def pkcs1_sign(priv, msg):
d, n = priv
modlen = rsa.byte_len(n)
h = sha1(msg).hexdigest()
npad = modlen - 2 - 1 - len(asn1_sha1_prefix + h) / 2
mr = '0001' + ('ff' * npad) + '00' + asn1_sha1_prefix + h
mr = long(mr, 16)
return rsa.raw_decrypt(priv, mr)
def pkcs1_sign(priv, msg):
d, n = priv
modlen = rsa.byte_len(n)
h = sha1(msg).hexdigest()
npad = modlen - 2 - 1 - len(asn1_sha1_prefix + h) / 2
mr = "0001" + ("ff" * npad) + "00" + asn1_sha1_prefix + h
mr = long(mr, 16)
return rsa.raw_decrypt(priv, mr)
def bad_pkcs1_verify(pub, sig, msg):
e, n = pub
modlen = rsa.byte_len(n)
mr = rsa.raw_encrypt(pub, sig)
h = sha1(msg).hexdigest().lower()
mrh = ('%0' + str(modlen * 2) + 'x') % mr
if match('^0001ff+00' + asn1_sha1_prefix + h, mrh):
return 'ok'
else:
return 'bad signature'
def bad_pkcs1_verify(pub, sig, msg):
e, n = pub
modlen = rsa.byte_len(n)
mr = rsa.raw_encrypt(pub, sig)
h = sha1(msg).hexdigest().lower()
mrh = ("%0" + str(modlen * 2) + "x") % mr
if match("^0001ff+00" + asn1_sha1_prefix + h, mrh):
return "ok"
else:
return "bad signature"
