[pycrypto] Verifying Signatures on Data and Certifictes
Dwayne Litzenberger
dlitz at dlitz.net
Sun Sep 29 18:44:03 PDT 2013
On Thu, Sep 26, 2013 at 04:13:19PM -0600, Kyle Cummings wrote:
>I am trying to use the PyCrypto library to achieve two similar things.
>The
>first use is to verify that a piece of data has been signed by the private
>key of a certain certificate. The other use is to verify a certificate
>chain (verify that certificate A has signed B, and then that B has signed
>C).
[snip]
>Having the above code fail, I then found and tried adapting the code
>here<http://www.v13.gr/blog/?p=303>,
>but I first received that the function "get_signature_algorithm()" does not
>exists for X509 certificates, and then received the same error response
>back for the verify function if I commented out the signature algorithm and
>just manually provided the digest.
PyCrypto does not implement X.509, and probably never will. X.509 is a
mess and a huge amount of effort to implement correctly[1], and it makes
no sense for us to re-implement it in Python. Sorry.
[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
--
Dwayne C. Litzenberger <dlitz at dlitz.net>
OpenPGP: 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
More information about the pycrypto
mailing list