Пример #1
0
    def sign(self, packet, hash='SHA256', keyid=None):
        if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message):
            packet = OpenPGP.LiteralDataPacket(packet)
        else:
            packet = self._parse_packet(packet)

        if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)):
            key = packet
            message = self._message
        else:
            key = self._key
            message = packet

        if not key or not message:
            return None # Missing some data

        if isinstance(message, OpenPGP.Message):
            message = message.signature_and_data()[1]

        if not (isinstance(key, Crypto.PublicKey.RSA._RSAobj) or isinstance(packet, Crypto.PublicKey.DSA._DSAobj)):
            key = self.__class__(key)
            if not keyid:
                keyid = key.key().fingerprint()[-16:]
            key = key.private_key(keyid)

        key_algorithm = None
        if isinstance(key, Crypto.PublicKey.RSA._RSAobj):
            key_algorithm = 'RSA'
        elif isinstance(key, Crypto.PublicKey.DSA._DSAobj):
            key_algorithm = 'DSA'

        sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper())

        if keyid:
            sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))

        def doDSA(h, m):
            return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)],
                Crypto.Random.random.StrongRandom().randint(1,key.q-1)))

        sig.sign_data({'RSA': {
                'MD5':       lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.MD5.new(m))],
                'RIPEMD160': lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.RIPEMD.new(m))],
                'SHA1':      lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA.new(m))],
                'SHA224':    lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA224.new(m))],
                'SHA256':    lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA256.new(m))],
                'SHA384':    lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA384.new(m))],
                'SHA512':    lambda m: [Crypto.Signature.PKCS1_v1_5.new(key).sign(Crypto.Hash.SHA512.new(m))],
            }, 'DSA': {
                'MD5':       lambda m: doDSA(Crypto.Hash.MD5, m),
                'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m),
                'SHA1':      lambda m: doDSA(Crypto.Hash.SHA, m),
                'SHA224':    lambda m: doDSA(Crypto.Hash.SHA224, m),
                'SHA256':    lambda m: doDSA(Crypto.Hash.SHA256, m),
                'SHA384':    lambda m: doDSA(Crypto.Hash.SHA384, m),
                'SHA512':    lambda m: doDSA(Crypto.Hash.SHA512, m),
            }})

        return OpenPGP.Message([sig, message])
Пример #2
0
    def sign_key_userid(self, packet, hash='SHA256', keyid=None):
        if isinstance(packet, list):
            packet = OpenPGP.Message(packet)
        elif not isinstance(packet, OpenPGP.Message):
            packet = OpenPGP.Message.parse(packet)

        key = self.key(keyid)
        if not key or not packet: # Missing some data
            return None

        if not keyid:
            keyid = key.fingerprint()[-16:]

        key = self.private_key(keyid)

        sig = None
        for p in packet:
            if isinstance(p, OpenPGP.SignaturePacket):
                sig = p
        if not sig:
            sig = OpenPGP.SignaturePacket(packet, 'RSA', hash.upper())
            sig.signature_type = 0x13
            sig.hashed_subpackets.append(OpenPGP.SignaturePacket.KeyFlagsPacket([0x01]))
            sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))
            packet.append(sig)

        def doDSA(h, m):
            return list(key.sign(h.new(m).digest()[0:int(Crypto.Util.number.size(key.q) / 8)],
                Crypto.Random.random.StrongRandom().randint(1,key.q-1)))

        def doRSA(h, m):
            ctx = key.signer(padding.PKCS1v15(), h())
            ctx.update(m)
            return [ctx.finalize()]

        sig.sign_data({'RSA': {
                'MD5':       lambda m: doRSA(hashes.MD5, m),
                'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m),
                'SHA1':      lambda m: doRSA(hashes.SHA1, m),
                'SHA224':    lambda m: doRSA(hashes.SHA224, m),
                'SHA256':    lambda m: doRSA(hashes.SHA256, m),
                'SHA384':    lambda m: doRSA(hashes.SHA384, m),
                'SHA512':    lambda m: doRSA(hashes.SHA512, m)
            }, 'DSA': {
                'MD5':       lambda m: doDSA(Crypto.Hash.MD5, m),
                'RIPEMD160': lambda m: doDSA(Crypto.Hash.RIPEMD, m),
                'SHA1':      lambda m: doDSA(Crypto.Hash.SHA, m),
                'SHA224':    lambda m: doDSA(Crypto.Hash.SHA224, m),
                'SHA256':    lambda m: doDSA(Crypto.Hash.SHA256, m),
                'SHA384':    lambda m: doDSA(Crypto.Hash.SHA384, m),
                'SHA512':    lambda m: doDSA(Crypto.Hash.SHA512, m),
            }})

        return packet
Пример #3
0
    def sign(self, packet, hash='SHA256', keyid=None):
        if self._key and not isinstance(packet, OpenPGP.Packet) and not isinstance(packet, OpenPGP.Message):
            packet = OpenPGP.LiteralDataPacket(packet)
        else:
            packet = self._parse_packet(packet)

        if isinstance(packet, OpenPGP.SecretKeyPacket) or isinstance(packet, RSAPrivateKey) or isinstance(packet, DSAPrivateKey) or (hasattr(packet, '__getitem__') and isinstance(packet[0], OpenPGP.SecretKeyPacket)):
            key = packet
            message = self._message
        else:
            key = self._key
            message = packet

        if not key or not message:
            return None # Missing some data

        if isinstance(message, OpenPGP.Message):
            message = message.signature_and_data()[1]

        if not (isinstance(key, RSAPrivateKey) or isinstance(key, DSAPrivateKey)):
            key = self.__class__(key)
            if not keyid:
                keyid = key.key().fingerprint()[-16:]
            key = key.private_key(keyid)

        key_algorithm = None
        if isinstance(key, RSAPrivateKey):
            key_algorithm = 'RSA'
        elif isinstance(key, DSAPrivateKey):
            key_algorithm = 'DSA'

        sig = OpenPGP.SignaturePacket(message, key_algorithm, hash.upper())

        if keyid:
            sig.hashed_subpackets.append(OpenPGP.SignaturePacket.IssuerPacket(keyid))

        def doDSA(h, m):
            ctx = key.signer(h())
            ctx.update(m)
            return list(self._decode_dsa_der(ctx.finalize()))

        def doRSA(h, m):
            ctx = key.signer(padding.PKCS1v15(), h())
            ctx.update(m)
            return [ctx.finalize()]

        sig.sign_data({'RSA': {
                'MD5':       lambda m: doRSA(hashes.MD5, m),
                'RIPEMD160': lambda m: doRSA(hashes.RIPEMD160, m),
                'SHA1':      lambda m: doRSA(hashes.SHA1, m),
                'SHA224':    lambda m: doRSA(hashes.SHA224, m),
                'SHA256':    lambda m: doRSA(hashes.SHA256, m),
                'SHA384':    lambda m: doRSA(hashes.SHA384, m),
                'SHA512':    lambda m: doRSA(hashes.SHA512, m)
            }, 'DSA': {
                'MD5':       lambda m: doDSA(hashes.MD5, m),
                'RIPEMD160': lambda m: doDSA(hashes.RIPME160, m),
                'SHA1':      lambda m: doDSA(hashes.SHA1, m),
                'SHA224':    lambda m: doDSA(hashes.SHA224, m),
                'SHA256':    lambda m: doDSA(hashes.SHA256, m),
                'SHA384':    lambda m: doDSA(hashes.SHA384, m),
                'SHA512':    lambda m: doDSA(hashes.SHA512, m)
            }})

        return OpenPGP.Message([sig, message])