def verify(self, signature, data, hash_context): if not isinstance(hash_context, hashes.HashContext): raise TypeError("hash_context must be an instance of hashes.HashContext.") size = self.public_numbers.parameter_numbers.q.bit_length() // 8 r, s = (bytes_to_long(value) for value in read_content(signature, '{0}s{0}s'.format(size))) # r, s = (bytes_to_long(value) for value in read_content(signature, '20s20s')) hash_context.update(data) digest = hash_context.finalize() try: self._key.verify(encode_dss_signature(r, s), digest, Prehashed(SHA256HMAC160())) except InvalidSignature: raise ValueError("invalid signature")
def finalize(self): if self._ctx is None: raise AlreadyFinalized("Context was already finalized.") digest = self._ctx.finalize() self._ctx = None q = self._dsa_key.parameters.parameter_numbers().q # We need this for compatibility with libotr which doesn't truncate its digest to the leftmost q.bit_length() bits # when the digest is longer than that as per the DSA specification (see FIPS 186-4, 4.2 & 4.6). Passing digest mod q # is the same as passing it unmodified, but this way we avoid the cryptography library truncating the digest as per # the specification, which would result in the signature verification failing. if self.algorithm.digest_size * 8 > q.bit_length(): digest = long_to_bytes(bytes_to_long(digest) % q, (q.bit_length() + 7) // 8) return digest
def finalize(self): if self._ctx is None: raise AlreadyFinalized("Context was already finalized.") digest = self._ctx.finalize() self._ctx = None q = self._dsa_key.parameters.parameter_numbers().q # We need this for compatibility with libotr which doesn't truncate its digest to the leftmost q.bit_length() bits # when the digest is longer than that as per the DSA specification (see FIPS 186-4, 4.2 & 4.6). Passing digest mod q # is the same as passing it unmodified, but this way we avoid the cryptography library truncating the digest as per # the specification, which would result in the signature verification failing. if self.algorithm.digest_size * 8 > q.bit_length(): digest = long_to_bytes(bytes_to_long(digest) % q, (q.bit_length() + 7) // 8) return digest
def verify(self, signature, data, hash_context): if not isinstance(hash_context, hashes.HashContext): raise TypeError("hash_context must be an instance of hashes.HashContext.") size = self.public_numbers.parameter_numbers.q.bit_length() // 8 r, s = (bytes_to_long(value) for value in read_content(signature, '{0}s{0}s'.format(size))) # r, s = (bytes_to_long(value) for value in read_content(signature, '20s20s')) verifier = self._key.verifier(encode_dss_signature(r, s), hashes.SHA256()) verifier._hash_ctx = hash_context verifier.update(data) try: verifier.verify() except InvalidSignature: raise ValueError("invalid signature")