mirror of
https://github.com/servo/servo.git
synced 2025-09-01 10:38:25 +01:00
Update web-platform-tests to revision 8a2ceb5f18911302b7a5c1cd2791f4ab50ad4326
This commit is contained in:
Josh Matthews
parent
462c272380
commit
1f531f66ea
5377 changed files with 174916 additions and 84369 deletions
|
|
@ -0,0 +1 @@
|
|||
ed25519_broken_signature="trollololo";
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ==
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_signature=true;
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
Integrity: sha256-Potato
|
||||
Integrity: ed25519-Potato
|
||||
Integrity: ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ==
|
||||
Integrity: ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_signature=true;
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: sha256-Potato ed25519-Potato ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ== ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_signature=true;
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: sha256-Potato, ed25519-Potato ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ== ,ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_no_signature=true;
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_signature=true;
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ==
|
||||
|
|
@ -0,0 +1 @@
|
|||
ed25519_signature=true;
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: ed25519-jMATgofD8LM8FWYjBhryikPzo9bUJOgBlJLOS0su1vjMrVmemh5AqPWIGxroEOuyjHj/TH2jsyy4nh6Ti8iECw==
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
Integrity: sha256-Potato
|
||||
Integrity: ed25519-Potato
|
||||
Integrity: ed25519-k+0f30qLFYl2l2/jK7VgDo6YoWyzWoyGKGgmXxxGUUkaQbvj/n0ABXQqRbHQr+EMXOaJU206t1SjkbSSBPN5CQ==
|
||||
Integrity: ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: sha256-Potato ed25519-Potato ed25519-k+0f30qLFYl2l2/jK7VgDo6YoWyzWoyGKGgmXxxGUUkaQbvj/n0ABXQqRbHQr+EMXOaJU206t1SjkbSSBPN5CQ== ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: sha256-Potato, ed25519-Potato ed25519-k+0f30qLFYl2l2/jK7VgDo6YoWyzWoyGKGgmXxxGUUkaQbvj/n0ABXQqRbHQr+EMXOaJU206t1SjkbSSBPN5CQ== ,ed25519-PotatoPotato
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1 @@
|
|||
Integrity: ed25519-dY4xEJDd1AMMbFNIhAMzJO6uhp6gZJOhchjJXDB8yY67rYrF4QUmUWS9gkvdY0Cxo8Rnb2kIdoUiigodoatKDQ==
|
||||
|
|
@ -0,0 +1 @@
|
|||
.testdiv{ background-color: yellow }
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
Integrity: ed25519-k+0f30qLFYl2l2/jK7VgDo6YoWyzWoyGKGgmXxxGUUkaQbvj/n0ABXQqRbHQr+EMXOaJU206t1SjkbSSBPN5CQ==
|
||||
|
||||
|
|
@ -0,0 +1,126 @@
|
|||
<!DOCTYPE html>
|
||||
<meta charset=utf-8>
|
||||
<title>Subresource Integrity</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/resources/sriharness.js"></script>
|
||||
|
||||
<div id="log"></div>
|
||||
|
||||
<div id="container"></div>
|
||||
<script>
|
||||
var public_key = "otDax00eEy6QTMK61lfzrHgZDsXw++rdJkYi02N6X0c="
|
||||
var style_tests = [];
|
||||
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes, with correct key + signature.",
|
||||
{
|
||||
href: "ed25519-style.css?1",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
false,
|
||||
"Fails, because the key is malformed.",
|
||||
{
|
||||
href: "ed25519-style.css?2",
|
||||
integrity: "ed25519-PotatoPotatoPotato"
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
false,
|
||||
"Fails because of wrong key.",
|
||||
{
|
||||
href: "ed25519-style.css?3",
|
||||
integrity: "ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato="
|
||||
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
false,
|
||||
"Fails, because of missing key.",
|
||||
{
|
||||
href: "ed25519-style-no-signature.css",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
false,
|
||||
"Fails, because of wrong key.",
|
||||
{
|
||||
href: "ed25519-style-wrong-signature.css",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes, because the first of two keys passes.",
|
||||
{
|
||||
href: "ed25519-style.css?1",
|
||||
integrity: "ed25519-" + public_key +
|
||||
" ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato="
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes, because the second of two keys passes.",
|
||||
{
|
||||
href: "ed25519-style.css?1",
|
||||
integrity: "ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato= " +
|
||||
"ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes, because at least one signature matches.",
|
||||
{
|
||||
href: "ed25519-style-multi-signature.css",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes (as above), with commas between values.",
|
||||
{
|
||||
href: "ed25519-style-multi-signature2.css",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes (as above), with multiple headers.",
|
||||
{
|
||||
href: "ed25519-style-multi-signature-headers.css",
|
||||
integrity: "ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
new SRIStyleTest(
|
||||
style_tests,
|
||||
true,
|
||||
"Passes, with multiple signatures + multiple keys.",
|
||||
{
|
||||
href: "ed25519-style-multi-signature.css?2",
|
||||
integrity: "ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato= " +
|
||||
"ed25519-" + public_key
|
||||
}
|
||||
);
|
||||
|
||||
// Run all style_tests in sequence.
