How to verify a signature using M2Crypto 0.16
After some goggling I found some usual answers for this question, like:
How to load an RSA key from a PEM file and use it in python-cryptosome code:
x509 = X509.load_cert_string(certificate)
pubkey = x509.get_pubkey()
pubkey.reset_context(md=sha1)
pubkey.verify_init()
pubkey.verify_update(content)
decoded_signature = signature.decode('base64')
if pubkey.verify_final(decoded_signature)==0:
print 'error'
sys.exit(1)
and the code 开发者_如何学Cpresented above works fine in M2Crypto 0.20. But I need to do exactly the same think using the M2Crypto 0.16 (the official package in RHEL5), and I have problems using the pubkey.verify_final method because in this particular version the signature parameter doesn't exist. So how can I do it? using the M2Crypto 0.16 Thanks.
Lucky for you, the OpenSSL function you need is available in M2Crypto 0.16, it is just the Python method that is not providing the extra argument you need. This is easy to work around. Where you would call pubkey.verify_final(decoded_signature)
, call pubkey_verify_final(pubkey, decoded_signature)
, which you will define in your code as:
from M2Crypto import m2
def pubkey_verify_final(pubkey, decoded_signature):
return m2.verify_final(pubkey.ctx, decoded_signature, pubkey.pkey)
(Note, I did not actually test that, just compared the source between 0.16 and 0.20.)
精彩评论