I need to digitally sign some text in python using a private key stored in a .pem file. It seems like M2Crypto is the preferred way to do that these days, so that's what I'm using. I think I get most of it, but I'm confused about how to configure padding. To be specific, I need to verify the signature in an iPhone app, using a padding scheme called kSecPaddingPKCS1SHA1 and described like this:
Data to be signed is a SHA1 hash. Standard ASN.1 padding will be done, as well as PKCS1 padding of the underlying RSA operation.
Not being a crypto expert, I have only a fuzzy idea what this means. I've tried to look at some of the RFCs but found them impenetrable. I see that the encryption/decryption methods of RSA objects take padding types, but I don't see anything similar related to signature verification.
Any help, especially with code, will be appreciated.
(In some sense this is the converse of this question.)
Ok, the answer given below is correct AFAICT. The following code generates a signature for text that validates on the iPhone using the kSecPaddingPKCS1SHA1 padding scheme.
from M2Crypto import EVP
privkey = EVP.load_key("privkey.pem")
privkey.sign_init()
privkey.sign_update(text)
signature = privkey.sign_final()
(Sorry to editorialize, but can I just say that crypto hackers are some of the lousiest documentation writers in the universe?)