python


How use public key with pyOpenSSL for verify a signed message?


I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate.
I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take !
I want to use RSA and DSA algorithm for my tests.
I find m2Crypto, pyCrypto and other. I do not know what is the best for this.
gnupg for python and pyOpenSSl are more recent visibly.
I used function for signed a message with my private key, and I verify the data.
But when I see the function for verify the signature, in parameters I need :
private key, signature, data and digest type.
I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key..
This code work perfectly with the private key :
from OpenSSL import crypto
_k = crypto.PKey()
_cert = crypto.X509()
# Create keys
_k.generate_key(crypto.TYPE_RSA, 2048)
# Add argument for create certificate
_cert.gmtime_adj_notBefore(0)
_cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date
_cert.set_pubkey(_k)
_cert.sign(_k, 'sha256')
# Create key's file
with open("public_key.pem",'w') as f:
f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k))
with open("private_key.pem",'w') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k))
with open("certificate.pem",'w') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert))
#-------------------------------------------------------------------------------
# Open key and load in var
with open("private_key.pem",'r') as f:
priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
with open("public_key.pem",'r') as f:
pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read())
with open("certificate.pem",'r') as f:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
# sign message 'hello world' with private key and certificate
sign = crypto.sign(priv_key, "hello world", 'sha256')
print crypto.verify(cert, sign, "hello world", 'sha256')
So, my question is, how use the public key for verify the data ?
If Bob give a public key to alice, How it checks the message with this public key ?
You have a idea ?
Thanks a lot,
Romain


Related Links

What is the difference between t_ignore, pass and t.lexer.skip() in ply.lex?
how do i pass groupby elements as lists to a function in python/pandas
Numpy argwhere inequality conditions
How CMD.exe recognize an extension need program?
How to edit data with django-tables2 in a frontend?
While loop giving different return and print results?
Trouble understanding a strange Python import
Reading the binary file shows unreadable characters
Dynamically re-sizing images in a GStreamer pipeline in python
efficient expanding linregress
Passing python dictionary to a class changes the value of dictionary [duplicate]
Convert list into correct input for polyfit [closed]
Python inheritance with super
Limiting the subquery with SQLAlchemy
Monkey patch django.util.cache function
Pandas series - recording numerical changes

Categories

HOME
makefile
cluster-computing
plsql
meshlab
xamarin.android
raspbian
aem
reportportal
laravel-5.2
specflow
checksum
quill
dropbox
uiactivityviewcontroller
google-shopping
gatsby
flann
cs-cart
cratedb
reduction
tree-traversal
flat-file
multicore
tortoisegit
multiple-columns
backpropagation
excel-2010
embedly
csh
auditing
unpack
pentaho-report-designer
mayavi
hana-studio
vertex-buffer
positioning
lmdb
clockwork
helix-3d-toolkit
ipfw
swiftcharts
geopy
oscommerce
.net-assembly
parent
g1gc
crop
apiary
3scale
startapp
estimation
gauss
ogre3d
workflow-foundation-4.5
google-maps-ios
heroku-postgres
selenium-firefoxdriver
emgu
garrys-mod
barcode-printing
boost-hana
spatial-query
squirrel
gradle-release-plugin
distribute
hateoas
throughput
drf-nested-routers
evo
webhdfs
wif
castle-windsor-3
on-duplicate-key
graphical-logo
rspec3
uos
musl
orientation-changes
kallithea
utf-32
java-collections-api
outline
power-law
csplit
opensocial
dllexport
pstree
wchar
nsindexpath
cookieless
pureftpd
exitstatus
hadoop-plugins
clients
front-controller
windows-controls
microsoft.ink
document-library
rd





Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm