Signature verification

saisankalpj · Sep-21-2018, 05:55 PM

I have a signature, data and public key is
Public Key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFWkb/eSl6I3DRVhaonW3DFy8EnL0yaPiDzCcOLuYfBjN9zZIR1wXmnMJFle1K89qHGg42wgweVTIwA1XFTfoUKSziwsjF6FscZX5H56ZYyS/wWiO3rWWynlfbSZt+ga71+ndsu+A0Dy7Nn7ZgP8kRsu4UM5vE7QQTRERNiUKpzScN1cgZUFUqSddQmkwTEN8hH1mFX1Mum54NGqWIlmQxQDrOyogmMXIaaakhabcmuIPMULVVDVwUJC9sSDsc/j05qcZn3kkiEBRyiYB6ZLY2W7WfiV+dB7/icPONsYSD0FxHWEGNnbqtiGoNf9WZWtaP+o8WMR9sB3GKGVnbLvbQIDAQAB
How do i verify the signature is correct or not

ODIS · Sep-21-2018, 08:05 PM

Crypto library example: https://gist.github.com/lkdocs/6519372

saisankalpj · Sep-22-2018, 04:10 AM

(Sep-21-2018, 08:05 PM)ODIS Wrote: Crypto library example: https://gist.github.com/lkdocs/6519372

I tried this logic but the digest.update(b64decode(data)) is making digest as None. Any idea regarding this??

ODIS · Sep-22-2018, 09:10 PM

Can you post full example of your try including also the signature and data?

saisankalpj · Sep-23-2018, 04:11 PM

(Sep-22-2018, 09:10 PM)ODIS Wrote: Can you post full example of your try including also the signature and data?

I cant post the example due to restrictions
But public key is
-----BEGIN PUBLIC KEY——-
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFWkb/eSl6I3DRVhaonW3DFy8EnL0yaPiDzCcOLuYfBjN9zZIR1wXmnMJFle1K89qHGg42wgweVTIwA1XFTfoUKSziwsjF6FscZX5H56ZYyS/wWiO3rWWynlfbSZt+ga71+ndsu+A0Dy7Nn7ZgP8kRsu4UM5vE7QQTRERNiUKpzScN1cgZUFUqSddQmkwTEN8hH1mFX1Mum54NGqWIlmQxQDrOyogmMXIaaakhabcmuIPMULVVDVwUJC9sSDsc/j05qcZn3kkiEBRyiYB6ZLY2W7WfiV+dB7/icPONsYSD0FxHWEGNnbqtiGoNf9WZWtaP+o8WMR9sB3GKGVnbLvbQIDAQAB
-----END PUBLIC KEY-----
Signature and data i am passing apart from public key to the method u specified.
But digest.update(b64decode(data)) seems to provide none

ODIS · Sep-23-2018, 06:54 PM

Restrictions? :) I'm fortunately not restricted to create some test keys. digest.update() method is not returning anything - the method updates the digest object. Here you have complete example:

from Crypto.Hash import SHA512
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from base64 import b64decode

