attachment.html\87e21505\20140406\attachments\pycrypto\pipermail - delta/python-packages/pycrypto.git

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

<tt>
&lt;div&nbsp;dir=&quot;ltr&quot;&gt;&lt;div&gt;&lt;div&gt;&lt;div&gt;How&nbsp;was&nbsp;the&nbsp;signature&nbsp;created&nbsp;exactly?&lt;br&gt;&lt;br&gt;&lt;/div&gt;The&nbsp;.verify()&nbsp;method&nbsp;of&nbsp;a&nbsp;DSA&nbsp;object&nbsp;requires&nbsp;two&nbsp;integers,&nbsp;and&nbsp;there&nbsp;are&nbsp;several&nbsp;ways&nbsp;to&nbsp;encode&nbsp;them&nbsp;into&nbsp;a&nbsp;bytestring.&nbsp;It&#39;s&nbsp;very&nbsp;hard&nbsp;to&nbsp;guess&nbsp;the&nbsp;correct&nbsp;one&nbsp;for&nbsp;your&nbsp;case.&lt;br&gt;<br>
&lt;br&gt;&lt;/div&gt;FYI,&nbsp;there&nbsp;is&nbsp;a&nbsp;long&nbsp;standing&nbsp;pull&nbsp;request&nbsp;I&nbsp;created&nbsp;to&nbsp;add&nbsp;a&nbsp;saner&nbsp;DSA&nbsp;API:&lt;br&gt;&lt;br&gt;&lt;a&nbsp;href=&quot;https://github.com/dlitz/pycrypto/pull/53&quot;&gt;https://github.com/dlitz/pycrypto/pull/53&lt;/a&gt;&lt;br&gt;&lt;br&gt;&lt;/div&gt;The&nbsp;verification&nbsp;method&nbsp;accepts&nbsp;DER&nbsp;or&nbsp;big-endian&nbsp;encoded&nbsp;signatures.&lt;br&gt;<br>
&lt;div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;/div&gt;&lt;/div&gt;&lt;div&nbsp;class=&quot;gmail_extra&quot;&gt;&lt;br&gt;&lt;br&gt;&lt;div&nbsp;class=&quot;gmail_quote&quot;&gt;2014-04-05&nbsp;21:03&nbsp;GMT+02:00&nbsp;Winston&nbsp;Weinert&nbsp;&lt;span&nbsp;dir=&quot;ltr&quot;&gt;&lt;&lt;a&nbsp;href=&quot;mailto:winston@ml1.net&quot;&nbsp;target=&quot;_blank&quot;&gt;winston@ml1.net&lt;/a&gt;&gt;&lt;/span&gt;:&lt;br&gt;<br>
&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0&nbsp;0&nbsp;0&nbsp;.8ex;border-left:1px&nbsp;#ccc&nbsp;solid;padding-left:1ex&quot;&gt;Hello,&lt;br&gt;<br>
&lt;br&gt;<br>
I&nbsp;noticed&nbsp;in&nbsp;Git&nbsp;there&nbsp;is&nbsp;a&nbsp;&ldquo;verify&rdquo;&nbsp;method&nbsp;on&nbsp;Crypto.PublicKey.DSA.&nbsp;How&nbsp;do&lt;br&gt;<br>
I&nbsp;go&nbsp;about&nbsp;using&nbsp;this&nbsp;method?&nbsp;It&nbsp;wants&nbsp;a&nbsp;tuple,&nbsp;but&nbsp;unsure&nbsp;how&nbsp;to&nbsp;create&lt;br&gt;<br>
the&nbsp;appropriate&nbsp;tuple&nbsp;from&nbsp;my&nbsp;bytestring&nbsp;(which&nbsp;is&nbsp;decoded&nbsp;base64&nbsp;text).&lt;br&gt;<br>
This&nbsp;is&nbsp;git&nbsp;revision&nbsp;2d1aecd.&nbsp;The&nbsp;relevant&nbsp;code&nbsp;and&nbsp;error:&lt;br&gt;<br>
&lt;br&gt;<br>
Code:&lt;br&gt;<br>
&lt;br&gt;<br>
def&nbsp;validate(dsa_pubkey,&nbsp;signature,&nbsp;zipfile):&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;with&nbsp;open(dsa_pubkey,&nbsp;&#39;rb&#39;)&nbsp;as&nbsp;f:&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pubkey&nbsp;=&nbsp;DSA.importKey(f.read())&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;with&nbsp;open(zipfile,&nbsp;&#39;rb&#39;)&nbsp;as&nbsp;f:&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;h&nbsp;=&nbsp;SHA1.new()&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;h.update(f.read())&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;zipfile_digest&nbsp;=&nbsp;h.digest()&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;decoded_signature&nbsp;=&nbsp;base64.b64decode(signature)&lt;br&gt;<br>