|
||||
function execute_next_style_test() {
|
||||
if (style_tests.length > 0)
|
||||
style_tests.shift().execute();
|
||||
}
|
||||
add_result_callback(execute_next_style_test);
|
||||
execute_next_style_test();
|
||||
</script>
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
<!DOCTYPE html>
|
||||
<meta http-equiv="Content-Security-Policy"
|
||||
content="script-src 'unsafe-inline' 'nonce-abcd' 'ed25519-qGFmwTxlocg707D1cX4w60iTwtfwbMLf8ITDyfko7s0='">
|
||||
|
||||
<title>Subresource Integrity with Ed25519 plus Content Security Policy</title>
|
||||
<script src="/resources/testharness.js" nonce="abcd"></script>
|
||||
<script src="/resources/testharnessreport.js" nonce="abcd"></script>
|
||||
<script src="/resources/sriharness.js" nonce="abcd"></script>
|
||||
|
||||
<div id="log"></div>
|
||||
<div id="container"></div>
|
||||
<script nonce="abcd">
|
||||
// This needs to be the same key as in this doc's content security policy.
|
||||
var public_key = "qGFmwTxlocg707D1cX4w60iTwtfwbMLf8ITDyfko7s0=";
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed25519-with-CSP, passes, valid key, valid signature.",
|
||||
"ed25519-signature.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed25519-with-CSP, fails, valid key, invalid signature.",
|
||||
"ed25519-broken-signature.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
|
||||
// The first of these uses the nonce rather than the signature to pass CSP.
|
||||
// That doesn't test anything useful about the Ed25519 feature, but is here
|
||||
// to test the precondition for the next test. So if this test passes and
|
||||
// the second one fails, then we can be sure that the 2nd test failed only
|
||||
// because of the CSP key mismatch, as that's the only difference between
|
||||
// the tests.
|
||||
var key_not_in_csp = "5MVHFfs/9Ri+YSwH4FwneSFp88t1ljryPoLxdiyTKks=";
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed25519-with-CSP, passes, alternative key.",
|
||||
"ed25519-signature2.js",
|
||||
"ed25519-" + key_not_in_csp,
|
||||
/* cross origin */ undefined,
|
||||
/* nonce */ "abcd").execute();
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed25519-with-CSP, fails, valid key, valid signature, key not in CSP.",
|
||||
"ed25519-signature2.js",
|
||||
"ed25519-" + key_not_in_csp,
|
||||
).execute();
|
||||
</script>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,83 @@
|
|||
<!DOCTYPE html>
|
||||
<meta charset=utf-8>
|
||||
<title>Subresource Integrity</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/resources/sriharness.js"></script>
|
||||
|
||||
<div id="log"></div>
|
||||
|
||||
<div id="container"></div>
|
||||
<script>
|
||||
var public_key = "qGFmwTxlocg707D1cX4w60iTwtfwbMLf8ITDyfko7s0="
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes.",
|
||||
"ed25519-signature.js?1",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed255519 signature, fails because key is malformed.",
|
||||
"ed25519-signature.js?2",
|
||||
"ed25519-PotatoPotatoPotato"
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed255519 signature, fails because wrong key.",
|
||||
"ed25519-signature.js?3",
|
||||
"ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato="
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed255519 signature, fails because no signature in response header.",
|
||||
"ed25519-no-signature.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
false,
|
||||
