def generate_dsa_key_pair(bits=1024):
dsa = DSA.gen_params(1024, lambda x:None)
dsa.gen_key()
pub = BIO.MemoryBuffer()
dsa.save_pub_key_bio(pub)
priv = BIO.MemoryBuffer()
dsa.save_key_bio(priv, cipher=None)
return dsa, priv.read(), pub.read()
def test_genparam_setparam_genkey(self):
dsa = DSA.gen_params(1024, self.callback)
assert len(dsa) == 1024
p = dsa.p
q = dsa.q
g = dsa.g
dsa2 = DSA.set_params(p,q,g)
assert not dsa2.check_key()
dsa2.gen_key()
assert dsa2.check_key()
r,s = dsa2.sign(self.data)
assert dsa2.verify(self.data, r, s)
def test_pub_key_from_params(self):
dsa = DSA.gen_params(1024, self.callback)
dsa.gen_key()
assert len(dsa) == 1024
p = dsa.p
q = dsa.q
g = dsa.g
pub = dsa.pub
dsa2 = DSA.pub_key_from_params(p, q, g, pub)
assert dsa2.check_key()
r, s = dsa.sign(self.data)
assert dsa2.verify(self.data, r, s)
def test_genparam_setparam_genkey(self):
dsa = DSA.gen_params(1024, self.callback)
self.assertEqual(len(dsa), 1024)
p = dsa.p
q = dsa.q
g = dsa.g
dsa2 = DSA.set_params(p, q, g)
assert not dsa2.check_key()
dsa2.gen_key()
assert dsa2.check_key()
r, s = dsa2.sign(self.data)
assert dsa2.verify(self.data, r, s)
def test_pub_key_from_params(self):
dsa = DSA.gen_params(1024, self.callback)
dsa.gen_key()
assert len(dsa) == 1024
p = dsa.p
q = dsa.q
g = dsa.g
pub = dsa.pub
dsa2 = DSA.pub_key_from_params(p,q,g,pub)
assert dsa2.check_key()
r,s = dsa.sign(self.data)
assert dsa2.verify(self.data, r, s)
def createKey(self, cipher, length, callback, parent=None):
key = None
if cipher == "RSA":
exp = 65537
print ("Create RSA key with key length %d bits\n" % length)
key = RSA.gen_key(length, exp, callback)
elif cipher == "DSA":
print ("Create DSA key with key length %d bits\n" % length)
dsa = DSA.gen_params(length, callback)
dsa.gen_key()
key = dsa
if parent != None:
parent.finishedGeneration(key)
return key
def _generate_keypair(password=None):
dsa = DSA.gen_params(1024, os.urandom)
mem_pub = BIO.MemoryBuffer()
mem_private = BIO.MemoryBuffer()
dsa.gen_key()
if password is None:
dsa.save_key_bio(mem_private, cipher=None)
else:
dsa.save_key_bio(mem_private, callback=lambda _: password)
private_key = mem_private.getvalue()
dsa.save_pub_key_bio(mem_pub)
public_key = _run_ssh_on_string(SSH_KEYGEN_COMMAND + " -f %s -i -m PKCS8",
mem_pub.getvalue())[:-1]
return {"public": public_key, "private": private_key}
def key_generation():
#DSA key generation
dsa = DSA.gen_params(1024)
dsa.gen_key()
dsa.save_key('dsa.key', None)
dsa.save_pub_key('dsa_pub.key')
#RSA key generation
new_key = RSA.generate(1024)
public_key = new_key.publickey().exportKey("PEM")
private_key = new_key.exportKey("PEM")
with open('rsa_pub.key','w') as f:
f.write(public_key)
with open('rsa.key','w') as f:
f.write(private_key)
return "Key generated!"
def main(keylen, hashalg):
global dsa, dgst # this exists ONLY for speed testing
Rand.load_file('randpool.dat', -1)
pvtkeyfilename = 'DSA%dpvtkey.pem' % (keylen)
pubkeyfilename = 'DSA%dpubkey.pem' % (keylen)
if makenewkey:
print ' making and saving a new key'
dsa = DSA.gen_params(keylen)
dsa.gen_key()
dsa.save_key(pvtkeyfilename, None) # no pswd callback
dsa.save_pub_key(pubkeyfilename)
else:
print ' loading an existing key'
dsa = DSA.load_key(pvtkeyfilename)
print ' dsa key length:', len(dsa)
if not dsa.check_key():
raise 'key is not initialised'
if showpubkey:
dsa_pub = dsa.pub
pub_pem = base64.encodestring(dsa_pub)
print ' PEM public key is: \n', pub_pem
# since we are testing signing and verification, let's not
# be fussy about the digest. Just make one.
md = EVP.MessageDigest(hashalg)
md.update('can you spell subliminal channel?')
dgst = md.digest()
print ' hash algorithm: %s' % hashalg
if showdigest:
print ' %s digest: \n%s' % (hashalg, base64.encodestring(dgst))
test(dsa, dgst)
# test_asn1(dsa, dgst)
test_speed(dsa, dgst)
Rand.save_file('randpool.dat')
def main(keylen, hashalg):
global dsa, dgst # this exists ONLY for speed testing
Rand.load_file('randpool.dat', -1)
pvtkeyfilename = 'DSA%dpvtkey.pem' % (keylen)
pubkeyfilename = 'DSA%dpubkey.pem' % (keylen)
if makenewkey:
print ' making and saving a new key'
dsa = DSA.gen_params(keylen)
dsa.gen_key()
dsa.save_key(pvtkeyfilename, None ) # no pswd callback
dsa.save_pub_key(pubkeyfilename)
else:
print ' loading an existing key'
dsa = DSA.load_key(pvtkeyfilename)
print ' dsa key length:', len(dsa)
if not dsa.check_key():
raise 'key is not initialised'
if showpubkey:
dsa_pub = dsa.pub
pub_pem = base64.encodestring(dsa_pub)
print ' PEM public key is: \n',pub_pem
# since we are testing signing and verification, let's not
# be fussy about the digest. Just make one.
md = EVP.MessageDigest(hashalg)
md.update('can you spell subliminal channel?')
dgst = md.digest()
print ' hash algorithm: %s' % hashalg
if showdigest:
print ' %s digest: \n%s' % (hashalg, base64.encodestring(dgst))
test(dsa, dgst)
# test_asn1(dsa, dgst)
test_speed(dsa, dgst)
Rand.save_file('randpool.dat')
def generate_keypair(self, password=None):
''' Generate a 1024 bit DSA key. Someday they will be password
protected.
returns public key, private key '''
dsa = DSA.gen_params(1024, os.urandom)
mem_pub = BIO.MemoryBuffer()
mem_private = BIO.MemoryBuffer()
dsa.gen_key()
if password is None:
dsa.save_key_bio(mem_private, cipher=None)
else:
dsa.save_key_bio(mem_private, callback=lambda _: password)
private_key = mem_private.getvalue()
dsa.save_pub_key_bio(mem_pub)
public_key = self._pubkey_from_private(mem_pub.getvalue())
return public_key, private_key
#!/usr/bin/python from M2Crypto import DSA dsainstance = DSA.gen_params(512) print dsainstance
