Hus to Know?: Verifying X509 certs and private keys

Tuesday, November 13, 2012

Verifying X509 certs and private keys

Using the Chef SSL cookbook and want a way to verify your X509 cert and private key sign correctly? Here's how you can use M2Crypto and JSON loads to double check....

Adapted from http://note.harajuku-tech.org/m2crypto-signverify-with-x509-rsa-sha-256...

from M2Crypto import RSA
import json

data_bag_1 = json.loads(open("mycert.json", "r").read())

key = str(data_bag_1['key'])
cert = str(data_bag_1['cert'])

pk=RSA.load_key_string(key)
import hashlib
digest = hashlib.sha256( "ABCDEFGHIJKLMN" ).digest()
signature=pk.sign(digest)

from M2Crypto import X509
pub=X509.load_cert_string(cert).get_pubkey().get_rsa()
pub.verify(digest,signature)

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)