[PYTHON-CRYPTO] DSA signature verification trouble...

[Dan Berger]

I thought this was a problem between my Python and C code, but it looks
like either there's a problem in M2Crypto (possibly OpenSSL), or I'm
missing something.  Consider the following code:

import M2Crypto
import M2Crypto.DSA
import M2Crypto.EVP
ksk = M2Crypto.DSA.load_key("/home/dberger/Projects/IKaRoS/server/db/ksk_1.pem")
signature = ksk.sign_asn1("foobar")
ksk.verify_asn1(signature, "foobar")

Traceback (most recent call last):
  File "<stdin>", line 1, in ?
  File "/usr/lib/python2.2/site-packages/M2Crypto/DSA.py", line 132, in verify_asn1
M2Crypto.DSA.DSAError: too long

Feeding a signature produced by sign_asn1 directly into verify_asn1
fails.  Anyone have any suggestions?

By the way - doing this:

import M2Crypto
import M2Crypto.DSA
import M2Crypto.EVP
ksk = M2Crypto.DSA.load_key("/home/dberger/Projects/IKaRoS/server/db/ksk_1.pem")
signature = ksk.sign("foobar")
ksk.verify("foobar", signature[0], signature[1])

returns success, which suggests it's a problem with the asn1 encode/decode "stuff."

--

...Dan Berger [dberger at cs.ucr.edu]
   Department of Computer Science
   Surge Building, Room 357
   University of California, Riverside
   http://www.cs.ucr.edu/~dberger

   "I like naked women. I'm a bloke. I'm supposed to like them. We're
    born like that. We like naked women as soon as we're pulled out of
    one. Halfway down the birth canal we're already enjoying the view!"

                        - Steve, Coupling: "Inferno"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20040804/420e1858/attachment.pgp>