Last active
February 28, 2022 22:23
-
-
Save lkdocs/6519372 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def verify_sign(public_key_loc, signature, data): | |
| ''' | |
| Verifies with a public key from whom the data came that it was indeed | |
| signed by their private key | |
| param: public_key_loc Path to public key | |
| param: signature String signature to be verified | |
| return: Boolean. True if the signature is valid; False otherwise. | |
| ''' | |
| from Crypto.PublicKey import RSA | |
| from Crypto.Signature import PKCS1_v1_5 | |
| from Crypto.Hash import SHA256 | |
| from base64 import b64decode | |
| pub_key = open(public_key_loc, "r").read() | |
| rsakey = RSA.importKey(pub_key) | |
| signer = PKCS1_v1_5.new(rsakey) | |
| digest = SHA256.new() | |
| # Assumes the data is base64 encoded to begin with | |
| digest.update(b64decode(data)) | |
| if signer.verify(digest, b64decode(signature)): | |
| return True | |
| return False |
can anyone show me an example, please? I am not that much frequent in python but want to implement signature validation in an application
does anyone have an idea on how to do this? https://gist.github.com/cevaris/e003cdeac4499d225f06#gistcomment-2369102
Would return signer.verify(digest, b64decode(signature)) work better than the current method?
I get the error
binascii.Error: Incorrect padding
please help!!!!!!
If verification fails, is there a way to get the originally hashed message from the digital signature?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@peter-wolfenden-zocdoc You probably did not decoded your string (from base64). Try a
rsakey = RSA.importKey(pub_key.decode('base64'))