M2Crypto: verifying DSA signatures

你说的曾经没有我的故事 提交于 2019-12-07 22:53:23

问题


I'm having trouble verifying DSA signatures using Python/M2Crypto. The signatures are generated in Java, using standard java.security.Signature class, with Sun's crypto provider and SHA1withDSA algorithm designation.

Here's some shell output:

>>> pk
<M2Crypto.DSA.DSA_pub instance at 0x20b6a28>
>>> sig = '302c02141c4bbb218215ebfec57288059ce814dc430d849502144dd0c581bf2213aff79d17eb37c939e120a97bd2'.decode('hex')
>>> data ='0501...9794'.decode('hex')
>>> pk.verify_asn1(sig, data)
------------------------------------------------------------
Traceback (most recent call last):
    ...
DSAError: wrong tag

The signature value seems OK to me, it looks like a proper ASN.1 encoded sequence of two integers (0x302c designates a 44-byte sequence, and 0x0214 designates a 20-byte integer), which is the standard encoding of DSA signatures.

Since the DSA_pub.verify_asn1 method isn't even documented, I also tried using the documented DSA_pub.verify method, but still no cigar:

>>> r = sig[4:24]
>>> s = sig[26:]
>>> md = sha1(data).digest()
>>> pk.verify(md, r, s)
------------------------------------------------------------
Traceback (most recent call last):
    ...
DSAError: encoding error

The docs state that all the parameters should be "byte strings", but the verify method somehow manages to raise an encoding error. I also tried reversing r and s, to check for potential endianness problems but that didn't help.

What am I doing wrong?


回答1:


Found a solution in the tests: http://svn.osafoundation.org/m2crypto/trunk/tests/test_dsa.py

The verify_asn1 method should be used as follows:

>>> pk.verify_asn1(sha1(data).digest(), sig)


来源:https://stackoverflow.com/questions/3454523/m2crypto-verifying-dsa-signatures

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!