Verify signature with third-party? about python-pkcs11 HOT 5 CLOSED

If your device supported it you could load a key from the session and use the device's mechanisms, but generally speaking don't do this. Devices are traditionally very slow at crypto, much slower than your CPU and many devices don't support the public side of the cryptography (e.g. verify/encrypt).

Your code looks correct to me. You've got two specific problems with handling data in cryptography. One is the mechanisms, the other is the data format expected by the other party. Libraries can be incredibly vague on the format. I believe oscrypto uses the same format we do. Here's an example of external verification in ECDSA:

    self.session.create_domain_parameters(KeyType.EC, {
        Attribute.EC_PARAMS: encode_named_curve_parameters('secp256r1'),
    }, local=True)\
        .generate_keypair()

    priv = self.session.get_key(key_type=KeyType.EC,
                                object_class=ObjectClass.PRIVATE_KEY)

    signature = priv.sign(b'Data to sign', mechanism=Mechanism.ECDSA_SHA1)
    # Encode as ASN.1
    signature = encode_ecdsa_signature(signature)

    from oscrypto.asymmetric import load_public_key, ecdsa_verify

    pub = self.session.get_key(key_type=KeyType.EC,
                               object_class=ObjectClass.PUBLIC_KEY)
    pub = load_public_key(encode_ec_public_key(pub))

    ecdsa_verify(pub, signature, b'Data to sign', 'sha1')

from python-pkcs11.

Hi @danni , I ran this code for testing and when I print ecdsa_verify it returns None. I tried changing the content of the data to be signed to make it differente from the data to verify, and the result was
oscrypto.errors.SignatureError: Signature is invalid
So, as I could understood, None is verification successfull and the exception is verification failed, is that correct? Is the None result the really expected output when success?

from python-pkcs11.

@danni , one more question. I am writting a client-server project, in which the client has the USB token attached. Before it can perform operations on the server, it sends a POST request with it's serial number, the public key and the data being the serial number, so the server can trust in the further requests from this client.
But, the problem is the format of this public key, When it goes over the POST request, it's url encoded or something like string, I'm not sure. When it reaches the server, I can't do the verify part.
I tried some ways to decode/encode but this mix of the libraries make me very confused.
So,how can I encode this pub key to PEM format to send from client to server, and how can I decode it to the proper format to load_public_key and run ecdsa_verify ?

from python-pkcs11.

This reference code is for ECDSA, you'll need to adapt it for RSA. As to what their API returns, that's covered in their API docs :)

If you're transmitting over HTTP POST, your problem is likely the transmission of raw binary over a text protocol. I see a lot of encode and decode in your code. The purpose of these functions is to change binary data into text (e.g. in UTF-8). It is not to prepare binary data for transport, and encoding can result in a string that decodes legitimately differently when the same character occupies two code points. When transmitting binary data over text, use base64 or similar. In HTTP POST, you can also send MIME multipart (which is really just base64 encoding, but with more metadata).

As for your project, BE VERY CAREFUL AT INCORRECTLY REIMPLEMENTING CRYPTOGRAPHIC PROTOCOLS. Like the cryptographic primitives, incorrect implementation of cryptographic protocols can lead to less or worse security. If you want to identify a client to a server, that functionality already exists within TLS, see Client Authenticated Handshake.

from python-pkcs11.

Hi, basically you need to sign something and check in side server that your sign is correct, so you need to extract the certificate that represent your sign, so in the server side you can check that the certificate is Valid in your trusted CA and then you can verify the sign.

How to extract your certificate form device and convert to pem format
master...luisza:extract_certificates

You can send the signature in base64 and the pem certificate, then use the certificate to verify in server side, For example you have a document sha256 hashsum that you need to sign, so you send it to your client, he sign the hashsum and send you the certificate and the signed message, you get that and check the certificate if it's ok, then try to verify the signed sha256 hashsum using the storage plain hashsum and the certificate.

The server side could be something like this:

from Crypto.Hash import SHA512
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA
def validate_sign(public_certificate, key, cipher_text):
    # check the certificate with your trusted CA
    if not check_certificate(public_certificate):
           raise Exception("Invalid certificate")
    cipher_text = b64decode(cipher_text)
    if hasattr(key, 'encode'):
        key = key.encode()
    digest = SHA512.new()
    digest.update(key)
    pub_key = RSA.importKey(public_certificate)
    verifier = PKCS1_v1_5.new(pub_key)
    result = verifier.verify(digest, cipher_text)
    return result

from python-pkcs11.