meet M2Crypto.RSA.RSAError: bad signature while using rsa.verify

Question

all. I have to verify a signature that signed by PHP, but i'm using python.

here is the code:

e, n = parse_key('publickey(prod).xml')
rsakey = Crypto.PublicKey.RSA.construct((long(n), long(e)))
public_key = rsakey.publickey().exportKey()
bio = M2Crypto.BIO.MemoryBuffer(public_key)
rsa = M2Crypto.RSA.load_pub_key_bio(bio)

sign = 'E04bby1CgTm4EvTSp3ZXsgb/P/x7YQX90+Rb5sTZe7XItVR5y5ZtQZyVUszNaUS2fiOrepcLrMnAjTSs9mHa7WCpCNvM5baKSARsm2Jgt6orwzYqAKKBxhP3GhV1aMqNV5swpdJmuH4J70qvcE1iCs0ji9rCBmG3ZwPjGukfUoQ='
unsigned_data = 'merchantId=109060001104024&version=v1.0&language=1&signType=1&issuerId=&paymentOrderId=20110503115316732&orderNo=109060001104024201105031155191155199245&orderDatetime=20110503115519&orderAmount=1&payDatetime=20110503115316&payAmount=1&ext1=&ext2=&payResult=1&errorCode=&returnDatetime=20110503115418'    
m = EVP.MessageDigest('sha1')
print m.update(unsigned_data)
digest = m.final()
sign = base64.b64decode(sign)
result = rsa.verify(digest, sign, algo='sha1')

here is the error message:

Traceback (most recent call last):
  File "E:\project\site\daybang\allinpay\pub_xml.py", line 38, in <module>
    result = rsa.verify(digest, sign, algo='sha1')
  File "C:\Python25\Lib\site-packages\M2Crypto\RSA.py", line 205, in verify
    return m2.rsa_verify(self.rsa, data, signature, digest_type) 
M2Crypto.RSA.RSAError: bad signature

I can't find out how to generate the good signature from the sign that get from the server(ie the "sign" in my code). thx.

Answer 1

How are you doing the RSA signatures in PHP? A lot of PHP RSA implementations don't do PKCS#1 compliant signatures, which would mean that they're not interoperable.

Personally, I'd recommend phpseclib, a pure PHP RSA implementation.