lili/amodem
1
0
Fork 0
mirror of https://github.com/romanz/amodem.git synced 2026-04-21 05:36:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

gpg: small fixes

Browse Source
This commit is contained in:
Roman Zeyde
2016-04-30 15:39:32 +03:00
parent 87ca33c104
commit 31c3686fa4
2 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
trezor_agent/gpg/encode.py
View File

@@ -152,7 +152,8 @@ class AgentSigner(object):
def sign(self, digest): def sign(self, digest):
"""Sign the digest and return an ECDSA signature.""" """Sign the digest and return an ECDSA signature."""
params = agent.sign(sock=self.sock, keygrip=self.keygrip, digest=digest) params = agent.sign(sock=self.sock,
keygrip=self.keygrip, digest=digest)
return b''.join(mpi(p) for p in params) return b''.join(mpi(p) for p in params)
def close(self): def close(self):
@@ -274,13 +275,13 @@ class Signer(object):
subpacket_time(self.pubkey.created)] # signature creaion time subpacket_time(self.pubkey.created)] # signature creaion time
unhashed_subpackets = [ unhashed_subpackets = [
subpacket(16, self.pubkey.key_id())] # issuer key id subpacket(16, self.pubkey.key_id())] # issuer key id
back_sign = _make_signature(signer_func=self.conn.sign, embedded_sig = _make_signature(signer_func=self.conn.sign,
data_to_sign=data_to_sign, data_to_sign=data_to_sign,
public_algo=self.pubkey.algo_id, public_algo=self.pubkey.algo_id,
sig_type=0x19, sig_type=0x19,
hashed_subpackets=hashed_subpackets, hashed_subpackets=hashed_subpackets,
unhashed_subpackets=unhashed_subpackets) unhashed_subpackets=unhashed_subpackets)
log.info('back_sign: %r', back_sign) log.info('embedded signature: %r', embedded_sig)
# Subkey Binding Signature # Subkey Binding Signature
hashed_subpackets = [ hashed_subpackets = [
@@ -288,7 +289,7 @@ class Signer(object):
subpacket_byte(0x1B, 2)] # key flags (certify & sign) subpacket_byte(0x1B, 2)] # key flags (certify & sign)
unhashed_subpackets = [ unhashed_subpackets = [
subpacket(16, primary['key_id']), # issuer key id subpacket(16, primary['key_id']), # issuer key id
subpacket(32, back_sign)] subpacket(32, embedded_sig)]
gpg_agent = AgentSigner(self.user_id) gpg_agent = AgentSigner(self.user_id)
signature = _make_signature(signer_func=gpg_agent.sign, signature = _make_signature(signer_func=gpg_agent.sign,
data_to_sign=data_to_sign, data_to_sign=data_to_sign,
@@ -320,6 +321,7 @@ class Signer(object):
def _make_signature(signer_func, data_to_sign, public_algo, def _make_signature(signer_func, data_to_sign, public_algo,
hashed_subpackets, unhashed_subpackets, sig_type=0): hashed_subpackets, unhashed_subpackets, sig_type=0):
# pylint: disable=too-many-arguments
header = struct.pack('>BBBB', header = struct.pack('>BBBB',
4, # version 4, # version
sig_type, # rfc4880 (section-5.2.1) sig_type, # rfc4880 (section-5.2.1)

1
trezor_agent/gpg/test.sh
View File

@@ -1,6 +1,7 @@
# NEVER RUN ON YOUR OWN REAL GPG KEYS!!!!! THEY WILL BE DELETED!!!!! # NEVER RUN ON YOUR OWN REAL GPG KEYS!!!!! THEY WILL BE DELETED!!!!!
set -x -e -u set -x -e -u
CURVE=ed25519 CURVE=ed25519
#CURVE=nist256p1
(cd ~/.gnupg && rm -rf openpgp-revocs.d/ private-keys-v1.d/ pubring.kbx* trustdb.gpg /tmp/log *.gpg; killall gpg-agent || true) (cd ~/.gnupg && rm -rf openpgp-revocs.d/ private-keys-v1.d/ pubring.kbx* trustdb.gpg /tmp/log *.gpg; killall gpg-agent || true)
gpg2 --full-gen-key --expert gpg2 --full-gen-key --expert
gpg2 --export > romanz.pub gpg2 --export > romanz.pub