1. 首頁
  2. 問答
  3. PGP散列的數據長度

PGP散列的數據長度

2012-06-29 66 views
6

我終於設法驗證一些簡單的PGP簽名消息塊。但是,我發現由於某種原因,我的實現限制了我驗證長度爲9-16個字節的數據。不下。不再。PGP散列的數據長度

是否有一些指令(RFC4880或其他地方),指定如何處理任何長度的明文數據?也許我錯過了某種填充? PKCS1?

我很確定我把數據格式化爲正確的哈希值,因爲RFC 4880 sec 5.2.4中的說明對於文本文件說明,只是將所有\n替換爲\r\n並添加一個預告片。因爲我的測試值分別爲單個數據線,什麼東西都沒被替換

所有這些值都在基地10,除非另有說明:

// DSA public key values 
p = 175466718616740411615640156350265486163809613514213656685227237159351776260193236923030228927905671867677337184318134702903960237546408302010360724274436019639502405323187799029742776686067449287558904042137172927936686590837020160292525250748155580652384740664931255981772117478967314777932252547256795892071 
q = 809260232002608708872165272150356204306578772713 
g = 127751900783328740354741342100721884490035793278553520238434722215554870393020469115393573782393994875216405838455564598493958342322790638050051759023658096740912555025710033120777570527002197424160086000659457154926758682221072408093235236853997248304424303705425567765059722098677806247252106481642577996274 
y = 1729359689660729090363046649964245002413818785374443321465729582030837456094002908141174514805122689

不工作:

-----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

abcd 
-----BEGIN PGP SIGNATURE----- 
Version: BCPG v1.39 

iFsEARECABsFAk/tB28UHGFiYyA8bWFrY21AYWFhLmNvbT4ACgkQMFIlRc933Ya2 
RwCfdMyI08Iz0rDXVHOPlGA3s5Y9j/8An2He7+hHjWfGJNoOJT7gAxqJaoLo 
=I2rT 
-----END PGP SIGNATURE----- 

data hashed (in hex): 6162636404011102001b05024fed076f141c616263203c6d616b636d406161612e636f6d3e04ff00000021 

r = 666804200764671083282351405489424949903645052927 
s = 558743769080942454889260816818443017172325925608 

w = 702955297882281869313155599553522395227576660460 // s^-1 mod q 
u1 = 190417717173929082607343542521304347388874234334 
u2 = 306786785479358548892951170619047936651163362761 
v = g^u1 * y^u2 % p % q = 737052148656331043521702886300418501784667890334 

v != r

工作:

-----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

abcdef 
-----BEGIN PGP SIGNATURE----- 
Version: BCPG v1.39 

iFsEARECABsFAk/tCE0UHGFiYyA8bWFrY21AYWFhLmNvbT4ACgkQMFIlRc933YYG 
IQCfercgPsXFnah6otgQdEMbv9OeCgIAnRIyOLirbqSlBugBT6Ex/Adz4+7L 
=bzab 
-----END PGP SIGNATURE----- 

data hashed (in hex): 3031323334353637383961626364656604011102001b05024fed084d141c616263203c6d616b636d406161612e636f6d3e04ff00000021 

r = 700580719365380086754774917458461236187098909186 
s = 103881812262595813943381509986903840453887782603 

w = 178510125628083028184051840492924307896586330444 // s^-1 mod q 
u1 = 78831508775508876446567239486098677466912246622 
u2 = 572875590470993668032596348682349224460207395691 
v = g^u1 * y^u2 % p % q = 700580719365380086754774917458461236187098909186 

v == r

什麼數據我不包括在散列/我做錯了什麼?

