Menu
▾
▴
Re: [pyOpenSSL] quick question, converting a small (two lines) of Ruby (OpenSSL) to PyOpenSSL
|
From: aaron s. <bei...@gm...> - 2009-08-27 18:14:07
|
Hey Dean, thanks for the response. I'll end up using subprocess and
openssl. One other question. What is "twinkle?"
On Tue, Aug 25, 2009 at 9:26 PM, Rick Dean<ri...@fd...> wrote:
>
> Strangely, your provided result is an invalid base32 encoding
> because it's an illegal length. It's not just missing equal
> signs.
>
> So the openssl commands are...
>
> $ openssl dsaparam -genkey -out dsa_priv.pem 1024
> $ echo twinkie | openssl dgst -dss1 -sign dsa_priv.pem -out foo
> $ echo twinkie | openssl dgst -dss1 -prverify dsa_priv.pem -signature foo
> Verified OK
>
> pyOpenSSL doesn't yet provide this functionality. You
> can only sign with x509 certificates, not with just a
> PKey. Apparently the certificateless signing is provided
> by EVP_SignFinal() and EVP_VerifyFinal() as seen in
> openssl-0.9.8j/app/dgst.c
>
> In the meantime, the python module called "subprocess"
> may be of some help.
>
> --
> Rick
>
>
> On Tue, Aug 25, 2009 at 12:48:19PM -0700, aaron smith wrote:
>> Thanks for the reply. Ultimately what I'm trying to accomplish is
>> creating a software license key.
>>
>> The full ruby example is this:
>>
>> def make_license(product_code, name, copies)
>> sign_dss1 = OpenSSL::Digest::DSS1.new
>> priv = OpenSSL::PKey::DSA.new(File.read("lib/dsa_priv.pem"))
>> b32 = Base32.encode(priv.sign(sign_dss1,
>> make_license_source(product_code, name)))
>> # Replace Os with 8s and Is with 9s
>> # See http://members.shaw.ca/akochoi-old/blog/2004/11-07/index.html
>> b32.gsub!(/O/, '8')
>> b32.gsub!(/I/, '9')
>> # chop off trailing padding
>> b32.delete("=").scan(/.{1,5}/).join("-")
>> end
>>
>> def make_license_source(product_code, name)
>> product_code + "," + name
>> end
>>
>> I think what this is doing is creating a new dsa from a private one,
>> the file (lib/dsa_priv.pem). It converts it to base 32, and adds in
>> some dashes (-). Which ultimately gives me something like:
>> "GAWAE-FDWN3-BJHHK-KBGLL-D5SF7-6KHNP-7RWSE-C2FAC-CRR32-QB76K-T3F22-MZFGQ-LV4XA-7X423-6QJY"
>>
>>
>>
>>
>>
>> On Tue, Aug 25, 2009 at 9:13 AM, Rick Dean<ri...@fd...> wrote:
>> >
>> > The automated test cases are a good place to look for
>> > examples. It's a directory named "test" in the pyOpenSSL
>> > sources.
>> >
>> > Some comments about what you are trying to accomplish
>> > would be useful. I don't know the Ruby API and you
>> > didn't link to it's docs.
>> >
>> > Are you trying to create a DSA certificate? Is "test" the
>> > common name of the subject for the new certificate being
>> > created? If so, you need a bunch more stuff than those three
>> > lines. I attached an example.
>> >
>> > --
>> > Rick
>> >
>> >
>> > On Mon, Aug 24, 2009 at 10:21:02PM -0700, aaron smith wrote:
>> >> I'm trying to convert a small snippet of ruby code that handles some
>> >> ssl stuff for me..
>> >>
>> >> The Ruby code is this:
>> >>
>> >> sign_dss1 = OpenSSL::Digest::DSS1.new
>> >> priv = OpenSSL::PKey::DSA.new(File.read("lib/dsa_priv.pem"))
>> >> priv.sign(sign_dss1, "test" )
>> >>
>> >> This is somewhat contrived, but this all i'm trying to convert. The
>> >> docs for pyOpenSSL don't explain that much, so I'm not even sure where
>> >> to look.
>> >>
>> >> Thanks for your help!
>> >> -A
>> >>
>> >> ------------------------------------------------------------------------------
>> >> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
>> >> trial. Simplify your report design, integration and deployment - and focus on
>> >> what you do best, core application coding. Discover what's new with
>> >> Crystal Reports now. http://p.sf.net/sfu/bobj-july
>> >> _______________________________________________
>> >> pyopenssl-list mailing list
>> >> pyo...@li...
>> >> https://lists.sourceforge.net/lists/listinfo/pyopenssl-list
>> >
>> >
>
>
|
