Prometheus
Reputation: 33625
Python decrypt signatures with only a public key
A company wants to send me a digital signature i.e this method. I only have the public key. This signature is used to authenticate who it came from AND contains details of the user, which I need.
What I don't understand is how I decrypt the signature with only public key and the signature I'm sent. All can do from the example I can find is verify the signature. Without knowing what the encrypted string is you cannot decrypt.
from ecdsa import SigningKey, NIST384p
sk = SigningKey.generate(curve=NIST384p)
vk = sk.get_verifying_key()
signature = sk.sign("message")
assert vk.verify(signature, "message")
I'm I misunderstanding or is there a different type of digital signature they are suggesting?
Upvotes: 1
Views: 3651
Answers (1)
Eric Levieil
Reputation: 3574
First, you need to use VerifyingKey. (see also @J0HN excellent comment) Something like (source: https://github.com/warner/python-ecdsa):
from ecdsa import VerifyingKey, BadSignatureError
vk = VerifyingKey.from_pem(open("public.pem").read())
message = open("message","rb").read()
sig = open("signature","rb").read()
try:
vk.verify(sig, message)
print "good signature"
except BadSignatureError:
print "BAD SIGNATURE"
Upvotes: 2
Related Questions
- Signed license key verification with RSA public key in Python
- How to decrypt with public key in pyCryptodome (Python 3.7)
- Encrypt a string using a public key
- Encrypting with RSA
- Using RSA in Python 3, need to sign a message (without hashing the message)
- Decryption using Public Key in Python
- Decrypt using an RSA public key with PyCrypto
- decrypt a message with RSA public key with PyCrypto
- PyCrypto: Decrypt only with public key in file (no private+public key)
- How to encrypt using public key?