Pc@sdZdZdddddgZddlZejd d kr`ejd d kr`dd lTndd lmZmZm Z ddl m Z yddlm Z Wne k rdZ nXde j fdYZdefdYZeZejZejZejZdS(sxDSA public-key signature algorithm. DSA_ is a widespread public-key signature algorithm. Its security is based on the discrete logarithm problem (DLP_). Given a cyclic group, a generator *g*, and an element *h*, it is hard to find an integer *x* such that *g^x = h*. The problem is believed to be difficult, and it has been proved such (and therefore secure) for more than 30 years. The group is actually a sub-group over the integers modulo *p*, with *p* prime. The sub-group order is *q*, which is prime too; it always holds that *(p-1)* is a multiple of *q*. The cryptographic strength is linked to the magnitude of *p* and *q*. The signer holds a value *x* (*0>> from Crypto.Random import random >>> from Crypto.PublicKey import DSA >>> from Crypto.Hash import SHA >>> >>> message = "Hello" >>> key = DSA.generate(1024) >>> h = SHA.new(message).digest() >>> k = random.StrongRandom().randint(1,key.q-1) >>> sig = key.sign(h,k) >>> ... >>> if key.verify(h,sig): >>> print "OK" >>> else: >>> print "Incorrect signature" .. _DSA: http://en.wikipedia.org/wiki/Digital_Signature_Algorithm .. _DLP: http://www.cosic.esat.kuleuven.be/publications/talk-78.pdf .. _ECRYPT: http://www.ecrypt.eu.org/documents/D.SPA.17.pdf s$Id$tgeneratet constructterrortDSAImplementationt_DSAobjiNiii(t*(t_DSAt _slowmathtpubkey(tRandom(t _fastmathcBseZdZdddddgZdZdZdZd Zd Zd Z d Z d Z dZ dZ dZdZdZdZdZdZdZdZdZRS(slClass defining an actual DSA key. :undocumented: __getstate__, __setstate__, __repr__, __getattr__ tytgtptqtxcCs||_||_dS(N(timplementationtkey(tselfRR((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt__init__ss cCs?||jkrt|j|Std|jj|fdS(Ns%s object has no %r attribute(tkeydatatgetattrRtAttributeErrort __class__t__name__(Rtattrname((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt __getattr__wscCstjj|||S(sSign a piece of data with DSA. :Parameter M: The piece of data to sign with DSA. It may not be longer in bit size than the sub-group order (*q*). :Type M: byte string or long :Parameter K: A secret number, chosen randomly in the closed range *[1,q-1]*. :Type K: long (recommended) or byte string (not recommended) :attention: selection of *K* is crucial for security. Generating a random number larger than *q* and taking the modulus by *q* is **not** secure, since smaller values will occur more frequently. Generating a random number systematically smaller than *q-1* (e.g. *floor((q-1)/8)* random bytes) is also **not** secure. In general, it shall not be possible for an attacker to know the value of `any bit of K`__. :attention: The number *K* shall not be reused for any other operation and shall be discarded immediately. :attention: M must be a digest cryptographic hash, otherwise an attacker may mount an existential forgery attack. :Return: A tuple with 2 longs. .. __: http://www.di.ens.fr/~pnguyen/pub_NgSh00.htm (Rtsign(RtMtK((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRscCstjj|||S(sEVerify the validity of a DSA signature. :Parameter M: The expected message. :Type M: byte string or long :Parameter signature: The DSA signature to verify. :Type signature: A tuple with 2 longs as return by `sign` :Return: True if the signature is correct, False otherwise. (Rtverify(RRt signature((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRs cCstddS(NsDSA cannot encrypt(t TypeError(RtcR((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt_encryptscCstddS(NsDSA cannot decrypt(R (RR!