def sign(self, packet, hash='SHA256', keyid=None):
if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message):
packet = OpenPGP.LiteralDataPacket(packet)
else:
packet = self._parse_packet(packet)
if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)):
key = packet
message = self._message
else:
key = self._key
message = packet
if not key or not message:
return None # Missing some data
if isinstance(message, OpenPGP.Message):
message = message.signature_and_data()[1]
if not (isinstance(key, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj)):
key = self.__class__(key)
if not keyid:
keyid = key.key().fingerprint()[-16:]
key = key.private_key(keyid)
key_algorithm = None
if isinstance(key, Crypto.PublicKey.RSA._RSAobj):
key_algorithm = 'RSA'
elif isinstance(key, Crypto.PublicKey.DSA._DSAobj):
key_algorithm = 'DSA'
sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper())
if keyid:
sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))
def doDSA(h, m):
return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)],
Crypto.Random.random.StrongRandom().randint(1,key.q-1)))
sig.sign_data({'RSA': {
'MD5': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.MD5.new(m))],
'RIPEMD160': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.RIPEMD.new(m))],
'SHA1': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA.new(m))],
'SHA224': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA224.new(m))],
'SHA256': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA256.new(m))],
'SHA384': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA384.new(m))],
'SHA512': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA512.new(m))],
}, 'DSA': {
'MD5': lambda m: doDSA(Crypto.Hash.MD5, m),
'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m),
'SHA1': lambda m: doDSA(Crypto.Hash.SHA, m),
'SHA224': lambda m: doDSA(Crypto.Hash.SHA224, m),
'SHA256': lambda m: doDSA(Crypto.Hash.SHA256, m),
'SHA384': lambda m: doDSA(Crypto.Hash.SHA384, m),
'SHA512': lambda m: doDSA(Crypto.Hash.SHA512, m),
}})
return OpenPGP.Message([sig, message])
def sign_key_userid(self, packet, hash='SHA256', keyid=None):
if isinstance(packet, list):
packet = OpenPGP.Message(packet)
elif not isinstance(packet, OpenPGP.Message):
packet = OpenPGP.Message.parse(packet)
key = self.key(keyid)
if not key or not packet: # Missing some data
return None
if not keyid:
keyid = key.fingerprint()[-16:]
key = self.private_key(keyid)
sig = None
for p in packet:
if isinstance(p, OpenPGP.SignaturePacket):
sig = p
if not sig:
sig = OpenPGP.SignaturePacket(packet, 'RSA', hash.upper())
sig.signature_type = 0x13
sig.hashed_subpackets.append(OpenPGP.SignaturePacket.KeyFlagsPacket([0x01]))
sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))
packet.append(sig)
def doDSA(h, m):
return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)],
Crypto.Random.random.StrongRandom().randint(1,key.q-1)))
def doRSA(h, m):
ctx = key.signer(padding.PKCS1v15(), h())
ctx.update(m)
return [ctx.finalize()]
sig.sign_data({'RSA': {
'MD5': lambda m: doRSA(hashes.MD5, m),
'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m),
'SHA1': lambda m: doRSA(hashes.SHA1, m),
'SHA224': lambda m: doRSA(hashes.SHA224, m),
'SHA256': lambda m: doRSA(hashes.SHA256, m),
'SHA384': lambda m: doRSA(hashes.SHA384, m),
'SHA512': lambda m: doRSA(hashes.SHA512, m)
}, 'DSA': {
'MD5': lambda m: doDSA(Crypto.Hash.MD5, m),
'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m),
'SHA1': lambda m: doDSA(Crypto.Hash.SHA, m),
'SHA224': lambda m: doDSA(Crypto.Hash.SHA224, m),
'SHA256': lambda m: doDSA(Crypto.Hash.SHA256, m),
'SHA384': lambda m: doDSA(Crypto.Hash.SHA384, m),
'SHA512': lambda m: doDSA(Crypto.Hash.SHA512, m),
}})
return packet
def sign(self, packet, hash='SHA256', keyid=None):
if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message):
packet = OpenPGP.LiteralDataPacket(packet)
else:
packet = self._parse_packet(packet)
if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, RSAPrivateKey) or isinstance(packet, DSAPrivateKey) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)):
key = packet
message = self._message
else:
key = self._key
message = packet
if not key or not message:
return None # Missing some data
if isinstance(message, OpenPGP.Message):
message = message.signature_and_data()[1]
if not (isinstance(key, RSAPrivateKey) or isinstance(key, DSAPrivateKey)):
key = self.__class__(key)
if not keyid:
keyid = key.key().fingerprint()[-16:]
key = key.private_key(keyid)
key_algorithm = None
if isinstance(key, RSAPrivateKey):
key_algorithm = 'RSA'
elif isinstance(key, DSAPrivateKey):
key_algorithm = 'DSA'
sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper())
if keyid:
sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))
def doDSA(h, m):
ctx = key.signer(h())
ctx.update(m)
return list(self._decode_dsa_der(ctx.finalize()))
def doRSA(h, m):
ctx = key.signer(padding.PKCS1v15(), h())
ctx.update(m)
return [ctx.finalize()]
sig.sign_data({'RSA': {
'MD5': lambda m: doRSA(hashes.MD5, m),
'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m),
'SHA1': lambda m: doRSA(hashes.SHA1, m),
'SHA224': lambda m: doRSA(hashes.SHA224, m),
'SHA256': lambda m: doRSA(hashes.SHA256, m),
'SHA384': lambda m: doRSA(hashes.SHA384, m),
'SHA512': lambda m: doRSA(hashes.SHA512, m)
}, 'DSA': {
'MD5': lambda m: doDSA(hashes.MD5, m),
'RIPEMD160': lambda m: doDSA(hashes.RIPME160, m),
'SHA1': lambda m: doDSA(hashes.SHA1, m),
'SHA224': lambda m: doDSA(hashes.SHA224, m),
'SHA256': lambda m: doDSA(hashes.SHA256, m),
'SHA384': lambda m: doDSA(hashes.SHA384, m),
'SHA512': lambda m: doDSA(hashes.SHA512, m)
}})
return OpenPGP.Message([sig, message])
