def testD4VerifyGnuPGV3RSASig(self): """crypto.pkt2cryptokey: verify GnuPG V3 RSA one-pass signature""" rsasig_d = file('pgpfiles'+os.sep+'sig'+os.sep+'sig.RSA1.onepass.gpg').read() rsakey_d = file('pgpfiles'+os.sep+'key'+os.sep+'RSA1.pub.gpg').read() rsakeypkts, rsasigpkts = list_pkts(rsakey_d), list_pkts(rsasig_d) onepass, literal, sig = rsasigpkts[0].body, rsasigpkts[1].body, rsasigpkts[2].body key = rsakeypkts[0].body cryptokey = CRY.pkt2cryptokey(key) # grab the signature packet, see what the hashed value should be # see how it matches up with the hash fragments # the idea is to construct the hash value by hand and try to # match it up with "some" characters in gpg's do_encode_md(). # again, I *know* that this was signed using SHA1.. # "full hash prefix"? # SHA-1: 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E, # 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 # 01 PS 00 T # PS is at least 8 octets of '\xff' msg = sha.new(literal.data + sig.hashed_data).digest() prefix = '\x30\x21\x30\x09\x06\x05\x2b\x0E\x03\x02\x1A\x05\x00\x04\x14' PS = '' for i in range (90): PS += '\xff' construct = '\x00\x01' + PS + '\x00' + prefix + msg # remember to tuple-ize the signature value ret = cryptokey.verify(construct, (sig.RSA.value,)) self.assertEqual(1, ret)
def testCrtypokeyAttrs(self): """crypto.pkt2cryptokey: check DSA integer attribute equality""" key = self.keypkts[0].body cryptokey = CRY.pkt2cryptokey(key) self.assertEqual(key.DSA_p.value, cryptokey.p) self.assertEqual(key.DSA_q.value, cryptokey.q) self.assertEqual(key.DSA_y.value, cryptokey.y) self.assertEqual(key.DSA_g.value, cryptokey.g)
def testD2VerifyGnuPGV3DSASig(self): """crypto.pkt2cryptokey: verify GnuPG V3 DSA one-pass signature""" sigdata = file('pgpfiles'+os.sep+'sig'+os.sep+'sig.DSAELG1.onepass.gpg').read() pktlist = list_pkts(sigdata) lit, sig = pktlist[1].body, pktlist[2].body key = self.keypkts[0].body cryptokey = CRY.pkt2cryptokey(key) # here, I *know* that this was signed using SHA1.. msg = sha.new(lit.data + sig.hashed_data).digest() ret = cryptokey.verify(msg, (sig.DSA_r.value, sig.DSA_s.value)) self.assertEqual(1, ret)
def testA04Extract2PyCryptoDSA(self): """crypto.pkt2cryptokey: trivial DSA sign/verify with GnuPG values""" # the DSA values of a key (secret values accessible) generated by # GnuPG are being used to sign and verify a silly message, the # check being only that the public and private key values do in # fact work togther cryptokey = CRY.pkt2cryptokey(self.keypkts[0].body) sillymsg = 'test' sillykval = 100 r_s = cryptokey.sign(sillymsg, sillykval) ret = cryptokey.verify(sillymsg, r_s) self.assertEqual(1, ret)
def testD2VerifyGnuPGV3DSASig(self): """crypto.pkt2cryptokey: verify GnuPG V3 DSA one-pass signature""" sigdata = file('pgpfiles' + os.sep + 'sig' + os.sep + 'sig.DSAELG1.onepass.gpg').read() pktlist = list_pkts(sigdata) lit, sig = pktlist[1].body, pktlist[2].body key = self.keypkts[0].body cryptokey = CRY.pkt2cryptokey(key) # here, I *know* that this was signed using SHA1.. msg = sha.new(lit.data + sig.hashed_data).digest() ret = cryptokey.verify(msg, (sig.DSA_r.value, sig.DSA_s.value)) self.assertEqual(1, ret)
def testD4VerifyGnuPGV3RSASig(self): """crypto.pkt2cryptokey: verify GnuPG V3 RSA one-pass signature""" rsasig_d = file('pgpfiles' + os.sep + 'sig' + os.sep + 'sig.RSA1.onepass.gpg').read() rsakey_d = file('pgpfiles' + os.sep + 'key' + os.sep + 'RSA1.pub.gpg').read() rsakeypkts, rsasigpkts = list_pkts(rsakey_d), list_pkts(rsasig_d) onepass, literal, sig = rsasigpkts[0].body, rsasigpkts[ 1].body, rsasigpkts[2].body key = rsakeypkts[0].body cryptokey = CRY.pkt2cryptokey(key) # grab the signature packet, see what the hashed value should be # see how it matches up with the hash fragments # the idea is to construct the hash value by hand and try to # match it up with "some" characters in gpg's do_encode_md(). # again, I *know* that this was signed using SHA1.. # "full hash prefix"? # SHA-1: 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E, # 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 # 01 PS 00 T # PS is at least 8 octets of '\xff' msg = sha.new(literal.data + sig.hashed_data).digest() prefix = '\x30\x21\x30\x09\x06\x05\x2b\x0E\x03\x02\x1A\x05\x00\x04\x14' PS = '' for i in range(90): PS += '\xff' construct = '\x00\x01' + PS + '\x00' + prefix + msg # remember to tuple-ize the signature value ret = cryptokey.verify(construct, (sig.RSA.value, )) self.assertEqual(1, ret)