英文:
Verify Apple's signature
问题
我正在尝试根据文档验证签名。这是一个示例:
# cryptography==37.0.4
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
import base64
data = b"demo data"
signature = b"demo signature"
public_key_base64 = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdp8GPcGqmhgzEFj9Z2nSpQVddayaPe4FMzqM9wib1+aHaaIzoHoLN9zW4K8y4SPykE3YVK3sVqW6Af0lfx3gg=="
public_key_bytes = base64.b64decode(public_key_base64)
apple_public_key = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), public_key_bytes)
apple_public_key.verify(
signature,
data,
ec.ECDSA(hashes.SHA256())
)
from_encoded_point 生成了以下错误:
raise ValueError("Unsupported elliptic curve point type")
ValueError: Unsupported elliptic curve point type
我还尝试了来自 chat GPT 的不同方法,但都不起作用。请问您是否能提供一个可行的示例?
英文:
I'm trying to verify a signature according to the documentation. Here is an example:
# cryptography==37.0.4
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
import base64
data = b"demo data"
signature = b"demo signature"
public_key_base64 = "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdp8GPcGqmhgzEFj9Z2nSpQVddayaPe4FMzqM9wib1+aHaaIzoHoLN9zW4K8y4SPykE3YVK3sVqW6Af0lfx3gg=="
public_key_bytes = base64.b64decode(public_key_base64)
apple_public_key = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), public_key_bytes)
apple_public_key.verify(
signature,
data,
ec.ECDSA(hashes.SHA256())
)
from_encoded_point generates:
raise ValueError("Unsupported elliptic curve point type")
ValueError: Unsupported elliptic curve point type
Also tried different approaches from chat GPT but none works. Could you provide a working example please?
答案1
得分: 1
以下是翻译好的部分:
"该密钥似乎是一个经过Base64编码的SubjectPublicKeyInfo格式的公钥。密码学模块通过cryptography.hazmat.primitives.serialization模块为其支持的所有公钥类型提供了一种通用的解码方法。因此,修复方法只需将以下代码
apple_public_key = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), public_key_bytes)
替换为以下更简单的代码:
apple_public_key = serialization.load_der_public_key(public_key_bytes)
当然,还需要将serialization添加到相关的导入语句中:
from cryptography.hazmat.primitives import hashes, serialization
英文:
The key appears to be a base64 encoded SubjectPublicKeyInfo formatted public key. The cryptography module provide a general method for decoding these for all the public key types it supports via the cryptography.hazmat.primitives.serialization module. Thus, the fix is simply to replace
apple_public_key = ec.EllipticCurvePublicKey.from_encoded_point(ec.SECP256R1(), public_key_bytes)
with the much simpler
apple_public_key = serialization.load_der_public_key(public_key_bytes)
and of course add serialization to the relevant import statement:
from cryptography.hazmat.primitives import hashes, serialization
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论