本文整理汇总了Python中cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature方法的典型用法代码示例。如果您正苦于以下问题:Python utils.decode_dss_signature方法的具体用法?Python utils.decode_dss_signature怎么用?Python utils.decode_dss_signature使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.hazmat.primitives.asymmetric.utils
的用法示例。
在下文中一共展示了utils.decode_dss_signature方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: sign_digest
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def sign_digest(hash_hex, privkey_hex, hashfunc=hashlib.sha256):
"""
Given a digest and a private key, sign it.
Return the base64-encoded signature
"""
if not isinstance(hash_hex, (str, unicode)):
raise ValueError("hash hex is not a string")
hash_hex = str(hash_hex)
pk_i = decode_privkey_hex(privkey_hex)
privk = ec.derive_private_key(pk_i, ec.SECP256K1(), default_backend())
sig = privk.sign(hash_hex.decode('hex'), ec.ECDSA(utils.Prehashed(hashes.SHA256())))
sig_r, sig_s = decode_dss_signature(sig)
sigb64 = encode_signature(sig_r, sig_s)
return sigb64
示例2: from_bytes
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def from_bytes(cls,
signature_as_bytes: bytes,
der_encoded: bool = False,
curve: Optional[Curve] = None) -> 'Signature':
curve = curve if curve is not None else default_curve()
if der_encoded:
r, s = utils.decode_dss_signature(signature_as_bytes)
else:
expected_len = cls.expected_bytes_length(curve)
if not len(signature_as_bytes) == expected_len:
raise ValueError("Looking for exactly {} bytes if you call from_bytes \
with der_encoded=False and curve={}.".format(expected_len, curve))
else:
r = int.from_bytes(signature_as_bytes[:(expected_len//2)], "big")
s = int.from_bytes(signature_as_bytes[(expected_len//2):], "big")
return cls(CurveBN.from_int(r, curve), CurveBN.from_int(s, curve))
示例3: sign
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def sign(self, key, payload):
skey = key.get_op_key('sign', self._curve)
signature = skey.sign(payload, ec.ECDSA(self.hashfn))
r, s = ec_utils.decode_dss_signature(signature)
size = key.get_curve(self._curve).key_size
return _encode_int(r, size) + _encode_int(s, size)
示例4: dsa_der_to_plain
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def dsa_der_to_plain(signature):
r, s = utils.decode_dss_signature(signature)
r = hex(r)[2:]
if len(r) < 64:
r = '0' * (64 - len(r)) + r
s = hex(s)[2:]
if len(s) < 64:
s = '0' * (64 - len(s)) + s
return r + s
示例5: _ecc_static_length_signature
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def _ecc_static_length_signature(key, algorithm, digest):
"""Calculates an elliptic curve signature with a static length using pre-calculated hash.
:param key: Elliptic curve private key
:type key: cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey
:param algorithm: Master algorithm to use
:type algorithm: aws_encryption_sdk.identifiers.Algorithm
:param bytes digest: Pre-calculated hash digest
:returns: Signature with required length
:rtype: bytes
"""
pre_hashed_algorithm = ec.ECDSA(Prehashed(algorithm.signing_hash_type()))
signature = b""
while len(signature) != algorithm.signature_len:
_LOGGER.debug(
"Signature length %d is not desired length %d. Recalculating.", len(signature), algorithm.signature_len
)
signature = key.sign(digest, pre_hashed_algorithm)
if len(signature) != algorithm.signature_len:
