Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save slashTPA/a5e235efe51ccf3d0a41d824c14c03d0 to your computer and use it in GitHub Desktop.
Save slashTPA/a5e235efe51ccf3d0a41d824c14c03d0 to your computer and use it in GitHub Desktop.
def verify_sign(public_key_loc, signature, data):
'''
Verifies with a public key from whom the data came that it was indeed
signed by their private key
param: public_key_loc Path to public key
param: signature String signature to be verified
return: Boolean. True if the signature is valid; False otherwise.
'''
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA256
from base64 import b64decode
pub_key = open(public_key_loc, "r").read()
rsakey = RSA.importKey(pub_key)
signer = PKCS1_v1_5.new(rsakey)
digest = SHA256.new()
# Assumes the data is base64 encoded to begin with
digest.update(b64decode(data))
if signer.verify(digest, b64decode(signature)):
return True
return False
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment