avogatro2007 at googlemail.com
Mon Aug 24 20:04:19 CST 2009
>RandomPool is badly broken. Don't use it.
Thx for the hint.
I will check RandomPool and change it to some python build-in random
if that helps.
I thought the actual pycrypto use SHA-1...
make hash of the AES key with SHA2, and then sign the SHA2-hash. Is that
what you mean?
i will check the code about OAEP.
can't find it in the documentation. (but in wikipedia...)
ELGAMAL signature requires a random number k: 2<k<p-1 with GCD(k,p-1)=1
i used a fix prime. I will correct this.
ELGAMAL ist important for me, because it has no patent /copyright.
> >#################### DSA only sign
> >privatekeyCMS = DSA.generate(368, rpool.get_bytes)
> >publickeyCMS = privatekeyCMS.publickey()
> >signed_PWD = privatekeyCMS.sign(PWD,K)
> >print "identity check:\n",publickeyCMS.verify(dec_PWD,signed_PWD)
> >print "decrypted PWD from ELGAMAL:\n",dec_PWD
> PyCrypto's public key primitives are incomplete at this point, and you
> should not use them unless you are willing to read both PyCrypto's source
> code and the relevant specifications. For RSA, you need OAEP (i.e. PKCS#1
> v2.1) if you want security. For DSA, there is a hash you need to compute
> (it's not done for you automatically---see FIPS 186. For ElGamal, I'm
> pretty sure there's something too.
> That's all I'm willing to comment on a vague question about a bunch of
> uncommented demo code.
> Dwayne C. Litzenberger <dlitz at dlitz.net>
> Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
> pycrypto mailing list
> pycrypto at lists.dlitz.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pycrypto