Crypt-DSA-1.19000755001750001750 014724065747 11737 5ustar00timtim000000000000README100644001750001750 1210514724065747 12717 0ustar00timtim000000000000Crypt-DSA-1.19NAME Crypt::DSA - DSA Signatures and Key Generation SYNOPSIS use Crypt::DSA; my $dsa = Crypt::DSA->new; my $key = $dsa->keygen( Size => 512, Seed => $seed, Verbosity => 1 ); my $sig = $dsa->sign( Message => "foo bar", Key => $key ); my $verified = $dsa->verify( Message => "foo bar", Signature => $sig, Key => $key, ); DESCRIPTION *Crypt::DSA* is an implementation of the DSA (Digital Signature Algorithm) signature verification system. The implementation itself is pure Perl, although the heavy-duty mathematics underneath are provided by the *Math::Pari* library. This package provides DSA signing, signature verification, and key generation. SECURITY DSA (Digital Signature Algorithm) signatures are no longer considered to be adequate for security. This module should only be used for verifying old signatures and should not be used for new signatures. That being said, some technologies still require DSA signatures even in 2024. Consider using other solutions or explicitly not using DSA signatures. USAGE The *Crypt::DSA* public interface is similar to that of *Crypt::RSA*. This was done intentionally. Crypt::DSA->new Constructs a new *Crypt::DSA* object. At the moment this isn't particularly useful in itself, other than being the object you need to do much else in the system. Returns the new object. $key = $dsa->keygen(%arg) Generates a new set of DSA keys, including both the public and private portions of the key. *%arg* can contain: * Size The size in bits of the *p* value to generate. The *q* and *g* values are always 160 bits each. This argument is mandatory. * Seed A seed with which *q* generation will begin. If this seed does not lead to a suitable prime, it will be discarded, and a new random seed chosen in its place, until a suitable prime can be found. This is entirely optional, and if not provided a random seed will be generated automatically. * Verbosity Should be either 0 or 1. A value of 1 will give you a progress meter during *p* and *q* generation--this can be useful, since the process can be relatively long. The default is 0. $signature = $dsa->sign(%arg) Signs a message (or the digest of a message) using the private portion of the DSA key and returns the signature. The return value--the signature--is a *Crypt::DSA::Signature* object. *%arg* can include: * Digest A digest to be signed. The digest should be 20 bytes in length or less. You must provide either this argument or *Message* (see below). * Key The *Crypt::DSA::Key* object with which the signature will be generated. Should contain a private key attribute (*priv_key*). This argument is required. * Message A plaintext message to be signed. If you provide this argument, *sign* will first produce a SHA1 digest of the plaintext, then use that as the digest to sign. Thus writing my $sign = $dsa->sign(Message => $message, ... ); is a shorter way of writing use Digest::SHA qw( sha1 ); my $sig = $dsa->sign(Digest => sha1( $message ), ... ); $verified = $dsa->verify(%arg) Verifies a signature generated with *sign*. Returns a true value on success and false on failure. *%arg* can contain: * Key Key of the signer of the message; a *Crypt::DSA::Key* object. The public portion of the key is used to verify the signature. This argument is required. * Signature The signature itself. Should be in the same format as returned from *sign*, a *Crypt::DSA::Signature* object. This argument is required. * Digest The original signed digest whose length is less than or equal to 20 bytes. Either this argument or *Message* (see below) must be present. * Message As above in *sign*, the plaintext message that was signed, a string of arbitrary length. A SHA1 digest of this message will be created and used in the verification process. TODO Add ability to munge format of keys. For example, read/write keys from/to key files (SSH key files, etc.), and also write them in other formats. SUPPORT Bugs should be reported via the CPAN bug tracker at For other issues, contact the author. AUTHOR Benjamin Trott COPYRIGHT Except where otherwise noted, Crypt::DSA is Copyright 2006 - 2011 Benjamin Trott. Crypt::DSA is free software; you may redistribute it and/or modify it under the same terms as Perl itself. LICENSE100644001750001750 4652614724065747 13062 0ustar00timtim000000000000Crypt-DSA-1.19This software is copyright (c) 2024 by Benjamin Trott . This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself. Terms of the Perl programming language system itself a) the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version, or b) the "Artistic License" --- The GNU General Public License, Version 1, February 1989 --- This software is Copyright (c) 2024 by Benjamin Trott . This is free software, licensed under: The GNU General Public License, Version 1, February 1989 GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice That's all there is to it! --- The Perl Artistic License 1.0 --- This software is Copyright (c) 2024 by Benjamin Trott . This is free software, licensed under: The Perl Artistic License 1.0 The "Artistic License" Preamble The intent of this document is to state the conditions under which a Package may be copied, such that the Copyright Holder maintains some semblance of artistic control over the development of the package, while giving the users of the package the right to use and distribute the Package in a more-or-less customary fashion, plus the right to make reasonable modifications. Definitions: "Package" refers to the collection of files distributed by the Copyright Holder, and derivatives of that collection of files created through textual modification. "Standard Version" refers to such a Package if it has not been modified, or has been modified in accordance with the wishes of the Copyright Holder as specified below. "Copyright Holder" is whoever is named in the copyright or copyrights for the package. "You" is you, if you're thinking about copying or distributing this Package. "Reasonable copying fee" is whatever you can justify on the basis of media cost, duplication charges, time of people involved, and so on. (You will not be required to justify it to the Copyright Holder, but only to the computing community at large as a market that must bear the fee.) "Freely Available" means that no fee is charged for the item itself, though there may be fees involved in handling the item. It also means that recipients of the item may redistribute it under the same conditions they received it. 1. You may make and give away verbatim copies of the source form of the Standard Version of this Package without restriction, provided that you duplicate all of the original copyright notices and associated disclaimers. 2. You may apply bug fixes, portability fixes and other modifications derived from the Public Domain or from the Copyright Holder. A Package modified in such a way shall still be considered the Standard Version. 3. You may otherwise modify your copy of this Package in any way, provided that you insert a prominent notice in each changed file stating how and when you changed that file, and provided that you do at least ONE of the following: a) place your modifications in the Public Domain or otherwise make them Freely Available, such as by posting said modifications to Usenet or an equivalent medium, or placing the modifications on a major archive site such as uunet.uu.net, or by allowing the Copyright Holder to include your modifications in the Standard Version of the Package. b) use the modified Package only within your corporation or organization. c) rename any non-standard executables so the names do not conflict with standard executables, which must also be provided, and provide a separate manual page for each non-standard executable that clearly documents how it differs from the Standard Version. d) make other distribution arrangements with the Copyright Holder. 4. You may distribute the programs of this Package in object code or executable form, provided that you do at least ONE of the following: a) distribute a Standard Version of the executables and library files, together with instructions (in the manual page or equivalent) on where to get the Standard Version. b) accompany the distribution with the machine-readable source of the Package with your modifications. c) give non-standard executables non-standard names, and clearly document the differences in manual pages (or equivalent), together with instructions on where to get the Standard Version. d) make other distribution arrangements with the Copyright Holder. 