Last active
March 14, 2018 16:48
-
-
Save avdata99/b702b743646dc3ff8ee97202355a0342 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Documento original que se busca certifical | |
f = open('Presupuesto 2017.zip', 'rb') | |
presup_bytes = f.read() | |
f.close() | |
# documento de resumen de signatura, incluye el hash del doc original, la clave publica de la firma y el valor de la firma | |
f = open('document.json', 'rb') | |
json_doc = f.read() | |
f.close() | |
# Clave pública de la firma | |
public_key = '0268ae6e91a2e46212de7cf02837cbe94267a8ce00beba67dadae4af269ddf963c' | |
# valor del documento firmado | |
valor_firmado = '3045022100eeecfc75bf0eee902d58f9a2c201372752104ce41a9b3c0679fe83693415125f022038179653dfa767e3e32ee65f00df580040cc7f62765ab4881e01bdf89db4d673' | |
# hash del documento original informado en el document.json | |
hash_en_json = '92d39fefe2a54138fa71600a10feb4b25865009f77d746474dd1f1bd0db0bac2' | |
# ---------------------------------- | |
# -- PROBAR EL HASH DEL DOC ORIGINAL | |
# ---------------------------------- | |
import hashlib | |
m = hashlib.sha256() | |
m.update(presup_bytes) | |
hash_mio = m.hexdigest() | |
print('SHA256 del Documento: {}'.format(hash_mio)) | |
res = hash_en_json == m.hexdigest() | |
print('-------------------------------') | |
print('Comparacion de hashes: {}'.format(res)) | |
print('-------------------------------') | |
# ---------------------------------- | |
# ------------------ PROBAR LA FIRMA | |
# https://stackoverflow.com/questions/34451214/how-to-sign-and-verify-signature-with-ecdsa-in-python | |
# ---------------------------------- | |
# Clave pública de la firma | |
public_key = '0268ae6e91a2e46212de7cf02837cbe94267a8ce00beba67dadae4af269ddf963c' | |
# valor del documento firmado | |
valor_firmado = '3045022100eeecfc75bf0eee902d58f9a2c201372752104ce41a9b3c0679fe83693415125f022038179653dfa767e3e32ee65f00df580040cc7f62765ab4881e01bdf89db4d673' | |
from ecdsa import VerifyingKey, SECP256k1 | |
# https://github.com/warner/python-ecdsa | |
public_key_bits = bytes.fromhex(public_key) | |
valor_firmado_bits = bytes.fromhex(valor_firmado) | |
vk = VerifyingKey.from_string(public_key_bits, curve=SECP256k1) | |
res = vk.verify(valor_firmado_bits, json_doc) | |
print('Verificacion: {}'.format(res)) | |
''' | |
Error: | |
Al parecer SECP256k1 verifying_key_length espera 64 de largo pero el la clave publica nuestra pasada a bit tiene un largo de 33 | |
Traceback (most recent call last): | |
File "test.py", line 58, in <module> | |
vk = VerifyingKey.from_string(public_key_bits, curve=SECP256k1) | |
File "/usr/local/lib/python3.6/dist-packages/ecdsa/keys.py", line 37, in from_string | |
(len(string), curve.verifying_key_length) | |
AssertionError: (33, 64) | |
''' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment