All geek questions in one place

Pycrypto: How to view raw RSA signature data?

I work with a service that uses raw RSA with a private key to sign the payload. Data is efficiently created using:

openssl rsautl -inkey private_key.pem -raw -sign

(Also, the result of private key encryption)

Unfortunately, in Pycrypto, the corresponding .verify() method only takes an argument to verify that the data against is returning true or false.

In openssl, this can be achieved using one of the following actions:

 # Private key based openssl rsautl -inkey private_key.pem -raw -verify # Public key based openssl rsautl -inkey public_key.pem -pubin -raw -verify

How can I achieve the same functionality in Pycrypto?

(I understand the risks of a raw RSA. To mitigate some of these risks, a custom fill mechanism has been implemented, unfortunately, it is not possible to change the current implementation)

0
source share
1 answer

Moving to the .verify() method, you can find how Pycrypto creates a verification signature before comparing it with a given required signature.

It essentially uses the Python pow() method with the public key (e) and the key module (n). First you need to pack the secret message into a (long) integer and then convert the result back to bytes. Fortunately, Pycrypto provides everything you need.

 from Crypto.PublicKey import RSA from Crypto.Util import number key = RSA.importKey(private_key_str, key_password_str) # The message must be packed as a long first. secret_message_long = number.bytes_to_long(secret_message_bytes) # The magic! verify_long = pow(encrypted_session_key_long, key.e, key.n) # and back to bytes verify_bytes = number.long_to_bytes(result_long) # Convert message back to a str (Unicode str in Py2). # Replace 'utf-8' with the correct encoding for *your* message!!!!! verify_str = verify_bytes.decode('utf-8')
0
source

Source: https://habr.com/ru/post/956581/

More articles:


All Articles