5. You may charge a reasonable copying fee for any distribution of this Package. You may charge any fee you choose for support of this Package. You may not charge a fee for this Package itself. However, you may distribute this Package in aggregate with other (possibly commercial) programs as part of a larger (possibly commercial) software distribution provided that you do not advertise this Package as a product of your own. You may embed this Package's interpreter within an executable of yours (by linking); this shall be construed as a mere form of aggregation, provided that the complete Standard Version of the interpreter is so embedded. 6. The scripts and library files supplied as input to or produced as output from the programs of this Package do not automatically fall under the copyright of this Package, but belong to whoever generated them, and may be sold commercially, and may be aggregated with this Package. If such scripts or library files are aggregated with this Package via the so-called "undump" or "unexec" methods of producing a binary executable image, then distribution of such an image shall neither be construed as a distribution of this Package nor shall it fall under the restrictions of Paragraphs 3 and 4, provided that you do not represent such an executable image as a Standard Version of this Package. 7. C subroutines (or comparably compiled subroutines in other languages) supplied by you and linked into this Package in order to emulate subroutines and variables of the language defined by this Package shall not be considered part of this Package, but are the equivalent of input as in Paragraph 6, provided these subroutines do not change the language in any way that would cause it to fail the regression tests for the language. 8. Aggregation of this Package with a commercial distribution is always permitted provided that the use of this Package is embedded; that is, when no overt attempt is made to make this Package's interfaces visible to the end user of the commercial distribution. Such use shall not be construed as a distribution of this Package. 9. The name of the Copyright Holder may not be used to endorse or promote products derived from this software without specific prior written permission. 10. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The End Changes100644001750001750 1111514724065747 13332 0ustar00timtim000000000000Crypt-DSA-1.19Revision history for Perl extension Crypt-DSA 1.19 -- Wed Dec 04 10:49:10 AST 2024 [Changes since 1.17] - Release 1.18-TRIAL as a production release - New Maintainer - This release resolves CVE-2011-3599 - Added a statement to recommend against using DSA - Fixed a few long standing bugs - The build process is moved to Dist::Zilla - Thanks to all the people who contributed to the tickets that were closed [Detailed Change List] - 47bda33 Increment Repo Version - ffd39e8 (tag: 1.18) Update Changes for a Release [Changes since 1.17] - New Maintainer - This release resolves CVE-2011-3599 - Added a statement to recommend against using DSA - Fixed a few long standing bugs - The build process is moved to Dist::Zilla - Thanks to all the people who contributed to the tickets that were closed [Detailed Change List] - 3411005 Add a SECURITY statement about DSA - 1f5df72 Fixes RT#71342: Patch to use Digest::SHA - 06f420d Fix missed version numbers - 1946ead Remove old MANIFEST and META.yml from repo - 6c813c7 Fixes #19477: Crypt::DSA::Key -write comment wrong for public key - c28a8a3 Fix some of the Dependencies in dist.ini - fe15637 Fixed RT#71421: Systems without /dev/random may leak secret key - cf81bfc Fixes RT #156495 for Crypt-DSA t/04-pem.t - 24ac55b Convert build process to Dist::Zilla - b680374 (tag: 1.17) Import Crypt::DSA-1.17 from CPAN release 1.17 2011.06.16 - Upgrade to Module::Install 1.01 - Added support for OpenSSL 1.0.0 dsaparam format change. - Requires perl 5.6 now - Fixes for 64-bit support 1.16 2009.09.11 - Switching to production release - Switching to non-development version 0.15_01 2009.02.13 - Updated to Module::Install 0.91 - Added a consistent $VERSION across the entire distro - Removed the optional dependency on Convert::PEM for more consistent downstream packaging (it was pointless to ask since most people don't know what it is anyways). - Data::Buffer has almost perfect CPAN Testers PASS, so always install it (plus, SSH2 is common now). - Added some missing dependencies to the Makefile.PL - Removed the sign(1) and auto_install (which was dangerous) - Removed all the magic repository tags that would change depending on who was maintaining it. - Adding missing test_requires for Test.pm and Test::More (I'll migrate the remaining tests away from Test.pm next release) - Merged the ToDo file into the POD 0.14 2006.05.08 - Win32 fixes: use Data::Random as a fallback in make_random, better support for locating openssl. Thanks to CFRANKS for the patch. - Makefile.PL update, to the latest Module::Install. Thanks to Adam Kennedy for the patch. 0.13 2005.05.26 - Rewrote to use Math::BigInt instead of Math::Pari, including patches from Brad Fitzpatrick for a replacement for the isprime function (both using pure Perl and an external gp program). - Added optional Content argument to Crypt::DSA::Key->new, to specify serialized Content to be deserialized. - Added Signature serialization and deserialization of ASN.1-encoded structures. - Added ability to do key generation using an external openssl binary. Thanks to Brad Fitzpatrick for the patch. - Signature object now has better get/set acccessors. - Use Module::Install instead of hand-coded Makefile.PL. 0.12 2001.05.03 - Removed swap file from the distribution. :) 0.11 2001.05.02 - Added Crypt::DSA::Key::SSH2, which reads SSH2-format DSA key files. These are a different format than those used by OpenSSH (that uses PEM-encoded files). Currently only reading SSH2 key files is supported, and the files must not be encrypted. - Added size method to Crypt::DSA::Key. $key->size is number of bits in p. 0.10 2001.04.22 - Added much better test suite: tests bigint utilities in Util, sign/verify, key generation (512, 768, 1024 bits), PEM encoding/decoding (if Convert::PEM is installed), FIPS 186-2 example case. - Added interface to Convert::PEM to read/write encrypted PEM files containing ASN.1-encoded DSA keys. Convert::PEM is optional; Makefile.PL will check for it and warn if it can't be found. - Get/set accessors now take hex values and store their values internally as strings. Thanks to Crypt::RSA for the idea. :) 0.03 2001.04.07 - abstracted signature object into Crypt::DSA::Signature object. 0.02 2001.03.23 - split up code into separate modules (ie. KeyChain, Key, Util, etc.) - switched from using GMP to Pari - streamlined code - added documentation 0.01 2001.03.22 - original version; created by h2xs 1.19 META.yml100644001750001750 215214724065747 13271 0ustar00timtim000000000000Crypt-DSA-1.19--- abstract: 'DSA Signatures and Key Generation' author: - 'Benjamin Trott ' build_requires: Convert::PEM: '0.13' Crypt::DES_EDE3: '0' Data::Buffer: '0.01' ExtUtils::MakeMaker: '6.42' File::Which: '0.05' Math::BigInt: '1.78' Test::More: '0' configure_requires: ExtUtils::MakeMaker: '6.42' dynamic_config: 0 generated_by: 'Dist::Zilla version 6.032, CPAN::Meta::Converter version 2.150010' license: perl meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: '1.4' name: Crypt-DSA requires: Convert::ASN1: '0' Convert::PEM: '0.13' Crypt::URandom: '0' Data::Buffer: '0.01' Digest::SHA: '0' File::Spec: '0' File::Which: '0.05' IPC::Open3: '0' MIME::Base64: '0' Math::BigInt: '1.78' perl: '5.006' resources: homepage: https://github.com/perl-Crypt-OpenPGP/Crypt-DSA repository: https://github.com/perl-Crypt-OpenPGP/Crypt-DSA.git version: '1.19' x_generated_by_perl: v5.38.2 x_maintainers: - 'Timothy Legge ' x_serialization_backend: 'YAML::Tiny version 1.74' x_spdx_expression: 'Artistic-1.0-Perl OR GPL-1.0-or-later' MANIFEST100644001750001750 67514724065747 13141 0ustar00timtim000000000000Crypt-DSA-1.19# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.032. Changes LICENSE MANIFEST META.json META.yml Makefile.PL README SIGNATURE dist.ini lib/Crypt/DSA.pm lib/Crypt/DSA/Key.pm lib/Crypt/DSA/Key/PEM.pm lib/Crypt/DSA/Key/SSH2.pm lib/Crypt/DSA/KeyChain.pm lib/Crypt/DSA/Signature.pm lib/Crypt/DSA/Util.pm t/00-compile.t t/01-util.t t/02-sign.t t/03-keygen.t t/04-pem.t t/06-fips.t t/07-openid.t xt/meta.t xt/pmv.t xt/pod.t dist.ini100644001750001750 263514724065747 13472 0ustar00timtim000000000000Crypt-DSA-1.19name = Crypt-DSA author = Benjamin Trott license = Perl_5 abstract = DSA Signatures and Key Generation copyright_holder = Benjamin Trott [Meta::Maintainers] maintainer = Timothy Legge [@Filter] -bundle = @Basic -remove = Readme -remove = GatherDir [Git::NextVersion] first_version = 1.18 ; this is the default version_by_branch = 0 ; this is the default version_regexp = ^(1.