[pycrypto] example
Dwayne C. Litzenberger
dlitz at dlitz.net
Mon Aug 24 17:15:56 CST 2009
On Mon, Aug 24, 2009 at 04:52:26PM +0200, avo ga wrote:
>#################### RSA
>print "\n=====RSA 368 Demo====="
>from Crypto.PublicKey import RSA
>from Crypto.Util.randpool import RandomPool
>rpool = RandomPool()
>
>privatekeyCMS = RSA.generate(368, rpool.get_bytes)
>privatekeyClient = RSA.generate(368, rpool.get_bytes)
RandomPool is badly broken. Don't use it.
http://lists.dlitz.net/pipermail/pycrypto/2009q3/000116.html
>#################### DSA only sign
>privatekeyCMS = DSA.generate(368, rpool.get_bytes)
>publickeyCMS = privatekeyCMS.publickey()
>signed_PWD = privatekeyCMS.sign(PWD,K)
>print "identity check:\n",publickeyCMS.verify(dec_PWD,signed_PWD)
>print "decrypted PWD from ELGAMAL:\n",dec_PWD
PyCrypto's public key primitives are incomplete at this point, and you
should not use them unless you are willing to read both PyCrypto's source
code and the relevant specifications. For RSA, you need OAEP (i.e. PKCS#1
v2.1) if you want security. For DSA, there is a hash you need to compute
(it's not done for you automatically---see FIPS 186. For ElGamal, I'm
pretty sure there's something too.
That's all I'm willing to comment on a vague question about a bunch of
uncommented demo code.
--
Dwayne C. Litzenberger <dlitz at dlitz.net>
Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
More information about the pycrypto
mailing list