如何在Python中使用PKCS12编码RSA密钥？ [英] How to encode an RSA key using PKCS12 in Python?

问题描述

我正在使用Python（在Google App Engine下），并且我有一些需要以PKCS＃12格式导出的RSA私钥。有什么可以帮助我的吗？我正在使用PyCrypto / KeyCzar，并且已经弄清楚了如何以PKCS8格式导入/导出RSA密钥，但是我真的需要PKCS12格式。

I'm using Python (under Google App Engine), and I have some RSA private keys that I need to export in PKCS#12 format. Is there anything out there that will assist me with this? I'm using PyCrypto/KeyCzar, and I've figured out how to import/export RSA keys in PKCS8 format, but I really need it in PKCS12.

为我指明正确的方向？如果有帮助，我之所以需要PKCS12格式的原因是为了可以在iPhone上导入它们，iPhone似乎只允许以该格式导入密钥。

Can anybody point me in the right direction? If it helps, the reason I need them in PKCS12 format is so that I can import them on the iPhone, which seems to only allow key-import in that format.

推荐答案

如果您可以处理某些ASN.1代，则可以相对轻松地将PKCS＃8文件转换为PKCS＃12文件。 PKCS＃12文件基本上是PKCS＃8和证书的包装，因此要制作PKCS＃12文件，您只需在PKCS＃8文件和证书周围添加一些其他数据。

If you can handle some ASN.1 generation, you can relatively easily convert a PKCS#8-file into a PKCS#12-file. A PKCS#12-file is basically a wrapper around a PKCS#8 and a certificate, so to make a PKCS#12-file, you just have to add some additional data around your PKCS#8-file and your certificate.

通常，PKCS＃12文件将以加密结构包含证书，但是所有兼容的解析器都应该能够从未加密的结构中读取证书。另外，PKCS＃12文件通常将包含用于完整性检查的MacData结构，但这是可选的，没有它的兼容解析器应该可以正常工作。

Usually a PKCS#12-file will contain the certificate(s) in an encrypted structure, but all compliant parsers should be able to read it from an unencrypted structure. Also, PKCS#12-files will usually contain a MacData-structure for integrity-check, but this is optional and a compliant parser should work fine without it.

这篇关于如何在Python中使用PKCS12编码RSA密钥？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！