"Ed255519 signature, fails because incorrect signature in response.",
|
||||
"ed25519-broken-signature.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes if any (first) of two keys passes.",
|
||||
"ed25519-signature.js?4",
|
||||
"ed25519-" + public_key +
|
||||
" ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato="
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes if any (second) of two keys passes.",
|
||||
"ed25519-signature.js?5",
|
||||
"ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato= ed25519-" +
|
||||
public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes because at least one signature matches.",
|
||||
"ed25519-multi-signature.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes (as above), with commas between values.",
|
||||
"ed25519-multi-signature2.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes (as above), with multiple headers.",
|
||||
"ed25519-multi-signature-headers.js",
|
||||
"ed25519-" + public_key
|
||||
).execute();
|
||||
new SRIScriptTest(
|
||||
true,
|
||||
"Ed255519 signature, passes, with multiple signature + multiple keys.",
|
||||
"ed25519-multi-signature.js?2",
|
||||
"ed25519-PotatoPotatoPotatoPotatoPotatoAvocadoPotato= ed25519-" +
|
||||
public_key
|
||||
).execute();
|
||||
</script>
|
||||
|
||||
|
|
@ -3,6 +3,7 @@
|
|||
<title>Subresource Integrity</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/resources/sriharness.js"></script>
|
||||
|
||||
<div id="log"></div>
|
||||
|
||||
|
|
@ -46,36 +47,6 @@
|
|||
+ '//' + www_host_and_port
|
||||
+ '/subresource-integrity/crossorigin-ineligible-script.js';
|
||||
|
||||
var SRIScriptTest = function(pass, name, src, integrityValue, crossoriginValue) {
|
||||
this.pass = pass;
|
||||
this.name = "Script: " + name;
|
||||
this.src = src;
|
||||
this.integrityValue = integrityValue;
|
||||
this.crossoriginValue = crossoriginValue;
|
||||
}
|
||||
|
||||
SRIScriptTest.prototype.execute = function() {
|
||||
var test = async_test(this.name);
|
||||
var e = document.createElement("script");
|
||||
e.src = this.src;
|
||||
e.setAttribute("integrity", this.integrityValue);
|
||||
if(this.crossoriginValue) {
|
||||
e.setAttribute("crossorigin", this.crossoriginValue);
|
||||
}
|
||||
if(this.pass) {
|
||||
e.addEventListener("load", function() {test.done()});
|
||||
e.addEventListener("error", function() {
|
||||
test.step(function(){ assert_unreached("Good load fired error handler.") })
|
||||
});
|
||||
} else {
|
||||
e.addEventListener("load", function() {
|
||||
test.step(function() { assert_unreached("Bad load succeeded.") })
|
||||
});
|
||||
e.addEventListener("error", function() {test.done()});
|
||||
}
|
||||
document.body.appendChild(e);
|
||||
};
|
||||
|
||||
// Note that all of these style URLs have query parameters started, so any
|
||||
// additional parameters should be appended starting with '&'.
|
||||
var xorigin_anon_style = location.protocol
|
||||
|
|
@ -91,72 +62,6 @@
|
|||
+ '//' + www_host_and_port
|
||||
+ '/subresource-integrity/crossorigin-ineligible-style.css?';
|
||||
|
||||
// <link> tests
|
||||
// Style tests must be done synchronously because they rely on the presence
|
||||
// and absence of global style, which can affect later tests. Thus, instead
|
||||
// of executing them one at a time, the style tests are implemented as a
|
||||
// queue that builds up a list of tests, and then executes them one at a
|
||||
// time.
