如何使用Python gdata.tlslite.utils.ASN1Parser获取指数和模数？

发布于 2024-12-18 19:13:13 字数 1191 浏览 3 评论 0原文

我想做的是使用 Python GAE 读取一些 PEM 公钥。

RSAKey 模块不解析 PEM 格式的公钥，仅解析私钥。

如果我可以从 PEM 获得模数和指数，我就可以从那里开始。

使用 openssl asn1parse 探索典型的 PEM（我将使用的那种），我可以找到它们所在的 BIT STRING 。

但我不知道如何使用 gdata ASN1Parser 找到它们。

例如 openssl 输出：

openssl asn1parse -i -in test.pem
 0:d=0  hl=3 l= 159 cons: SEQUENCE          
 3:d=1  hl=2 l=  13 cons:  SEQUENCE          
 5:d=2  hl=2 l=   9 prim:   OBJECT            :rsaEncryption
16:d=2  hl=2 l=   0 prim:   NULL              
18:d=1  hl=3 l= 141 prim:  BIT STRING

然后向下钻取，我可以看到 RSA 模数和指数：

openssl asn1parse -strparse 18 -i -in test.pem 
  0:d=0  hl=3 l= 137 cons: SEQUENCE          
  3:d=1  hl=3 l= 129 prim:  INTEGER           :09C7A8007111B2B...
135:d=1  hl=2 l=   3 prim:  INTEGER           :010001

如果我随后采用相同的 PEM 并在 Python 中将其粘贴到 bytes 中，我如何让正确的子项获得这些价值观？

asn1 = ASN1Parser(bytes)
modulus = asn1.getChild(1).getChild(0).value
exponent = asn1.getChild(1).getChild(1).value
binascii.hexlify(modulus)

或者什么？我不知道我需要看什么级别等。我也不知道我在做什么...使用 hexlify 我可以看到其中的值，但总是（与孩子和深度一起玩）前面有额外的东西，和/或不是如图所示的完整数字在 openssl 中。

原文

What I am trying to do is read some PEM public keys using Python GAE.

the RSAKey module does not parse PEM formatted public keys, just private.

If I can get the modulus and exponent from the PEM, I can go from there.

Exploring a typical PEM (of the sort I will be using) with openssl asn1parse I can find the BIT STRING where they live.

But I can't figure out how to find them using the gdata ASN1Parser.

For example openssl output:

openssl asn1parse -i -in test.pem
 0:d=0  hl=3 l= 159 cons: SEQUENCE          
 3:d=1  hl=2 l=  13 cons:  SEQUENCE          
 5:d=2  hl=2 l=   9 prim:   OBJECT            :rsaEncryption
16:d=2  hl=2 l=   0 prim:   NULL              
18:d=1  hl=3 l= 141 prim:  BIT STRING

And then drilling down I can see the RSA Modulus and Exponent:

openssl asn1parse -strparse 18 -i -in test.pem 
  0:d=0  hl=3 l= 137 cons: SEQUENCE          
  3:d=1  hl=3 l= 129 prim:  INTEGER           :09C7A8007111B2B...
135:d=1  hl=2 l=   3 prim:  INTEGER           :010001

If I then take this same PEM and in Python stick it into bytes, how do I get the correct child to get these values?

asn1 = ASN1Parser(bytes)
modulus = asn1.getChild(1).getChild(0).value
exponent = asn1.getChild(1).getChild(1).value
binascii.hexlify(modulus)

Or what? I can't figure out what level, etc I need to look. I also don't really know what I'm doing... Using hexlify I can see the values in there, but always (playing with child, and depth) with extra stuff in front, and/or not the full number as shown in openssl.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

梓梦 2024-12-25 19:13:13

我修改了 tlslite 来完成您正在谈论的事情...这是一个应该可以帮助您的代码片段。 “bytes”是 DER 编码的公钥。

我认为您遇到的问题是某些键可能有“填充”。填充长度是有效负载的第一个字节。然后，您需要跳过填充字节和那么多字节的填充。

@staticmethod
def parseDERPublicKey(bytes):
    a = ASN1Parser(bytes)
    b = a.getChild(1)
    padding = b.value[1]
    # TODO: I am assuming padding is 0, this is wrong.
    #       Skip the padding as well.
    c = b.value[1:] # get the mod/exp portion after the padding
    d = ASN1Parser(c)

    modulus = bytesToNumber(d.getChild(0).value)
    exponent = bytesToNumber(d.getChild(1).value)

I modified tlslite to do what you are talking about... Here's a snippet that should help you out. "bytes" is the DER encoded public key.

I think the problem that you are having is that some keys may have "padding". The padding length is the first byte of the payload. You'll then need to skip the padding bytes and that many bytes of padding.

@staticmethod
def parseDERPublicKey(bytes):
    a = ASN1Parser(bytes)
    b = a.getChild(1)
    padding = b.value[1]
    # TODO: I am assuming padding is 0, this is wrong.
    #       Skip the padding as well.
    c = b.value[1:] # get the mod/exp portion after the padding
    d = ASN1Parser(c)

    modulus = bytesToNumber(d.getChild(0).value)
    exponent = bytesToNumber(d.getChild(1).value)

回复收藏 0 原文

~没有更多了~