Skip to content

Commit 9032802

Browse files
committed
Limit SHA3 support to Python 3.6+
The third-party library that adds support for this to Python 3.5 is a binary package, and thus breaks the pure-Python nature of Python-RSA. This should fix [sybrenstuvel#147](sybrenstuvel#147).
1 parent fb8772a commit 9032802

File tree

5 files changed

+27
-41
lines changed

5 files changed

+27
-41
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,10 @@
66
for dependency management. There apparently is an issue no-binary installs of
77
packages build with Poetry. This fixes
88
[#148](https://github.com/sybrenstuvel/python-rsa/issues/148)
9+
- Limited SHA3 support to those Python versions (3.6+) that support it natively.
10+
The third-party library that adds support for this to Python 3.5 is a binary
11+
package, and thus breaks the pure-Python nature of Python-RSA.
12+
This should fix [#147](https://github.com/sybrenstuvel/python-rsa/issues/147).
913

1014

1115
## Version 4.1 - released 2020-06-10

Pipfile

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ name = "pypi"
55

66
[packages]
77
"pyasn1" = ">=0.1.3"
8-
"pysha3" = {version = "~=1.0, >=1.0",markers = "python_version < '3.6'"}
98

109
[dev-packages]
1110
coveralls = "~=1.8, >=1.8"

Pipfile.lock

Lines changed: 1 addition & 28 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

rsa/pkcs1.py

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,6 @@
3333

3434
from . import common, transform, core, key
3535

36-
if sys.version_info < (3, 6):
37-
# Python 3.6 and newer have SHA-3 support. For Python 3.5 we need a third party library.
38-
# This library monkey-patches the hashlib module so that it looks like Python actually
39-
# supports SHA-3 natively.
40-
import sha3 # noqa: F401
41-
4236
# ASN.1 codes that describe the hash algorithm used.
4337
HASH_ASN1 = {
4438
'MD5': b'\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10',
@@ -47,9 +41,6 @@
4741
'SHA-256': b'\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20',
4842
'SHA-384': b'\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30',
4943
'SHA-512': b'\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40',
50-
'SHA3-256': b'\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x08\x05\x00\x04\x20',
51-
'SHA3-384': b'\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x09\x05\x00\x04\x30',
52-
'SHA3-512': b'\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x0a\x05\x00\x04\x40',
5344
}
5445

5546
HASH_METHODS = {
@@ -59,12 +50,24 @@
5950
'SHA-256': hashlib.sha256,
6051
'SHA-384': hashlib.sha384,
6152
'SHA-512': hashlib.sha512,
62-
'SHA3-256': hashlib.sha3_256,
63-
'SHA3-384': hashlib.sha3_384,
64-
'SHA3-512': hashlib.sha3_512,
6553
}
6654

6755

56+
if sys.version_info >= (3, 6):
57+
# Python 3.6 introduced SHA3 support.
58+
HASH_ASN1.update({
59+
'SHA3-256': b'\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x08\x05\x00\x04\x20',
60+
'SHA3-384': b'\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x09\x05\x00\x04\x30',
61+
'SHA3-512': b'\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x0a\x05\x00\x04\x40',
62+
})
63+
64+
HASH_METHODS.update({
65+
'SHA3-256': hashlib.sha3_256,
66+
'SHA3-384': hashlib.sha3_384,
67+
'SHA3-512': hashlib.sha3_512,
68+
})
69+
70+
6871
class CryptoError(Exception):
6972
"""Base class for all exceptions in this module."""
7073

tests/test_pkcs1.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
"""Tests string operations."""
1616

1717
import struct
18+
import sys
1819
import unittest
1920

2021
import rsa
@@ -101,6 +102,12 @@ def test_sign_verify(self):
101102
signature = pkcs1.sign(message, self.priv, 'SHA-256')
102103
self.assertEqual('SHA-256', pkcs1.verify(message, signature, self.pub))
103104

105+
106+
@unittest.skipIf(sys.version_info < (3, 6), "SHA3 requires Python 3.6+")
107+
def test_sign_verify_sha3(self):
108+
"""Test happy flow of sign and verify with SHA3-256"""
109+
110+
message = b'je moeder'
104111
signature = pkcs1.sign(message, self.priv, 'SHA3-256')
105112
self.assertEqual('SHA3-256', pkcs1.verify(message, signature, self.pub))
106113

0 commit comments

Comments
 (0)