&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;pubkey.verify(zipfile_digest,&nbsp;decoded_signature)&lt;br&gt;<br>
&lt;br&gt;<br>
Error:&lt;br&gt;<br>
&lt;br&gt;<br>
Traceback&nbsp;(most&nbsp;recent&nbsp;call&nbsp;last):&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;sparkle_tool.py&quot;,&nbsp;line&nbsp;67,&nbsp;in&nbsp;&lt;module&gt;&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;validate_files(appcast,&nbsp;dsa_pubkey)&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;sparkle_tool.py&quot;,&nbsp;line&nbsp;55,&nbsp;in&nbsp;validate_files&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;if&nbsp;validate(dsa_pubkey,&nbsp;signature,&nbsp;local_file):&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;sparkle_tool.py&quot;,&nbsp;line&nbsp;33,&nbsp;in&nbsp;validate&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;pubkey.verify(zipfile_digest,&nbsp;decoded_signature)&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/DSA.py&quot;,&nbsp;line&nbsp;222,&nbsp;in&nbsp;verify&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;pubkey.pubkey.verify(self,&nbsp;M,&nbsp;signature)&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/pubkey.py&quot;,&nbsp;line&nbsp;126,&nbsp;in&nbsp;verify&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;self._verify(M,&nbsp;signature)&lt;br&gt;<br>
&nbsp;&nbsp;File&nbsp;&quot;/home/winston/jobber/venv/local/lib/python2.7/site-packages/Crypto/PublicKey/DSA.py&quot;,&nbsp;line&nbsp;240,&nbsp;in&nbsp;_verify&lt;br&gt;<br>
&nbsp;&nbsp;&nbsp;&nbsp;(r,&nbsp;s)&nbsp;=&nbsp;sig&lt;br&gt;<br>
ValueError:&nbsp;too&nbsp;many&nbsp;values&nbsp;to&nbsp;unpack&lt;br&gt;<br>
&lt;br&gt;<br>
Thanks&nbsp;a&nbsp;bunch!&lt;br&gt;<br>
&mdash;&lt;br&gt;<br>
&lt;span&nbsp;class=&quot;HOEnZb&quot;&gt;&lt;font&nbsp;color=&quot;#888888&quot;&gt;Winston&nbsp;Weinert&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;mailto:winston@ml1.net&quot;&gt;winston@ml1.net&lt;/a&gt;&lt;br&gt;<br>
_______________________________________________&lt;br&gt;<br>
pycrypto&nbsp;mailing&nbsp;list&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;mailto:pycrypto@lists.dlitz.net&quot;&gt;pycrypto@lists.dlitz.net&lt;/a&gt;&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto&quot;&nbsp;target=&quot;_blank&quot;&gt;http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto&lt;/a&gt;&lt;br&gt;<br>
&lt;/font&gt;&lt;/span&gt;&lt;/blockquote&gt;&lt;/div&gt;&lt;br&gt;&lt;/div&gt;<br>

</tt>