in reply to Roll your DSA signatures
############## gen_keys #################### #!/usr/bin/perl use warnings; use strict; use Crypt::DSA; use Crypt::DSA::Key; # script to generate keys my $dsa = Crypt::DSA->new; # use to generate your keys below # multiple of 512, 1024, 2048, 4096(long time) my $key = $dsa->keygen(Size => 512, Verbosity => 1); # print ref $key,"\n"; # foreach my $k (keys %{$key}) { # print $k . "=" . $key->$k . "\n\n "; # } # hard code in the above generated numbers. my %key_priv; $key_priv{'priv_key'} = $key->{'priv_key'}; $key_priv{'p'} = $key->{'p'}; $key_priv{'g'} = $key->{'g'}; $key_priv{'q'} = $key->{'q'}; # $key_priv{'pub_key'} = ''; #don't include in private key my %key_pub; # $key_pub{'priv_key'} = ''; #don't include in public key $key_pub{'p'} = $key->{'p'}; $key_pub{'g'} = $key->{'g'}; $key_pub{'q'} = $key->{'q'}; $key_pub{'pub_key'} = $key->{'pub_key'}; #private key file my $k_priv = \%key_priv; bless($k_priv, "Crypt::DSA::Key"); my $pem_priv = $k_priv->write( Type => 'PEM' ); open(FH,">key_priv") or die "$!\n"; print FH $pem_priv; close FH; #public key file my $k_pub = \%key_pub; bless($k_pub, "Crypt::DSA::Key"); my $pem_pub = $k_pub->write( Type => 'PEM' ); open(FH,">key_pub") or die "$!\n"; print FH $pem_pub; close FH; __END__ ############################################ ############# sign-a-file ####################### #!/usr/bin/perl use warnings; use strict; use Crypt::DSA; use Crypt::DSA::Key; use MIME::Base64 qw( encode_base64 decode_base64 ); # sample script to sign a file named 'msg' my $dsa = Crypt::DSA->new; my $msg_in; open (FH,"< msg"); read( FH, $msg_in, -s FH ); close FH; my $key_priv = Crypt::DSA::Key->new( Type => 'PEM', Filename => 'key_priv'); my $sig = $dsa->sign(Message=> $msg_in, Key => $key_priv); my $sig_ser = $sig->serialize; open(FH,">sig") or die "$!\n"; print FH encode_base64($sig_ser); #need base64 encoding close FH; #of binary sig __END__ ############################################# ############ verify-a-file ######################### #!/usr/bin/perl use warnings; use strict; use Crypt::DSA; use Crypt::DSA::Key; use MIME::Base64 qw( encode_base64 decode_base64 ); # sample script to verify a file named 'msg' with sig in 'sig' my $msg_in; open (FH,"< msg"); read( FH, $msg_in, -s FH ); close FH; my $key_pub = Crypt::DSA::Key->new( Type => 'PEM', Filename => 'key_pub'); my $sig_in; open (FH,"< sig"); read( FH, $sig_in, -s FH ); close FH; my $dsa = Crypt::DSA->new; my $sig_o = Crypt::DSA::Signature->new( Content => decode_base64( $sig_in ) ); my $verified = $dsa->verify( Message => $msg_in, Signature => $sig_o, Key => $key_pub, ); print "verified thru files->$verified\n"; __END__ ########################################### ## ######### check-key ######################## #!/usr/bin/perl use warnings; use strict; use Crypt::DSA; use Crypt::DSA::Key; # script to make sure public key dosn't contain priv_key # so it isn't distributed accidently my $key = Crypt::DSA::Key->new( Type => 'PEM', Filename => 'key_pub'); print ref $key,"\n"; foreach my $k (keys %{$key}) { next if $k eq '__pem'; print $k . "=" . $key->{$k} . "\n\n "; } __END__ #############################################
|
|---|