从证书中提取公钥并加密数据

发布于 2024-11-03 12:29:35 字数 356 浏览 1 评论 0原文

这是家庭作业！我使用 get_peer_certificate() 获取服务器的证书并调用 dump_certificate 将证书转储到变量中。格式是 PEM，看起来很适合我。

-----BEGIN CERTIFICATE-----
GIBBERISH................
......................
........................

-----END CERTIFICATE-----

如何从此文件（'server.pubkey'）中提取服务器的公钥并使用 RSA 算法和任何 python 库加密明文。在撰写本文时，我正在使用 pyOpenSSL

原文

This is for a homework assignment!
I get the server's certificate using get_peer_certificate()
and the calling dump_certificate to dump the certificate in a variable. The format is PEM and looks right to me.

-----BEGIN CERTIFICATE-----
GIBBERISH................
......................
........................

-----END CERTIFICATE-----

How do I extract the server's public key from this file ('server.pubkey') and encrypt plaintext using RSA algorithm and any python library. At the time of writing this, I am using pyOpenSSL

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

哥，最终变帅啦 2024-11-10 12:29:35

我建议使用更广泛的加密库，例如 M2Crypto ，它具有 X509 证书功能以及 RSA 加密：

from M2Crypto import RSA, X509
data = ssl_sock.getpeercert(1)
# load the certificate into M2Crypto to manipulate it
cert = X509.load_cert_string(data, X509.FORMAT_DER)
pub_key = cert.get_pubkey()
rsa_key = pub_key.get_rsa()
cipher = rsa_key.public_encrypt('plaintext', RSA.pkcs1_padding)

I'd recommend using a more broad crypto library such as M2Crypto which has the X509 certificate functions as well as RSA encryption:

from M2Crypto import RSA, X509
data = ssl_sock.getpeercert(1)
# load the certificate into M2Crypto to manipulate it
cert = X509.load_cert_string(data, X509.FORMAT_DER)
pub_key = cert.get_pubkey()
rsa_key = pub_key.get_rsa()
cipher = rsa_key.public_encrypt('plaintext', RSA.pkcs1_padding)

回复收藏 0 原文

糖果控 2024-11-10 12:29:35

    from OpenSSL import crypto        
    crtObj = crypto.load_certificate(crypto.FILETYPE_ASN1, config.x509_certificate)
    pubKeyObject = crtObj.get_pubkey()
    pubKeyString = crypto.dump_publickey(crypto.FILETYPE_PEM, pubKeyObject)

    from OpenSSL import crypto        
    crtObj = crypto.load_certificate(crypto.FILETYPE_ASN1, config.x509_certificate)
    pubKeyObject = crtObj.get_pubkey()
    pubKeyString = crypto.dump_publickey(crypto.FILETYPE_PEM, pubKeyObject)

回复收藏 0 原文

君勿笑 2024-11-10 12:29:35

from cryptography.x509 import load_pem_x509_certificate

cert_str = b"-----BEGIN CERTIFICATE-----MIIDETCCAfm..."
cert_obj = load_pem_x509_certificate(cert_str)
public_key = cert_obj.public_key()
private_key = cert_obj.private_key()

来源：https://pyjwt.readthedocs.io/en/stable/faq.html< /a>

from cryptography.x509 import load_pem_x509_certificate

cert_str = b"-----BEGIN CERTIFICATE-----MIIDETCCAfm..."
cert_obj = load_pem_x509_certificate(cert_str)
public_key = cert_obj.public_key()
private_key = cert_obj.private_key()

Source: https://pyjwt.readthedocs.io/en/stable/faq.html

回复收藏 0 原文

私野 2024-11-10 12:29:35

请注意，不建议将 OpenSSL 库用于这些目的。相反，密码学库被指出。它得到维护并定期更新。

假设您有 Pem 格式的证书，以下代码块将为您提供字符串形式的公钥。

from cryptography import x509
from cryptography.hazmat.primitives import serialization

def read_pub_key_from_cert():
    # Read certificate file.
    with open("tls.crt") as certificate:
        cert = certificate.read()

    # Convert it into bytes.
    cert_in_bytes = bytes(cert, 'utf-8')

    # Create x509 certificate object.
    cert_obj = x509.load_pem_x509_certificate(cert_in_bytes)

    # Create Public key object.
    public_key_obj = cert_obj.public_key()

    # Convert Public key object into Pem format in bytes.
    public_pem = public_key_obj.public_bytes(
                    encoding=serialization.Encoding.PEM,
                    format=serialization.PublicFormat.SubjectPublicKeyInfo
    )
    # Convert Public key into string.
    pub_key_string = public_pem.decode("utf-8")

    return(pub_key_string)

Note that OpenSSL library is not recommended to be used for those purposes. Instead, cryptography library is pointed. It is maintained and regularly updated.

Assuming you have the certificate in Pem format, the following code block will give you public key in string.

from cryptography import x509
from cryptography.hazmat.primitives import serialization

def read_pub_key_from_cert():
    # Read certificate file.
    with open("tls.crt") as certificate:
        cert = certificate.read()

    # Convert it into bytes.
    cert_in_bytes = bytes(cert, 'utf-8')

    # Create x509 certificate object.
    cert_obj = x509.load_pem_x509_certificate(cert_in_bytes)

    # Create Public key object.
    public_key_obj = cert_obj.public_key()

    # Convert Public key object into Pem format in bytes.
    public_pem = public_key_obj.public_bytes(
                    encoding=serialization.Encoding.PEM,
                    format=serialization.PublicFormat.SubjectPublicKeyInfo
    )
    # Convert Public key into string.
    pub_key_string = public_pem.decode("utf-8")

    return(pub_key_string)

回复收藏 0 原文

~没有更多了~