[pycrypto] RSA signature pycrypto openssl interoperability
Andrew Cho
bytestorm at gmail.com
Sun Aug 21 09:35:27 CST 2011
Hi, I'm trying to generate signatures in a way openssl can verify using
pycrypto, but when I decode it with openssl, it doesn't produce usable
results. This has been my workflow so far:
------------------------------------
openssl genrsa -out privkey.pem 2048
openssl rsa -pubout -in privkey.pem -out pubkey.pem
echo "message text" > data
python <<!
#!/usr/bin/env python
from Crypto.PublicKey import RSA
import Crypto.Random
from Crypto.Util import number
import sys,ctypes
def make_OPENSSL_PKCS1_padding(k,msglen):
if msglen > k - 11:
return None
PS = '\xff'* (k-msglen-3)
E = ''.join((chr(0x00), chr(0x01), PS, chr(0x00)))
return E
prk = RSA.importKey(file('privkey.pem').read())
data = file('data').read()
E = make_OPENSSL_PKCS1_padding((prk.size()+1)/8,len(data))
EM = ''.join((E,data))
sigout = prk.sign(EM,'')
f = open('signature','wb')
f.write(number.long_to_bytes(sigout[0]))
f.close()
!
openssl rsautl -verify -raw -pubin -inkey pubkey.pem -in signature -out
de_signature
cat de_signature
------------------
I expect to see a whole bunch of 0xFFs followed by "message text" when I cat
de_signature, but that's not what I get at all. Any idea what I might be
doing wrong here?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.dlitz.net/pipermail/pycrypto/attachments/20110821/dc133a09/attachment.htm
More information about the pycrypto
mailing list