private_key = """-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA8qHggSumaJ85aR1m/wb2F7wg+e+1CFo08Dx0QG19Ii6zXXCj
kmLHfkz44/1J33OQV2u1BJJ/6B70uXDYeHNxxcEDbWOH54geTKriaLg+fGVhq/T7
B3gUhIZhGz/8u8mtBDEDtoxwAxn7yLvR3P3adB5M3Ghp+2o7heAYdtLqxtfTe8cC
HZ8ZLAVfwXNby0GJrq54909jxKjgUdBWU+ciz4HrgrxjMbLxP2Epq0UzAEzxxqlU
z/KjloehiyXr6FKH9eLqj8KSj0hcnW3QOgDKhZI1lr2GCMvyXjB8wiesTxk5DNM0
NAOCTrh1uDqZ4F1+rrOoMYDvs0VbNEAJlSfleQIDAQABAoIBAQC12HkIloxr0RoY
G/87mB4M/+S/LdbCYclXXBfMycKFQfcQSwFtDzdxA4NubEFXhadivci3mozejYTh
DyBOdkeI7PYCoBwVfUEoONLjpWK/nMQtOriBio/mG0jgQX7Lx4UypQGhaXPx/yFj
+tB5DpERgjwc3OzBj4b4+VGcjMuFJnstWV3ZRdnF/pnK/nLgjqiBTK9xV/L8lwQV
+k3WADaGs9IWKKRQBiB9gfqsflbVNAXOa33ycURlohBBGoAEFf5cTkjuh6YhP4cU
kp/QkDecvB1p3rNmVHAjpKs3XViwUFnHk+/pZBdfjJEdUnE1II6KgnHT/Yl5CmFs
RsWSGlA5AoGBAPzg1+rQjFaXUKb7gHi9xBRf446ppdtCRmlSkpx3eCYystovmhpW
iZZFeLUonzciwsw7b46XKVPMdu+oQzwJbmoW0nkRWegIcB6VXYQeoupcxnfPJmtx
gNl44QxDID4j41XBIP4b4xjlIPOBoXstiwObodUq6liRjYtYOdezFpOjAoGBAPWg
p2EBRbzhPHEXIPC2kVoUsbTZfcWnKPk/pfHl80YAlZtuSMm2bO5Bzzp3vV485zoD
mAZsPiNbqd0o/hiQpj+nUGB/pXG+QoMUKCp71D+NwKZIyH76XNtqUJTiwwH7K/7A
p0zXt6stt6cFQ6QwXlxJh3y+urY+dRjCuXR/XVQzAoGALBKLzxL1womwtsmShHie
Wea0ZELQ8zvDxctsXfS8bfvcDAbL1tdKN3R4KyqfRR670JhzQui5fS9fczliLm5+
XeMIX61UfAoscEgb+lDUl///XxYtXgB0MnLM1jRExE/A6Us1ktQNamNUsNvg5vTz
C3fuZpaKLVGA185SlnNR9f0CgYAwwbgX4FnIeWk3BaFLRuIpYGw5+uYlYt4WQ9Ub
5Epa/ei0lrqqF6Ud0kBhWb1kRHCdqnL162yWNi7MsMNneucVQZAJ56yenGa1gD3M
2RGzn9664z2xPt9Jypu+Qhj1frcn9XQAI93Yg9WtuLTJlbRVW18imvWTEWjLBnQr
tNCA0wKBgDyIfKyFOCmgVY8gRk/mk1AHITL9liS1UYdyxuzYWIVefs5W9OKNBV+p
dLpU++DLTk7K4HT7X99VT42O/Yry9JVQ/BttjSH7F9qDqd8SBsi1nxaVGiCzLvSV
G2vIeTBfeI4hK8gUpUjxaTIJzxiJv+dlnLdGr13tEJS6pEVmuLAJ
-----END RSA PRIVATE KEY-----"""

public_key = """-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qHggSumaJ85aR1m/wb2
F7wg+e+1CFo08Dx0QG19Ii6zXXCjkmLHfkz44/1J33OQV2u1BJJ/6B70uXDYeHNx
xcEDbWOH54geTKriaLg+fGVhq/T7B3gUhIZhGz/8u8mtBDEDtoxwAxn7yLvR3P3a
dB5M3Ghp+2o7heAYdtLqxtfTe8cCHZ8ZLAVfwXNby0GJrq54909jxKjgUdBWU+ci
z4HrgrxjMbLxP2Epq0UzAEzxxqlUz/KjloehiyXr6FKH9eLqj8KSj0hcnW3QOgDK
hZI1lr2GCMvyXjB8wiesTxk5DNM0NAOCTrh1uDqZ4F1+rrOoMYDvs0VbNEAJlSfl
eQIDAQAB
-----END PUBLIC KEY-----"""

