python


How use public key with pyOpenSSL for verify a signed message?


I try to use pyOpenSSL for signed a data, I create key pair (private and publique) and certificate.
I'm a beginner with this technology, I use OpenSSl, but if you have suggestions for generate a signed message with private and public key in python, I'm take !
I want to use RSA and DSA algorithm for my tests.
I find m2Crypto, pyCrypto and other. I do not know what is the best for this.
gnupg for python and pyOpenSSl are more recent visibly.
I used function for signed a message with my private key, and I verify the data.
But when I see the function for verify the signature, in parameters I need :
private key, signature, data and digest type.
I do not know where I am wrong in this code, I find some examples, but I do not understand how this can work because the first parameters for the verify function is a X509 object "certificate is a X509 instance corresponding to the private key which generated the signature." and the second is the signature generated with the private key..
This code work perfectly with the private key :
from OpenSSL import crypto
_k = crypto.PKey()
_cert = crypto.X509()
# Create keys
_k.generate_key(crypto.TYPE_RSA, 2048)
# Add argument for create certificate
_cert.gmtime_adj_notBefore(0)
_cert.gmtime_adj_notAfter(0*365*24*60*60) #10 years expiry date
_cert.set_pubkey(_k)
_cert.sign(_k, 'sha256')
# Create key's file
with open("public_key.pem",'w') as f:
f.write(crypto.dump_publickey(crypto.FILETYPE_PEM, _k))
with open("private_key.pem",'w') as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, _k))
with open("certificate.pem",'w') as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, _cert))
#-------------------------------------------------------------------------------
# Open key and load in var
with open("private_key.pem",'r') as f:
priv_key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
with open("public_key.pem",'r') as f:
pub_key = crypto.load_publickey(crypto.FILETYPE_PEM, f.read())
with open("certificate.pem",'r') as f:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
# sign message 'hello world' with private key and certificate
sign = crypto.sign(priv_key, "hello world", 'sha256')
print crypto.verify(cert, sign, "hello world", 'sha256')
So, my question is, how use the public key for verify the data ?
If Bob give a public key to alice, How it checks the message with this public key ?
You have a idea ?
Thanks a lot,
Romain

Related Links

How do I limit the number of active threads in python?
Calculating the pixel size of a string with Python
Python nested lists and recursion problem
Problems PUTting binary data to Django
How to use long integers in Python to build a range?
Should I use Lex or a home-brewed solution to parse a formula?
Launching default application for given type of file, OS X
Python CGI script IOError Broken Pipe
Django, grouping query items
Regular expression works normally, but fails when placed in an XML schema
too many threads due to synch communication
How can I specify a relative path in a Python logging config file?
Python “draw() must be called with Label instance as first argument (got _WindowMetaclass instance instead)”
Writing to a file in Python inserts null bytes
Disable logging during manage.py test?
turbogears request/user object in templates and request context

Categories

HOME
arrays
python
sql-server-2008
converter
cil
semantic-ui
answer-set-programming
jar
freepascal
performancecounter
h2
mainframe
rocketmq
azureservicebus
i2c
jframe
eclipse-cdt
gwtp
future
phoenix
jacoco
pdo
sendkeys
quartus
jcl
atlassian-plugin-sdk
jive
tortoisegit
jconsole
embedly
shopping-cart
visual-c++-2017
rhandsontable
metadata-extractor
version-numbering
frp
pcre
aurelia-binding
freebase
rider
inkscape
coreclr
poco-libraries
concrete5-5.7
exiftool
ssh.net
ivona
facebook-chatbot
python-idle
jags
sgmlreader
istorage
pluck
tcserver
crash-reports
etherpad
instruction-set
iphone-developer-program
settimeout
update-site
cron-task
try-finally
webkit2
tuxedo
uiprogressview
spark-cassandra-connector
mongoskin
dac
concur
void
insertion-sort
sem
pgagent
sysctl
cpu-speed
pic24
modeshape
nservicebus4
installshield-2011
driver-signing
prng
sametime
socketstream
osi
scrollto
getstring
hibernate3
applicationcontext
selectmanycheckbox
printing-web-page
executable-format
phpcrawl
nvelocity
.app
loadui
task-management
gwt-2.2-celltable
graniteds
visual-c++-2008-express
lazy-c++
configurable
web-analytics-tools
document-library

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App