編輯:這裏是要求公共密鑰,即使相關的值已經被公佈)

-----BEGIN PGP PUBLIC KEY BLOCK----- 
Version: BCPG v1.39 

mQGiBE5B0h8RBAD533Z5bK1IpBx02QyQL0QoJE4uFRIMGDiwXuwmZzVl+R7Vlurd 
GRLsCCbE6vOOh7XQVZGzLEBy9WNzZ9m+EbCfSVAYkjS6FhLws6hG6irrnS+b3JBf 
gFJ8vNGF9Z7bhx+7y7NBk0IMyWkGnUkcnav73t5FQUI2faEBN4c/yAGJZwCgjcB7 
3akWk9XVWvTCsiMXxpyvkukEALXsvB6cOoFEtQq9cQHjP63fBlvD94dhhMiM0cH6 
hW9JotxdK+cxFGG9ZIWgoN2PWbMJka/H4W5EL6tS+YiNAR7I1Ozkt6X16GjnQUzZ 
MlSpleK+KiKVN2anRaPEoOIinHrE3ZXd6QlJ/4+OJn4IVWmSEaJpFf4QNgvEu4rh 
xinyBAD2RNzREOA+wpnFZ4lDt9NZXmXdxQME/l0J9XcvWhpGsxA/MATQKImy7N49 
7GT/M38F+TrpBobag1O3buE99fOLyws4Tbc+sZMdHxoiGZDAIRNQS2rv475E6ktj 
7vd5CYvOkA6+8sX1+hPcNlkHtHB1OFkJRsYp6k0zkyC9adjBM7QTYWJjIDxtYWtj 
bUBhYWEuY29tPohGBBMRAgAGBQJOQdIfAAoJEDBSJUXPd92GRSQAoItbtbToOg7a 
/hcg2sA/aBEQNwuxAKCGR69vmSoCWoBP5waPk0UsjM3BSbjMBE5B0h8QAgCUlP7A 
lfO4XuKGVCs4NvyBpd0KA0m0wjndOHRNSIz44x24vLfTO0GrueWjPMqRRLHO8zLJ 
S/BXO/BHo6ypjN87Af0VPV1hcq20MEW2iujh3hBwthNwBWhtKdPXOndJGZaB7lsh 
LJuWv9z6WyDNXj/SBEiV1gnPm0ELeg8Syhy5pCjMAf9QHehP2eCFqfEwTAnaOlA6 
CU+rYHKPZaI9NUwCA7qD2d93/l08/+ZtFvejZW1RWrJ8qfLDRtlPgRzigoF/CXbR 
iEYEGBECAAYFAk5B0h8ACgkQMFIlRc933YZRrACfUnWTjHHN+QsEEoJrwRvFmvzj 
bR4An24pTpeeN+I6R59O/sdmYsAhjULX 
=sStS 
-----END PGP PUBLIC KEY BLOCK-----

來源

2012-06-29 calccrypto

+0

你能把這裏的「----- BEGIN PGP PUBLIC KEY BLOCK -----」塊嗎? – shem

+0

@shem在這裏你去 – calccrypto

回答

4

沒有足夠的時間來查找細節,但我猜你」正確應用(或不應用)填充。這會導致正確的結果出現一些輸入長度,但不適用於其他輸入長度。

我想我會考慮這多,但我想找點賞金絲:)

編輯下:好吧,發現了一個錯誤。不知道你爲什麼得到它,但如果它是固定的,那麼正確的答案就出來了。在你不工作的例子,你算算w(S^-1模Q)作爲

w = 702955297882281869313155599553522395227576660460 // s^-1 mod q

,但我得到

w = 702955297882281869313155599553522395227576660458

關閉的2!真的,真的很接近價值。它可以證明,我的是正確的:

s * your_w mod q = 308227306159276200906356361486529830038073078504 
s * my_w mod q = 1

如果你在這個W值堵塞,你再拿到

u1 = 536931432138658080437983667536052790245747416035 
u2 = 591698847955233800072578903940910445457030802333 
v = (g^u1 * y^u2) % p % q = 666804200764671083282351405489424949903645052927 
r == v

希望有所幫助。

來源

2012-07-09 19:59:52

+0

是的。我的賭注是填充長度的錯誤。 – pg1989

+0

哈哈,這是怎麼回事?時間挖掘我的任意精度整數代碼 – calccrypto

+1

這僅僅是爲了學習,對吧?看起來我應該重複這個至關重要的「*永遠不要實施加密自己*」的警告。 –

相關問題

 相關問題