Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/git-n-pissed/mprsa
A MicroPython module for working with RSA keys
https://github.com/git-n-pissed/mprsa
Last synced: 3 months ago
JSON representation
A MicroPython module for working with RSA keys
- Host: GitHub
- URL: https://github.com/git-n-pissed/mprsa
- Owner: git-n-pissed
- License: mit
- Created: 2023-01-09T06:18:42.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2023-01-24T21:09:24.000Z (almost 2 years ago)
- Last Synced: 2024-04-22T12:33:04.201Z (7 months ago)
- Language: C
- Size: 145 KB
- Stars: 4
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Authors: AUTHORS
Awesome Lists containing this project
- awesome-micropython - mprsa - A MicroPython module for creating, importing, and exporting RSA keys in DER and PEM formats with PKCS#1, PKCS#8, and X.509/SPKI structures, and signing/verifying and encryption/decryption using blinding and SHA-1 and SHA-256 hashing algorithms. (Libraries / Communications)
README
# Description
This module is a mash-up of [python-rsa](https://github.com/sybrenstuvel/python-rsa),
[Toms Fast Math](https://github.com/libtom/tomsfastmath) (ported to MicroPython by
[Damiano Mazzella](https://github.com/dmazzella), the author of [ucrypto](https://github.com/dmazzella/ucrypto)),
and [python-asn1](https://github.com/andrivet/python-asn1).
The goal was to create a MicroPython module that would:1. Be simple to use
2. Support loading/exporting RSA keys in common formats/structures
3. Support generation of new keys
4. Support signing/verification with blinding using common hashing algorithms
5. Support encryption/decryption with blinding# Supported Key Formats
- ### Private:
- PKCS#1 DER
- PKCS#1 PEM
- PKCS#8 DER
- PKCS#8 PEM- ### Public:
- PKCS#1 DER
- PKCS#1 PEM
- X.509/SPKI DER
- X.509/SPKI PEM
The OpenSSL commands used to generate supported keys are contained in the docstrings for the
functions that operate on those keys.# Supported Hashing Algorithms
- SHA-1
- SHA-256# How to Build
1. Clone or copy the repo.
2. Copy the contents (not the actual directory) of the `port_modules` directory into the `modules` directory of the
MicroPython port you are building for.
3. Copy the `user_c_modules` directory (the actual directory) somewhere you can reference it your MicroPython build
command. The MicroPython docs recommend placing user C modules outside the MicroPython directory, but I find it
easier to simply have a `user_c_modules` directory inside the MicroPython directory which contains all the user C
modules I want to build. This way you can simply make sure any other user C modules are included in the
`micropython.cmake` in that directory.![mprsa user_c_module directory placement](README_images/mprsa_user_c_modules_directory_placement.png)
4. Run a command similar to this. This command is based on the `user_c_modules` being placed as shown in the
directory structure in the picture above. The command you need to run may change based on your port, board, and
directory structure:
```bash
make -j8 BOARD=GENERIC_S3 USER_C_MODULES="$(pwd)/micropython/user_c_modules/mprsa/micropython.cmake" -C "$(pwd)/micropython/ports/esp32"
```# Examples
See [test.py](https://github.com/git-n-pissed/mprsa/blob/master/tests/test.py)
# Supported Hardware
Hardware which this module has been tested on is listed below with :heavy_check_mark: if it worked, and :x: if it didn't
work. If you are willing to try the module out on other hardware and run
[test.py](https://github.com/git-n-pissed/mprsa/blob/master/tests/test.py) to verify it works, that would be appreciated.
Make an issue with your findings and I'll update this
[README.md](https://github.com/git-n-pissed/mprsa/blob/main/README.md), or make a PR which updates this section of the
[README.md](https://github.com/git-n-pissed/mprsa/blob/main/README.md).
Device
Works
Notes
ESP32
:heavy_check_mark:
- Requires a more aggressive garbage collection threshold than stock. Tested and working with
gc.threshold(1024)
ESP32-S3
:heavy_check_mark:
# Known Limitations
- Key Generation Speed
- Even when using Toms Fast Math, generating a key of any size that can offer real security is slow. The `gen_key`
function defaults to the fastest possible options for key generation (i.e. allowing modulus "n" to be of slightly
fewer bits than specified and not requiring "p" and "q" to be safe primes), but generating a 2048-bit key on an
ESP32-S3 still takes 3 - 5 minutes. When a modulus "n" of an exact size and/or "p" and "q" values which are safe
primes are desired, the time to generate keys increases dramatically. In the case of 2048-bit keys sometimes 30
minutes, sometimes an hour or more.
- Key Size
- Max key size is 2048-bits. This can likely be increased by tweaking [tfm.h](https://github.com/git-n-pissed/mprsa/blob/main/user_c_modules/mprsa/tfm/tfm_mpi.h), specifically the value of `FP_SIZE`.
# Licenses
All the code in this module is copyright under the Apache License, the MIT License, or is public domain.