如何在Python中使用M2Crypto重新创建以下签名cmd行OpenSSL调用? [英] How to recreate the following signing cmd-line OpenSSL call using M2Crypto in Python?

问题描述

这在命令行中非常有效，我想在Python代码中使用M2Crypto进行同样的操作.

This works perfectly in command-line, I would like to do the same using M2Crypto in Python code.

openssl smime -binary -sign -signer certificate.pem -inkey key.pem \
                    -in some_file.txt -out signed_file -outform DER \
                    -passin pass:somepassword

推荐答案

这就是我一直使用M2Crypto对文件进行签名的方式.

This is how I have been using M2Crypto to sign a file.

text = open('/path/to/some_file.txt').read()
passphrase = 'somepassword'
buffer = M2Crypto.BIO.MemoryBuffer(text)
signer = M2Crypto.SMIME.SMIME()
signer.load_key('/path/to/key.pem', '/path/to/certificate.pem', lambda x: passphrase)
p7 = signer.sign(buffer, flags=M2Crypto.SMIME.PKCS7_DETACHED)
out = M2Crypto.BIO.MemoryBuffer()
p7.write_der(out)
signature = out.getvalue()
print signature

这对我来说很好.如果您的签名不完全符合您的要求，则可能需要使用signer.sign中的标志.

This works well for me. You may need to play around with the flags in signer.sign if your signature is not exactly how you want it.

这篇关于如何在Python中使用M2Crypto重新创建以下签名cmd行OpenSSL调用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！