search

wohaph / keyczar

Automatically exported from code.google.com/p/keyczar
0 stars 0 forks source link

python util.ParseX509() dies with: ValueError: invalid literal for int() with base 2: "000000'0" #89

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?

Run this DSA X509 public key through the util.ParseX509() method:

publickey='MIIBtjCCASsGByqGSM44BAEwggEeAoGBAMtPbcgvf2CAHN4djUb+gCPw/e8Xpeyc9GknS
9zsJjSCg9vgiKBVlQBceiKAkK8SVVEaA671SS0XO575OK/sAc4j0n2t9QJP1wyGCOhV79WbwhPPEVhsc
pAHakr9IAW6WdSnwhL/seZLYRKiVGpxXJffwN+sYjH00PulKNxmz2+DAhUAxh9yFSC1uuGk6IR0tnVAf
sPUt7cCgYBGfHU40n0HgKIkVe3XtX0G3CbiGbR++qaEjNqnfWynggqeeVkYliLaDlVrR4B0nLrHZLEcU
MO38YKmrwug02acp9P65IcjZ2yaioPBSmV7R6pMGOdJFR3V7Pd5R2+NcUdJd2xSffLfrChM82SKqa7b3
DOPHkSoIdp/vJiRgikZrwOBhAACgYAVb/mCnKb7Zl12kPXYTTkCvN4JSvxxhAmb7NeaXno2JVd5X/4ub
p3M5QGQWvf72FXwUnSILRz6T8gRaEYtuSO3/lY4q5vOAOnVQU6KjH97SKMutwHTl9d+zbuoBc4YMASUZ
a+vKqRZ3a+d15WdlBjtEzB2NbBbnbCJKjfGSmOCbg=='

What is the expected output?

{'q': 1131081433714279493125447137485919672696369887159L, 'p': 
14276932602756120001570284663303717184473854615906789254358608981916940577107196
03063512400158090350991056926422834832746086129277701278866950415513205965600586
85767748528711711436409986081908184259687167758644036767240729572639963928679656
775238247767249458127174935432419747620377588855197434035039449870211L, 'y': 
15053854906034551958130255257469157746437534531152680967028663212993859907881302
94037671192637521078598258573609554032104838221812249377429087872677127562858668
59569379427477824560428538873166504142351085994699088158365390257837477138679868
68499101786937625163245571976093033922453111650226291070626932425326L, 'g': 
49497067392066837795604673331534196979451774295488372524816830112224969127155249
58857615341561402972187600380248324567130752353240225909360230233300956363245405
17029462960508640485442663739929843398631060563747514973648590099126190306662078
07896367054970865220416332090848613758086204721802897620511150905775L}

What do you see instead?

    pubkey = decoder.decode(univ.OctetString(util.BinToBytes(tmp)))[0]
  File "/Volumes/share/code/guardianproject/otrfileconverter/util.py", line 224, in BinToBytes
    bytes = [chr(int(x, 2)) for x in octets]
ValueError: invalid literal for int() with base 2: "000000'0"

What version of the product are you using? On what operating system?

Mac OS X 10.6.8/Intel using Fink package keyczar-py27 0.7b-1

Please provide any additional information below.

I discovered the problem as part of this project:
https://github.com/guardianproject/otrfileconverter

I attached my test script which has the fix.  I also attached a diff that 
should fix it.

Original issue reported on code.google.com by h...@at.or.at on 26 Jan 2012 at 3:23

Attachments:

GoogleCodeExporter commented 9 years ago 
ParseX509 expects a DER-encoded ASN.1 sequence -- it should be binary data, not 
Base64-encoded.

Where did you get that DSA key, encoded in that way?

Original comment by sh...@willden.org on 26 Jan 2012 at 3:58

GoogleCodeExporter commented 9 years ago 
Ah, never mind.  I typed first and thought later.  I should have looked at your 
fix.

Why does your PEM-encoded key have apostrophes in it which need to be removed?  
That's not a valid character.  Are you sending in the "publickey=" stuff?

Original comment by sh...@willden.org on 26 Jan 2012 at 4:05

GoogleCodeExporter commented 9 years ago 
The apostrophes are coming from the ASN1 BitString format, which is something 
like '00010100101'B.

Original comment by h...@at.or.at on 26 Jan 2012 at 4:31

GoogleCodeExporter commented 9 years ago 
Ah, I see.  You're replacing the apostrophes after ASN.1 parsing, not before 
Base64 decoding.

That's very interesting.  I wonder why you're seeing this problem.  Is it 
something unique about your key, or perhaps nobody else has used this code?  
The latter is probably the case, since I can't find any uses of this function 
in the Keyczar codebase.  I'll take a more detailed look tomorrow; it's late.

Original comment by sh...@willden.org on 26 Jan 2012 at 4:52

GoogleCodeExporter commented 9 years ago 
The test script breaks it down, I don't know why it happening, just that it is. 
 The key in question comes from our app Gibberbot, its an OTR chat app, so 
that's a DSA key for OTR.  DSA keys aren't very common these days outside of 
OTR, so it could be that no one has used that method.

Original comment by h...@at.or.at on 26 Jan 2012 at 2:32

GoogleCodeExporter commented 9 years ago 
DSA is pretty common in Google's usage of Keyczar (and it's internal parent).  
We often exchange DSA keys with our external partners, too.  But I don't know 
how many of them are using Python, and Google's usage tends to be more Java and 
C++.

Anyway, I'll do some testing today and get this merged.  Thanks!

Original comment by swillden@google.com on 31 Jan 2012 at 2:10

GoogleCodeExporter commented 9 years ago 
Actually, could I ask you to please write a unit test that verifies that this 
is fixed?  It should go in python/tests/keyczar_tests/util_test.py.  I think 
your test script is a good start, it just needs some restructuring and some 
assertions rather than print statements.

Thanks.

Original comment by swillden@google.com on 31 Jan 2012 at 5:01

GoogleCodeExporter commented 9 years ago

Original comment by jtu...@gmail.com on 2 Mar 2013 at 9:32

GoogleCodeExporter commented 9 years ago 
I added the unit test and patch. Will someone review the code before I push it 
up?
Unit test:
https://code.google.com/p/keyczar/source/detail?r=fb9c29301fc987478fafe92a255562
14af566f5b&name=fix_x509_python
Patch:
https://code.google.com/p/keyczar/source/detail?name=fix_x509_python&r=11f075680
fbafd120f3ffed3b409983e76e289c2

Original comment by dlundb...@google.com on 15 Jul 2013 at 3:58

GoogleCodeExporter commented 9 years ago

Original comment by dlundb...@google.com on 16 Jul 2013 at 4:17

GoogleCodeExporter commented 9 years ago

Original comment by dlundb...@google.com on 9 Sep 2013 at 5:45