diff options
| author | Mike Crute <mcrute@gmail.com> | 2010-05-05 01:15:37 -0400 |
|---|---|---|
| committer | Mike Crute <mcrute@gmail.com> | 2010-05-05 01:15:37 -0400 |
| commit | b897f03e9f1690c05d01e6c697d2d6917e747c48 (patch) | |
| tree | ab2043697d5d52a268505f5d00c0c2989ae542b9 | |
| parent | 94d63f71526c8471cd6a432bc12c14ab2a2742d7 (diff) | |
| download | hg_sshsign-b897f03e9f1690c05d01e6c697d2d6917e747c48.tar.bz2 hg_sshsign-b897f03e9f1690c05d01e6c697d2d6917e747c48.tar.xz hg_sshsign-b897f03e9f1690c05d01e6c697d2d6917e747c48.zip | |
Expanding test cases trying to figure out why key agent signatures don't match command line sigs.
| -rw-r--r-- | keys.py | 2 | ||||
| -rw-r--r-- | ssh.py | 26 | ||||
| -rw-r--r-- | sshagent.py | 4 |
3 files changed, 27 insertions, 5 deletions
| @@ -24,7 +24,7 @@ def load_public_key(key): | |||
| 24 | 24 | ||
| 25 | if ktype == 'ssh-rsa': | 25 | if ktype == 'ssh-rsa': |
| 26 | e, n = get_packed_mp_ints(remainder, 2) | 26 | e, n = get_packed_mp_ints(remainder, 2) |
| 27 | return hawt.new_pub_key((e, n)) | 27 | return RSA.new_pub_key((e, n)) |
| 28 | elif ktype == 'ssh-dss': | 28 | elif ktype == 'ssh-dss': |
| 29 | p, q, g, y = get_packed_mp_ints(remainder, 4) | 29 | p, q, g, y = get_packed_mp_ints(remainder, 4) |
| 30 | return DSA.set_params(p, q, g) | 30 | return DSA.set_params(p, q, g) |
| @@ -8,14 +8,36 @@ SSH Key Signing | |||
| 8 | 8 | ||
| 9 | Commands to sign and verify revisions with your | 9 | Commands to sign and verify revisions with your |
| 10 | ssh key. | 10 | ssh key. |
| 11 | |||
| 12 | Ponder this, bitches: | ||
| 13 | http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c | ||
| 14 | http://svn.osafoundation.org/m2crypto/trunk/SWIG/_rsa.i | ||
| 11 | """ | 15 | """ |
| 12 | 16 | ||
| 17 | from M2Crypto.RSA import RSAError | ||
| 18 | |||
| 13 | from structutils import bytes_to_int | 19 | from structutils import bytes_to_int |
| 14 | from sshagent import SSHAgent | 20 | from sshagent import SSHAgent |
| 21 | from keys import load_private_key, load_public_key | ||
| 22 | |||
| 23 | test_data = "Hello world!" | ||
| 24 | public_key = "/Users/mcrute/.ssh/id_rsa.ag.pub" | ||
| 25 | private_key = "/Users/mcrute/.ssh/id_rsa.ag" | ||
| 15 | 26 | ||
| 16 | key = open('/Users/mcrute/.ssh/id_rsa.ag.pub').read() | 27 | key = open(public_key).read() |
| 17 | key = key.split()[1].decode('base64') | 28 | key = key.split()[1].decode('base64') |
| 18 | 29 | ||
| 19 | agent = SSHAgent() | 30 | agent = SSHAgent() |
| 20 | signature = agent.sign("Hello world!", key) | 31 | signature = agent.sign(test_data, key) |
| 21 | print bytes_to_int(signature) | 32 | print bytes_to_int(signature) |
| 33 | |||
| 34 | |||
| 35 | try: | ||
| 36 | pub_key = load_public_key(open(public_key).read()) | ||
| 37 | pub_key.verify(test_data, signature) | ||
| 38 | print "Signature matches" | ||
| 39 | except RSAError: | ||
| 40 | print "Signature doesn't match" | ||
| 41 | |||
| 42 | priv_key = load_private_key(private_key) | ||
| 43 | print bytes_to_int(priv_key.sign(test_data)) | ||
diff --git a/sshagent.py b/sshagent.py index 32dc2f4..8c310f4 100644 --- a/sshagent.py +++ b/sshagent.py | |||
| @@ -75,6 +75,6 @@ class SSHAgent(object): | |||
| 75 | 75 | ||
| 76 | _, remainder = unpack_int(response[1:]) | 76 | _, remainder = unpack_int(response[1:]) |
| 77 | _, remainder = unpack_string(remainder) | 77 | _, remainder = unpack_string(remainder) |
| 78 | response, _ = unpack_mp_int(remainder) | 78 | response, _ = unpack_string(remainder) |
| 79 | 79 | ||
| 80 | return int_to_bytes(response) | 80 | return response |