python


How use public key with pyOpenSSL for verify a signed message?


I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate.
I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take !
I want to use RSA and DSA algorithm for my tests.
I find m2Crypto, pyCrypto and other. I do not know what is the best for this.
gnupg for python and pyOpenSSl are more recent visibly.
I used function for signed a message with my private key, and I verify the data.
But when I see the function for verify the signature, in parameters I need :
private key, signature, data and digest type.
I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key..
This code work perfectly with the private key :
from OpenSSL import crypto
_k = crypto.PKey()
_cert = crypto.X509()
# Create keys
_k.generate_key(crypto.TYPE_RSA, 2048)
# Add argument for create certificate
_cert.gmtime_adj_notBefore(0)
_cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date
_cert.set_pubkey(_k)
_cert.sign(_k, 'sha256')
# Create key's file
with open("public_key.pem",'w') as f:
f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k))
with open("private_key.pem",'w') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k))
with open("certificate.pem",'w') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert))
#-------------------------------------------------------------------------------
# Open key and load in var
with open("private_key.pem",'r') as f:
priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
with open("public_key.pem",'r') as f:
pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read())
with open("certificate.pem",'r') as f:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
# sign message 'hello world' with private key and certificate
sign = crypto.sign(priv_key, "hello world", 'sha256')
print crypto.verify(cert, sign, "hello world", 'sha256')
So, my question is, how use the public key for verify the data ?
If Bob give a public key to alice, How it checks the message with this public key ?
You have a idea ?
Thanks a lot,
Romain

Related Links

How to backup database using XMLRPC?
Convert a list of ints to a float
Select file to upload using Internet Explorer in python
Better way to parse from regex?
python nested lists - list comprehension of dictionaries
Can Install Packages but cannot import
Inserting lines to a file after a string match
All possible combinations of dictionary values given input string. Python
Assign and compare in python
List comprehension won't return expected output
Accessing django oscar product attributes
Incorrectly Replacing Content
Python Max Recursion Depth
Error loading IPython notebook
Accessing Python webserver remotely on Amazon EC2
Efficient combined in-place adding/removing of rows of a huge 2D numpy array

Categories

HOME
json
crystal-reports
signalr
openssl
tinyos
itext
sed
wsdl
nuxeo
fparsec
wxwidgets
youtube-livestreaming-api
zend-framework2
chaiscript
automated-tests
histogrammar
browserify
goutte
lotus-notes
criteria
ndis
finite-group-theory
image-recognition
cratedb
eclipse-luna
arm-template
ms-access-2007
ng2-dragula
uiautomator
excel-2010
countif
tcpclient
explode
http-method
shopping-cart
katharsis
net-snmp
version-numbering
xilinx-ise
fileinfo
websauna
exponential
preg-grep
idl
spreedly
polymorphism
powershell-remoting
remote-server
geomesa
autocompletetextview
rhel.net
es-shell
strstr
active-model-serializers
wcf-security
bayesian-networks
cppunit
prototypejs
double-buffering
drawingarea
gd
sapui
pinvoke
shutdown
slot
modelattribute
pycurl
sqldatareader
iostat
cfeclipse
ruby-2.0
try-finally
asteriskami
gherkin
flexjson
asp.net-mvc-2
ffprobe
ubercart
twitter-rest-api
code-first-migrations
activity-streams
tcpreplay
omnifocus
microblaze
funq
system.web
io.js
magic-numbers
factors
roxygen
facebook-sdk-3.1
nscolor
multiple-login
swrl
ruboto
vmware-server
digital-design
fortran77
reporting-tools
snapjs
mozart-mvc
pstree
die
law-of-demeter
ubuntu-11.04
charts4j
paintcomponent
collect
noir
ruby-debug
nagle
graniteds
multibyte-functions
plinq
usergroups

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App