如何使用特定的填充技术使用 M2Crypto 在 python 中签署文档?
我需要使用存储在 .pem 文件中的私钥对 python 中的一些文本进行数字签名。看来 M2Crypto 是目前首选的方法,所以这就是我正在使用的。我想我明白了大部分内容,但我对如何配置填充感到困惑。具体来说,我需要使用名为 kSecPaddingPKCS1SHA1 的填充方案来验证 iPhone 应用程序中的签名,其描述如下:
要签名的数据是 SHA1 哈希值。 将完成标准 ASN.1 填充,以及底层 RSA 操作的 PKCS1 填充。
作为一个加密专家,我对这意味着什么只有一个模糊的概念。我尝试查看一些 RFC,但发现它们难以理解。我看到 RSA 对象的加密/解密方法采用填充类型,但我没有看到任何与签名验证相关的类似内容。
任何帮助,尤其是代码方面的帮助,将不胜感激。
(从某种意义上说,这与这个问题相反< /a>.)
好的,下面给出的答案是正确的 AFAICT。以下代码生成 text 签名,该签名使用 kSecPaddingPKCS1SHA1 填充方案在 iPhone 上进行验证。
from M2Crypto import EVP
privkey = EVP.load_key("privkey.pem")
privkey.sign_init()
privkey.sign_update(text)
signature = privkey.sign_final()
(很抱歉发表社论,但我可以说加密货币黑客是宇宙中最糟糕的文档编写者之一吗?)
I need to digitally sign some text in python using a private key stored in a .pem file. It seems like M2Crypto is the preferred way to do that these days, so that's what I'm using. I think I get most of it, but I'm confused about how to configure padding. To be specific, I need to verify the signature in an iPhone app, using a padding scheme called kSecPaddingPKCS1SHA1 and described like this:
Data to be signed is a SHA1 hash.
Standard ASN.1 padding will be done, as well as PKCS1 padding of the underlying RSA operation.
Not being a crypto expert, I have only a fuzzy idea what this means. I've tried to look at some of the RFCs but found them impenetrable. I see that the encryption/decryption methods of RSA objects take padding types, but I don't see anything similar related to signature verification.
Any help, especially with code, will be appreciated.
(In some sense this is the converse of this question.)
Ok, the answer given below is correct AFAICT. The following code generates a signature for text that validates on the iPhone using the kSecPaddingPKCS1SHA1 padding scheme.
from M2Crypto import EVP
privkey = EVP.load_key("privkey.pem")
privkey.sign_init()
privkey.sign_update(text)
signature = privkey.sign_final()
(Sorry to editorialize, but can I just say that crypto hackers are some of the lousiest documentation writers in the universe?)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
AFAIK M2Crypto 在需要的地方添加了填充。
PKCS1 填充是默认值。
但是,(同样仅据我所知),签名没有填充,填充仅添加到加密数据中以防止可能的攻击。<br>
编辑:用户咖啡馆在评论中说,填充对于良好的签名至关重要。我仍然建议您尝试使用默认的 M2Crypto 行为,它可能会添加它。
在 M2Crypto 生成的文档上,您可以看到{public,private}_{encrypt,decrypt}方法有一个填充选项,默认为PKCS1,而sign方法没有。
IMO 只需使用默认的 M2Crypto 参数尝试一下,它可能会起作用。
AFAIK M2Crypto adds padding where it's required.
PKCS1 padding is the default.
But, (again only AFAIK), signatures don't have padding, padding is only added to encrypted data to prevent a possible attack.
EDIT: user caf, in a comment says that a padding is essnetial to a good signature. I'm still recommending you try it with the default M2Crypto behavior, it might add it.
On M2Crypto's generated docs you can see that the {public,private}_{encrypt,decrypt} methods have a padding option, which is PKCS1 by default, while the sign menthod has none.
IMO just give it a shot with the default M2Crypto params, it will probably work.