1

I write some certificate Authority that has it's own private/public cert keys . This CA signs public keys of user. If for example i have user that has a public cert that signed by the CA. How I can verify later that the user's certificate as indeed signed by that CA if he has the public cert of the CA ? I'm using cryptography module in Python, and there are some functions that i can use but I'm not sure how: The representation of both certificates is X.509 , which means that one can grab the public key of the user and use verify method, this is how i used it :

caCert.public_key().verify(clientCert.signature,clientCert.tbs_certificate_bytes,padding.PSS(       mgf=padding.MGF1(hashes.SHA256()),salt_length=padding.PSS.MAX_LENGTH),clientCert.signature_hash_algorithm)

But i still get invalid signature error

KaramJaber
  • 113
  • 3

1 Answers1

2

Your code should work.

However you (implicitely?) assume the certificate uses PSS padding for the RSA signature. While this is possible, it is extremely rare in practice, you should try validation using PKCS#1 v1.5 signature padding instead.

Converted my last comment to an answer because it apparently solved the problem.

SEJPM
  • 45,967
  • 7
  • 99
  • 205
  • 1
    Even better look at the sigAlg field(s) in the cert to determine the correct algorithm+padding, and in the rare case they do specify RSA-PSS look at the parameters there and use them or else the standard-specified defaults (see rfc 3447 or 8017) not arbitrary ones. And of course verifying the issuer's signature on a cert is not nearly enough to establish it should be trusted, for a particular purpose or at all; see rfc 5280. – dave_thompson_085 Oct 13 '17 at 02:24