How use public key with pyOpenSSL for verify a signed message?
I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate. I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take ! I want to use RSA and DSA algorithm for my tests. I find m2Crypto, pyCrypto and other. I do not know what is the best for this. gnupg for python and pyOpenSSl are more recent visibly. I used function for signed a message with my private key, and I verify the data. But when I see the function for verify the signature, in parameters I need : private key, signature, data and digest type. I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key.. This code work perfectly with the private key : from OpenSSL import crypto _k = crypto.PKey() _cert = crypto.X509() # Create keys _k.generate_key(crypto.TYPE_RSA, 2048) # Add argument for create certificate _cert.gmtime_adj_notBefore(0) _cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date _cert.set_pubkey(_k) _cert.sign(_k, 'sha256') # Create key's file with open("public_key.pem",'w') as f: f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k)) with open("private_key.pem",'w') as f: f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k)) with open("certificate.pem",'w') as f: f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert)) #------------------------------------------------------------------------------- # Open key and load in var with open("private_key.pem",'r') as f: priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read()) with open("public_key.pem",'r') as f: pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read()) with open("certificate.pem",'r') as f: cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read()) # sign message 'hello world' with private key and certificate sign = crypto.sign(priv_key, "hello world", 'sha256') print crypto.verify(cert, sign, "hello world", 'sha256') So, my question is, how use the public key for verify the data ? If Bob give a public key to alice, How it checks the message with this public key ? You have a idea ? Thanks a lot, Romain
Is there any way to import python modules for an entire package?
Writing a list to a file without a newline Python
Generate a csv file partly based on user input with python
How can I write input on new lines in files in python, without adding an empty line?
python reading sql db encoding error at /python2.7/json/encoder.py
Base64 decode to pdf on Windows OS with python
Partial parameters are duplicated
accessing nested element in HTML by CLASS_NAME using selenium
Where is the cfnbootstrap folder?
Want requests.get to wait for redirection during some time
How to run a program by being activated in another program in python
Django: what is the purpose of “$” symbol in urlpatterns?
Installed the google-cloud-storage module 0.22.0, Imports fine by itself but not as an import of an import
replace double quotes with '\"' in python
How to replace sublists within a list?
How to listen for an AUDIO file using Python and Selenium Webdriver