\d+)$ ; this is the default [Git::GatherDir] exclude_filename = Makefile.PL exclude_filename = LICENSE exclude_filename = META.yml exclude_filename = MANIFEST [CopyFilesFromBuild::Filtered] copy = Makefile.PL copy = LICENSE [OurPkgVersion] [AutoPrereqs] skip = ^vars$ skip = utf8 skip = warnings skip = strict skip = overload skip = base skip = feature skip = Symbol skip = constant skip = integer skip = Fcntl skip = Exporter skip = Carp [Prereqs/ConfigureRequires] ExtUtils::MakeMaker = 6.42 [Prereqs/BuildRequires] ExtUtils::MakeMaker = 6.42 Convert::PEM = 0.13 Data::Buffer = 0.01 File::Which = 0.05 Math::BigInt = 1.78 [Prereqs/TestRequires] [GithubMeta] remote = upstream [NextRelease] format = %v -- %{EEE MMM dd HH:mm:ss VVV yyyy}d filename = Changes [MetaJSON] [Git::Tag] tag_format = %V ; this is the default tag_message = %V ; this is the default [Git::Commit] changelog = Changes ; this is the default [Signature] [SignReleaseNotes] xt000755001750001750 014724065747 12313 5ustar00timtim000000000000Crypt-DSA-1.19pmv.t100644001750001750 125214724065747 13442 0ustar00timtim000000000000Crypt-DSA-1.19/xt#!/usr/bin/perl # Test that our declared minimum Perl version matches our syntax use strict; BEGIN { $| = 1; $^W = 1; } my @MODULES = ( 'Perl::MinimumVersion 1.27', 'Test::MinimumVersion 0.101080', ); # Don't run tests for installs use Test::More; unless ( $ENV{AUTOMATED_TESTING} or $ENV{RELEASE_TESTING} ) { plan( skip_all => "Author tests not required for installation" ); } # Load the testing modules foreach my $MODULE ( @MODULES ) { eval "use $MODULE"; if ( $@ ) { $ENV{RELEASE_TESTING} ? die( "Failed to load required release-testing module $MODULE" ) : plan( skip_all => "$MODULE not available for testing" ); } } all_minimum_version_from_metayml_ok(); pod.t100644001750001750 116714724065747 13427 0ustar00timtim000000000000Crypt-DSA-1.19/xt#!/usr/bin/perl # Test that the syntax of our POD documentation is valid use strict; BEGIN { $| = 1; $^W = 1; } my @MODULES = ( 'Pod::Simple 3.14', 'Test::Pod 1.44', ); # Don't run tests for installs use Test::More; unless ( $ENV{AUTOMATED_TESTING} or $ENV{RELEASE_TESTING} ) { plan( skip_all => "Author tests not required for installation" ); } # Load the testing modules foreach my $MODULE ( @MODULES ) { eval "use $MODULE"; if ( $@ ) { $ENV{RELEASE_TESTING} ? die( "Failed to load required release-testing module $MODULE" ) : plan( skip_all => "$MODULE not available for testing" ); } } all_pod_files_ok(); meta.t100644001750001750 107314724065747 13567 0ustar00timtim000000000000Crypt-DSA-1.19/xt#!/usr/bin/perl # Test that our META.yml file matches the current specification. use strict; BEGIN { $| = 1; $^W = 1; } my $MODULE = 'Test::CPAN::Meta 0.17'; # Don't run tests for installs use Test::More; unless ( $ENV{AUTOMATED_TESTING} or $ENV{RELEASE_TESTING} ) { plan( skip_all => "Author tests not required for installation" ); } # Load the testing module eval "use $MODULE"; if ( $@ ) { $ENV{RELEASE_TESTING} ? die( "Failed to load required release-testing module $MODULE" ) : plan( skip_all => "$MODULE not available for testing" ); } meta_yaml_ok(); META.json100644001750001750 377214724065747 13452 0ustar00timtim000000000000Crypt-DSA-1.19{ "abstract" : "DSA Signatures and Key Generation", "author" : [ "Benjamin Trott " ], "dynamic_config" : 0, "generated_by" : "Dist::Zilla version 6.032, CPAN::Meta::Converter version 2.150010", "license" : [ "perl_5" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : 2 }, "name" : "Crypt-DSA", "prereqs" : { "build" : { "requires" : { "Convert::PEM" : "0.13", "Data::Buffer" : "0.01", "ExtUtils::MakeMaker" : "6.42", "File::Which" : "0.05", "Math::BigInt" : "1.78" } }, "configure" : { "requires" : { "ExtUtils::MakeMaker" : "6.42" } }, "develop" : { "requires" : { "Test::More" : "0" } }, "runtime" : { "requires" : { "Convert::ASN1" : "0", "Convert::PEM" : "0.13", "Crypt::URandom" : "0", "Data::Buffer" : "0.01", "Digest::SHA" : "0", "File::Spec" : "0", "File::Which" : "0.05", "IPC::Open3" : "0", "MIME::Base64" : "0", "Math::BigInt" : "1.78", "perl" : "5.006" } }, "test" : { "requires" : { "Crypt::DES_EDE3" : "0", "Test::More" : "0" } } }, "release_status" : "stable", "resources" : { "homepage" : "https://github.com/perl-Crypt-OpenPGP/Crypt-DSA", "repository" : { "type" : "git", "url" : "https://github.com/perl-Crypt-OpenPGP/Crypt-DSA.git", "web" : "https://github.com/perl-Crypt-OpenPGP/Crypt-DSA" } }, "version" : "1.19", "x_generated_by_perl" : "v5.38.2", "x_maintainers" : [ "Timothy Legge " ], "x_serialization_backend" : "Cpanel::JSON::XS version 4.38", "x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later" } SIGNATURE100644001750001750 670614724065747 13315 0ustar00timtim000000000000Crypt-DSA-1.19This file contains message digests of all files listed in MANIFEST, signed via the Module::Signature module, version 0.89. To verify the content in this distribution, first make sure you have Module::Signature installed, then type: % cpansign -v It will check each file's integrity, as well as the signature's validity. If "==> Signature verified OK! <==" is not displayed, the distribution may already have been compromised, and you should not run its Makefile.PL or Build.PL. -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 SHA256 68f5629b691a305d6475fd0c347ffbbe044f1ef6086d39b8a80e606e06398a80 Changes SHA256 62bd103d16353af06432c4a7a35d1dd74c3e263e101ee94d4c8b6a5f799f29c6 LICENSE SHA256 f341c33388af46be16a6d73b101949aa960ad36b69ef316095879696fcdc471d MANIFEST SHA256 7e43ea1fd4bdcc96e6a3dfff036b9b4ec47c229c1d2a5b59b21056b3555d5ce7 META.json SHA256 21b0fa7323fb0853094b297528234d33e586f5b3c3ba4b7a758deb7b5b3cb700 META.yml SHA256 05582aa0978023a2419f70af2c45b331ec58b94221e934d1634193dc812ef9e3 Makefile.PL SHA256 0ee2ecb7a000c48f9bcde3f9503959aa6f0a302bacbc70ecdb7accef2b244da2 README SHA256 f4086fdc4c47960d7cdd05f247ef4002ce2a34b13eb5dc019b59fcf216a3f70e dist.ini SHA256 26e3189285fcb81734157fcd7fb25ae450f6593c9b1f5b91e1a789cd1774f629 lib/Crypt/DSA.pm SHA256 666263e07527f45317286964b7c6b9c904745b7d8c2b71050e8ab2c1537c1971 lib/Crypt/DSA/Key.pm SHA256 155758bcf35500560b9931c8e0f27fb2158d2f6fc2c59a1939a21edb19f07c42 lib/Crypt/DSA/Key/PEM.pm SHA256 eecce41552de2ac013de51d1cd62a8e71e94fba228980de0c409dd319d8d7e64 lib/Crypt/DSA/Key/SSH2.pm SHA256 ffe09d088f5dd11bd7041a231a459a00345023a29549c721014268d79249084e lib/Crypt/DSA/KeyChain.pm SHA256 ce7050afb0d5b788a376c4f2e6350071df4717c1b270e7214937e3cd8a2ed945 lib/Crypt/DSA/Signature.pm SHA256 53d57df58f7706e356ba8f52dffb538cb361d9bc448aca0c77339fa61510ae00 lib/Crypt/DSA/Util.pm SHA256 f7ce1cb79bd377bb7a6b2b88429e858026562e32b103cf1f41f1146bfd6b5472 t/00-compile.t SHA256 41590937f7cd6dfde12994958eac77f66cbe0459ce5570d7e0e395e5ac59cdbb t/01-util.t SHA256 0445b28d10ece5ff0be38341d9d279b189dd8fcaa7c3b5bb9bb04640a8733d96 t/02-sign.t SHA256 364fbb66be5fcd728c8cb78e03d347a0e7589156cfb27aa73be492a68406916d t/03-keygen.t SHA256 4453b2bba489f591417bf1e5dec70796834cad04a40228599495e7c5096223a3 t/04-pem.t SHA256 97a346c1070c2567e32dafc8dd9f5348b50630db4072244fa1ee23bbbfe4d179 t/06-fips.t SHA256 9d26e4ebba7620f7e17591b60bab95cd696c3736bc3813112950cbfeeea23992 t/07-openid.t SHA256 e0d6b256b2ab54601a2803552c167113a1df5185799061c51e183983a49c873c xt/meta.t SHA256 faa2121530f7acb0e1d234b81724db07c8343db559564471d36e2de7d6fe9099 xt/pmv.t SHA256 484f230658fa2547683ee0d21bada7100075912264a51510fdbf3fe33d3f187f xt/pod.t -----BEGIN PGP SIGNATURE----- iQIzBAEBAwAdFiEEMguXHBCUSzAt6mNu1fh7LgYGpfkFAmdQa+cACgkQ1fh7LgYG pflBFRAAihf/sjgGUhxuMgqAypeZuFhxono/dwoZGwXWLWVQ295jW089LPgcQ7Zn pWdXDjXha34+pTFq7w2L5s2SWLdeaaeVrUQTjZvYFiIoZy9q5dH/8bWz2u2cLW1X VQnjrmYmi07ihfVC28Jt0xqHiqNC4ACIjarTMpeevq8NWYSked/6uj/QOIocPA0x JVF+4vxeNaDx8O+M3JZOFUEmeR9YnZ317iXVU+57T6qjtmPoyW9047AoRlq2wTMM dGml4XXMne9HMD9lgLoGCmYjk930Zv4XJUtmParsgydSkCjDo1GPX7wW5kxW83Be pRedjFYIRPnSgkGnlEFt+Zu7smAKLIMPL2W9kp6UztCM73hCwV3Z/CdPMPe3/jip xPfIIKZcbp3gsacYFJulyiRFA5lQD33RH2DKwMANkwU4iPG0nOxmJVbincsd20z/ SgU9/5/bixIHabrZsWUkyEt24pV2ookQwFNVesOfB2gBb4o8Hf0ukS1g4/UVEqRz YjS7/PWGtXdGfiKyFa7G1HIxL+0C6z9tZ2G5/lMHhw29eqOQp6DrbMnbEQKvMlEf kM2d7cozhZULUJbCEDxpeMcWLAoLzq3+c3GOFMqBV5LWsIFbsfs9fQlYm6qaV7WZ KIMVSFSvuBUNWYN8naAj8Dex9GBDLb2PmHQL89KhflEZ6cud8Rc= =C4mQ -----END PGP SIGNATURE----- t000755001750001750 014724065747 12123 5ustar00timtim000000000000Crypt-DSA-1.1904-pem.t100644001750001750 