[pycrypto] providing signature in base64

Cornelius Kölbel cornelius.koelbel at lsexperts.de
Wed May 9 14:42:41 EDT 2012


Hi,

great! Thanks! This indeed verifies the signature successfully.

Too bad, most of the distributions do not yet ship with pycrypto 2.5 ---
2.4 and lower does not contain the Crypto.Signature.
And I need to take care to pass a hashing object and not only a hashed
string...

Anyway, I now know how it will work out.

Kind regards
Cornelius

Am 09.05.2012 19:31, schrieb Legrandin:
> Hi Cornelius,
>
> I think M2Crypto signs by default using PKCS#1 v1.5.
> You can try the Crypto.Signature.PKCS1_v1_5 module in pycrypto.
> Something along these lines:
>
> ===
> import Crypto.Signature.PKCS1_v1_5 as PKCS
>
> signature = sign.decode("base64")
> hash = sha256(licStr)
> RSAKey = RSA.importKey(public)
> ret =  PKCS.verify(hash, RSAKey, signature)
> ===
>
> 2012/5/9 Cornelius Kölbel <cornelius.koelbel at lsexperts.de>:
>> Hi,
>>
>> i discovered the number.bytes_to_long function, which does the trick,
>>
>> but the signature validation still fails.
>>
>> I assume I would have to b64decode my signature prior to converting it.
>> But it fails :-/
>>
>> ret =  RSAKey.verify(hash, (number.bytes_to_long(sign.decode("base64")),) )
>> print ret
>>
>> ret =  RSAKey.verify(hash, (number.bytes_to_long(base64.b64decode(sign)),))
>> print ret
>>
>> Any hint on that?
>>
>> The signature was created with openssl/M2Crypto.
>> And I'd like to mirgate to pycrypto.
>>
>> Kind regards
>> Cornelius
>>
>> Am 09.05.2012 16:28, schrieb Cornelius Kölbel:
>>> Hello,
>>>
>>> I have a signature provided in base64 like this:
>>>
>>> XQgVBkxrmJXqN2+xkJx8dGRecadoLi61vjBTsl+kYibji0pf6ZsxYF2ewniV7pIbtjQxxIridBRtLo9d1Rpq6QvjvuVbVzqqimQeFZnQTp9scSfAbKCtDe1F4lEWCLP6s/6op3jgPpmgd0p5kPaA4iWLM5IjleT7kxgniggBXIky1aMq4L8DtLujcfHNLeJyXpw9TDPg/2KEYZGT1WqiXIeIuYPt7UySOVnmgIoQYstu7C5Vsy5hjzBfhpVvKaPjXEDeETL4UoO2S9H+hu0x932HyyiNTYCpY9VFQnptsVtTkkOvEqhY3xxYix4nzeU+vXc4hFFnhAZMJbPYmuPy5w==
>>>
>>> but I am breaking my head how to pass this to the verify function.
>>>
>>> I create the RSA Object from a PEM encoded public key. This works fine.
>>>
>>> But when I try to unpack the base64 encoded signature, I do not get ONE
>>> long but a tuple with 32 long int.
>>>
>>>     long_signature= struct.unpack('Q'*32, sign.decode("base64"))
>>>     hash = sha256(licStr).digest()
>>>     RSAKey = RSA.importKey(public)
>>>     ret =  RSAKey.verify(hash, long_signature)
>>>
>>> I know that this is more a matter of how to handle the unpack function,
>>> but did not find anything about this.
>>>
>>> Thanks a lot and kind regards
>>> Cornelius
>>
>>
>> _______________________________________________
>> pycrypto mailing list
>> pycrypto at lists.dlitz.net
>> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
>>
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto

-- 
Cornelius Kölbel
(Senior Security Consultant, Head of Product Management)
http://www.lsexperts.de
LSE Leading Security Experts GmbH, Postfach 100121, 64201 Darmstadt
Tel: +49 6151 9067-252, Fax: -299, Mobil: +49 160 96307089
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Geschaeftsfuehrer: Oliver Michel, Sven Walther, Dr. Peter Schill


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120509/3da6d05e/attachment.pgp>


More information about the pycrypto mailing list