# data for encryption
data = "test"

# let's create the keys objects
private_key = RSA.importKey(private_key)
public_key = RSA.importKey(public_key)

# let's create the signer and verifier
signer = PKCS1_v1_5.new(private_key)
verifier = PKCS1_v1_5.new(public_key)

# data will be hashed before encryption
digest = SHA512.new()
digest.update(b64decode(data))

# encryption
signature = signer.sign(digest)

# verification
if signer.verify(digest, signature):
    print("Verification OK")
else:
    print("Verification FAIL")

saisankalpj · Sep-24-2018, 12:56 PM

(Sep-23-2018, 06:54 PM)ODIS Wrote: Restrictions? :) I'm fortunately not restricted to create some test keys. digest.update() method is not returning anything - the method updates the digest object. Here you have complete example:

from Crypto.Hash import SHA512
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from base64 import b64decode

private_key = """-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA8qHggSumaJ85aR1m/wb2F7wg+e+1CFo08Dx0QG19Ii6zXXCj
kmLHfkz44/1J33OQV2u1BJJ/6B70uXDYeHNxxcEDbWOH54geTKriaLg+fGVhq/T7
B3gUhIZhGz/8u8mtBDEDtoxwAxn7yLvR3P3adB5M3Ghp+2o7heAYdtLqxtfTe8cC
HZ8ZLAVfwXNby0GJrq54909jxKjgUdBWU+ciz4HrgrxjMbLxP2Epq0UzAEzxxqlU
z/KjloehiyXr6FKH9eLqj8KSj0hcnW3QOgDKhZI1lr2GCMvyXjB8wiesTxk5DNM0
NAOCTrh1uDqZ4F1+rrOoMYDvs0VbNEAJlSfleQIDAQABAoIBAQC12HkIloxr0RoY
G/87mB4M/+S/LdbCYclXXBfMycKFQfcQSwFtDzdxA4NubEFXhadivci3mozejYTh
DyBOdkeI7PYCoBwVfUEoONLjpWK/nMQtOriBio/mG0jgQX7Lx4UypQGhaXPx/yFj
+tB5DpERgjwc3OzBj4b4+VGcjMuFJnstWV3ZRdnF/pnK/nLgjqiBTK9xV/L8lwQV
+k3WADaGs9IWKKRQBiB9gfqsflbVNAXOa33ycURlohBBGoAEFf5cTkjuh6YhP4cU
kp/QkDecvB1p3rNmVHAjpKs3XViwUFnHk+/pZBdfjJEdUnE1II6KgnHT/Yl5CmFs
RsWSGlA5AoGBAPzg1+rQjFaXUKb7gHi9xBRf446ppdtCRmlSkpx3eCYystovmhpW
iZZFeLUonzciwsw7b46XKVPMdu+oQzwJbmoW0nkRWegIcB6VXYQeoupcxnfPJmtx
gNl44QxDID4j41XBIP4b4xjlIPOBoXstiwObodUq6liRjYtYOdezFpOjAoGBAPWg
p2EBRbzhPHEXIPC2kVoUsbTZfcWnKPk/pfHl80YAlZtuSMm2bO5Bzzp3vV485zoD
mAZsPiNbqd0o/hiQpj+nUGB/pXG+QoMUKCp71D+NwKZIyH76XNtqUJTiwwH7K/7A
p0zXt6stt6cFQ6QwXlxJh3y+urY+dRjCuXR/XVQzAoGALBKLzxL1womwtsmShHie
Wea0ZELQ8zvDxctsXfS8bfvcDAbL1tdKN3R4KyqfRR670JhzQui5fS9fczliLm5+
XeMIX61UfAoscEgb+lDUl///XxYtXgB0MnLM1jRExE/A6Us1ktQNamNUsNvg5vTz
C3fuZpaKLVGA185SlnNR9f0CgYAwwbgX4FnIeWk3BaFLRuIpYGw5+uYlYt4WQ9Ub
5Epa/ei0lrqqF6Ud0kBhWb1kRHCdqnL162yWNi7MsMNneucVQZAJ56yenGa1gD3M
2RGzn9664z2xPt9Jypu+Qhj1frcn9XQAI93Yg9WtuLTJlbRVW18imvWTEWjLBnQr
tNCA0wKBgDyIfKyFOCmgVY8gRk/mk1AHITL9liS1UYdyxuzYWIVefs5W9OKNBV+p
dLpU++DLTk7K4HT7X99VT42O/Yry9JVQ/BttjSH7F9qDqd8SBsi1nxaVGiCzLvSV
G2vIeTBfeI4hK8gUpUjxaTIJzxiJv+dlnLdGr13tEJS6pEVmuLAJ
-----END RSA PRIVATE KEY-----"""

