From p.j.kershaw at RL.AC.UK Thu Apr 12 16:23:44 2007 From: p.j.kershaw at RL.AC.UK (Philip Kershaw) Date: Thu, 12 Apr 2007 16:23:44 +0200 Subject: [PYTHON-CRYPTO] Verifying a certificate using M2Crypto Message-ID: Hi all, I'd like to know how to verify an X.509 certificate against it's CA cert with M2Crypto. Is there an equivalent call to the command line: $ openssl verify -CAfile cacert.pem cert.pem ? Cheers, Phil From heikki at OSAFOUNDATION.ORG Thu Apr 12 18:51:10 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Thu, 12 Apr 2007 09:51:10 -0700 Subject: [PYTHON-CRYPTO] Verifying a certificate using M2Crypto In-Reply-To: References: Message-ID: <461E637E.7060208@osafoundation.org> Philip Kershaw wrote: > I'd like to know how to verify an X.509 certificate against it's CA cert > with M2Crypto. Is there an equivalent call to the command line: I think you are looking for M2Crypto.X509.X509.verify. See tests.test_x509 for some usage samples. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From P.J.Kershaw at RL.AC.UK Fri Apr 13 10:23:22 2007 From: P.J.Kershaw at RL.AC.UK (Kershaw, PJ (Philip)) Date: Fri, 13 Apr 2007 09:23:22 +0100 Subject: [PYTHON-CRYPTO] Verifying a certificate using M2Crypto In-Reply-To: A<461E637E.7060208@osafoundation.org> Message-ID: Thanks - that worked: assert cert.verify(cacert.get_pubkey()) > -----Original Message----- > From: generic crypto class API for Python > [mailto:PYTHON-CRYPTO at NIC.SURFNET.NL] On Behalf Of Heikki Toivonen > Sent: 12 April 2007 17:51 > To: PYTHON-CRYPTO at NIC.SURFNET.NL > Subject: Re: Verifying a certificate using M2Crypto > > > Philip Kershaw wrote: > > I'd like to know how to verify an X.509 certificate against it's CA > > cert > > with M2Crypto. Is there an equivalent call to the command line: > > I think you are looking for M2Crypto.X509.X509.verify. See > tests.test_x509 for some usage samples. > > -- > Heikki Toivonen > > From ulrich.axel at GMAIL.COM Mon Apr 16 04:05:12 2007 From: ulrich.axel at GMAIL.COM (Axel Ulrich) Date: Mon, 16 Apr 2007 04:05:12 +0200 Subject: [PYTHON-CRYPTO] AttributeError: 'module' object has no attribute 'digest_size' in PyCrypto Message-ID: I got above error after I installed PyCrypto and Paramiko on Windows XP , Python 2.5. I saw this error somewhere when I google'd for it, but no solution was pointed out. On my Ubuntu box, it runs fine however. I am by no means an experienced Python programmer, but as most folks will run into this on Windows regardless of installing a binary PyCrypto distro or building it from source, the issue is in PyCrypto.Hash.SHA. The issue is that Windows file names are not case sensitive. This library imports itself rather than - what the author intended - importing the standard sha lib from Python. I got it fixed by changing PyCrypto.Hash.SHA as follows: # Just use the SHA module from the Python standard library __revision__ = "$Id: SHA.py,v 1.4 2002/07/11 14:31:19 akuchling Exp $" # from sha import * # import sha from hashlib import sha1 as sha new = sha blocksize = 1 # legacy value (wrong in any useful sense) digest_size = 20 digestsize = 20 if hasattr(sha, 'digestsize'): digest_size = digestsize del digestsize del sha Axel Here the traceback before the fix: Traceback (most recent call last): File "demo_sftp.py", line 30, in import paramiko File "C:\dev\Python25\lib\site-packages\paramiko\__init__.py", line 69, in from transport import randpool, SecurityOptions, Transport File "C:\dev\Python25\lib\site-packages\paramiko\transport.py", line 32, in from paramiko import util File "C:\dev\Python25\lib\site-packages\paramiko\util.py", line 31, in from paramiko.common import * File "C:\dev\Python25\lib\site-packages\paramiko\common.py", line 107, in randpool = RandomPool() File "C:\dev\Python25\lib\site-packages\Crypto\Util\randpool.py", line 101, in __init__ self._getPos = hash.digest_size AttributeError: 'module' object has no attribute 'digest_size'