(p, key_width)
g = fill_width(g, key_width)
q = fill_width(q, q_len)
# We don't know the count or seed, so we set them to the max value
# since setting them to 0 results in a parameter error
count = b'\xff' * 4
seed = b'\xff' * q_len
'secp521r1': BcryptConst.BCRYPT_ECDSA_P521_ALGORITHM,
}[alg_selector]
alg_handle = open_alg_handle(alg_constant)
if algo == 'rsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_RSAPUBLIC_BLOB
magic = BcryptConst.BCRYPT_RSAPUBLIC_MAGIC
parsed_key = key_info['public_key'].parsed
prime1_size = 0
prime2_size = 0
else:
blob_type = BcryptConst.BCRYPT_RSAFULLPRIVATE_BLOB
magic = BcryptConst.BCRYPT_RSAFULLPRIVATE_MAGIC
parsed_key = key_info['private_key'].parsed
prime1 = int_to_bytes(parsed_key['prime1'].native)
prime2 = int_to_bytes(parsed_key['prime2'].native)
exponent1 = int_to_bytes(parsed_key['exponent1'].native)
exponent2 = int_to_bytes(parsed_key['exponent2'].native)
coefficient = int_to_bytes(parsed_key['coefficient'].native)
private_exponent = int_to_bytes(parsed_key['private_exponent'].native)
prime1_size = len(prime1)
prime2_size = len(prime2)
public_exponent = int_to_bytes(parsed_key['public_exponent'].native)
modulus = int_to_bytes(parsed_key['modulus'].native)
blob_struct_pointer = struct(bcrypt, 'BCRYPT_RSAKEY_BLOB')
blob_struct = unwrap(blob_struct_pointer)
blob_struct.Magic = magic
blob_struct.BitLength = key_info.bit_size
blob_struct.cbPublicExp = len(public_exponent)
if key_type == 'private':
blob += prime1 + prime2
blob += fill_width(exponent1, prime1_size)
blob += fill_width(exponent2, prime2_size)
blob += fill_width(coefficient, prime1_size)
blob += fill_width(private_exponent, len(modulus))
elif algo == 'dsa':
if key_type == 'public':
blob_type = BcryptConst.BCRYPT_DSA_PUBLIC_BLOB
public_key = key_info['public_key'].parsed.native
params = key_info['algorithm']['parameters']
else:
blob_type = BcryptConst.BCRYPT_DSA_PRIVATE_BLOB
public_key = _unwrap_private_key_info(key_info)['public_key'].native
private_bytes = int_to_bytes(key_info['private_key'].parsed.native)
params = key_info['private_key_algorithm']['parameters']
public_bytes = int_to_bytes(public_key)
p = int_to_bytes(params['p'].native)
g = int_to_bytes(params['g'].native)
q = int_to_bytes(params['q'].native)
if key_info.bit_size > 1024:
q_len = len(q)
else:
q_len = 20
key_width = max(len(public_bytes), len(g), len(p))
public_bytes = fill_width(public_bytes, key_width)
p = fill_width(p, key_width)