'Bad Signature' error with M2Crypto

Usman Ajmal uzmanajmal at gmail.com
Sun Aug 10 11:24:21 CEST 2008

I think it is a right place to ask my query...

I wrote the following code for signing and verifying some message using
Public-Private Key Encyption but it has a problem. It is giving me a 'Bad
Signature' error at line 27. I don't know what wrong am i doing as to me the
signature is looking fine. If any 'geek' can help me out, i will really be

   1. import M2Crypto,sha
   2. from M2Crypto import X509, BIO, RSA ,EVP, util
   3. #Opening file named newcert.pem in which certificate generated via
   openssl command is placedu
   4. infile = open('/home/usman/newcert.pem', "r+")
   5. if infile:
   6.     string = infile.read()
   7. infile.close()
   8. #For calculating the hash of some arbitrary message
   9. sha1 = sha.new()
   10. sha1.update("some message")
   11. #Loading user-certificate from the buffer
   12. user_cert = X509.load_cert_bio(BIO.MemoryBuffer(string))
   13. print user_cert
   14. #Getting public-key
   15. user_pub_key = user_cert.get_pubkey()
   16. print user_pub_key
   17. user_pub_rsa = EVP.PKey.get_rsa(user_pub_key)
   18. print "Public Key: ", user_pub_rsa
   19. #Getting private-key
   20. key_bio = BIO.MemoryBuffer(string)
   21. certif_priv_rsa = RSA.load_key_bio(key_bio,util.passphrase_callback)
   22. print "Private Key: ", certif_priv_rsa
   23. #signing the hash of 'some message' with the private key
   24. signature = RSA.RSA.sign(certif_priv_rsa,sha1.digest(),algo='sha1')
   25. try:
   26.     #Verifying the signature
   27.     print RSA.RSA.verify(user_pub_rsa,"some message",signature,algo=
   28. except:
   29.     raise
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20080810/4c05a2a7/attachment.html>

More information about the Python-list mailing list