如何为公共RSA/DSA密钥生成PEM序列化 [英] How to generate the PEM serialization for the public RSA/DSA key

问题描述

使用PyCrypto，我能够为RSA密钥生成公共和私有PEM序列化，但是在PyCrypto中，DSA类没有exportKey()方法.

Using PyCrypto I was able to generate the public and private PEM serialization for a RSA key, but in PyCrypto the DSA class has no exportKey() method.

尝试PyOpenSSL我能够为RSA和DSA密钥生成私有PEM序列化，但是PyOpenSSL中没有crypto.dump_publickey方法.

Trying PyOpenSSL I was able to generate the private PEM serialization for RSA and DSA keys, bu there is no crypto.dump_publickey method in PyOpenSSL.

我正在寻找有关如何为RSA和DSA密钥生成PEM序列化的建议.

I am looking for suggestion of how to generate the PEM serialization for RSA and DSA keys.

非常感谢！

PS:同时，我更改了PyOpenSSL代码，以也导出用于crypto API的dump_privatekey方法. PyOpenSSL错误和修补程序可以在以下位置找到: https://bugs.launchpad.net/pyopenssl/+ bug/780089

PS: meanwhile I have changed the PyOpenSSL code to also export an dump_privatekey method for crypto API. PyOpenSSL bug and patch can be found at: https://bugs.launchpad.net/pyopenssl/+bug/780089

我已经在使用Twisted.conch，所以我解决了这个问题，方法是使用PyCrypto手动生成DSA/RSA密钥，然后使用该密钥初始化twisted.conch.ssh.key.Key. Conch的Key类为字符串序列化提供了toString方法.

I was already using Twisted.conch so I solved this problem by manually generating a DSA/RSA key using PyCrypto and then initializing a twisted.conch.ssh.key.Key using this key. The Key class from Conch provides a toString method for string serialization.

推荐答案

目前尚不清楚您要做什么，但是如果您想要的只是与openssl兼容的DSA私钥，则应遵循openssl dsa(1)手册页:

It is not clear what you are doing this for, but if all you want is an openssl-compatible DSA private key, you should just follow the openssl dsa(1) manual page:

带有私钥的DER选项使用 ASN .1的ASN1 DER编码形式 SEQUENCE由以下值组成 版本(当前为零)，p，q，g， 公钥和私钥 分别作为ASN .1整数.

The DER option with a private key uses an ASN1 DER encoded form of an ASN .1 SEQUENCE consisting of the values of version (currently zero), p, q, g, the public and private key components respectively as ASN .1 INTEGERs.

这是一个如何以openssl格式导出/导入DSA私钥的示例:

This is an example how to export/import DSA private keys in openssl format:

from Crypto.PublicKey import DSA
from Crypto.Util import asn1

key = DSA.generate(1024)

# export

seq = asn1.DerSequence()
seq[:] = [ 0, key.p, key.q, key.g, key.y, key.x ]

exported_key = "-----BEGIN DSA PRIVATE KEY-----\n%s-----END DSA PRIVATE KEY-----" % seq.encode().encode("base64")

print exported_key

# import

seq2 = asn1.DerSequence()
data = "\n".join(exported_key.strip().split("\n")[1:-1]).decode("base64")
seq2.decode(data)
p, q, g, y, x = seq2[1:]

key2 = DSA.construct((y, g, p, q, x))

assert key == key2

这篇关于如何为公共RSA/DSA密钥生成PEM序列化的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！