sm crypto or more, cryptanalysis tools, toys
Project description
:warning: 警告
本项目仅作个人学习使用,不可用于生产环境,否则后果自负。
This library is only for learning purposes and can
notbe used inproductionenvironments. Otherwise, you will be at your own risk.
:memo: 可参考 tests 中的使用方法
Crypto
SM2
sign
SM2的裸签名,类似ECC,直接用这个签名不符合国标要求,除非自己特意构造的 data即e,没有预处理计算ZA操作,没有SM3,因为在底下的sm2_sm3中有,
sign(self, data: bytes, private_key: int, k: int | None = None)
verify
verify(self, signature: asn1str | Tuple[int, int], data: bytes, public_key: Tuple[int, int])
compute_ZA
compute_ZA(self, public_key: Tuple[int, int], ID: str | None = None)
sign_with_sm3
符合国标的签名 SM2真正的签名对象如下 tobesign = sm3.hash(ZA + data), ZA = compute_ZA(public_key, ID)
sign_with_sm3(self, data: bytes, private_key: int, public_key: Tuple[int, int], ID: str | None = None, randomk: int | None = None)
verify_with_sm3
verify_with_sm3(self, signature: asn1str | Tuple[int, int], data: bytes, public_key: Tuple[int, int], ID: str | None = None)
encrypt
encrypt(self, msg: bytes, public_key: Tuple[int, int], k: int | None = None)
decrypt
decrypt(self, cipher_txt: asn1str, private_key: int)
recover_privateKey_by_kAndrs
已知秘密随机数k,一组r,s(即签名值),可恢复sm2私钥。
recover_privateKey_by_kAndrs(self, k: int, r: int, s: int)
recover_privateKey_by_fixedk_and_2rs
无需知道k的具体值,但知道k是固定值,通过两组rs(即签名值),可恢复sm2私钥。
recover_privateKey_by_fixedk_and_2rs(self, r1: int, s1: int, r2: int, s2: int)
recover_publicKeys_by_eAndrs
纯数学公式计算,知道一组签名值rs与e的值,可恢复公钥,满足条件的公钥可能存在多个。e可能是原消息m,或者是经过hash预处理的e,具体看怎么签的名
recover_publicKeys_by_eAndrs(self, e: int, r: int, s: int)
is_same_k
is_same_k(self, r1, e1, r2, e2)
recover_private_key_by_liner_k
如果k的随机性是线性的,k2 = ak1 + bG,且知道线性参数,可通过两组rs,恢复sm2私钥,故固定k是一种特殊情况
recover_private_key_by_liner_k(self, r1: int, s1: int, r2: int, s2: int, a: int, b: int)
forge_e_signature
纯数学公式计算,t是 r + s,伪造e的签名,说是伪造其实是恢复e而已,已知一组签名值rs及公钥,计算对哪个e进行签名。故可以随机产生一组r,s,然后计算得到一个e,使得验签通过
forge_e_signature(self, public_key: Tuple[int, int], s: int, t: int)
SM3
hash
sm3的hash方法,有点想把str输入移除了
hash(msg: bytes | str) -> bytes
SM4
纯SM4算法加解密实现,不涉及工作模式,所以不存在IV与Padding值 分组密码自身只能加密长度等于密码分组长度的单块数据
encrypt
encrypt(plaintext: bytes, key: bytes) -> bytes
decrypt
decrypt(cipher: bytes, key: bytes) -> bytes
utils
kdf
密钥派生函数
rotl
将x循环左移n位
rotl(x, n)
types
asn1str: TypeAlias = str
TODO :dart:
- sm2协同签名
- CBC-MAC不定长攻击
- 对称密码逆序流程
- M-D 结构 hash 长度拓展攻击
- padding oracle 填充攻击
- hash collision 哈希碰撞
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cryptanalysis_tools-0.1.4.tar.gz.
File metadata
- Download URL: cryptanalysis_tools-0.1.4.tar.gz
- Upload date:
- Size: 22.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8865047a1929eba6059118dc0387261e6bcb8a47ef9a15e57cefffc8a8ec3bed
|
|
| MD5 |
4135dab9605b45988f50e7fcd193b463
|
|
| BLAKE2b-256 |
df16680f0024a9a51a1737a2332567dc5ed9e3e269aaff7515fcd6b909fa3218
|
File details
Details for the file cryptanalysis_tools-0.1.4-py3-none-any.whl.
File metadata
- Download URL: cryptanalysis_tools-0.1.4-py3-none-any.whl
- Upload date:
- Size: 12.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
366851946bc3420b10012cca0e0bc1adb977f21ebb2efbf6376e03163b435ecc
|
|
| MD5 |
957a9e5fee6d172213d6c49596d85c1d
|
|
| BLAKE2b-256 |
f7a6488e5630d29a29d256bb2b07472b799e50804ec60edc16cece2bbeb62984
|
