How to verify a signature using M2Crypto 0.16

Question

After some goggling I found some usual answers for this question, like:
http://stackoverflow.com/questions/595114/how-to-load-an-rsa-key-from-a-pem-file-and-use-it-in-python-crypto

some code:

x509 = X509.load_cert_string(certificate)
pubkey = x509.get_pubkey()
pubkey.reset_context(md=sha1)
pubkey.verify_init()
pubkey.verify_update(content)
decoded_signature = signature.decode('base64')

if pubkey.verify_final(decoded_signature)==0:
    print 'error'
    sys.exit(1)

and the code presented above works fine in M2Crypto 0.20. But I need to do exactly the same think using the M2Crypto 0.16 (the official package in RHEL5), and I have problems using the pubkey.verify_final method because in this particular version the signature parameter doesn't exist. So how can I do it? using the M2Crypto 0.16 Thanks.

Answer 1

Lucky for you, the OpenSSL function you need is available in M2Crypto 0.16, it is just the Python method that is not providing the extra argument you need. This is easy to work around. Where you would call pubkey.verify_final(decoded_signature), call pubkey_verify_final(pubkey, decoded_signature), which you will define in your code as:

from M2Crypto import m2

def pubkey_verify_final(pubkey, decoded_signature):
    return m2.verify_final(pubkey.ctx, decoded_signature, pubkey.pkey)

(Note, I did not actually test that, just compared the source between 0.16 and 0.20.)

Answer 2

It works fine. Thanks