-
-
Save lkdocs/6519372 to your computer and use it in GitHub Desktop.
| def verify_sign(public_key_loc, signature, data): | |
| ''' | |
| Verifies with a public key from whom the data came that it was indeed | |
| signed by their private key | |
| param: public_key_loc Path to public key | |
| param: signature String signature to be verified | |
| return: Boolean. True if the signature is valid; False otherwise. | |
| ''' | |
| from Crypto.PublicKey import RSA | |
| from Crypto.Signature import PKCS1_v1_5 | |
| from Crypto.Hash import SHA256 | |
| from base64 import b64decode | |
| pub_key = open(public_key_loc, "r").read() | |
| rsakey = RSA.importKey(pub_key) | |
| signer = PKCS1_v1_5.new(rsakey) | |
| digest = SHA256.new() | |
| # Assumes the data is base64 encoded to begin with | |
| digest.update(b64decode(data)) | |
| if signer.verify(digest, b64decode(signature)): | |
| return True | |
| return False |
wonderful
This looks promising, but for some reason I'm getting this error when I try to use it:
... (truncated backtrace) ...
rsakey = RSA.importKey(pub_key)
File "/usr/lib64/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 665, in importKey
return self._importKeyDER(der)
File "/usr/lib64/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 588, in _importKeyDER
raise ValueError("RSA key format is not supported")
I get a lot of hits when I search for this error, but the consensus seems to be that python 2.7 with the following libraries should "just work":
from Crypto.PublicKey import RSA from Crypto.Signature import PKCS1_v1_5 from Crypto.Hash import SHA256 from base64 import b64decode
Does anyone have any helpful suggestions? Thanks in advance!
@peter-wolfenden-zocdoc A wrong passphrase would lead to this error. Please check your passphrase.
nice nice :3 thank, your code help me so much
How can this work for simple client server socket, where a client sends a signed msg and server verifies? How should I send the message and signature both?
@peter-wolfenden-zocdoc You probably did not decoded your string (from base64). Try a rsakey = RSA.importKey(pub_key.decode('base64'))
can anyone show me an example, please? I am not that much frequent in python but want to implement signature validation in an application
does anyone have an idea on how to do this? https://gist.github.com/cevaris/e003cdeac4499d225f06#gistcomment-2369102
Would return signer.verify(digest, b64decode(signature)) work better than the current method?
I get the error
binascii.Error: Incorrect padding
please help!!!!!!
If verification fails, is there a way to get the originally hashed message from the digital signature?
Good job, it works.