RSA Signature/Verify with .key and .cer

Demonstrates how to use a .key file (private key) and digital certificate (.cer, public key) to create and verify an RSA signature.

Download Chilkat Python 2.5 Library

Download Chilkat Python 2.6 Library

Download Chilkat Python 2.6 Library (x64)

import sys
import chilkat

privKey = chilkat.CkPrivateKey()

#  Load the private key from an RSA .key file:
success = privKey.LoadPemFile("privateKey.key")
if (success != True):
    print privKey.lastErrorText()
    sys.exit()

#  Get the private key in XML format:
privKeyXml = privKey.getXml()

rsa = chilkat.CkRsa()

#  Any string argument automatically begins the 30-day trial.
success = rsa.UnlockComponent("30-day trial")
if (success != True):
    print rsa.lastErrorText()
    sys.exit()

#  Import the private key into the RSA component:
success = rsa.ImportPrivateKey(privKeyXml)
if (success != True):
    print rsa.lastErrorText()
    sys.exit()

#  Create the signature as a hex string:
rsa.put_EncodingMode("hex")

strData = "This is the string to be signed."

#  Sign the string using the sha-1 hash algorithm.
#  Other valid choices are "md2" and "md5".
hexSig = rsa.signStringENC(strData,"sha-1")

print hexSig

#  Load a digital certificate from a .cer file:
cert = chilkat.CkCert()

success = cert.LoadFromFile("myCert.cer")
if (success != True):
    print cert.lastErrorText()
    sys.exit()

# pubKey is a CkPublicKey
pubKey = cert.ExportPublicKey()

#  Now verify using a separate instance of the RSA object:
rsa2 = chilkat.CkRsa()

#  Import the public key into the RSA object:
success = rsa2.ImportPublicKey(pubKey.getXml())
if (success != True):
    print rsa2.lastErrorText()
    sys.exit()

#  The signature is a hex string, so make sure the EncodingMode is correct:
rsa2.put_EncodingMode("hex")

#  Verify the signature:
success = rsa2.VerifyStringENC(strData,"sha-1",hexSig)
if (success != True):
    print rsa2.lastErrorText()
    sys.exit()

print "Success."