Last active
January 22, 2025 07:10
-
-
Save lkdocs/6519372 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def verify_sign(public_key_loc, signature, data): | |
| ''' | |
| Verifies with a public key from whom the data came that it was indeed | |
| signed by their private key | |
| param: public_key_loc Path to public key | |
| param: signature String signature to be verified | |
| return: Boolean. True if the signature is valid; False otherwise. | |
| ''' | |
| from Crypto.PublicKey import RSA | |
| from Crypto.Signature import PKCS1_v1_5 | |
| from Crypto.Hash import SHA256 | |
| from base64 import b64decode | |
| pub_key = open(public_key_loc, "r").read() | |
| rsakey = RSA.importKey(pub_key) | |
| signer = PKCS1_v1_5.new(rsakey) | |
| digest = SHA256.new() | |
| # Assumes the data is base64 encoded to begin with | |
| digest.update(b64decode(data)) | |
| if signer.verify(digest, b64decode(signature)): | |
| return True | |
| return False |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If verification fails, is there a way to get the originally hashed message from the digital signature?