I have realized in the meanwhile that the Crypto.PublicKey.RSA interface contains already too much stuff and is quite shaky.
I therefore tried to create a separate module for signatures (much in the style of JCA).
import Crypto.Signature.PKCS1_v1_5 as PKCS
import Crypto.Hash.SHA as SHA1
import Crypto.PublicKey.RSA as RSA
key = RSA.importKey('pubkey.der')
h = SHA1.new()
h.update(message)
if PKCS.verify(h, key, signature):
print "The signature is authentic."
else:
print "The signature is not authentic."
I have put a variation of this in a branch on github, which is available via this command:
git clone -b pkcs1 git://github. com/Legrandin/ pycrypto. git
I have realized in the meanwhile that the Crypto. PublicKey. RSA interface contains already too much stuff and is quite shaky.
I therefore tried to create a separate module for signatures (much in the style of JCA).
import Crypto. Signature. PKCS1_v1_ 5 as PKCS PublicKey. RSA as RSA
import Crypto.Hash.SHA as SHA1
import Crypto.
key = RSA.importKey( 'pubkey. der')
h = SHA1.new()
h.update(message)
if PKCS.verify(h, key, signature):
print "The signature is authentic."
else:
print "The signature is not authentic."
Seem to be much cleaner than the other attempt.