def sign(self, packet, hash='SHA256', keyid=None): if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message): packet = OpenPGP.LiteralDataPacket(packet) else: packet = self._parse_packet(packet) if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)): key = packet message = self._message else: key = self._key message = packet if not key or not message: return None # Missing some data if isinstance(message, OpenPGP.Message): message = message.signature_and_data()[1] if not (isinstance(key, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj)): key = self.__class__(key) if not keyid: keyid = key.key().fingerprint()[-16:] key = key.private_key(keyid) key_algorithm = None if isinstance(key, Crypto.PublicKey.RSA._RSAobj): key_algorithm = 'RSA' elif isinstance(key, Crypto.PublicKey.DSA._DSAobj): key_algorithm = 'DSA' sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper()) if keyid: sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid)) def doDSA(h, m): return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)], Crypto.Random.random.StrongRandom().randint(1,key.q-1))) sig.sign_data({'RSA': { 'MD5': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.MD5.new(m))], 'RIPEMD160': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.RIPEMD.new(m))], 'SHA1': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA.new(m))], 'SHA224': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA224.new(m))], 'SHA256': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA256.new(m))], 'SHA384': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA384.new(m))], 'SHA512': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA512.new(m))], }, 'DSA': { 'MD5': lambda m: doDSA(Crypto.Hash.MD5, m), 'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m), 'SHA1': lambda m: doDSA(Crypto.Hash.SHA, m), 'SHA224': lambda m: doDSA(Crypto.Hash.SHA224, m), 'SHA256': lambda m: doDSA(Crypto.Hash.SHA256, m), 'SHA384': lambda m: doDSA(Crypto.Hash.SHA384, m), 'SHA512': lambda m: doDSA(Crypto.Hash.SHA512, m), }}) return OpenPGP.Message([sig, message])
def sign_key_userid(self, packet, hash='SHA256', keyid=None): if isinstance(packet, list): packet = OpenPGP.Message(packet) elif not isinstance(packet, OpenPGP.Message): packet = OpenPGP.Message.parse(packet) key = self.key(keyid) if not key or not packet: # Missing some data return None if not keyid: keyid = key.fingerprint()[-16:] key = self.private_key(keyid) sig = None for p in packet: if isinstance(p, OpenPGP.SignaturePacket): sig = p if not sig: sig = OpenPGP.SignaturePacket(packet, 'RSA', hash.upper()) sig.signature_type = 0x13 sig.hashed_subpackets.append(OpenPGP.SignaturePacket.KeyFlagsPacket([0x01])) sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid)) packet.append(sig) def doDSA(h, m): return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)], Crypto.Random.random.StrongRandom().randint(1,key.q-1))) def doRSA(h, m): ctx = key.signer(padding.PKCS1v15(), h()) ctx.update(m) return [ctx.finalize()] sig.sign_data({'RSA': { 'MD5': lambda m: doRSA(hashes.MD5, m), 'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m), 'SHA1': lambda m: doRSA(hashes.SHA1, m), 'SHA224': lambda m: doRSA(hashes.SHA224, m), 'SHA256': lambda m: doRSA(hashes.SHA256, m), 'SHA384': lambda m: doRSA(hashes.SHA384, m), 'SHA512': lambda m: doRSA(hashes.SHA512, m) }, 'DSA': { 'MD5': lambda m: doDSA(Crypto.Hash.MD5, m), 'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m), 'SHA1': lambda m: doDSA(Crypto.Hash.SHA, m), 'SHA224': lambda m: doDSA(Crypto.Hash.SHA224, m), 'SHA256': lambda m: doDSA(Crypto.Hash.SHA256, m), 'SHA384': lambda m: doDSA(Crypto.Hash.SHA384, m), 'SHA512': lambda m: doDSA(Crypto.Hash.SHA512, m), }}) return packet
def sign(self, packet, hash='SHA256', keyid=None): if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message): packet = OpenPGP.LiteralDataPacket(packet) else: packet = self._parse_packet(packet) if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, RSAPrivateKey) or isinstance(packet, DSAPrivateKey) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)): key = packet message = self._message else: key = self._key message = packet if not key or not message: return None # Missing some data if isinstance(message, OpenPGP.Message): message = message.signature_and_data()[1] if not (isinstance(key, RSAPrivateKey) or isinstance(key, DSAPrivateKey)): key = self.__class__(key) if not keyid: keyid = key.key().fingerprint()[-16:] key = key.private_key(keyid) key_algorithm = None if isinstance(key, RSAPrivateKey): key_algorithm = 'RSA' elif isinstance(key, DSAPrivateKey): key_algorithm = 'DSA' sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper()) if keyid: sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid)) def doDSA(h, m): ctx = key.signer(h()) ctx.update(m) return list(self._decode_dsa_der(ctx.finalize())) def doRSA(h, m): ctx = key.signer(padding.PKCS1v15(), h()) ctx.update(m) return [ctx.finalize()] sig.sign_data({'RSA': { 'MD5': lambda m: doRSA(hashes.MD5, m), 'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m), 'SHA1': lambda m: doRSA(hashes.SHA1, m), 'SHA224': lambda m: doRSA(hashes.SHA224, m), 'SHA256': lambda m: doRSA(hashes.SHA256, m), 'SHA384': lambda m: doRSA(hashes.SHA384, m), 'SHA512': lambda m: doRSA(hashes.SHA512, m) }, 'DSA': { 'MD5': lambda m: doDSA(hashes.MD5, m), 'RIPEMD160': lambda m: doDSA(hashes.RIPME160, m), 'SHA1': lambda m: doDSA(hashes.SHA1, m), 'SHA224': lambda m: doDSA(hashes.SHA224, m), 'SHA256': lambda m: doDSA(hashes.SHA256, m), 'SHA384': lambda m: doDSA(hashes.SHA384, m), 'SHA512': lambda m: doDSA(hashes.SHA512, m) }}) return OpenPGP.Message([sig, message])