((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt_decryptscCstddS(NsDSA cannot blind(R (Rtmtr((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt_blindscCstddS(NsDSA cannot unblind(R (RR$R%((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt_unblindscCs|jj||S(N(Rt_sign(RR$tk((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR(scCs"|\}}|jj|||S(N(Rt_verify(RR$tsigR%ts((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR*s cCs |jjS(N(Rt has_private(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR-scCs |jjS(N(Rtsize(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR.scCstS(N(tFalse(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt can_blindscCstS(N(R/(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt can_encryptscCstS(N(tTrue(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pytcan_signscCs4|jj|jj|jj|jj|jjfS(N(RRRR R R R(R((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt publickeyscCsLi}x?|jD]4}yt|j|||t,( RR9R.R7RR-RRtidtjoin(RtattrsR)((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt__repr__s ! (Rt __module__t__doc__RRRRRR"R#R&R'R(R*R-R.R0R1R3R4R6R>RD(((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR`s*                 cBsGeZdZdZdZdddZdddZdZRS(s A DSA key factory. This class is only internally used to implement the methods of the `Crypto.PublicKey.DSA` module. cKs|jdd}|dkrBtdk r6t|_qxt|_n6|rotdk r`t|_qxtdn t|_|jj|_|jdd|_d|_dS(sCreate a new DSA key factory. :Keywords: use_fast_math : bool Specify which mathematic library to use: - *None* (default). Use fastest math available. - *True* . Use fast math. - *False* . Use slow math. default_randfunc : callable Specify how to collect random data: - *None* (default). Use Random.new().read(). - not *None* . Use the specified function directly. :Raise RuntimeError: When **use_fast_math** =True but fast math is not available. t use_fast_mathsfast math module not availabletdefault_randfuncN( tgettNoneR R:Rt RuntimeErrorRt_default_randfunct_current_randfunc(RtkwargsRG((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRs       cCs;|dk r|S|jdkr4tjj|_n|jS(N(RJRMR tnewtread(Rtrandfunc((s/..\python\site-packages\Crypto\PublicKey\DSA.pyt _get_randfunc!s  c CsOx5dD]-}|d d |kr|j|||SqWtd |fd S(sRandomly generate a fresh, new DSA key. :Parameters: bits : int Key length, or size (in bits) of the DSA modulus *p*. It must be a multiple of 64, in the closed interval [512,1024]. randfunc : callable Random number generation function; it should accept a single integer N and return a string of random data N bytes long. If not specified, a new one will be instantiated from ``Crypto.Random``. progress_func : callable Optional function that will be called with a short string containing the key parameter currently being generated; it's useful for interactive applications where a user is waiting for a key to be generated. :attention: You should always use a cryptographically secure random number generator, such as the one defined in the ``Crypto.Random`` module; **don't** just use the current time and the ``random`` module. :Return: A DSA key object (`_DSAobj`). :Raise ValueError: When **bits** is too little, too big, or not a multiple of 64. iiiiiiiiiii@sNNumber of bits in p must be a multiple of 64 between 512 and 1024, not %d bitsN( iiiiiiiii(t _generatet ValueError(RtbitsRQt progress_functi((s/..\python\site-packages\Crypto\PublicKey\DSA.pyR(s! cCs^|j|}tj|||}|jj|j|j|j|j|j }t ||S(N( RRRt generate_pyR:R;R R R RRR(RRURQRVtrftobjR((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRSSs-cCs|jj|}t||S(sConstruct a DSA key from a tuple of valid DSA components. The modulus *p* must be a prime. The following equations must apply: - p-1 = 0 mod q - g^x = y mod p - 0 < x < q - 1 < g < p :Parameters: tup : tuple A tuple of long integers, with 4 or 5 items in the following order: 1. Public key (*y*). 2. Sub-group generator (*g*). 3. Modulus, finite field order (*p*). 4. Sub-group order (*q*). 5. Private key (*x*). Optional. :Return: A DSA key object (`_DSAobj`). (R:R;R(RttupR((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRYsN( RRERFRRRRJRRSR(((s/..\python\site-packages\Crypto\PublicKey\DSA.pyRs  * +(RFt __revision__t__all__tsyst version_infotCrypto.Util.py21compattCrypto.PublicKeyRRRtCryptoR R t ImportErrorRJRtobjectRt_implRRR(((s/..\python\site-packages\Crypto\PublicKey\DSA.pytNs" &