531614724065747 13457 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More; BEGIN { eval { require Crypt::DES_EDE3 }; if ( $@ ) { Test::More->import( skip_all => 'no Crypt::DES_EDE3' ); } eval { require Convert::PEM }; if ( $@ ) { Test::More->import( skip_all => 'no Convert::PEM' ); } Test::More->import( tests => 26 ); } use Crypt::DSA; use Crypt::DSA::Key; use Crypt::DSA::Signature; my $keyfile = "./dsa-key.pem"; my $dsa = Crypt::DSA->new; my $key = $dsa->keygen( Size => 512 ); ## Serialize a signature. my $sig = $dsa->sign( Message => 'foo', Key => $key, ); ok($sig, 'Signature created correctly using Crypt::DSA->sign'); my $buf = $sig->serialize; ok($buf, 'Signature serialized correctly'); my $sig2 = Crypt::DSA::Signature->new( Content => $buf ); ok($sig2, 'Signature created correctly using Crypt::DSA::Signature'); is($sig2->r, $sig->r, '->r of both signatures is identical'); is($sig2->s, $sig->s, '->s of both signatures is identical'); ok($key->write( Type => 'PEM', Filename => $keyfile), 'Writing key works.'); my $key2 = Crypt::DSA::Key->new( Type => 'PEM', Filename => $keyfile ); ok($key2, 'Load key using Crypt::DSA::key'); is($key->p, $key2->p, '->p of both keys is identical'); is($key->q, $key2->q, '->q of both keys is identical'); is($key->g, $key2->g, '->g of both keys is identical'); is($key->pub_key, $key2->pub_key, '->pub_key of both keys is identical'); is($key->priv_key, $key2->priv_key, '->priv_key of both keys is identical'); ok($key->write( Type => 'PEM', Filename => $keyfile, Password => 'foo'), 'Writing keyfile with password works'); $key2 = Crypt::DSA::Key->new( Type => 'PEM', Filename => $keyfile, Password => 'foo' ); ok($key2, 'Reading keyfile with password works'); is($key->p, $key2->p, '->p of both keys is identical'); is($key->q, $key2->q, '->q of both keys is identical'); is($key->g, $key2->g, '->g of both keys is identical'); is($key->pub_key, $key2->pub_key, '->pub_key of both keys is identical'); is($key->priv_key, $key2->priv_key, '->priv_key of both keys is identical'); ## Now remove the private key portion of the key. write should automatically ## write a public key format instead, and new should be able to understand ## it. $key->priv_key(undef); ok($key->write( Type => 'PEM', Filename => $keyfile), 'Writing keyfile without private key works'); $key2 = Crypt::DSA::Key->new( Type => 'PEM', Filename => $keyfile ); ok($key2, 'Reading keyfile without private key works'); is($key->p, $key2->p, '->p of both keys is identical'); is($key->q, $key2->q, '->q of both keys is identical'); is($key->g, $key2->g, '->g of both keys is identical'); is($key->pub_key, $key2->pub_key, '->pub_key of both keys is identical'); ok(!$key->priv_key, 'No private key'); unlink $keyfile; Makefile.PL100644001750001750 336114724065747 13775 0ustar00timtim000000000000Crypt-DSA-1.19# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker v6.032. use strict; use warnings; use 5.006; use ExtUtils::MakeMaker; my %WriteMakefileArgs = ( "ABSTRACT" => "DSA Signatures and Key Generation", "AUTHOR" => "Benjamin Trott ", "BUILD_REQUIRES" => { "Convert::PEM" => "0.13", "Data::Buffer" => "0.01", "ExtUtils::MakeMaker" => "6.42", "File::Which" => "0.05", "Math::BigInt" => "1.78" }, "CONFIGURE_REQUIRES" => { "ExtUtils::MakeMaker" => "6.42" }, "DISTNAME" => "Crypt-DSA", "LICENSE" => "perl", "MIN_PERL_VERSION" => "5.006", "NAME" => "Crypt::DSA", "PREREQ_PM" => { "Convert::ASN1" => 0, "Convert::PEM" => "0.13", "Crypt::URandom" => 0, "Data::Buffer" => "0.01", "Digest::SHA" => 0, "File::Spec" => 0, "File::Which" => "0.05", "IPC::Open3" => 0, "MIME::Base64" => 0, "Math::BigInt" => "1.78" }, "TEST_REQUIRES" => { "Crypt::DES_EDE3" => 0, "Test::More" => 0 }, "VERSION" => "1.19", "test" => { "TESTS" => "t/*.t" } ); my %FallbackPrereqs = ( "Convert::ASN1" => 0, "Convert::PEM" => "0.13", "Crypt::DES_EDE3" => 0, "Crypt::URandom" => 0, "Data::Buffer" => "0.01", "Digest::SHA" => 0, "ExtUtils::MakeMaker" => "6.42", "File::Spec" => 0, "File::Which" => "0.05", "IPC::Open3" => 0, "MIME::Base64" => 0, "Math::BigInt" => "1.78", "Test::More" => 0 ); unless ( eval { ExtUtils::MakeMaker->VERSION(6.63_03) } ) { delete $WriteMakefileArgs{TEST_REQUIRES}; delete $WriteMakefileArgs{BUILD_REQUIRES}; $WriteMakefileArgs{PREREQ_PM} = \%FallbackPrereqs; } delete $WriteMakefileArgs{CONFIGURE_REQUIRES} unless eval { ExtUtils::MakeMaker->VERSION(6.52) }; WriteMakefile(%WriteMakefileArgs); 01-util.t100644001750001750 310014724065747 13635 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More tests => 13; use Math::BigInt; use Crypt::DSA::Util qw( bin2mp mp2bin bitsize mod_exp mod_inverse ); my $string = "abcdefghijklmnopqrstuvwxyz-0123456789"; my $number = Math::BigInt->new( '48431489725691895261376655659836964813311343' . '892465012587212197286379595482592365885470777' ); my $n = bin2mp($string); is( $n, $number, 'bin2mp is correct for long string' ); is( bitsize($number), 295, 'bitsize is correct for large number' ); is( bitsize($n), 295, 'bitsize is correct for large mp' ); is( mp2bin($n), $string, 'mp2bin is correct for large number' ); $string = "abcd"; $number = 1_633_837_924; $n = bin2mp($string); is( $n, $number, 'bin2mp is correct for short string' ); is( bitsize($number), 31, 'bitsize is correct for small number' ); is( bitsize($n), 31, 'bitsize is correct for small mp' ); is( mp2bin($n), $string, 'mp2bin is correct for small number' ); $string = ""; $number = 0; $n = bin2mp($string); is( $n, $number, 'bin2mp is correct for empty string' ); is( mp2bin($n), $string, 'mp2bin is correct for empty string' ); my ($n1, $n2, $n3, $n4) = map { Math::BigInt->new($_) } qw{ 23098230958 35 10980295809854 5115018827600 }; $number = mod_exp($n1, $n2, $n3); is( $number, $n4, 'mod_exp is correct' ); ($n1, $n2, $n3) = map { Math::BigInt->new($_) } qw{ 34093840983 23509283509 7281956166 }; $number = mod_inverse($n1, $n2); is( $number, $n3, 'mod_inverse is correct' ); is( 1, ($n1*$number)%$n2, 'mod_inverse reverses correctly' ); 02-sign.t100644001750001750 131514724065747 13627 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More; use Crypt::DSA; BEGIN { if ( not $INC{'Math/BigInt/GMP.pm'} and not $INC{'Math/BigInt/Pari.pm'} ) { plan( skip_all => 'Test is excessively slow without GMP or Pari' ); } else { plan( tests => 4 ); } } my $message = "Je suis l'homme a tete de chou."; my $dsa = Crypt::DSA->new; my $key = $dsa->keygen( Size => 512 ); my $sig = $dsa->sign( Message => $message, Key => $key, ); my $verified = $dsa->verify( Key => $key, Message => $message, Signature => $sig, ); ok($dsa, 'Crypt::DSA->new ok'); ok($key, 'Generated key correctly'); ok($sig, 'generated signature correctly'); ok($verified, 'verified signature correctly'); 06-fips.t100644001750001750 452114724065747 13636 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More; use Crypt::DSA; use Crypt::DSA::KeyChain; BEGIN { if ( not $INC{'Math/BigInt/GMP.pm'} and not $INC{'Math/BigInt/Pari.pm'} ) { plan( skip_all => 'Test is excessively slow without GMP or Pari' ); } else { plan( tests => 9 ); } } ## Test with data from fips 186 (appendix 5) doc (using SHA1 ## instead of SHA digests). my @seed_hex = "d5014e4b60ef2ba8b6211b4062ba3224e0427dd3" =~ /(..)/g; my $start_seed = join '', map chr hex, @seed_hex; my $expected_p = "7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"; my $expected_q = "1138656671590261728308283492178581223478058193247"; my $expected_g = "5154978420348751798752390524304908179080782918903280816528537868887210221705817467399501053627846983235883800157945206652168013881208773209963452245182466"; ## We'll need this later to sign and verify. my $dsa = Crypt::DSA->new; ok($dsa, 'Crypt::DSA->new worked'); ## Create a keychain to generate our keys. Generally you ## don't need to be this explicit (just call keygen), but if ## you want the extra state data (counter, h, seed) you need ## to use the actual methods themselves. my $keychain = Crypt::DSA::KeyChain->new; ok($keychain, 'Crypt::DSA::KeyChain->new worked'); diag('This takes a couple of minutes on slower machines.'); ## generate_params builds p, q, and g. my($key, $counter, $h, $seed) = $keychain->generate_params( Size => 512, Seed => $start_seed, ); is("@{[ $key->p ]}", $expected_p, '->p returns expected value'); is("@{[ $key->q ]}", $expected_q, '->q returns expected value'); is("@{[ $key->g ]}", $expected_g, '->g returns expected value'); ## Explanation: p should have been found when the counter was at ## 105; g should have been found when h was 2; and g should have ## been discovered directly from the start seed. is($counter, 105, 'Consistency check 1'); is($h, 2, 'Consistency check 2'); is($seed, $start_seed, 