def testD4VerifyGnuPGV3RSASig(self):
"""crypto.pkt2cryptokey: verify GnuPG V3 RSA one-pass signature"""
rsasig_d = file('pgpfiles'+os.sep+'sig'+os.sep+'sig.RSA1.onepass.gpg').read()
rsakey_d = file('pgpfiles'+os.sep+'key'+os.sep+'RSA1.pub.gpg').read()
rsakeypkts, rsasigpkts = list_pkts(rsakey_d), list_pkts(rsasig_d)
onepass, literal, sig = rsasigpkts[0].body, rsasigpkts[1].body, rsasigpkts[2].body
key = rsakeypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
# grab the signature packet, see what the hashed value should be
# see how it matches up with the hash fragments
# the idea is to construct the hash value by hand and try to
# match it up with "some" characters in gpg's do_encode_md().
# again, I *know* that this was signed using SHA1..
# "full hash prefix"?
# SHA-1: 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E,
# 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14
# 01 PS 00 T
# PS is at least 8 octets of '\xff'
msg = sha.new(literal.data + sig.hashed_data).digest()
prefix = '\x30\x21\x30\x09\x06\x05\x2b\x0E\x03\x02\x1A\x05\x00\x04\x14'
PS = ''
for i in range (90):
PS += '\xff'
construct = '\x00\x01' + PS + '\x00' + prefix + msg
# remember to tuple-ize the signature value
ret = cryptokey.verify(construct, (sig.RSA.value,))
self.assertEqual(1, ret)
def testCrtypokeyAttrs(self):
"""crypto.pkt2cryptokey: check DSA integer attribute equality"""
key = self.keypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
self.assertEqual(key.DSA_p.value, cryptokey.p)
self.assertEqual(key.DSA_q.value, cryptokey.q)
self.assertEqual(key.DSA_y.value, cryptokey.y)
self.assertEqual(key.DSA_g.value, cryptokey.g)
def testCrtypokeyAttrs(self):
"""crypto.pkt2cryptokey: check DSA integer attribute equality"""
key = self.keypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
self.assertEqual(key.DSA_p.value, cryptokey.p)
self.assertEqual(key.DSA_q.value, cryptokey.q)
self.assertEqual(key.DSA_y.value, cryptokey.y)
self.assertEqual(key.DSA_g.value, cryptokey.g)
def testD2VerifyGnuPGV3DSASig(self):
"""crypto.pkt2cryptokey: verify GnuPG V3 DSA one-pass signature"""
sigdata = file('pgpfiles'+os.sep+'sig'+os.sep+'sig.DSAELG1.onepass.gpg').read()
pktlist = list_pkts(sigdata)
lit, sig = pktlist[1].body, pktlist[2].body
key = self.keypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
# here, I *know* that this was signed using SHA1..
msg = sha.new(lit.data + sig.hashed_data).digest()
ret = cryptokey.verify(msg, (sig.DSA_r.value, sig.DSA_s.value))
self.assertEqual(1, ret)
def testA04Extract2PyCryptoDSA(self):
"""crypto.pkt2cryptokey: trivial DSA sign/verify with GnuPG values"""
# the DSA values of a key (secret values accessible) generated by
# GnuPG are being used to sign and verify a silly message, the
# check being only that the public and private key values do in
# fact work togther
cryptokey = CRY.pkt2cryptokey(self.keypkts[0].body)
sillymsg = 'test'
sillykval = 100
r_s = cryptokey.sign(sillymsg, sillykval)
ret = cryptokey.verify(sillymsg, r_s)
self.assertEqual(1, ret)
def testD2VerifyGnuPGV3DSASig(self):
"""crypto.pkt2cryptokey: verify GnuPG V3 DSA one-pass signature"""
sigdata = file('pgpfiles' + os.sep + 'sig' + os.sep +
'sig.DSAELG1.onepass.gpg').read()
pktlist = list_pkts(sigdata)
lit, sig = pktlist[1].body, pktlist[2].body
key = self.keypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
# here, I *know* that this was signed using SHA1..
msg = sha.new(lit.data + sig.hashed_data).digest()
ret = cryptokey.verify(msg, (sig.DSA_r.value, sig.DSA_s.value))
self.assertEqual(1, ret)
def testA04Extract2PyCryptoDSA(self):
"""crypto.pkt2cryptokey: trivial DSA sign/verify with GnuPG values"""
# the DSA values of a key (secret values accessible) generated by
# GnuPG are being used to sign and verify a silly message, the
# check being only that the public and private key values do in
# fact work togther
cryptokey = CRY.pkt2cryptokey(self.keypkts[0].body)
sillymsg = 'test'
sillykval = 100
r_s = cryptokey.sign(sillymsg, sillykval)
ret = cryptokey.verify(sillymsg, r_s)
self.assertEqual(1, ret)
def testD4VerifyGnuPGV3RSASig(self):
"""crypto.pkt2cryptokey: verify GnuPG V3 RSA one-pass signature"""
rsasig_d = file('pgpfiles' + os.sep + 'sig' + os.sep +
'sig.RSA1.onepass.gpg').read()
rsakey_d = file('pgpfiles' + os.sep + 'key' + os.sep +
'RSA1.pub.gpg').read()
rsakeypkts, rsasigpkts = list_pkts(rsakey_d), list_pkts(rsasig_d)
onepass, literal, sig = rsasigpkts[0].body, rsasigpkts[
1].body, rsasigpkts[2].body
key = rsakeypkts[0].body
cryptokey = CRY.pkt2cryptokey(key)
# grab the signature packet, see what the hashed value should be
# see how it matches up with the hash fragments
# the idea is to construct the hash value by hand and try to
# match it up with "some" characters in gpg's do_encode_md().
# again, I *know* that this was signed using SHA1..
# "full hash prefix"?
# SHA-1: 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E,
# 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14
# 01 PS 00 T
# PS is at least 8 octets of '\xff'
msg = sha.new(literal.data + sig.hashed_data).digest()
prefix = '\x30\x21\x30\x09\x06\x05\x2b\x0E\x03\x02\x1A\x05\x00\x04\x14'
PS = ''
for i in range(90):
PS += '\xff'
construct = '\x00\x01' + PS + '\x00' + prefix + msg
# remember to tuple-ize the signature value
ret = cryptokey.verify(construct, (sig.RSA.value, ))
self.assertEqual(1, ret)