|
||||
var SRIStyleTest = function(queue, pass, name, attrs, customCallback, altPassValue) {
|
||||
this.pass = pass;
|
||||
this.name = "Style: " + name;
|
||||
this.customCallback = customCallback || function () {};
|
||||
this.attrs = attrs || {};
|
||||
this.passValue = altPassValue || "rgb(255, 255, 0)";
|
||||
|
||||
this.test = async_test(this.name);
|
||||
|
||||
this.queue = queue;
|
||||
this.queue.push(this);
|
||||
}
|
||||
|
||||
SRIStyleTest.prototype.execute = function() {
|
||||
var that = this;
|
||||
var container = document.getElementById("container");
|
||||
while (container.hasChildNodes()) {
|
||||
container.removeChild(container.firstChild);
|
||||
}
|
||||
|
||||
var test = this.test;
|
||||
|
||||
var div = document.createElement("div");
|
||||
div.className = "testdiv";
|
||||
var e = document.createElement("link");
|
||||
this.attrs.rel = this.attrs.rel || "stylesheet";
|
||||
for (var key in this.attrs) {
|
||||
if (this.attrs.hasOwnProperty(key)) {
|
||||
e.setAttribute(key, this.attrs[key]);
|
||||
}
|
||||
}
|
||||
|
||||
if(this.pass) {
|
||||
e.addEventListener("load", function() {
|
||||
test.step(function() {
|
||||
var background = window.getComputedStyle(div, null).getPropertyValue("background-color");
|
||||
assert_equals(background, that.passValue);
|
||||
test.done();
|
||||
});
|
||||
});
|
||||
e.addEventListener("error", function() {
|
||||
test.step(function(){ assert_unreached("Good load fired error handler.") })
|
||||
});
|
||||
} else {
|
||||
e.addEventListener("load", function() {
|
||||
test.step(function() { assert_unreached("Bad load succeeded.") })
|
||||
});
|
||||
e.addEventListener("error", function() {
|
||||
test.step(function() {
|
||||
var background = window.getComputedStyle(div, null).getPropertyValue("background-color");
|
||||
assert_not_equals(background, that.passValue);
|
||||
test.done();
|
||||
});
|
||||
});
|
||||
}
|
||||
container.appendChild(div);
|
||||
container.appendChild(e);
|
||||
this.customCallback(e, container);
|
||||
};
|
||||
|
||||
var style_tests = [];
|
||||
style_tests.execute = function() {
|
||||
if (this.length > 0) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,109 @@
|
|||
# The original version of this file was downloaded from
|
||||
# http://ed25519.cr.yp.to/software.html, and came with the following copyright
|
||||
# statement:
|
||||
# The Ed25519 software is in the public domain.
|
||||
|
||||
import hashlib
|
||||
|
||||
b = 256
|
||||
q = 2**255 - 19
|
||||
l = 2**252 + 27742317777372353535851937790883648493
|
||||
|
||||
def H(m):
|
||||
return hashlib.sha512(m).digest()
|
||||
|
||||
def expmod(b,e,m):
|
||||
if e == 0: return 1
|
||||
t = expmod(b,e/2,m)**2 % m
|
||||
if e & 1: t = (t*b) % m
|
||||
return t
|
||||
|
||||
def inv(x):
|
||||
return expmod(x,q-2,q)
|
||||
|
||||
d = -121665 * inv(121666)
|
||||
I = expmod(2,(q-1)/4,q)
|
||||
|
||||
def xrecover(y):
|
||||
xx = (y*y-1) * inv(d*y*y+1)
|
||||
x = expmod(xx,(q+3)/8,q)
|
||||
if (x*x - xx) % q != 0: x = (x*I) % q
|
||||
if x % 2 != 0: x = q-x
|
||||
return x
|
||||
|
||||
By = 4 * inv(5)
|
||||
Bx = xrecover(By)
|
||||
B = [Bx % q,By % q]
|
||||
|
||||
def edwards(P,Q):
|
||||
x1 = P[0]
|
||||
y1 = P[1]
|
||||
x2 = Q[0]
|
||||
y2 = Q[1]
|
||||
x3 = (x1*y2+x2*y1) * inv(1+d*x1*x2*y1*y2)
|
||||
y3 = (y1*y2+x1*x2) * inv(1-d*x1*x2*y1*y2)
|
||||
return [x3 % q,y3 % q]
|
||||
|
||||
def scalarmult(P,e):
|
||||
if e == 0: return [0,1]
|
||||
Q = scalarmult(P,e/2)
|
||||
Q = edwards(Q,Q)
|
||||
if e & 1: Q = edwards(Q,P)
|
||||
return Q
|
||||
|
||||
def encodeint(y):
|
||||
bits = [(y >> i) & 1 for i in range(b)]
|
||||
return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
|
||||
|
||||
def encodepoint(P):
|
||||
x = P[0]
|
||||
y = P[1]
|
