diff options
| -rwxr-xr-x | pow/POW-0.7/lib/pkix.py | 23 | ||||
| -rw-r--r-- | scripts/rpki/x509.py | 2 |
2 files changed, 21 insertions, 4 deletions
diff --git a/pow/POW-0.7/lib/pkix.py b/pow/POW-0.7/lib/pkix.py index a5c14bcc..9350aec7 100755 --- a/pow/POW-0.7/lib/pkix.py +++ b/pow/POW-0.7/lib/pkix.py @@ -85,14 +85,20 @@ class CryptoDriver(object): """Verify a signature.""" raise NotImplementedError - def keyDER(self, key): + def toPublicDER(self, key): """Get the DER representation of an RSA key.""" raise NotImplementedError + def fromPublicDER(self, der): + """Set the driver representation of an RSA key from DER.""" + raise NotImplementedError + class POWCryptoDriver(CryptoDriver): """Dispatcher for crypto calls using POW package.""" def __init__(self): + print "Importing POW" + global POW import POW self.driver2OID = { POW.MD2_DIGEST : (1, 2, 840, 113549, 1, 1, 2), # md2WithRSAEncryption @@ -116,9 +122,12 @@ class POWCryptoDriver(CryptoDriver): def verify(self, RSAkey, digestOID, plaintext, signature): return key.verify(signature, digest.digest(), self.OID2driver[oid]) - def keyDER(self, key): + def toPublicDER(self, key): return key.derWrite(POW.RSA_PUBLIC_KEY) + def fromPublicDER(self, der): + return POW.derRead(POW.RSA_PUBLIC_KEY, der) + _cryptoDriver = None # Don't touch this directly def setCryptoDriver(driver): @@ -127,6 +136,7 @@ def setCryptoDriver(driver): The driver should be an instance of CryptoDriver. """ assert isinstance(driver, CryptoDriver) + global _cryptoDriver _cryptoDriver = driver def getCryptoDriver(): @@ -134,6 +144,7 @@ def getCryptoDriver(): If no driver has been selected, instantiate the default POW driver. """ + global _cryptoDriver if _cryptoDriver is None: setCryptoDriver(POWCryptoDriver()) return _cryptoDriver @@ -776,7 +787,7 @@ class Certificate(Sequence): def sign(self, rsa, digestType): driver = getCryptoDriver() oid = driver.getOID(digestType) - self.tbs.subjectPublicKeyInfo.set((((1, 2, 840, 113549, 1, 1, 1), None), driver.keyDER(key))) + self.tbs.subjectPublicKeyInfo.set((((1, 2, 840, 113549, 1, 1, 1), None), driver.toPublicDER(key))) self.tbs.signature.set([oid, None]) signedText = driver.sign(rsa, oid, self.tbs.toString()) self.signatureAlgorithm.set([oid, None]) @@ -1206,6 +1217,12 @@ class CertificationRequest(Sequence): contents = [ self.certificationRequestInfo, self.signatureAlgorithm, self.signatureValue ] Sequence.__init__(self, contents, optional, default) + def verify(self): + driver = getCryptoDriver() + oid = self.signatureAlgorithm.get()[0] + rsa = driver.fromPublicDER(self.certificationRequestInfo.subjectPublicKeyInfo.toString()) + return driver.verify(rsa, oid, self.certificationRequestInfo.toString(), self.signatureValue.get()) + #---------- PKCS10 ----------# #---------- GeneralNames object support ----------# class OtherName(Sequence): diff --git a/scripts/rpki/x509.py b/scripts/rpki/x509.py index 1efabe77..2061864c 100644 --- a/scripts/rpki/x509.py +++ b/scripts/rpki/x509.py @@ -90,7 +90,7 @@ class DER_object(object): setattr(self, name, kw[name]) return if name == "PEM": - text = self.pem_convert.to_DER(kw[name]) + text = self.pem_converter.to_DER(kw[name]) self.clear() self.DER = text return |