public_key = """-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qHggSumaJ85aR1m/wb2
F7wg+e+1CFo08Dx0QG19Ii6zXXCjkmLHfkz44/1J33OQV2u1BJJ/6B70uXDYeHNx
xcEDbWOH54geTKriaLg+fGVhq/T7B3gUhIZhGz/8u8mtBDEDtoxwAxn7yLvR3P3a
dB5M3Ghp+2o7heAYdtLqxtfTe8cCHZ8ZLAVfwXNby0GJrq54909jxKjgUdBWU+ci
z4HrgrxjMbLxP2Epq0UzAEzxxqlUz/KjloehiyXr6FKH9eLqj8KSj0hcnW3QOgDK
hZI1lr2GCMvyXjB8wiesTxk5DNM0NAOCTrh1uDqZ4F1+rrOoMYDvs0VbNEAJlSfl
eQIDAQAB
-----END PUBLIC KEY-----"""

# data for encryption
data = "test"

# let's create the keys objects
private_key = RSA.importKey(private_key)
public_key = RSA.importKey(public_key)

# let's create the signer and verifier
signer = PKCS1_v1_5.new(private_key)
verifier = PKCS1_v1_5.new(public_key)

# data will be hashed before encryption
digest = SHA512.new()
digest.update(b64decode(data))

# encryption
signature = signer.sign(digest)

# verification
if signer.verify(digest, signature):
    print("Verification OK")
else:
    print("Verification FAIL")

I did everything as told by u but the problem is that the public key i am passing is in string format,which means i am hard coding and sending the key but i was told to convert it to pem format as this method returns true if only in pem .can u suggest anything regarding this

ODIS · Sep-30-2018, 10:23 PM

I'm sorry, I don't understand what you're trying to say about the public key. Try to present a full example with some test keys and I would like to try to help.

saisankalpj · Nov-20-2018, 09:32 AM

(Sep-21-2018, 08:05 PM)ODIS Wrote: Crypto library example: https://gist.github.com/lkdocs/6519372

I am getting false when i am using this code.The public key i am passing is in string format with the header "BEGIN PUBLIC KEY" and footer "END PUBLIC KEY".Is the string format the issue?

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	How can I get Python Bulk Email Verification Script With API?	zainalee	1	2,488	Jun-06-2021, 09:19 AM Last Post: snippsat
	Python Bulk Email Verification Script With API	Aj1128	0	2,621	Nov-28-2020, 11:38 AM Last Post: Aj1128
	List items verification for Integer type	vintysaw	4	2,878	Jan-17-2020, 01:56 PM Last Post: perfringo
	Remove Email Signature	NewBeie	4	9,326	Jan-01-2020, 06:44 PM Last Post: PythonPaul2016
	[cryptography.io] How to convert DER signature to ECDSA	fstefanov	1	3,029	Jul-04-2019, 08:59 AM Last Post: fstefanov
	Signature verification	saisankalpj	19	8,153	Nov-22-2018, 01:55 PM Last Post: saisankalpj
	With Python I cannot calculate an AWS signature for Rest APIs	Johno	4	6,479	Oct-06-2016, 11:05 AM Last Post: Johno

Signature verification

User Panel Messages

Announcements