diff options
| author | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-02-09 18:10:09 +0100 |
|---|---|---|
| committer | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-04-05 12:26:10 +0200 |
| commit | 23e63807085b13a9b221c3374d05099559583011 (patch) | |
| tree | 61f53f9c8282ba60edba322499a3b68317bc53a7 /test_data/generate_forged.py | |
| parent | 70b4bad8904fe02fe4d783b75c6137ba959363ec (diff) | |
Add signature verification to list retrieval
- Move test data to src
- Verify signatures by calling the Verify method
- Add a customizable parameter to force prehashed signatures
Signed-off-by: jwijenbergh <jeroenwijenbergh@protonmail.com>
Diffstat (limited to 'test_data/generate_forged.py')
| -rw-r--r-- | test_data/generate_forged.py | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/test_data/generate_forged.py b/test_data/generate_forged.py deleted file mode 100644 index 843b32d..0000000 --- a/test_data/generate_forged.py +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/env python3 - -import hashlib -import base64 - -# Hash server_list.json - -with open("server_list.json", "rb") as f: - b = f.read() - -with open("server_list.json.blake2b", "wb") as f: - f.write(hashlib.blake2b(b).digest()) - -# Forge pure signature on hash, see https://github.com/jedisct1/minisign/issues/104 - -with open("server_list.json.minisig", "rb") as f: - siglines = f.readlines() - -siglines[0] = b"untrusted comment: this signature has ED changed to Ed\n" -sig = base64.b64decode(siglines[1]) -siglines[1] = base64.b64encode(b"Ed" + sig[2:]) + b"\n" - -with open("server_list.json.forged_pure.minisig", "wb") as f: - f.writelines(siglines) - # Should now work: minisign -Vm server_list.json.blake2b -x server_list.json.forged_pure.minisig -p public-key - -# Try to forge key ID - -with open("server_list.json.wrong_key.minisig", "rb") as f: - siglines = f.readlines() - -siglines[0] = b"untrusted comment: this signature was created with wrong_secret.key but has key ID changed to that of public.key\n" -sig_wrong = base64.b64decode(siglines[1]) -siglines[1] = base64.b64encode(sig_wrong[:2] + sig[2:2+8] + sig_wrong[2+8:]) + b"\n" - -with open("server_list.json.forged_keyid.minisig", "wb") as f: - f.writelines(siglines) |