java python rsa digital-signature pycrypto

SHA1withRSA verify in python?

I want to rewrite the code of Java to Python.The code is used to verify data through a .cer file.

public static boolean verifyByRSA(String certPath, byte[] aPlainData,
        byte[] aSignature) {
    boolean tResult = false;
    try {
        InputStream inStream = new FileInputStream(certPath);
        CertificateFactory tCertFactory = CertificateFactory
                .getInstance("X.509");
        Certificate tCertificate = tCertFactory
                .generateCertificate(inStream);

        Signature tSign = Signature.getInstance("SHA1withRSA", "BC");
        tSign.initVerify(tCertificate);

        tSign.update(aPlainData);
        tResult = tSign.verify(aSignature);

    } catch (Exception e) {
        e.printStackTrace();
    }
    return tResult;
}

The .cer file is like:

I have tried

from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA

key = RSA.importKey(open(cer_path).read())
signer = PKCS1_v1_5.new(key)
digest = SHA.new()
digest.update(str_to_sign)
if signer.verify(digest, base64.decodestring(signature)):
    return True
return False

But can't get the right result.What does the java code means?

Solution

The importKey function supports the following:

X.509 subjectPublicKeyInfo DER SEQUENCE (binary or PEM encoding)
PKCS#1 RSAPublicKey DER SEQUENCE (binary or PEM encoding)
OpenSSH (textual public key only)

Now only the first and second are part of an X.509 certificate.

You need a library to parse X.509 certificates, such as the cryptography package.

As a stopgap measure you can get the RSAPublicKey object in your Java code and call getEncoded. This will return a DER SEQUENCE with a subjectPublicKeyInfo that can be imported in Python crypto (the first supported format by the importKey function).