PyCrypto出口/进口签名
PyCrypto出口/进口签名
提问于 2015-05-07 12:16:38
创建了一个带有套接字的客户端服务器应用程序,我正在尝试将签名从客户端传输到服务器。我把它从元组转换成字符串,然后再转换回元组。但是签名停止了。如何解决这个问题?
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
public_key_file = open('public.pem','r')
public_key = RSA.importKey(public_key_file.read())
signature = "(90392831408741910958006452852395405116864328891950288888434929210668328849466319419951775157374761930395371626801844365799774616689823184955256615103504859356914334395152128600862146719619859327119380994333493461955529620578485576675021993313219918726432622856542420570716350341841652548574072964446809201965L,)"
signature_tuple = signature.split(",")
message = "Block_Height:1 From:c52030257a864a67ae4ef8a726282ed2b6b273fbccb474885027a857 To:2 Amount:3"
if public_key.verify(message, signature_tuple) == True:
print "Signature valid"。
Traceback (most recent call last):
File "C:\Users\kucerjan\Desktop\test\sco\public_test.py", line 12, in <module>
if public_key.verify(message, signature_tuple) == True:
File "build\bdist.win32\egg\Crypto\PublicKey\RSA.py", line 221, in verify
return pubkey.pubkey.verify(self, M, signature)
File "build\bdist.win32\egg\Crypto\PublicKey\pubkey.py", line 126, in verify
return self._verify(M, signature)
File "build\bdist.win32\egg\Crypto\PublicKey\RSA.py", line 257, in _verify
return self.key._verify(m, s)
File "build\bdist.win32\egg\Crypto\PublicKey\_slowmath.py", line 73, in _verify
return self._encrypt(sig) == m
File "build\bdist.win32\egg\Crypto\PublicKey\_slowmath.py", line 65, in _encrypt
return pow(m, self.e, self.n)
TypeError: unsupported operand type(s) for pow(): 'str', 'long', 'long'此签名已使用str(签名)转换为字符串。我基本上需要把它转换成字符串和返回。
公用钥匙:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFiMH7Lbd4JPFug8TaxX1DT8ad
lzzGm7CG1js0IQn2pCPPWBS+io1i0iUPmj78IOtUuoBqtEYGPgwqguYHozBuvdJy
Lcz4C2bYcjb2l8mQ4PM7iaCN4eHB+4xa+iJduogTjq8gx5m3j5mttEGUbZc2Q/AO
yde592P2iuRIrXcLuwIDAQAB
-----END PUBLIC KEY-----回答 2
Stack Overflow用户
回答已采纳
发布于 2015-05-07 13:26:10
问题在于反序列化签名元组。
PyCrypto期望一个以整数作为第一个值的元组,您将向它传递一个带有开始paren "(“然后是一个数字的字符串版本)的字符串。
而不是这样做:
signature_tuple = signature.split(",")执行此操作
signature_tuple = eval(signature)这将正确地解析签名。
现在,有security risks with using eval了。所以,如果我是您,我会想出一个更好的序列化/反序列化过程。
Stack Overflow用户
发布于 2016-04-10 22:04:35
最好的方法是将PKCS1_v1_5用于实际应用程序,并结合base64对客户端和服务器之间的签名进行编码和解码。不需要评估。
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
import base64
message = 'To be signed'
key = RSA.importKey(open('privkey.der').read())
h = SHA.new(message)
signer = PKCS1_v1_5.new(key)
signature = signer.sign(h)
signature_enc = str(base64.b64encode(signature))
#print signature_enc
signature_dec = str(base64.b64decode (signature_enc))
#print sugnature_dec
key = RSA.importKey(open('pubkey.der').read())
h = SHA.new(message)
verifier = PKCS1_v1_5.new(key)
if verifier.verify(h, signature_dec):
print "The signature is authentic."
else:
print "The signature is not authentic."页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/30102357
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号