python


How use public key with pyOpenSSL for verify a signed message?


I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate.
I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take !
I want to use RSA and DSA algorithm for my tests.
I find m2Crypto, pyCrypto and other. I do not know what is the best for this.
gnupg for python and pyOpenSSl are more recent visibly.
I used function for signed a message with my private key, and I verify the data.
But when I see the function for verify the signature, in parameters I need :
private key, signature, data and digest type.
I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key..
This code work perfectly with the private key :
from OpenSSL import crypto
_k = crypto.PKey()
_cert = crypto.X509()
# Create keys
_k.generate_key(crypto.TYPE_RSA, 2048)
# Add argument for create certificate
_cert.gmtime_adj_notBefore(0)
_cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date
_cert.set_pubkey(_k)
_cert.sign(_k, 'sha256')
# Create key's file
with open("public_key.pem",'w') as f:
f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k))
with open("private_key.pem",'w') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k))
with open("certificate.pem",'w') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert))
#-------------------------------------------------------------------------------
# Open key and load in var
with open("private_key.pem",'r') as f:
priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
with open("public_key.pem",'r') as f:
pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read())
with open("certificate.pem",'r') as f:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
# sign message 'hello world' with private key and certificate
sign = crypto.sign(priv_key, "hello world", 'sha256')
print crypto.verify(cert, sign, "hello world", 'sha256')
So, my question is, how use the public key for verify the data ?
If Bob give a public key to alice, How it checks the message with this public key ?
You have a idea ?
Thanks a lot,
Romain

Related Links

Create a list with repeated values with list comprehension
Is LASSO regression implemented in Statsmodels?
There is a duplicate line showed when calling a __init__ in Python script
trouble with mousewheel + scrollbars in tkinter
Python Cutting a string on a certain point
Ansible become_user error UnicodeEncodeError: 'ascii' codec can't encode character
Dynamic way to create new columns as a function of existing columns in pandas
polymorphic dispatch: distinguishing Python integers vs. floating-point numbers vs. strings
HTCondor output files: obtain created directory
getting select values with flask [duplicate]
Tensorflow tf.matmul example is incorrect?
drawing flower with python turtle
Python while loop iteration does not work
Rows not displaying properly in Tkinter GUI
Getting InvalidArgumentError in Tensorflow
Django - 2 URLS with same regex, but different variables and views

Categories

HOME
sql-server
sidekiq
oauth
websphere
wildcard
uibutton
fparsec
youtube-livestreaming-api
formal-verification
zend-framework2
algorithmic-trading
simpy
pygame
onenote-api
google-plus
oclint
hosts
jboss7.x
qt-installer
gwtp
equalizer
react-leaflet
scala-native
uisplitviewcontroller
redux-observable
movies
jsonserializer
device-detection
cython
raphael
statusbar
thingsboard
nsmenuitem
spring-ws
memsql
restfb
bootstrap-typeahead
yosys
continuous-deployment
rhmap
emv
hash-collision
frp
nsurlconnection
reactivemongo
openpgp
boilerplate
autocompletetextview
redhat-datavirt
jquery-multidatespicker
s3cmd
wsadmin
spring-bean
upsert
ttcn
cppunit
apiary
context-free-language
jags
jenkins-jira-trigger
spring-data-hadoop
slidesjs
ticker
nuget-server
gmt
pdflib
iostat
mongoose-populate
tuxedo
pagekit
mongoskin
mercurial-hook
logcat
anti-cheat
handlebars.java
brackets-shell
approval-tests
direct3d12
function-fitting
uialertview
debian-based
utf-32
tcpreplay
ibmsbt
log4cplus
emma
valence
picat
mimosa
bsod
magicalrecord-2.2
document-database
dllexport
client-side-scripting
htmltextwriter
fluidsynth
arbor.js
pys60
point-sprites
v4l
throttling
associative
svn-hooks
querypath
graniteds
usability-testing
act
longjmp
castle-validators
weborb
ajaxpro

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html