'Consistency check 3'); ## Generate random public and private keys. $keychain->generate_keys($key); my $str1 = "12345678901234567890"; ## Test key generation by signing and verifying a message. my $sig = $dsa->sign(Message => $str1, Key => $key); ok($dsa->verify(Message => $str1, Key => $key, Signature => $sig), 'Signing and verifying ok'); 03-keygen.t100644001750001750 170214724065747 14152 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More; use Math::BigInt try => 'GMP, Pari'; BEGIN { if ( not $INC{'Math/BigInt/GMP.pm'} and not $INC{'Math/BigInt/Pari.pm'} ) { plan( skip_all => 'Test is excessively slow without GMP or Pari' ); } else { plan( tests => 18 ); } } use Crypt::DSA; use Crypt::DSA::Util qw( mod_exp ); my $dsa = Crypt::DSA->new; my $two = Math::BigInt->new(2); for my $bits (qw( 512 768 1024 )) { my $key = $dsa->keygen( Size => $bits ); ok($key, "Key generated of size $bits bits"); ok($key->size, "Key is $bits bits"); ok(($key->p < ($two ** $bits)) && ($key->p > ($two ** ($bits-1))), "p of appropriate size ($bits bits)"); ok(($key->q < ($two ** 160)) && ($key->q > ($two ** 159)), "q of appropriate size ($bits bits)"); ok(0 == ($key->p - 1) % $key->q, "Consistency check 1 ($bits bits)"); ok($key->pub_key == mod_exp($key->g, $key->priv_key, $key->p), "Consistency check 2 ($bits bits)"); } 07-openid.t100644001750001750 573214724065747 14161 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More; BEGIN { eval { require Convert::PEM }; if ( $@ ) { Test::More->import( skip_all => 'no Convert::PEM' ); } Test::More->import( tests => 11 ); } use Crypt::DSA; use Crypt::DSA::Key; use Crypt::DSA::Signature; use MIME::Base64 qw( decode_base64 ); my $dsa = Crypt::DSA->new; ok($dsa, 'Created Crypt::DSA object'); my $key = Crypt::DSA::Key->new( Content => < 'PEM' ); -----BEGIN PUBLIC KEY----- MIIBtjCCASsGByqGSM44BAEwggEeAoGBANuhjw/GIilXNuvnf9q3ygn1XSzzRtql 3BpsWSRVwXA05G/d9pEBIH35ADEQ6F035f88OfuZYRlUZt6Zx5q4ReA4KXWdAIaA snDem9vNYJM+O2yK5sh6yYC6AnDn+zx0gUyr9npXun2nfQcrrXT4b2/Q1mAzawTX q51pCAaDVICVAhUA611/IduNCUoRyE4a4DZ5jUUfGlUCgYBtFIHm3xwTszWVyWzr YpE6I7PGkgO6bHTLyH4ngmFbhLt3zCj5Kzi9ifRb906CStAsCQAH6x5BKGybq6hD 8JqJk0kaQ8CpHaCjXcFLAjaNxH5pHftfYq3F8waUkeAwvtIQpEL4UKaLaMqbTm3N FxWoTcEZ2khdlgGbyNXTmDxN3gOBhAACgYAT/V4S6EYk8Sz25Lq1THXo20b0HH8B F8bvrfeWL26j6zL+Xzxw2T2s6Jo1vSbhflyZ6mou9tjSTN5xNBbKWCGm7jljLEE2 l9P4G6t5+IIgzf3TFrnApYPSb75HmSVChWiafDkfETB1Ubu2BBmGr9DWMicSvage nsxOWTm7SqJt1Q== -----END PUBLIC KEY----- KEY ok($key, 'Parsed key'); is($key->p, '154230195801502591027924305317288511172947704906732980042865725783273160667703109157997142143003577161221611277091751199342699401614518192723629436298411984396770358042848003616116218687384811676842914866452094185063282348433486774581474438998951431052798061340118427146346352987088223500940171802477059145877', 'key->p is correct'); is($key->q, '1343697875228530311433268893561874972460542007893', 'key->q is correct'); is($key->g, '76598656157914156355445502802171744250790923020496826978794359991033889852609480204530610320512647835268415654125612029198553017695138923633498269111081903879790210175626113174087754456086288166221445477869449670179905166479288765706711432697526089711402534333490590610585702443148717225877410516254148283870', 'key->g is correct'); is($key->pub_key, '14037256439480519253759632613632536532035918183115524804324868617973702093495192051592043879822732169784787073950081465739236860442657409768654772398273593073530490949064562392146096658305955159316750434379546653490951198708160960858856890405112535972154363576715166835110527233547140212180830244851727625685', 'key->pub_key is correct'); my $sig = Crypt::DSA::Signature->new( Content => decode_base64(<new( Content => <r, '504852774416256883458134530817977383056083625888', 'sig->r is correct'); is($sig->s, '1078535441370160482370055129882190902543836365673', 'sig->s is correct'); my $msg = '2005-05-25T22:04:50Z::assert_identity::http://bradfitz.com/fake-identity/::http://www.danga.com/openid/demo/helper.bml'; ok($dsa->verify( Message => $msg, Key => $key, Signature => $sig ), 'Signature is verified'); 00-compile.t100644001750001750 24314724065747 14274 0ustar00timtim000000000000Crypt-DSA-1.19/t#!/usr/bin/perl use strict; BEGIN { $| = 1; $^W = 1; } use Test::More tests => 1; use_ok( 'Crypt::DSA' ); diag( "Testing Crypt::DSA $Crypt::DSA::VERSION" ); Crypt000755001750001750 014724065747 13527 5ustar00timtim000000000000Crypt-DSA-1.19/libDSA.pm100644001750001750 1627214724065747 14664 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Cryptpackage Crypt::DSA; use 5.006; use strict; use Digest::SHA qw( sha1 ); use Carp qw( croak ); use Crypt::DSA::KeyChain; use Crypt::DSA::Key; use Crypt::DSA::Signature; use Crypt::DSA::Util qw( bitsize bin2mp mod_inverse mod_exp makerandom ); our $VERSION = '1.19'; #VERSION use vars qw( $VERSION ); sub new { my $class = shift; my $dsa = bless { @_ }, $class; $dsa->{_keychain} = Crypt::DSA::KeyChain->new(@_); $dsa; } sub keygen { my $dsa = shift; my $key = $dsa->{_keychain}->generate_params(@_); $dsa->{_keychain}->generate_keys($key); $key; } sub sign { my $dsa = shift; my %param = @_; my($key, $dgst); croak __PACKAGE__, "->sign: Need a Key" unless $key = $param{Key}; unless ($dgst = $param{Digest}) { croak __PACKAGE__, "->sign: Need either Message or Digest" unless $param{Message}; $dgst = sha1($param{Message}); } my $dlen = length $dgst; my $i = bitsize($key->q) / 8; croak "Data too large for key size" if $dlen > $i || $dlen > 50; $dsa->_sign_setup($key) unless $key->kinv && $key->r; my $m = bin2mp($dgst); my $xr = ($key->priv_key * $key->r) % $key->q; my $s = $xr + $m; $s -= $key->q if $s > $key->q; $s = ($s * $key->kinv) % $key->q; my $sig = Crypt::DSA::Signature->new; $sig->r($key->r); $sig->s($s); $sig; } sub _sign_setup { my $dsa = shift; my $key = shift; my($k, $r); { $k = makerandom(Size => bitsize($key->q)); $k -= $key->q if $k >= $key->q; redo if $k == 0; } $r = mod_exp($key->g, $k, $key->p); $r %= $key->q; my $kinv = mod_inverse($k, $key->q); $key->r($r); $key->kinv($kinv); } sub verify { my $dsa = shift; my %param = @_; my($key, $dgst, $sig); croak __PACKAGE__, "->verify: Need a Key" unless $key = $param{Key}; unless ($dgst = $param{Digest}) { croak __PACKAGE__, "->verify: Need either Message or Digest" unless $param{Message}; $dgst = sha1($param{Message}); } croak __PACKAGE__, "->verify: Need a Signature" unless $sig = $param{Signature}; my $u2 = mod_inverse($sig->s, $key->q); my $u1 = bin2mp($dgst); $u1 = ($u1 * $u2) % $key->q; $u2 = ($sig->r * $u2) % $key->q; my $t1 = mod_exp($key->g, $u1, $key->p); my $t2 = mod_exp($key->pub_key, $u2, $key->p); $u1 = ($t1 * $t2) % $key->p; $u1 %= $key->q; $u1 == $sig->r; } 1; __END__ =pod =head1 NAME Crypt::DSA - DSA Signatures and Key Generation =head1 SYNOPSIS use Crypt::DSA; my $dsa = Crypt::DSA->new; my $key = $dsa->keygen( Size => 512, Seed => $seed, Verbosity => 1 ); my $sig = $dsa->sign( Message => "foo bar", Key => $key ); my $verified = $dsa->verify( Message => "foo bar", Signature => $sig, Key => $key, ); =head1 DESCRIPTION I is an implementation of the DSA (Digital Signature Algorithm) signature verification system. The implementation itself is pure Perl, although the heavy-duty mathematics underneath are provided by the I library. This package provides DSA signing, signature verification, and key generation. =head1 SECURITY DSA (Digital Signature Algorithm) signatures are no longer considered to be adequate for security. This module should only be used for verifying old signatures and should not be used for new signatures. That being said, some technologies still require DSA signatures even in 2024. Consider using other solutions or explicitly not using DSA signatures. =head1 USAGE The I public interface is similar to that of I. This was done intentionally. =head2 Crypt::DSA->new Constructs a new I object. At the moment this isn't particularly useful in itself, other than being the object you need to do much else in the system. Returns the new object. =head2 $key = $dsa->keygen(%arg) Generates a new set of DSA keys, including both the public and private portions of the key. I<%arg> can contain: =over 4 =item * Size The size in bits of the I

value to generate. The I and I values are always 160 bits each. This argument is mandatory. =item * Seed A seed with which I generation will begin. If this seed does not lead to a suitable prime, it will be discarded, and a new random seed chosen in its place, until a suitable prime can be found. This is entirely optional, and if not provided a random seed will be generated automatically. =item * Verbosity Should be either 0 or 1. A value of 1 will give you a progress meter during I

