diff options
Diffstat (limited to 'pipermail/pycrypto/attachments/20090825/412e85b7/attachment.htm')
-rw-r--r-- | pipermail/pycrypto/attachments/20090825/412e85b7/attachment.htm | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/pipermail/pycrypto/attachments/20090825/412e85b7/attachment.htm b/pipermail/pycrypto/attachments/20090825/412e85b7/attachment.htm new file mode 100644 index 0000000..90a08d7 --- /dev/null +++ b/pipermail/pycrypto/attachments/20090825/412e85b7/attachment.htm @@ -0,0 +1,36 @@ +<tt> +&gt;RandomPool is badly broken. Don&#39;t use it.<br><br>Thx for the hint.<br>I will check RandomPool and change it to some python build-in random function,<br>if that helps.<br><br><br>About DSA:<br>I thought the actual pycrypto use SHA-1...<br><br> +make hash of the AES key with SHA2, and then sign the SHA2-hash. Is that what you mean?<br><br>About RSA:<br>i will check the code about OAEP.<br>can&#39;t find it in the documentation. (but in wikipedia...)<br><br>ELGAMAL signature requires a random number k: 2&lt;k&lt;p-1 with GCD(k,p-1)=1<br><br> +i used a fix prime. I will correct this. <br><br>ELGAMAL ist important for me, because it has no patent /copyright.<br><br><br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br> +<br> +<br><br> +<a href="http://lists.dlitz.net/pipermail/pycrypto/2009q3/000116.html" target="_blank">http://lists.dlitz.net/pipermail/pycrypto/2009q3/000116.html</a><br><br> +<br><br> +&gt;#################### DSA only sign<br><br> +<div class="im">&gt;privatekeyCMS = DSA.generate(368, rpool.get_bytes)<br><br> +&gt;publickeyCMS = privatekeyCMS.publickey()<br><br> +&gt;signed_PWD = privatekeyCMS.sign(PWD,K)<br><br> +&gt;print &quot;identity check:\n&quot;,publickeyCMS.verify(dec_PWD,signed_PWD)<br><br> +&gt;print &quot;decrypted PWD from ELGAMAL:\n&quot;,dec_PWD<br><br> +<br><br> +</div>PyCrypto&#39;s public key primitives are incomplete at this point, and you<br><br> +should not use them unless you are willing to read both PyCrypto&#39;s source<br><br> +code and the relevant specifications. For RSA, you need OAEP (i.e. PKCS#1<br><br> +v2.1) if you want security. For DSA, there is a hash you need to compute<br><br> +(it&#39;s not done for you automatically---see FIPS 186. For ElGamal, I&#39;m<br><br> +pretty sure there&#39;s something too.<br><br> +<br><br> +That&#39;s all I&#39;m willing to comment on a vague question about a bunch of<br><br> +uncommented demo code.<br><br> +<font color="#888888"><br><br> +--<br><br> +Dwayne C. Litzenberger &lt;<a href="mailto:dlitz@dlitz.net">dlitz@dlitz.net</a>&gt;<br><br> + Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7<br><br> +_______________________________________________<br><br> +pycrypto mailing list<br><br> +<a href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a><br><br> +<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto" target="_blank">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a><br><br> +</font></blockquote><br><br> +</div><br><br> + +</tt> |