||||
bits = [(y >> i) & 1 for i in range(b - 1)] + [x & 1]
|
||||
return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
|
||||
|
||||
def bit(h,i):
|
||||
return (ord(h[i/8]) >> (i%8)) & 1
|
||||
|
||||
def publickey(sk):
|
||||
h = H(sk)
|
||||
a = 2**(b-2) + sum(2**i * bit(h,i) for i in range(3,b-2))
|
||||
A = scalarmult(B,a)
|
||||
return encodepoint(A)
|
||||
|
||||
def Hint(m):
|
||||
h = H(m)
|
||||
return sum(2**i * bit(h,i) for i in range(2*b))
|
||||
|
||||
def signature(m,sk,pk):
|
||||
h = H(sk)
|
||||
a = 2**(b-2) + sum(2**i * bit(h,i) for i in range(3,b-2))
|
||||
r = Hint(''.join([h[i] for i in range(b/8,b/4)]) + m)
|
||||
R = scalarmult(B,r)
|
||||
S = (r + Hint(encodepoint(R) + pk + m) * a) % l
|
||||
return encodepoint(R) + encodeint(S)
|
||||
|
||||
def isoncurve(P):
|
||||
x = P[0]
|
||||
y = P[1]
|
||||
return (-x*x + y*y - 1 - d*x*x*y*y) % q == 0
|
||||
|
||||
def decodeint(s):
|
||||
return sum(2**i * bit(s,i) for i in range(0,b))
|
||||
|
||||
def decodepoint(s):
|
||||
y = sum(2**i * bit(s,i) for i in range(0,b-1))
|
||||
x = xrecover(y)
|
||||
if x & 1 != bit(s,b-1): x = q-x
|
||||
P = [x,y]
|
||||
if not isoncurve(P): raise Exception("decoding point that is not on curve")
|
||||
return P
|
||||
|
||||
def checkvalid(s,m,pk):
|
||||
if len(s) != b/4: raise Exception("signature length is wrong")
|
||||
if len(pk) != b/8: raise Exception("public-key length is wrong")
|
||||
R = decodepoint(s[0:b/8])
|
||||
A = decodepoint(pk)
|
||||
S = decodeint(s[b/8:b/4])
|
||||
h = Hint(encodepoint(R) + pk + m)
|
||||
if scalarmult(B,S) != edwards(R,scalarmult(A,h)):
|
||||
raise Exception("signature does not pass verification")
|
||||
|
|
@ -1,6 +1,8 @@
|
|||
from os import path, listdir
|
||||
from hashlib import sha512, sha384, sha256, md5
|
||||
from base64 import b64encode
|
||||
from random import randint
|
||||
import ed25519
|
||||
import re
|
||||
|
||||
DIR = path.normpath(path.join(__file__, "..", ".."))
|
||||
|
|
@ -37,6 +39,21 @@ Generate an encoded sha256 URI.
|
|||
def sha256_uri(content):
|
||||
return "sha256-%s" % format_digest(sha256(content).digest())
|
||||
|
||||
'''
|
||||
Generate an encoded ed25519 signature.
|
||||
'''
|
||||
def ed25519_signature(private_public_key, content):
|
||||
signature = ed25519.signature(content, *private_public_key)
|
||||
return "ed25519-%s" % format_digest(signature)
|
||||
|
||||
'''
|
||||
Generate private + public key pair for ed25519 signatures.
|
||||
'''
|
||||
def ed25519_key_pair():
|
||||
secret_key = ''.join(chr(randint(0, 255)) for _ in range(0,32))
|
||||
public_key = ed25519.publickey(secret_key)
|
||||
return (secret_key, public_key)
|
||||
|
||||
'''
|
||||
Generate an encoded md5 digest URI.
|
||||
'''
|
||||
|
|
@ -44,14 +61,17 @@ def md5_uri(content):
|
|||
return "md5-%s" % format_digest(md5(content).digest())
|
||||
|
||||
def main():
|
||||
ed25519_key = ed25519_key_pair()
|
||||
for file in js_and_css_files():
|
||||
print "Listing hash values for %s" % file
|
||||
with open(file, "r") as content_file:
|
||||
content = content_file.read()
|
||||
print "\tSHA512 integrity: %s" % sha512_uri(content)
|
||||
print "\tSHA384 integrity: %s" % sha384_uri(content)
|
||||
print "\tSHA256 integrity: %s" % sha256_uri(content)
|
||||
print "\tMD5 integrity: %s" % md5_uri(content)
|
||||
print "\tSHA512 integrity: %s" % sha512_uri(content)
|
||||
print "\tSHA384 integrity: %s" % sha384_uri(content)
|
||||
print "\tSHA256 integrity: %s" % sha256_uri(content)
|
||||
print "\tMD5 integrity: %s" % md5_uri(content)
|
||||
print "\tEd25519 integrity: %s" % ed25519_signature(ed25519_key, content)
|
||||
print "\nEd25519 public key (used above): %s" % format_digest(ed25519_key[1])
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue