这两个码提供相同的签名,预计:M2crypto签名 “算法”
代码1:
from M2Crypto import RSA, EVP
import base64, hashlib
text = "some text"
pkey = EVP.load_key("mykey.pem") #"mykey.pem" was generated as: openssl genrsa -des3 -out mykey.pem 2048
pkey.sign_init()
pkey.sign_update(text)
signature = pkey.sign_final()
print base64.b64encode(signature)
码2:
pkey = RSA.load_key("mykey.pem")
signature = pkey.sign(hashlib.sha1(text).digest())
print base64.b64encode(signature)
但是,如果我想要“模仿“签名算法,即用私钥加密摘要,我得到一个不同的签名,即:
pkey = RSA.load_key("mykey.pem")
signature = pkey.private_encrypt(hashlib.sha1(text).digest(), RSA.pkcs1_padding)
print base64.b64encode(signature) #different from the two above
您能否提供一些解释?后一种签名方式有什么问题?
你可以显示你的进口吗? – Daenyth 2011-04-14 14:48:20
当然,对不起,我添加了进口 – michal 2011-04-14 19:49:58
仅供参考,我认为[pycrypto](http://www.dlitz.net/software/pycrypto/)是[首选加密软件包](http://stackoverflow.com/questions/1137874/recommended-python-cryptographic-module)。 – Keith 2011-04-16 04:55:15