M2Crypto-从非标准文件导入密钥? [英] M2Crypto - import keys from non-standard file?

问题描述

我有一个包含公用指数和模数的文件.它们不是pem或xml或der格式，它们只是以偏移量写入的值.

I have a file with the public exponent and modulus in it. They're not in pem or xml or der format, they're just the values written in at their offsets.

我如何使用M2Crypto从其中创建一个公钥?我也有相同格式的私钥.我已经设法使用有人在Stackoverflow上发布的代码来用php生成PEM文件，但这似乎是一种极其荒谬的方法.

How can I make a public key out of them with M2Crypto? I also have the private key in the same format. I've managed to use code that someone posted here on Stackoverflow to generate a PEM file with php, but this seems like an extremely ridiculous way to do it.

这也不是一次性的事情，我需要能够以这种格式从文件中读取公共指数和模数以检查签名.

This isn't a one-time thing either, I need to be able to read the public exponent and modulus from files in this format to check the signature.

推荐答案

在此非常感谢Lars:

Thank you very much to Lars here: http://blog.oddbit.com/2011/05/09/signing-data-with-ssh-agent/

e是公共指数的Python long. n是公共模量的Python long.

e is a Python long of the public exponent. n is a Python long of the public Modulus.

他发布的代码是:

import M2Crypto
key = M2Crypto.RSA.new_pub_key((
    M2Crypto.m2.bn_to_mpi(M2Crypto.m2.hex_to_bn(hex(e)[2:])),
    M2Crypto.m2.bn_to_mpi(M2Crypto.m2.hex_to_bn(hex(n)[2:])),
    ))

hex将生成类型为0xA45E的十六进制字符串，因此他只是在0x之后抓取所有内容.

hex will generate a hex string of the sort 0xA45E, so he's just grabbing everything after the 0x.

我正在从文件中读取密钥，所以我没有那么长的时间.我最终使用:

I'm reading the key from a file, so I don't have it as a long. I ended up using:

import M2Crypto
from binascii import hexlify 
e = f.read(4)
n = f.read(0x80)
key = M2Crypto.RSA.new_pub_key((
    M2Crypto.m2.bn_to_mpi(M2Crypto.m2.hex_to_bn(hexlify(e))),
    M2Crypto.m2.bn_to_mpi(M2Crypto.m2.hex_to_bn(hexlify(n))),
    ))

像魅力一样工作！

根据文档，new_pub_key的可接受格式必须为

The accepted format of new_pub_key, as per the documentation, needs to be

OpenSSL的MPINT格式-4字节的大尾数位计数，后跟 适当的位数

OpenSSL's MPINT format - 4-byte big-endian bit-count followed by the appropriate number of bits

我不确定这是否是错字，但是对于我的指数(十六进制)，00010001最终是000003010001.我认为这是字节数，而不是位数.他们还剥离了第一个0x00.我不知道这是标准的还是因为它是一个空字节.

I'm not sure if this is a typo, but for my exponent of (in hex) 00010001 ended up being 000003010001. I think it's a byte count, not bit count. They also stripped the first 0x00. I don't know if that's standard or if because it was an empty byte.

我想我对格式有更好的了解.

edit: I think I have a bit of a better understanding of the format.

如果第一个字节为负，则将零字节添加到开头. 如果有任何开头(开头)的零字节，除非第一个字节变为负数，否则它们将被剥离，在这种情况下，只剩下一个零字节.

If the first byte is negative, a zero byte is added to the beginning. If there are any leading (at the beginning) zero bytes, they are stripped unless the first byte would become negative, in which case, only one zero byte is left.

一些例子:

Unformatted:
\x23\x24\x25\x26
Formatted:
\x00\x00\x00\x04\x23\x24\x25\x26
Explanation:
String left as is and count of bytes packed in

Unformatted:
\x00\x23\x55\x35
Formatted:
\x00\x00\x00\x03\x23\x55\x35
Explanation:
leading zero byte removed, byte count now 3

Unformatted:
\x80\x43\x55\x27
Formatted:
\x00\x00\x00\x05\x00\x80\x43\x55\x27
Explanation:
leading zero byte added because \x80 is negative

Unformatted:
\x00\xff\x43\x23
Formatted:
\x00\x00\x00\x04\x00\xff\x43\x23
Explanation:
Leading zero byte left because \xff is negative

Unformatted:
\x23\x53\66\x00
Formatted:
\x00\x00\x00\x04\x23\x53\66\x00
Explanation:
Trailing zero byte left in string

这篇关于M2Crypto-从非标准文件导入密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！