如何使用python从非分离的二进制gnupg签名中提取原始数据?
[英]How to extract the original data from a non detached binary gnupg signature with python?
问题描述
How do i get original data from a not detached binary signature? 
我如何从未分离的二进制签名中获取原始数据 ?
import gnupg
gpg = gnupg.GPG(gnupghome='/tmp/testGPG')
params = {
'Key-Type': 'DSA',
'Key-Length': 1024,
'Name-Real' : 'Real Name',
'Expire-Date': 0,
}
cmd = gpg.gen_key_input(**params)
gpg.gen_key(cmd)
data = str.encode('To be signed')
sig = gpg.sign(data, detach=False, binary=True)
res = gpg.verify(sig.data)
print(res.data)
I'd expect res.data to be equal to orig_data but it is just b'' 我希望res.data等于orig_data但这只是b''
1 个解决方案
解决方案1
1 已采纳 2017-07-10 15:56:04
The easiest way is to "decrypt" that data. 最简单的方法是“解密”该数据。 I just tried this in my ipython shell: 我只是在我的ipython shell中尝试过:
In [18]: gpg.import_keys(private_key).count
Out[18]: 1
In [19]: signature = gpg.sign("Some data to sign")
In [20]: gpg.decrypt(signature.data).data
Out[20]: b'Some data to sign\n'
Please note that the snippet you provided does not work for me. 请注意,您提供的代码段对我不起作用。 GPG complains that it can not generate a key: GPG抱怨无法生成密钥:
[GNUPG:] PINENTRY_LAUNCHED 9678 curses:curses 1.0.0 ? ? ?
gpg: DBG: chan_3 -> END
gpg: DBG: chan_3 <- ERR 83918950 Inappropriate ioctl for device <Pinentry>
gpg: agent_genkey failed: Inappropriate ioctl for device
gpg: key generation failed: Inappropriate ioctl for device
This does not make your code fail and produces empty signature! 这不会使您的代码失败并产生空签名!
Maybe this is my local issue. 也许这是我的本地问题。 But always make sure that your key generation / key import procedure succeed before you start signing/verifying your data! 但是在开始对数据进行签名/验证之前,请务必确保成功完成了密钥生成/密钥导入过程! Otherwise you might get a weird state or expose sensitive information. 否则,您可能会变得怪异或暴露敏感信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.