1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] Verify DSA bytestring signature
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Verify%20DSA%20bytestring%20signature&In-Reply-To=%3CCAGfyce2TeM5cwUcmHc6a8R6ZRRsFiCtkBJ-n5cNuBXx4NwZ_7g%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000791.html">
<LINK REL="Next" HREF="000793.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] Verify DSA bytestring signature</H1>
<B>Legrandin</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Verify%20DSA%20bytestring%20signature&In-Reply-To=%3CCAGfyce2TeM5cwUcmHc6a8R6ZRRsFiCtkBJ-n5cNuBXx4NwZ_7g%40mail.gmail.com%3E"
TITLE="[pycrypto] Verify DSA bytestring signature">helderijs at gmail.com
</A><BR>
<I>Sun Apr 6 02:50:53 PDT 2014</I>
<P><UL>
<LI>Previous message: <A HREF="000791.html">[pycrypto] Verify DSA bytestring signature
</A></li>
<LI>Next message: <A HREF="000793.html">[pycrypto] Verify DSA bytestring signature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#792">[ date ]</a>
<a href="thread.html#792">[ thread ]</a>
<a href="subject.html#792">[ subject ]</a>
<a href="author.html#792">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>How was the signature created exactly?
The .verify() method of a DSA object requires two integers, and there are
several ways to encode them into a bytestring. It's very hard to guess the
correct one for your case.
FYI, there is a long standing pull request I created to add a saner DSA API:
<A HREF="https://github.com/dlitz/pycrypto/pull/53">https://github.com/dlitz/pycrypto/pull/53</A>
The verification method accepts DER or big-endian encoded signatures.
2014-04-05 21:03 GMT+02:00 Winston Weinert <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">winston at ml1.net</A>>:
><i> Hello,
</I>><i>
</I>><i> I noticed in Git there is a "verify" method on Crypto.PublicKey.DSA. How do
</I>><i> I go about using this method? It wants a tuple, but unsure how to create
</I>><i> the appropriate tuple from my bytestring (which is decoded base64 text).
</I>><i> This is git revision 2d1aecd. The relevant code and error:
</I>><i>
</I>><i> Code:
</I>><i>
</I>><i> def validate(dsa_pubkey, signature, zipfile):
</I>><i> with open(dsa_pubkey, 'rb') as f:
</I>><i> pubkey = DSA.importKey(f.read())
</I>><i> with open(zipfile, 'rb') as f:
</I>><i> h = SHA1.new()
</I>><i> h.update(f.read())
</I>><i> zipfile_digest = h.digest()
</I>><i> decoded_signature = base64.b64decode(signature)
</I>><i>
</I>><i> return pubkey.verify(zipfile_digest, decoded_signature)
</I>><i>
</I>><i> Error:
</I>><i>
</I>><i> Traceback (most recent call last):
</I>><i> File "sparkle_tool.py", line 67, in <module>
</I>><i> validate_files(appcast, dsa_pubkey)
</I>><i> File "sparkle_tool.py", line 55, in validate_files
</I>><i> if validate(dsa_pubkey, signature, local_file):
</I>><i> File "sparkle_tool.py", line 33, in validate
</I>><i> return pubkey.verify(zipfile_digest, decoded_signature)
</I>><i> File
</I>><i> "/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/DSA.py",
</I>><i> line 222, in verify
</I>><i> return pubkey.pubkey.verify(self, M, signature)
</I>><i> File
</I>><i> "/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/pubkey.py",
</I>><i> line 126, in verify
</I>><i> return self._verify(M, signature)
</I>><i> File
</I>><i> "/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/DSA.py",
</I>><i> line 240, in _verify
</I>><i> (r, s) = sig
</I>><i> ValueError: too many values to unpack
</I>><i>
</I>><i> Thanks a bunch!
</I>><i> --
</I>><i> Winston Weinert
</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">winston at ml1.net</A>
</I>><i> _______________________________________________
</I>><i> pycrypto mailing list
</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">pycrypto at lists.dlitz.net</A>
</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</A>
</I>><i>
</I>-------------- next part --------------
An HTML attachment was scrubbed...
URL: <<A HREF="http://lists.dlitz.net/pipermail/pycrypto/attachments/20140406/87e21505/attachment.html">http://lists.dlitz.net/pipermail/pycrypto/attachments/20140406/87e21505/attachment.html</A>>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000791.html">[pycrypto] Verify DSA bytestring signature
</A></li>
<LI>Next message: <A HREF="000793.html">[pycrypto] Verify DSA bytestring signature
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#792">[ date ]</a>
<a href="thread.html#792">[ thread ]</a>
<a href="subject.html#792">[ subject ]</a>
<a href="author.html#792">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|
