I've run into a situation where verifying signatures against a key is throwing "Plaintext too large". I've attached the code that I'm using. Run against the stock pycrypto install, I get:==> ./check_rsa.pyCrypto version = 2.6.1Generating 15 keys....done Sig V Key > Sig > Key V+-E--EEE----E-E f= 8 e= 6 +-------------- f=14 e= 0 -+------------- f=14 e= 0 -+------------- f=14 e= 0 --+------------ f=14 e= 0 E-+----------E- f=12 e= 2 ---+----------- f=14 e= 0 ---+----------- f=14 e= 0 ----+---------- f=14 e= 0 ----+---------- f=14 e= 0 -----+--------- f=14 e= 0 E----+----E--E- f=11 e= 3 ------+-------- f=14 e= 0 E-----+------E- f=12 e= 2 -------+------- f=14 e= 0 E------+------- f=13 e= 1 --------+------ f=14 e= 0 --------+------ f=14 e= 0 ---------+----- f=14 e= 0 ---------+----- f=14 e= 0 -----E----+---- f=13 e= 1 ----------+---- f=14 e= 0 -----------+--- f=14 e= 0 -----------+--- f=14 e= 0 ------------+-- f=14 e= 0 E-----------+-- f=13 e= 1 --E--EE------+E f=10 e= 4 -------------+- f=14 e= 0 --------------+ f=14 e= 0 E------------E+ f=12 e= 2 ==> + means that the signature was verified, - means that verification failed and E means that the code caught "Plaintext too large". So I grabbed the pycrypto sources, compiled the package and ran the tests there:(crypto)==> ./check_rsa.pyCrypto version = 2.6.1Generating 15 keys....done Sig V Key > Sig > Key V+-------------- f=14 e= 0 +-------------- f=14 e= 0 -+------------- f=14 e= 0 -+------------- f=14 e= 0 --+------------ f=14 e= 0 --+------------ f=14 e= 0 ---+----------- f=14 e= 0 ---+----------- f=14 e= 0 ----+---------- f=14 e= 0 ----+---------- f=14 e= 0 -----+--------- f=14 e= 0 -----+--------- f=14 e= 0 ------+-------- f=14 e= 0 ------+-------- f=14 e= 0 -------+------- f=14 e= 0 -------+------- f=14 e= 0 --------+------ f=14 e= 0 --------+------ f=14 e= 0 ---------+----- f=14 e= 0 ---------+----- f=14 e= 0 ----------+---- f=14 e= 0 ----------+---- f=14 e= 0 -----------+--- f=14 e= 0 -----------+--- f=14 e= 0 ------------+-- f=14 e= 0 ------------+-- f=14 e= 0 -------------+- f=14 e= 0 -------------+- f=14 e= 0 --------------+ f=14 e= 0 --------------+ f=14 e= 0 (crypto)==>
==> dpkg -p python-cryptoPackage: python-cryptoPriority: optionalSection: pythonInstalled-Size: 1384Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>Architecture: amd64Version: 2.6.1-4build1Provides: python2.7-cryptoDepends: python (<< 2.8), python (>= 2.7~), python:any (>= 2.7.5-5~), libc6 (>= 2.14), libgmp10Suggests: python-crypto-dbg, python-crypto-docBreaks: python-keyring (<= 0.7.1-1)Size: 239394Description: cryptographic algorithms and protocols for Python A collection of cryptographic algorithms and protocols, implemented for use from Python. Among the contents of the package: . * Hash functions: HMAC, MD2, MD4, MD5, RIPEMD160, SHA, SHA256. * Block encryption algorithms: AES, ARC2, Blowfish, CAST, DES, Triple-DES. * Stream encryption algorithms: ARC4, simple XOR. * Public-key algorithms: RSA, DSA, ElGamal. * Protocols: All-or-nothing transforms, chaffing/winnowing. * Miscellaneous: RFC1751 module for converting 128-bit keys into a set of English words, primality testing, random number generation.Original-Maintainer: Sebastian Ramacher <sramac...@debian.org>Homepage: http://www.pycrypto.org/ Any thoughts on why there's a difference between the two installs? Thanks,Bryan
#! /usr/bin/env python import Crypto from Crypto.PublicKey import RSA from Crypto.Signature import PKCS1_v1_5 from Crypto.Hash import SHA256 from base64 import b64encode, b64decode import sys import pprint import time def printnow(msg): sys.stdout.write(msg) sys.stdout.flush() printnow('Crypto version = %s\n' %Crypto.__version__) def doit(limit): nlimit = len(str(limit)) digest = SHA256.new() digest.update('This is a test') keys = [] printnow('Generating %d keys....' % limit) for i in range(0, limit): key = RSA.generate(2048) signer = PKCS1_v1_5.new(key) sign = signer.sign(digest) pubkey = RSA.importKey(key.publickey().exportKey()) checker = PKCS1_v1_5.new(pubkey) keys.append(dict(key=key, signer=signer, sign=sign, pubkey=pubkey, checker=checker)) printnow('done\n') indent = 8+(2*nlimit) if limit < 6: indent = 1 printnow('%*s%s%*s' % (limit, 'Sig V Key >', ' '*indent, limit, 'Sig > Key V\n')) for i in range(0, limit): p = 0 f = 0 e = 0 for j in range(0, limit): try: if keys[j]['checker'].verify(digest, keys[i]['sign']): printnow('+') p += 1 else: printnow('-') f += 1 except ValueError: printnow('E') e += 1 assert p == 1 printnow(' f=%*d e=%*d ' % (nlimit, f, nlimit, e)) p = 0 f = 0 e = 0 for j in range(0, limit): try: if keys[i]['checker'].verify(digest, keys[j]['sign']): printnow('+') p += 1 else: printnow('-') f += 1 except: printnow('E') e += 1 assert p == 1 printnow(' f=%*d e=%*d ' % (nlimit, f, nlimit, e)) printnow('\n') limit = 15 if len(sys.argv) > 1: limit = int(sys.argv[1]) doit(limit)
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss