Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Sign and Verify using Python pycrypto
#!/usr/bin/env bash
# Generate RSA private key
openssl genrsa -out private_key.pem 1024
#!/usr/bin/env python
from base64 import (
from Crypto.Hash import SHA256
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA
message = "I want this stream signed"
digest =
# Read shared key from file
private_key = False
with open ("private_key.pem", "r") as myfile:
private_key = RSA.importKey(
# Load private key and sign message
signer =
sig = signer.sign(digest)
# Load public key and verify message
verifier =
verified = verifier.verify(digest, sig)
assert verified, 'Signature verification failed'
print 'Successfully verified message'
Copy link

cevaris commented Mar 2, 2015

To test

  • Invoke ./ from shell
  • Pip instlal requirements.txt file
  • Invoke python script

Copy link

cryptid11 commented Mar 4, 2018

If I do not have the key object but just the pubkey string and I need to rewrite this function:

def verify(message, signature, pubkey):
    hash =
    return pubkey.verify(hash, signature)

how do I do this? (basically I need to create a random pubkey object and then changing in it the only usefult info that is the actual pubkey)

btw pubkey is defined as Crypto.PublicKey.RSA.generate(1024, os.urandom).publickey()

Copy link

ErpMstar commented Jun 26, 2021

I am using same using same Python code for getting md5 digest. And also doing similar to this in JavaScript to get md5 digest.
But getting different values for same message. I am confused, how to check which one correct and why the other one is wrong.
Any idea how to fix this?

Copy link

cevaris commented Jun 27, 2021

Any idea how to fix this?
@ErpMstar TBH, i have no idea.

You would not need to use this script for just calculating MD5 digests.
Perhaps these links can help..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment