I've run into a situation where verifying signatures against a key is throwing
"Plaintext too large".
I've attached the code that I'm using.
Run against the stock pycrypto install, I get:==> ./check_rsa.pyCrypto version
= 2.6.1Generating 15 keys....done Sig V Key > Sig > Key
V+-E--EEE----E-E f= 8 e= 6 +-------------- f=14 e= 0 -+------------- f=14 e= 0
-+------------- f=14 e= 0 --+------------ f=14 e= 0 E-+----------E- f=12 e= 2
---+----------- f=14 e= 0 ---+----------- f=14 e= 0 ----+---------- f=14 e= 0
----+---------- f=14 e= 0 -----+--------- f=14 e= 0 E----+----E--E- f=11 e= 3
------+-------- f=14 e= 0 E-----+------E- f=12 e= 2 -------+------- f=14 e= 0
E------+------- f=13 e= 1 --------+------ f=14 e= 0 --------+------ f=14 e= 0
---------+----- f=14 e= 0 ---------+----- f=14 e= 0 -----E----+---- f=13 e= 1
----------+---- f=14 e= 0 -----------+--- f=14 e= 0 -----------+--- f=14 e= 0
------------+-- f=14 e= 0 E-----------+-- f=13 e= 1 --E--EE------+E f=10 e= 4
-------------+- f=14 e= 0 --------------+ f=14 e= 0 E------------E+ f=12 e= 2
==>
+ means that the signature was verified, - means that verification failed and E
means that the code caught "Plaintext too large".
So I grabbed the pycrypto sources, compiled the package and ran the tests
there:(crypto)==> ./check_rsa.pyCrypto version = 2.6.1Generating 15
keys....done Sig V Key > Sig > Key V+-------------- f=14 e= 0
+-------------- f=14 e= 0 -+------------- f=14 e= 0 -+------------- f=14 e= 0
--+------------ f=14 e= 0 --+------------ f=14 e= 0 ---+----------- f=14 e= 0
---+----------- f=14 e= 0 ----+---------- f=14 e= 0 ----+---------- f=14 e= 0
-----+--------- f=14 e= 0 -----+--------- f=14 e= 0 ------+-------- f=14 e= 0
------+-------- f=14 e= 0 -------+------- f=14 e= 0 -------+------- f=14 e= 0
--------+------ f=14 e= 0 --------+------ f=14 e= 0 ---------+----- f=14 e= 0
---------+----- f=14 e= 0 ----------+---- f=14 e= 0 ----------+---- f=14 e= 0
-----------+--- f=14 e= 0 -----------+--- f=14 e= 0 ------------+-- f=14 e= 0
------------+-- f=14 e= 0 -------------+- f=14 e= 0 -------------+- f=14 e= 0
--------------+ f=14 e= 0 --------------+ f=14 e= 0 (crypto)==>
==> dpkg -p python-cryptoPackage: python-cryptoPriority: optionalSection:
pythonInstalled-Size: 1384Maintainer: Ubuntu Developers
<ubuntu-devel-discuss@lists.ubuntu.com>Architecture: amd64Version:
2.6.1-4build1Provides: python2.7-cryptoDepends: python (<< 2.8), python (>=
2.7~), python:any (>= 2.7.5-5~), libc6 (>= 2.14), libgmp10Suggests:
python-crypto-dbg, python-crypto-docBreaks: python-keyring (<= 0.7.1-1)Size:
239394Description: cryptographic algorithms and protocols for Python A
collection of cryptographic algorithms and protocols, implemented for use from
Python. Among the contents of the package: . * Hash functions: HMAC, MD2, MD4,
MD5, RIPEMD160, SHA, SHA256. * Block encryption algorithms: AES, ARC2,
Blowfish, CAST, DES, Triple-DES. * Stream encryption algorithms: ARC4, simple
XOR. * Public-key algorithms: RSA, DSA, ElGamal. * Protocols: All-or-nothing
transforms, chaffing/winnowing. * Miscellaneous: RFC1751 module for converting
128-bit keys into a set of English words, primality testing, random number
generation.Original-Maintainer: Sebastian Ramacher
<sramac...@debian.org>Homepage: http://www.pycrypto.org/
Any thoughts on why there's a difference between the two installs?
Thanks,Bryan
#! /usr/bin/env python
import Crypto
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from base64 import b64encode, b64decode
import sys
import pprint
import time
def printnow(msg):
sys.stdout.write(msg)
sys.stdout.flush()
printnow('Crypto version = %s\n' %Crypto.__version__)
def doit(limit):
nlimit = len(str(limit))
digest = SHA256.new()
digest.update('This is a test')
keys = []
printnow('Generating %d keys....' % limit)
for i in range(0, limit):
key = RSA.generate(2048)
signer = PKCS1_v1_5.new(key)
sign = signer.sign(digest)
pubkey = RSA.importKey(key.publickey().exportKey())
checker = PKCS1_v1_5.new(pubkey)
keys.append(dict(key=key, signer=signer, sign=sign, pubkey=pubkey, checker=checker))
printnow('done\n')
indent = 8+(2*nlimit)
if limit < 6:
indent = 1
printnow('%*s%s%*s' % (limit, 'Sig V Key >', ' '*indent, limit, 'Sig > Key V\n'))
for i in range(0, limit):
p = 0
f = 0
e = 0
for j in range(0, limit):
try:
if keys[j]['checker'].verify(digest, keys[i]['sign']):
printnow('+')
p += 1
else:
printnow('-')
f += 1
except ValueError:
printnow('E')
e += 1
assert p == 1
printnow(' f=%*d e=%*d ' % (nlimit, f, nlimit, e))
p = 0
f = 0
e = 0
for j in range(0, limit):
try:
if keys[i]['checker'].verify(digest, keys[j]['sign']):
printnow('+')
p += 1
else:
printnow('-')
f += 1
except:
printnow('E')
e += 1
assert p == 1
printnow(' f=%*d e=%*d ' % (nlimit, f, nlimit, e))
printnow('\n')
limit = 15
if len(sys.argv) > 1:
limit = int(sys.argv[1])
doit(limit)
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
