push

awslabs · Nov 18, 2024 · 4a5f9c5 · 4a5f9c5
1 parent 084e141
commit 4a5f9c5
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 2 deletions.
diff --git a/awscrt/crypto.py b/awscrt/crypto.py
@@ -91,7 +91,12 @@ class RSASignatureAlgorithm(IntEnum):
     PKCSv1.5 padding with sha256 hash function
     """
 
-    PSS_SHA256 = 1
+    PKCS1_5_SHA1 = 1
+    """
+    PKCSv1.5 padding with sha1 hash function
+    """
+
+    PSS_SHA256 = 2
     """
     PSS padding with sha256 hash function
     """
@@ -117,6 +122,24 @@ def new_public_key_from_pem_data(pem_data: Union[str, bytes, bytearray, memoryvi
         Raises ValueError if pem does not have public key object.
         """
         return RSA(binding=_awscrt.rsa_public_key_from_pem_data(pem_data))
+
+    @staticmethod
+    def new_private_key_from_der_data(pem_data: Union[str, bytes, bytearray, memoryview]) -> 'RSA':
+        """
+        Creates a new instance of private RSA key pair from der data.
+        Expects key in PKCS1 format.
+        Raises ValueError if pem does not have private key object.
+        """
+        return RSA(binding=_awscrt.rsa_private_key_from_der_data(pem_data))
+
+    @staticmethod
+    def new_public_key_from_der_data(pem_data: Union[str, bytes, bytearray, memoryview]) -> 'RSA':
+        """
+        Creates a new instance of public RSA key pair from der data.
+        Expects key in PKCS1 format.
+        Raises ValueError if pem does not have public key object.
+        """
+        return RSA(binding=_awscrt.rsa_public_key_from_der_data(pem_data))
 
     def encrypt(self, encryption_algorithm: RSAEncryptionAlgorithm,
                 plaintext: Union[bytes, bytearray, memoryview]) -> bytes:

diff --git a/crt/aws-c-cal b/crt/aws-c-cal
diff --git a/source/crypto.c b/source/crypto.c
@@ -350,6 +350,31 @@ PyObject *aws_py_rsa_public_key_from_pem_data(PyObject *self, PyObject *args) {
     return capsule;
 }
 
+PyObject *aws_py_rsa_private_key_from_der_data(PyObject *self, PyObject *args) {
+    (void)self;
+
+    struct aws_byte_cursor der_data_cur;
+    if (!PyArg_ParseTuple(args, "s#", &pem_data_cur.ptr, &pem_data_cur.len)) {
+        return NULL;
+    }
+
+    struct aws_rsa_key_pair *key_pair =
+        aws_rsa_key_pair_new_from_private_key_pkcs1(allocator, &der_data_cur);
+
+    if (key_pair == NULL) {
+        PyErr_AwsLastError();
+        goto on_done;
+    }
+
+    capsule = PyCapsule_New(key_pair, s_capsule_name_rsa, s_rsa_destructor);
+
+    if (capsule == NULL) {
+        aws_rsa_key_pair_release(key_pair);
+    }
+
+    return capsule;
+}
+
 PyObject *aws_py_rsa_encrypt(PyObject *self, PyObject *args) {
     (void)self;
 

diff --git a/source/crypto.h b/source/crypto.h
@@ -32,6 +32,9 @@ PyObject *aws_py_sha256_hmac_compute(PyObject *self, PyObject *args);
 PyObject *aws_py_rsa_private_key_from_pem_data(PyObject *self, PyObject *args);
 PyObject *aws_py_rsa_public_key_from_pem_data(PyObject *self, PyObject *args);
 
+PyObject *aws_py_rsa_private_key_from_der_data(PyObject *self, PyObject *args);
+PyObject *aws_py_rsa_public_key_from_der_data(PyObject *self, PyObject *args);
+
 PyObject *aws_py_rsa_encrypt(PyObject *self, PyObject *args);
 PyObject *aws_py_rsa_decrypt(PyObject *self, PyObject *args);
 PyObject *aws_py_rsa_sign(PyObject *self, PyObject *args);
+8 −0		.github/ISSUE_TEMPLATE/bug-report.yml
+32 −0		.github/workflows/issue-regression-labeler.yml
+1 −0		include/aws/cal/rsa.h
+3 −0		source/darwin/securityframework_rsa.c
+2 −1		source/rsa.c
+9 −0		source/unix/openssl_rsa.c
+9 −2		source/windows/bcrypt_rsa.c
+3 −0		tests/CMakeLists.txt
+119 −1		tests/rsa_test.c