and I generation--this can be useful, since the process can be relatively long. The default is 0. =back =head2 $signature = $dsa->sign(%arg) Signs a message (or the digest of a message) using the private portion of the DSA key and returns the signature. The return value--the signature--is a I object. I<%arg> can include: =over 4 =item * Digest A digest to be signed. The digest should be 20 bytes in length or less. You must provide either this argument or I (see below). =item * Key The I object with which the signature will be generated. Should contain a private key attribute (I). This argument is required. =item * Message A plaintext message to be signed. If you provide this argument, I will first produce a SHA1 digest of the plaintext, then use that as the digest to sign. Thus writing my $sign = $dsa->sign(Message => $message, ... ); is a shorter way of writing use Digest::SHA qw( sha1 ); my $sig = $dsa->sign(Digest => sha1( $message ), ... ); =back =head2 $verified = $dsa->verify(%arg) Verifies a signature generated with I. Returns a true value on success and false on failure. I<%arg> can contain: =over 4 =item * Key Key of the signer of the message; a I object. The public portion of the key is used to verify the signature. This argument is required. =item * Signature The signature itself. Should be in the same format as returned from I, a I object. This argument is required. =item * Digest The original signed digest whose length is less than or equal to 20 bytes. Either this argument or I (see below) must be present. =item * Message As above in I, the plaintext message that was signed, a string of arbitrary length. A SHA1 digest of this message will be created and used in the verification process. =back =head1 TODO Add ability to munge format of keys. For example, read/write keys from/to key files (SSH key files, etc.), and also write them in other formats. =head1 SUPPORT Bugs should be reported via the CPAN bug tracker at L For other issues, contact the author. =head1 AUTHOR Benjamin Trott Eben@sixapart.comE =head1 COPYRIGHT Except where otherwise noted, Crypt::DSA is Copyright 2006 - 2011 Benjamin Trott. Crypt::DSA is free software; you may redistribute it and/or modify it under the same terms as Perl itself. =cut DSA000755001750001750 014724065747 14136 5ustar00timtim000000000000Crypt-DSA-1.19/lib/CryptKey.pm100644001750001750 1375114724065747 15413 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSApackage Crypt::DSA::Key; use strict; use Math::BigInt 1.78 try => 'GMP, Pari'; use Carp qw( croak ); use Crypt::DSA::Util qw( bitsize ); our $VERSION = '1.19'; #VERSION use vars qw{$VERSION}; sub new { my $class = shift; my %param = @_; my $key = bless { }, $class; if ($param{Filename} || $param{Content}) { if ($param{Filename} && $param{Content}) { croak "Filename and Content are mutually exclusive."; } return $key->read(%param); } $key; } sub size { bitsize($_[0]->p) } BEGIN { no strict 'refs'; for my $meth (qw( p q g pub_key priv_key r kinv )) { *$meth = sub { my($key, $value) = @_; if (ref $value eq 'Math::Pari') { $key->{$meth} = Math::Pari::pari2pv($value); } elsif (ref $value) { $key->{$meth} = "$value"; } elsif ($value) { if ($value =~ /^0x/) { $key->{$meth} = Math::BigInt->new($value)->bstr; } else { $key->{$meth} = $value; } } elsif (@_ > 1 && !defined $value) { delete $key->{$meth}; } my $ret = $key->{$meth} || ""; $ret = Math::BigInt->new("$ret") if $ret =~ /^\d+$/; $ret; }; } } sub read { my $key = shift; my %param = @_; my $type = $param{Type} or croak "read: Need a key file 'Type'"; my $class = join '::', __PACKAGE__, $type; eval "use $class;"; croak "Invalid key file type '$type': $@" if $@; bless $key, $class; local *FH; if (my $fname = delete $param{Filename}) { open FH, $fname or return; my $blob = do { local $/; }; close FH; $param{Content} = $blob; } $key->deserialize(%param); } sub write { my $key = shift; my %param = @_; my $type; unless ($type = $param{Type}) { my $pkg = __PACKAGE__; ($type) = ref($key) =~ /^${pkg}::(\w+)$/; } croak "write: Need a key file 'Type'" unless $type; my $class = join '::', __PACKAGE__, $type; eval "use $class;"; croak "Invalid key file type '$type': $@" if $@; bless $key, $class; my $blob = $key->serialize(%param); if (my $fname = delete $param{Filename}) { local *FH; open FH, ">$fname" or croak "Can't open $fname: $!"; print FH $blob; close FH; } $blob; } 1; __END__ =head1 NAME Crypt::DSA::Key - DSA key =head1 SYNOPSIS use Crypt::DSA::Key; my $key = Crypt::DSA::Key->new; $key->p($p); =head1 DESCRIPTION I contains a DSA key, both the public and private portions. Subclasses of I implement I and I methods, such that you can store DSA keys on disk, and read them back into your application. =head1 USAGE Any of the key attributes can be accessed through combination get/set methods. The key attributes are: I

, I, I, I, and I. For example: $key->p($p); my $p2 = $key->p; =head2 $key = Crypt::DSA::Key->new(%arg) Creates a new (empty) key object. All of the attributes are initialized to 0. Alternately, if you provide the I parameter (see below), the key will be read in from disk. If you provide the I parameter (mandatory if I is provided), be aware that your key will actually be blessed into a subclass of I. Specifically, it will be the class implementing the specific read functionality for that type, eg. I. Returns the key on success, C otherwise. (See I for one reason why I might return C). I<%arg> can contain: =over 4 =item * Type The type of file where the key is stored. Currently the only option is I, which indicates a PEM file (optionally encrypted, ASN.1-encoded object). Support for reading/writing PEM files comes from I; if you don't have this module installed, the I method will die. This argument is mandatory, I you're either reading the file from disk (ie. you provide a I argument) or you've specified the I argument. =item * Filename The location of the file from which you'd like to read the key. Requires a I argument so the decoder knows what type of file it is. You can't specify I and I at the same time. =item * Content The serialized version of the key. Requires a I argument so the decoder knows how to decode it. You can't specify I and I at the same time. =item * Password If your key file is encrypted, you'll need to supply a passphrase to decrypt it. You can do that here. If your passphrase is incorrect, I will return C. =back =head2 $key->write(%arg) Writes a key (optionally) to disk, using a format that you define with the I parameter. If your I<$key> object has a defined I (private key portion), the key will be written as a DSA private key object; otherwise, it will be written out as a public key. Note that not all serialization mechanisms can produce public keys in this version--currently, only PEM public keys are supported. I<%arg> can include: =over 4 =item * Type The type of file format that you wish to write. I is one example (in fact, currently, it's the only example). This argument is mandatory, I your I<$key> object is already blessed into a subclass (eg. I), and you wish to write the file using the same subclass. =item * Filename The location of the file on disk where you want the key file to be written. =item * Password If you want the key file to be encrypted, provide this argument, and the ASN.1-encoded string will be encrypted using the passphrase as a key. =back =head2 $key->size Returns the size of the key, in bits. This is actually the number of bits in the large prime I

