There is a specific class method called importKey in PyCrypto to read in DER or PEM encoded RSA keys.
from base64 import b64decode
from Crypto.PublicKey import RSA
publicKeyBase64="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVicPgYOx7mDPYDtq4kj24uRfIdNVxjMp9DNlsvmDr9ojrDBn+Ue1YdxYb/rBlDFYab57ClhzOgZjdmUv3T3WKKXE8To9tN2PG/bYEkZpBxn6M1vl0mrp/l6WbyUH4oXUx4kQAeM8/XXZdymbg8S6oLeWT1YrAj6k15fWpSMN0qQIDAQAB"
keyDER = b64decode(publicKeyBase64)
keyPub = RSA.importKey(keyDER)
If your key is not a simple DER, but a full X.509 certificate, see this other StackOverflow answer.
Once you have keyPub
, you can verify the signature like this:
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
verifier = PKCS1_v1_5.new(keyPub)
h = SHA.new(message)
result = verifier.verify(h, signature)