# Most of the time, a signature of the wrong length can be fixed
# by negating s in the signature relative to the group order.
_LOGGER.debug(
"Signature length %d is not desired length %d. Negating s.", len(signature), algorithm.signature_len
)
r, s = decode_dss_signature(signature)
s = _ECC_CURVE_PARAMETERS[algorithm.signing_algorithm_info.name].order - s
signature = encode_dss_signature(r, s)
return signature
示例6: signature
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def signature(self, msg):
"""
Create a signature for a message in a backwards compatible fashion
:param msg: the message to sign
"""
# Create the pyca signature
if NEW_CRYPTOGRAPHY_SIGN_VERSION:
signature = self.ec.sign(msg, ec.ECDSA(hashes.SHA1()))
else:
signer = self.ec.signer(ec.ECDSA(hashes.SHA1()))
signer.update(msg)
signature = signer.finalize()
# Decode the DSS r and s variables from the pyca signature
# We are going to turn these longs into (binary) string format
r, s = decode_dss_signature(signature)
# Convert the r and s to a valid hex representation
r = hex(r).rstrip("L").lstrip("0x") or "0"
s = hex(s).rstrip("L").lstrip("0x") or "0"
# We want bytes: one byte is two nibbles:
# Prefix with a 0 if the result is of odd length
if len(r) % 2 == 1:
r = "0" + r
if len(s) % 2 == 1:
s = "0" + s
# Now we can turn this into a binary string
r = unhexlify(r)
s = unhexlify(s)
key_len = self.get_signature_length() // 2
# For easy decoding, prepend 0 to r and s until they are of >equal length<
return b"".join((b"\x00" * (key_len - len(r)), r, b"\x00" * (key_len - len(s)), s))
示例7: sign
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def sign(self, message):
message = _helpers.to_bytes(message)
asn1_signature = self._key.sign(message, ec.ECDSA(hashes.SHA256()))
# Convert ASN1 encoded signature to (r||s) raw signature.
(r, s) = decode_dss_signature(asn1_signature)
return utils.int_to_bytes(r, 32) + utils.int_to_bytes(s, 32)
示例8: finalize
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def finalize(self):
"""
Get the base64-encoded signature itself.
Can only be called once.
"""
signature = self.signer.finalize()
sig_r, sig_s = decode_dss_signature(signature)
sig_b64 = encode_signature(sig_r, sig_s)
return sig_b64
示例9: _der_to_raw
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def _der_to_raw(self, der_signature):
"""Convert signature from DER encoding to RAW encoding."""
r, s = decode_dss_signature(der_signature)
component_length = self._sig_component_length()
return int_to_bytes(r, component_length) + int_to_bytes(s, component_length)
示例10: sign
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def sign(self, header, payload):
"""Computes the signed jws as defined at rfc7515#section-7.1.
Args:
header: dict, dictionary of header to convert to JSON and sign.
payload: dict, dictionary of the payload to conert to JSON and sign.
Returns:
bytes, the signed token as defined at
https://tools.ietf.org/html/rfc7515#section-7.1.
Raises:
SecurityException: if the header's algorithm or kid does not match the
key's.
"""
if ((header.get("alg", None) is not None and
header["alg"] != self.algorithm) or
(header.get("kid", None) is not None and
getattr(self, "kid", None) is not None and header["kid"] != self.kid)):
raise SecurityException(
"Header's algorithm or kid does not match the key's")
signing_input = jwsutil.urlsafe_b64encode(
jwsutil.json_encode(header)) + b"." + jwsutil.urlsafe_b64encode(
jwsutil.json_encode(payload))
signature = self.signer.sign(signing_input)
if self.algorithm[:2] == "ES":
# Standard Ecdsa signature is the DER encoding of [r, s] while Jws's
# singature is the concatenation of r and s.
(r, s) = utils.decode_dss_signature(signature)
curve_length = jwsutil.ecdsa_algorithm_to_curve_length(self.algorithm)
signature = jwsutil.int_to_bytes(r, curve_length) + jwsutil.int_to_bytes(
s, curve_length)
return signing_input + b"." + jwsutil.urlsafe_b64encode(signature)
示例11: check_for_weak_signatures
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import utils [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature [as 别名]
def check_for_weak_signatures(signatures):
messages = []
# Extra r values from signatures
values = list()
for signature in signatures:
(r, s) = utils.decode_dss_signature(signature)
values.append(r)
# Check if any appear more than once
for r in values:
if values.count(r) > 1:
messages.append('---- ISSUE: DSA "r" value occurs more than once, private key is recoverable; k = ' + r)
return messages