. =head1 AUTHOR & COPYRIGHTS Please see the Crypt::DSA manpage for author, copyright, and license information. =cut Util.pm100644001750001750 1026314724065747 15573 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSApackage Crypt::DSA::Util; use strict; use Math::BigInt 1.78 try => 'GMP, Pari'; use Crypt::URandom qw (urandom); use Fcntl; use Carp qw( croak ); our $VERSION = '1.19'; #VERSION use vars qw( $VERSION @ISA @EXPORT_OK ); use Exporter; BEGIN { @ISA = qw( Exporter ); @EXPORT_OK = qw( bitsize bin2mp mp2bin mod_inverse mod_exp makerandom isprime ); } ## Nicked from Crypt::RSA::DataFormat. ## Copyright (c) 2001, Vipul Ved Prakash. sub bitsize { length(Math::BigInt->new($_[0])->as_bin) - 2; } sub bin2mp { my $s = shift; $s eq '' ? Math::BigInt->new(0) : Math::BigInt->new("0b" . unpack("B*", $s)); } sub mp2bin { my $p = Math::BigInt->new(shift); my $base = Math::BigInt->new(256); my $res = ''; while ($p != 0) { my $r = $p % $base; $p = ($p-$r) / $base; $res = chr($r) . $res; } $res; } sub mod_exp { my($a, $exp, $n) = @_; $a->copy->bmodpow($exp, $n); } sub mod_inverse { my($a, $n) = @_; $a->copy->bmodinv($n); } sub makerandom { my %param = @_; my $size = $param{Size}; my $bytes = int($size / 8) + 1; my $r = urandom($bytes); my $down = $size - 1; $r = unpack 'H*', pack 'B*', '0' x ( $size % 8 ? 8 - $size % 8 : 0 ) . '1' . unpack "b$down", $r; Math::BigInt->new('0x' . $r); } # For testing, let us choose our isprime function: *isprime = \&isprime_algorithms_with_perl; # from the book "Mastering Algorithms with Perl" by Jon Orwant, # Jarkko Hietaniemi, and John Macdonald sub isprime_algorithms_with_perl { use integer; my $n = shift; my $n1 = $n - 1; my $one = $n - $n1; # not just 1, but a bigint my $witness = $one * 100; # find the power of two for the top bit of $n1 my $p2 = $one; my $p2index = -1; ++$p2index, $p2 *= 2 while $p2 <= $n1; $p2 /= 2; # number of interations: 5 for 260-bit numbers, go up to 25 for smaller my $last_witness = 5; $last_witness += (260 - $p2index) / 13 if $p2index < 260; for my $witness_count (1..$last_witness) { $witness *= 1024; $witness += int(rand(1024)); # XXXX use good rand $witness = $witness % $n if $witness > $n; $witness = $one * 100, redo if $witness == 0; my $prod = $one; my $n1bits = $n1; my $p2next = $p2; # compute $witness ** ($n - 1) while (1) { my $rootone = $prod == 1 || $prod == $n1; $prod = ($prod * $prod) % $n; return 0 if $prod == 1 && ! $rootone; if ($n1bits >= $p2next) { $prod = ($prod * $witness) % $n; $n1bits -= $p2next; } last if $p2next == 1; $p2next /= 2; } return 0 unless $prod == 1; } return 1; } sub isprime_gp_pari { my $n = shift; my $sn = "$n"; die if $sn =~ /\D/; my $is_prime = `echo "isprime($sn)" | gp -f -q`; die "No gp installed?" if $?; chomp $is_prime; return $is_prime; } sub isprime_paranoid { my $n = shift; my $perl = isprime_algorithms_with_perl($n); my $pari = isprime_gp_pari($n); die "Perl vs. PARI don't match on '$n'\n" unless $perl == $pari; return $perl; } 1; __END__ =head1 NAME Crypt::DSA::Util - DSA Utility functions =head1 SYNOPSIS use Crypt::DSA::Util qw( func1 func2 ... ); =head1 DESCRIPTION I contains a set of exportable utility functions used through the I set of libraries. =head2 bitsize($n) Returns the number of bits in the I integer object I<$n>. =head2 bin2mp($string) Given a string I<$string> of any length, treats the string as a base-256 representation of an integer, and returns that integer, a I object. =head2 mp2bin($int) Given a biginteger I<$int> (a I object), linearizes the integer into an octet string, and returns the octet string. =head2 mod_exp($a, $exp, $n) Computes $a ^ $exp mod $n and returns the value. The calculations are done using I, and the return value is a I object. =head2 mod_inverse($a, $n) Computes the multiplicative inverse of $a mod $n and returns the value. The calculations are done using I, and the return value is a I object. =head1 AUTHOR & COPYRIGHTS Please see the Crypt::DSA manpage for author, copyright, and license information. =cut Key000755001750001750 014724065747 14666 5ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSAPEM.pm100644001750001750 1076314724065747 16034 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSA/Keypackage Crypt::DSA::Key::PEM; use strict; use Carp qw( croak ); use Convert::PEM; use Crypt::DSA::Key; our $VERSION = '1.19'; #VERSION use vars qw{$VERSION @ISA}; BEGIN { @ISA = 'Crypt::DSA::Key'; } sub deserialize { my $key = shift; my %param = @_; $param{Content} =~ /DSA PRIVATE KEY/ ? $key->_deserialize_privkey(%param) : $key->_deserialize_pubkey(%param); } sub _deserialize_privkey { my $key = shift; my %param = @_; my $pem = $key->_pem; my $pkey = $pem->decode( Content => $param{Content}, Password => $param{Password}, Macro => 'DSAPrivateKey' ); return unless $pkey; for my $m (qw( p q g pub_key priv_key )) { $key->$m( $pkey->{$m} ); } $key; } sub _deserialize_pubkey { my $key = shift; my %param = @_; my $pem = $key->_pem; my $pkey = $pem->decode( Content => $param{Content}, Password => $param{Password}, Macro => 'DSAPublicKey', Name => 'PUBLIC KEY' ); return unless $pkey; my $asn = $pem->asn->find('DSAPubKeyInner'); my $num = $asn->decode($pkey->{pub_key}[0]) or croak $asn->{error}; for my $m (qw( p q g )) { $key->$m( $pkey->{inner}{DSAParams}{$m} ); } $key->pub_key($num); $key; } sub serialize { my $key = shift; ## If this is a private key (has the private key portion), serialize ## it as a private key; otherwise use a public key ASN.1 object. $key->priv_key ? $key->_serialize_privkey(@_) : $key->_serialize_pubkey(@_); } sub _serialize_privkey { my $key = shift; my %param = @_; my $pkey = { version => 0 }; for my $m (qw( p q g pub_key priv_key )) { $pkey->{$m} = $key->$m(); } my $pem = $key->_pem; my $buf = $pem->encode( Content => $pkey, Password => $param{Password}, Name => 'DSA PRIVATE KEY', Macro => 'DSAPrivateKey', ) or croak $pem->errstr; $buf; } sub _serialize_pubkey { my $key = shift; my %param = @_; my $pem = $key->_pem; my $asn = $pem->asn->find('DSAPubKeyInner'); ## Force stringification. my $str = $asn->encode($key->pub_key . '') or croak $asn->{error}; my $pkey = { inner => { objId => '1.2.840.10040.4.1', DSAParams => { p => $key->p, q => $key->q, g => $key->g }, }, pub_key => $str }; my $buf = $pem->encode( Content => $pkey, Password => $param{Password}, Name => 'PUBLIC KEY', Macro => 'DSAPublicKey', ) or return $key->error($pem->errstr); $buf; } sub _pem { my $key = shift; unless (defined $key->{__pem}) { my $pem = Convert::PEM->new( Name => "DSA PRIVATE KEY", ASN => qq( DSAPrivateKey ::= SEQUENCE { version INTEGER, p INTEGER, q INTEGER, g INTEGER, pub_key INTEGER, priv_key INTEGER } DSAPublicKey ::= SEQUENCE { inner SEQUENCE { objId OBJECT IDENTIFIER, DSAParams SEQUENCE { p INTEGER, q INTEGER, g INTEGER } } pub_key BIT STRING } DSAPubKeyInner ::= INTEGER )); $key->{__pem} = $pem; } $key->{__pem}; } 1; __END__ =head1 NAME Crypt::DSA::Key::PEM - Read/write DSA PEM files =head1 SYNOPSIS use Crypt::DSA::Key; my $key = Crypt::DSA::Key->new( Type => 'PEM', ...); $key->write( Type => 'PEM', ...); =head1 DESCRIPTION I provides an interface to reading and writing DSA PEM files, using I. The files are ASN.1-encoded and optionally encrypted. You shouldn't use this module directly. As the SYNOPSIS above suggests, this module should be considered a plugin for I, and all access to PEM files (reading DSA keys from disk, etc.) should be done through that module. Read the I documentation for more details. =head1 AUTHOR & COPYRIGHTS Please see the Crypt::DSA manpage for author, copyright, and license information. =cut SSH2.pm100644001750001750 530214724065747 16103 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSA/Keypackage Crypt::DSA::Key::SSH2; use strict; use MIME::Base64 qw( decode_base64 ); use Crypt::DSA::Key; our $VERSION = '1.19'; #VERSION use vars qw{$VERSION @ISA}; BEGIN { @ISA = 'Crypt::DSA::Key'; } use constant PRIVKEY_MAGIC => 0x3f6ff9eb; sub deserialize { my $key = shift; my %param = @_; chomp($param{Content}); my($head, $object, $content, $tail) = $param{Content} =~ m:(---- BEGIN ([^\n\-]+) ----)\n(.+)(---- END .*? ----)$:s; my @lines = split /\n/, $content; my $escaped = 0; my @real; for my $l (@lines) { if (substr($l, -1) eq '\\') { $escaped++; next; } next if index($l, ':') != -1; if ($escaped) { $escaped--; next; } push @real, $l; } $content = join "\n", @real; $content = decode_base64($content); my $b = BufferWithInt->new; $b->append($content); my $magic = $b->get_int32; return unless $magic == PRIVKEY_MAGIC; my($ignore); $ignore = $b->get_int32; my $type = $b->get_str; my $cipher = $b->get_str; $ignore = $b->get_int32 for 1..3; return unless $cipher eq 'none'; $key->p( $b->get_mp_ssh2 ); $key->g( $b->get_mp_ssh2 ); $key->q( $b->get_mp_ssh2 ); $key->pub_key( $b->get_mp_ssh2 ); $key->priv_key( $b->get_mp_ssh2 ); #return unless $b->length == $b->offset; $key; } sub serialize { my $key = shift; my %param = @_; die "serialize is unimplemented"; } package BufferWithInt; use strict; use Data::Buffer; use Crypt::DSA::Util qw( bin2mp ); use base qw( Data::Buffer ); sub get_mp_ssh2 { my $buf = shift; my $bits = $buf->get_int32; my $off = $buf->{offset}; my $bytes = int(($bits+7) / 8); my $int = bin2mp( $buf->bytes($off, $bytes) ); $buf->{offset} += $bytes; $int; } 1; __END__ =head1 NAME Crypt::DSA::Key::SSH2 - Read/write DSA SSH2 files =head1 SYNOPSIS use Crypt::DSA::Key; my $key = Crypt::DSA::Key->new( Type => 'SSH2', ...); $key->write( Type => 'SSH2', ...); =head1 DESCRIPTION I provides an interface to reading and writing DSA SSH2 files, using I, which provides functionality for SSH-compatible binary in/out buffers. Currently encrypted key files are not supported. You shouldn't use this module directly. As the SYNOPSIS above suggests, this module should be considered a plugin for I, and all access to SSH2 files (reading DSA keys from disk, etc.) should be done through that module. Read the I documentation for more details. =head1 AUTHOR & COPYRIGHTS Please see the Crypt::DSA manpage for author, copyright, and license information. =cut KeyChain.pm100644001750001750 1534214724065747 16354 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSApackage Crypt::DSA::KeyChain; use strict; use Math::BigInt 1.78 try => 'GMP, Pari'; use Digest::SHA qw( sha1 ); use Carp qw( croak ); use IPC::Open3; use File::Spec; use File::Which (); use Symbol qw( gensym ); our $VERSION = '1.19'; #VERSION use vars qw{$VERSION}; use Crypt::DSA::Key; use Crypt::DSA::Util qw( bin2mp bitsize mod_exp makerandom isprime ); sub new { my $class = shift; bless { @_ }, $class; } sub generate_params { my $keygen = shift; my %param = @_; my $bits = Math::BigInt->new($param{Size}); croak "Number of bits (Size) is too small" unless $bits; delete $param{Seed} if $param{Seed} && length $param{Seed} != 20; my $v = $param{Verbosity}; # try to use fast implementations found on the system, if available. unless ($param{Seed} || wantarray || $param{PurePerl}) { # OpenSSL support my $bin = $^O eq 'MSWin32' ? 