1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] Verifying Signatures on Data and Certifictes
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Verifying%20Signatures%20on%20Data%20and%20Certifictes&In-Reply-To=%3C20130930014403.GA31413%40rivest.dlitz.net%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000695.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] Verifying Signatures on Data and Certifictes</H1>
<B>Dwayne Litzenberger</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20Verifying%20Signatures%20on%20Data%20and%20Certifictes&In-Reply-To=%3C20130930014403.GA31413%40rivest.dlitz.net%3E"
TITLE="[pycrypto] Verifying Signatures on Data and Certifictes">dlitz at dlitz.net
</A><BR>
<I>Sun Sep 29 18:44:03 PDT 2013</I>
<P><UL>
<LI>Previous message: <A HREF="000695.html">[pycrypto] Verifying Signatures on Data and Certifictes
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#696">[ date ]</a>
<a href="thread.html#696">[ thread ]</a>
<a href="subject.html#696">[ subject ]</a>
<a href="author.html#696">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Thu, Sep 26, 2013 at 04:13:19PM -0600, Kyle Cummings wrote:
><i>I am trying to use the PyCrypto library to achieve two similar things.
</I>><i>The
</I>><i>first use is to verify that a piece of data has been signed by the private
</I>><i>key of a certain certificate. The other use is to verify a certificate
</I>><i>chain (verify that certificate A has signed B, and then that B has signed
</I>><i>C).
</I>[snip]
><i>Having the above code fail, I then found and tried adapting the code
</I>><i>here<<A HREF="http://www.v13.gr/blog/?p=303">http://www.v13.gr/blog/?p=303</A>>,
</I>><i>but I first received that the function "get_signature_algorithm()" does not
</I>><i>exists for X509 certificates, and then received the same error response
</I>><i>back for the verify function if I commented out the signature algorithm and
</I>><i>just manually provided the digest.
</I>
PyCrypto does not implement X.509, and probably never will. X.509 is a
mess and a huge amount of effort to implement correctly[1], and it makes
no sense for us to re-implement it in Python. Sorry.
[1] <A HREF="http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt">http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt</A>
--
Dwayne C. Litzenberger <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dlitz at dlitz.net</A>>
OpenPGP: 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000695.html">[pycrypto] Verifying Signatures on Data and Certifictes
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#696">[ date ]</a>
<a href="thread.html#696">[ thread ]</a>
<a href="subject.html#696">[ subject ]</a>
<a href="author.html#696">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|