How to extract the original data from a non detached binary gnupg signature with python?
Question
How do i get original data from a not detached binary signature?
import gnupg
gpg = gnupg.GPG(gnupghome='/tmp/testGPG')
params = {
'Key-Type': 'DSA',
'Key-Length': 1024,
'Name-Real' : 'Real Name',
'Expire-Date': 0,
}
cmd = gpg.gen_key_input(**params)
gpg.gen_key(cmd)
data = str.encode('To be signed')
sig = gpg.sign(data, detach=False, binary=True)
res = gpg.verify(sig.data)
print(res.data)
I'd expect res.data to be equal to orig_data but it is just b''
1 answers
solution1
1 ACCPTED 2017-07-10 15:56:04
The easiest way is to "decrypt" that data. I just tried this in my ipython shell:
In [18]: gpg.import_keys(private_key).count
Out[18]: 1
In [19]: signature = gpg.sign("Some data to sign")
In [20]: gpg.decrypt(signature.data).data
Out[20]: b'Some data to sign\n'
Please note that the snippet you provided does not work for me. GPG complains that it can not generate a key:
[GNUPG:] PINENTRY_LAUNCHED 9678 curses:curses 1.0.0 ? ? ?
gpg: DBG: chan_3 -> END
gpg: DBG: chan_3 <- ERR 83918950 Inappropriate ioctl for device <Pinentry>
gpg: agent_genkey failed: Inappropriate ioctl for device
gpg: key generation failed: Inappropriate ioctl for device
This does not make your code fail and produces empty signature!
Maybe this is my local issue. But always make sure that your key generation / key import procedure succeed before you start signing/verifying your data! Otherwise you might get a weird state or expose sensitive information.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.