How use public key with pyOpenSSL for verify a signed message?
I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate. I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take ! I want to use RSA and DSA algorithm for my tests. I find m2Crypto, pyCrypto and other. I do not know what is the best for this. gnupg for python and pyOpenSSl are more recent visibly. I used function for signed a message with my private key, and I verify the data. But when I see the function for verify the signature, in parameters I need : private key, signature, data and digest type. I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key.. This code work perfectly with the private key : from OpenSSL import crypto _k = crypto.PKey() _cert = crypto.X509() # Create keys _k.generate_key(crypto.TYPE_RSA, 2048) # Add argument for create certificate _cert.gmtime_adj_notBefore(0) _cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date _cert.set_pubkey(_k) _cert.sign(_k, 'sha256') # Create key's file with open("public_key.pem",'w') as f: f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k)) with open("private_key.pem",'w') as f: f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k)) with open("certificate.pem",'w') as f: f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert)) #------------------------------------------------------------------------------- # Open key and load in var with open("private_key.pem",'r') as f: priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read()) with open("public_key.pem",'r') as f: pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read()) with open("certificate.pem",'r') as f: cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read()) # sign message 'hello world' with private key and certificate sign = crypto.sign(priv_key, "hello world", 'sha256') print crypto.verify(cert, sign, "hello world", 'sha256') So, my question is, how use the public key for verify the data ? If Bob give a public key to alice, How it checks the message with this public key ? You have a idea ? Thanks a lot, Romain
How to backup database using XMLRPC?
Convert a list of ints to a float
Select file to upload using Internet Explorer in python
Better way to parse from regex?
python nested lists - list comprehension of dictionaries
Can Install Packages but cannot import
Inserting lines to a file after a string match
All possible combinations of dictionary values given input string. Python
Assign and compare in python
List comprehension won't return expected output
Accessing django oscar product attributes
Incorrectly Replacing Content
Python Max Recursion Depth
Error loading IPython notebook
Accessing Python webserver remotely on Amazon EC2
Efficient combined in-place adding/removing of rows of a huge 2D numpy array