Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
def verify_sign(public_key_loc, signature, data):
'''
Verifies with a public key from whom the data came that it was indeed
signed by their private key
param: public_key_loc Path to public key
param: signature String signature to be verified
return: Boolean. True if the signature is valid; False otherwise.
'''
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from base64 import b64decode
pub_key = open(public_key_loc, "r").read()
rsakey = RSA.importKey(pub_key)
signer = PKCS1_v1_5.new(rsakey)
digest = SHA256.new()
# Assumes the data is base64 encoded to begin with
digest.update(b64decode(data))
if signer.verify(digest, b64decode(signature)):
return True
return False
@tangxinfa

This comment has been minimized.

Copy link

tangxinfa commented Jul 2, 2014

Good job, it works.

@rsj217

This comment has been minimized.

Copy link

rsj217 commented Jan 9, 2016

wonderful

@peter-wolfenden-zocdoc

This comment has been minimized.

Copy link

peter-wolfenden-zocdoc commented Apr 15, 2016

This looks promising, but for some reason I'm getting this error when I try to use it:

... (truncated backtrace) ...
rsakey = RSA.importKey(pub_key)
File "/usr/lib64/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 665, in importKey
return self._importKeyDER(der)
File "/usr/lib64/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 588, in _importKeyDER
raise ValueError("RSA key format is not supported")

I get a lot of hits when I search for this error, but the consensus seems to be that python 2.7 with the following libraries should "just work":

from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from base64 import b64decode

Does anyone have any helpful suggestions? Thanks in advance!

@doowon

This comment has been minimized.

Copy link

doowon commented Sep 22, 2016

@peter-wolfenden-zocdoc A wrong passphrase would lead to this error. Please check your passphrase.

@phongthanfz

This comment has been minimized.

Copy link

phongthanfz commented Oct 5, 2016

nice nice :3 thank, your code help me so much

@sidraamalik

This comment has been minimized.

Copy link

sidraamalik commented Nov 11, 2017

How can this work for simple client server socket, where a client sends a signed msg and server verifies? How should I send the message and signature both?

@cnicodeme

This comment has been minimized.

Copy link

cnicodeme commented Dec 20, 2017

@peter-wolfenden-zocdoc You probably did not decoded your string (from base64). Try a rsakey = RSA.importKey(pub_key.decode('base64'))

@vaibhav1721

This comment has been minimized.

Copy link

vaibhav1721 commented Feb 16, 2018

can anyone show me an example, please? I am not that much frequent in python but want to implement signature validation in an application

@cryptid11

This comment has been minimized.

Copy link

cryptid11 commented Mar 4, 2018

@melvyn2

This comment has been minimized.

Copy link

melvyn2 commented Mar 23, 2018

Would return signer.verify(digest, b64decode(signature)) work better than the current method?

@Okirshen

This comment has been minimized.

Copy link

Okirshen commented Jul 4, 2019

I get the error
binascii.Error: Incorrect padding
please help!!!!!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.