PHP's openssl_sign() using M2Crypto?

KW usenet2 at wojasfoo.vvtpfoo.tudelftfoo.nlfoo
Sun May 21 00:28:05 CEST 2006


I'm trying to convert some PHP code using OpenSSL to Python and I'm stuck 
on openssl_sign() which uses an RSA private key to compute a signature.

Example PHP code:
  $privkeyid = openssl_get_privatekey($priv_key, $key_pass);
  openssl_sign($data, $signature, $privkeyid);
  openssl_free_key($privkeyid);

I've tried several permutations of the stuff in M2Crypto.EVP but I can't get
it to work...

The openssl module in PHP basicly does this (C code): 
  EVP_SignInit(&md_ctx, EVP_sha1());
  EVP_SignUpdate(&md_ctx, data, data_len);
  EVP_SignFinal(&md_ctx, sigbuf, &siglen, pkey);

Looks like some magic is used to get pkey, I think that's what I'm missing.
See php_openssl_evp_from_zval() in PHP's ext/openssl/openssl.c.

I've tried the following:
  key = M2Crypto.EVP.load_key(keyfile, lambda x: passphr)
  hmac = M2Crypto.EVP.HMAC(key, 'sha1')
  hmac.update(message)
  hmac.final()

But this results in:
    File "/usr/lib/python2.4/site-packages/M2Crypto/EVP.py", line 39, in __init__
      m2.hmac_init(self.ctx, key, self.md)
  TypeError: expected a readable buffer object
  Segmentation fault

Unfortunately M2Crypto documentation is practically nonexistent..

Best regards,
-- 
Konrad



More information about the Python-list mailing list