所有。我必须验证由PHP签名的签名,但我正在使用python。
这是代码:
e, n = parse_key('publickey(prod).xml')
rsakey = Crypto.PublicKey.RSA.construct((long(n), long(e)))
public_key = rsakey.publickey().exportKey()
bio = M2Crypto.BIO.MemoryBuffer(public_key)
rsa = M2Crypto.RSA.load_pub_key_bio(bio)
sign = 'E04bby1CgTm4EvTSp3ZXsgb/P/x7YQX90+Rb5sTZe7XItVR5y5ZtQZyVUszNaUS2fiOrepcLrMnAjTSs9mHa7WCpCNvM5baKSARsm2Jgt6orwzYqAKKBxhP3GhV1aMqNV5swpdJmuH4J70qvcE1iCs0ji9rCBmG3ZwPjGukfUoQ='
unsigned_data = 'merchantId=109060001104024&version=v1.0&language=1&signType=1&issuerId=&paymentOrderId=20110503115316732&orderNo=109060001104024201105031155191155199245&orderDatetime=20110503115519&orderAmount=1&payDatetime=20110503115316&payAmount=1&ext1=&ext2=&payResult=1&errorCode=&returnDatetime=20110503115418'
m = EVP.MessageDigest('sha1')
print m.update(unsigned_data)
digest = m.final()
sign = base64.b64decode(sign)
result = rsa.verify(digest, sign, algo='sha1')
这是错误消息:
Traceback (most recent call last):
File "E:\project\site\daybang\allinpay\pub_xml.py", line 38, in <module>
result = rsa.verify(digest, sign, algo='sha1')
File "C:\Python25\Lib\site-packages\M2Crypto\RSA.py", line 205, in verify
return m2.rsa_verify(self.rsa, data, signature, digest_type)
M2Crypto.RSA.RSAError: bad signature
我无法找到如何从服务器获取的符号生成好的签名(即我的代码中的“符号”)。 THX。
答案 0 :(得分:0)
你是如何在PHP中进行RSA签名的?许多PHP RSA实现不执行符合PKCS#1的签名,这意味着它们不可互操作。
就个人而言,我建议phpseclib, a pure PHP RSA implementation。
答案 1 :(得分:0)
joeforker在以下帖子中发布的示例代码有效。 How do you verify an RSA SHA1 signature in Python?