Replace magic number with magic dict

author: Timotej Lazar <timotej.lazar@araneo.si> 2024-01-16 21:51:47 +0100
committer: Timotej Lazar <timotej.lazar@araneo.si> 2024-01-16 21:51:56 +0100
commit: bfaa9c25654e1e7b9caf1602ebabdb622005cd42 (patch)
tree: 9d82d56605aebd1319e6ab70d2beafd2d5ed2b22
parent: 8af9546e60a996d18b9cbeb43f44875d24b8cdcd (diff)
1 files changed, 9 insertions, 8 deletions
diff --git a/margfools b/margfools
index 7f6adfa..9524abe 100755
--- a/margfools
+++ b/margfools
@@ -23,16 +23,17 @@ def sign(data, key, pin=None, engine=None):
         env = None
     elif engine == 'pkcs11':
         # key on smartcard
+        digest_info = { # from RFC 3447
+            'MD2': '3020300c06082a864886f70d020205000410',
+            'MD5': '3020300c06082a864886f70d020505000410',
+            'SHA-1': '3021300906052b0e03021a05000414',
+            'SHA-256': '3031300d060960864801650304020105000420',
+            'SHA-384': '3041300d060960864801650304020205000430',
+            'SHA-512': '3051300d060960864801650304020305000440'
+        }
         cmd = ['pkcs11-tool', '--id', key, '-s', '-m', 'RSA-PKCS', '-p', 'env:PIN']
         env = {'PIN': pin}
-        """magic_prefix is ASN.1 DER for
-           DigestInfo ::= SEQUENCE {
-               digestAlgorithm DigestAlgorithm,
-               digest OCTET STRING
-           }
-        """
-        magic_prefix = bytes.fromhex("3031300d060960864801650304020105000420")
-        raw_data = magic_prefix + base64.b64decode(data)
+        raw_data = bytes.fromhex(digest_info['SHA-256']) + base64.b64decode(data)
     p = subprocess.run(cmd, env=env, input=raw_data, capture_output=True)
     return base64.b64encode(p.stdout).decode()
author	Timotej Lazar <timotej.lazar@araneo.si>	2024-01-16 21:51:47 +0100
committer	Timotej Lazar <timotej.lazar@araneo.si>	2024-01-16 21:51:56 +0100
commit	bfaa9c25654e1e7b9caf1602ebabdb622005cd42 (patch)
tree	9d82d56605aebd1319e6ab70d2beafd2d5ed2b22
parent	8af9546e60a996d18b9cbeb43f44875d24b8cdcd (diff)