'openssl.exe' : 'openssl'; my $openssl = File::Which::which($bin); if ( $openssl ) { print STDERR "Using openssl\n" if $v; my $bits_n = int($bits); open( NULL, ">", File::Spec->devnull ); my $pid = open3( gensym, \*OPENSSL, ">&NULL", "$openssl dsaparam -text -noout $bits_n" ); my @res; while( ) { push @res, $_; } waitpid( $pid, 0 ); close OPENSSL; close NULL; my %parts; my $cur_part; foreach (@res) { if (/^\s+(\w):\s*$/) { $cur_part = lc($1); next; } if (/^\s*((?:[0-9a-f]{2,2}:?)+)\s*$/) { $parts{$cur_part} .= $1 if defined $cur_part; } } $parts{$_} =~ s/://g for keys %parts; if (scalar keys %parts == 3) { my $key = Crypt::DSA::Key->new; $key->p(Math::BigInt->new("0x" . $parts{p})); $key->q(Math::BigInt->new("0x" . $parts{q})); $key->g(Math::BigInt->new("0x" . $parts{g})); return $key; } } } # Pure Perl version: my($counter, $q, $p, $seed, $seedp1) = (0); ## Generate q. SCOPE: { print STDERR "." if $v; $seed = $param{Seed} ? delete $param{Seed} : join '', map chr rand 256, 1..20; $seedp1 = _seed_plus_one($seed); my $md = sha1($seed) ^ sha1($seedp1); vec($md, 0, 8) |= 0x80; vec($md, 19, 8) |= 0x01; $q = bin2mp($md); redo unless isprime($q); } print STDERR "*\n" if $v; my $n = int(("$bits"-1) / 160); my $b = ($bits-1)-Math::BigInt->new($n)*160; my $p_test = Math::BigInt->new(1); $p_test <<= ($bits-1); ## Generate p. SCOPE: { print STDERR "." if $v; my $W = Math::BigInt->new(0); for my $k (0..$n) { $seedp1 = _seed_plus_one($seedp1); my $r0 = bin2mp(sha1($seedp1)); $r0 %= Math::BigInt->new(2) ** $b if $k == $n; $W += $r0 << (Math::BigInt->new(160) * $k); } my $X = $W + $p_test; $p = $X - ($X % (2 * $q) - 1); last if $p >= $p_test && isprime($p); redo unless ++$counter >= 4096; } print STDERR "*" if $v; my $e = ($p - 1) / $q; my $h = Math::BigInt->new(2); my $g; SCOPE: { $g = mod_exp($h, $e, $p); $h++, redo if $g == 1; } print STDERR "\n" if $v; my $key = Crypt::DSA::Key->new; $key->p($p); $key->q($q); $key->g($g); return wantarray ? ($key, $counter, "$h", $seed) : $key; } sub generate_keys { my $keygen = shift; my $key = shift; my($priv_key, $pub_key); SCOPE: { my $i = bitsize($key->q); $priv_key = makerandom(Size => $i); $priv_key -= $key->q if $priv_key >= $key->q; redo if $priv_key == 0; } $pub_key = mod_exp($key->g, $priv_key, $key->p); $key->priv_key($priv_key); $key->pub_key($pub_key); } sub _seed_plus_one { my($s, $i) = ($_[0]); for ($i=19; $i>=0; $i--) { vec($s, $i, 8)++; last unless vec($s, $i, 8) == 0; } $s; } 1; =pod =head1 NAME Crypt::DSA::KeyChain - DSA key generation system =head1 SYNOPSIS use Crypt::DSA::KeyChain; my $keychain = Crypt::DSA::KeyChain->new; my $key = $keychain->generate_params( Size => 512, Seed => $seed, Verbosity => 1, ); $keychain->generate_keys($key); =head1 DESCRIPTION I is a lower-level interface to key generation than the interface in I (the I method). It allows you to separately generate the I

, I, and I key parameters, given an optional starting seed, and a mandatory bit size for I

(I and I are 160 bits each). You can then call I to generate the public and private portions of the key. =head1 USAGE =head2 $keychain = Crypt::DSA::KeyChain->new Constructs a new I object. At the moment this isn't particularly useful in itself, other than being the object you need in order to call the other methods. Returns the new object. =head2 $key = $keychain->generate_params(%arg) Generates a set of DSA parameters: the I

, I, and I values of the key. This involves finding primes, and as such it can be a relatively long process. When invoked in scalar context, returns a new I object. In list context, returns the new I object, along with: the value of the internal counter when a suitable prime I

was found; the value of I when I was derived; and the value of the seed (a 20-byte string) when I was found. These values aren't particularly useful in normal circumstances, but they could be useful. I<%arg> can contain: =over 4 =item * Size The size in bits of the I

value to generate. The I and I values are always 160 bits each. This argument is mandatory. =item * Seed A seed with which I generation will begin. If this seed does not lead to a suitable prime, it will be discarded, and a new random seed chosen in its place, until a suitable prime can be found. This is entirely optional, and if not provided a random seed will be generated automatically. =item * Verbosity Should be either 0 or 1. A value of 1 will give you a progress meter during I

and I generation--this can be useful, since the process can be relatively long. The default is 0. =back =head2 $keychain->generate_keys($key) Generates the public and private portions of the key I<$key>, a I object. =head1 AUTHOR & COPYRIGHT Please see the L manpage for author, copyright, and license information. =cut Signature.pm100644001750001750 607614724065747 16606 0ustar00timtim000000000000Crypt-DSA-1.19/lib/Crypt/DSApackage Crypt::DSA::Signature; use strict; use Carp qw( croak ); our $VERSION = '1.19'; #VERSION # use vars qw{$VERSION}; sub new { my $class = shift; my %param = @_; my $sig = bless { }, $class; if ($param{Content}) { return $sig->deserialize(%param); } $sig; } BEGIN { no strict 'refs'; for my $meth (qw( r s )) { *$meth = sub { my($key, $value) = @_; if (ref $value eq 'Math::Pari') { $key->{$meth} = Math::Pari::pari2pv($value); } elsif (ref $value) { $key->{$meth} = "$value"; } elsif ($value) { if ($value =~ /^0x/) { $key->{$meth} = Math::BigInt->new($value)->bstr; } else { $key->{$meth} = $value; } } my $ret = $key->{$meth} || ""; $ret = Math::BigInt->new("$ret") if $ret =~ /^\d+$/; $ret; }; } } sub asn { require Convert::ASN1; my $asn = Convert::ASN1->new; $asn->prepare('SEQUENCE { r INTEGER, s INTEGER }') or croak $asn->{error}; $asn; } sub deserialize { my $sig = shift; my %param = @_; my $asn = __PACKAGE__->asn; my $ref; require MIME::Base64; ## Turn off warnings, because we're attempting to base64-decode content ## that may not be base64-encoded. local $^W = 0; for ($param{Content}, MIME::Base64::decode_base64($param{Content})) { my $out = $asn->decode($_); $ref = $out, last if $out; } croak "Invalid Content" unless $ref; $sig->s($ref->{s}); $sig->r($ref->{r}); $sig; } sub serialize { my $sig = shift; my %param = @_; my $asn = __PACKAGE__->asn; my $buf = $asn->encode({ s => $sig->s, r => $sig->r }) or croak $asn->{error}; $buf; } 1; __END__ =head1 NAME Crypt::DSA::Signature - DSA signature object =head1 SYNOPSIS use Crypt::DSA::Signature; my $sig = Crypt::DSA::Signature->new; $sig->r($r); $sig->s($s); =head1 DESCRIPTION I represents a DSA signature. It has 2 methods, I and I, which are the big number representations of the 2 pieces of the DSA signature. =head1 USAGE =head2 Crypt::DSA::Signature->new( %options ) Creates a new signature object, and optionally initializes it with the information in I<%options>, which can contain: =over 4 =item * Content An ASN.1-encoded string representing the DSA signature. In ASN.1 notation, this looks like: SEQUENCE { r INTEGER, s INTEGER } If I is provided, I will automatically call the I method to parse the content, and set the I and I methods on the resulting I object. =back =head2 $sig->serialize Serializes the signature object I<$sig> into the format described above: an ASN.1-encoded representation of the signature, using the ASN.1 syntax above. =head1 AUTHOR & COPYRIGHTS Please see the Crypt::DSA manpage for author, copyright, and license information. =cut