Is there any known way to sign a plain text string with RSA private key on Google App Engine Python SDK?
Asked
Active
Viewed 3,064 times
7
-
Just found a solution on this thread http://groups.google.com/group/google-appengine-python/browse_thread/thread/ca8b1182d9ac3e5b/8780327439c3cf7a?lnk=gst&q=RSA#8780327439c3cf7a – Vladimir Prudnikov Mar 02 '10 at 22:16
-
If you want a secure implementation then you need an RSA signature scheme that uses an appropriate padding. Neither pycrypto nor the implementation on http://stuvel.eu/rsa recommended in on one of the answers do use a correct padding, and hence should not be used. Python has some bindings to good implemenations like openssl, but unfortunately I don't know what is available on Google's app engine. – Accipitridae Mar 17 '10 at 22:32
2 Answers
6
The library tlslite included in the gdata python library is a good option.
http://code.google.com/p/gdata-python-client/
example:
from tlslite.utils import keyfactory
private_key = keyfactory.parsePrivateKey(rsa_key)
signed = private_key.hashAndSign(data)
sebastian serrano
- 1,047
- 12
- 12
3
I haven't used it, but this appears to be a pure-Python RSA implementation, so it might work on App Engine:
Their Mercurial repo appears to be fairly active, too.
Will McCutchen
- 13,047
- 3
- 44
- 43