将从.NET导出的CSP blob导入python pyCrypto [英] Import CSP blob exported from .NET into python pyCrypto

问题描述

我有一个使用 RSACryptoServiceProvider.ExportCspBlob 在我的 .NET 应用程序中.

return Convert.ToBase64String(rsaAlg.ExportCspBlob(false/*includePrivateParameters*/));

现在，我需要在 python 应用程序中导入该 blob.我尝试使用 pyCrypto，但没有成功.

# 这是我从上面的 .NET 代码中得到的值键= 'BgIAAAAkAABSU0ExAAgAAAEAAQARMnLlzOgHkmHssf6ZSFJn8TlTiOBSoRSEnkI4U0UI6n1jFY2bTWS9O5uApMNXz1vr5OyxoXsNVF2XrNM4DOC + lRn3R/H + mZZxZY1F8oXxhe4L5AFOMhyykPreQtu9z + oKOzVB80zR + EU + NC/290POVK9/LGzP94cTk0VHSZdXD​​gL1eOiXLSg8h1OnJmMGxY6HyNvbF90onoHMWNrIeRue1vP/S5QLwuzkHv6tgm54bSwXWXFdDRbjtrA9HJkbf74hflAIqivO34bx + 53whl2fEsC51eXqFdCr7XJJw + bwlENwDF9bUtCXQ + jXbiYtzvMbntRCKZ8LPRqlN9OWrBC2';从 Crypto.PublicKey 导入 RSA从 Crypto.Util 导入 asn1从 base64 导入 b64decode# 我们先解密base64keyDER = b64decode(key)seq = asn1.DerSequence()seq.decode(keyDER)keyPub = RSA.importKey(keyDER)

我要了

<块引用>

回溯(最近一次调用最后一次):文件C:\Program Files(x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\Python 可视化工具Studio\2.1\visualstudio_py_util.py"，第 1 06 行，在 exec_file 中exec_code(code, file, global_variables) 文件C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\Python 可视化工具Studio\2.1\visualstudio_py_util.py", line 8 2, in exec_codeexec(code_obj, global_variables) 文件c:\users\marcinj\documents\visual studio2013\Projects\PythonApplication1\PythonApplication1\PythonApplication1.py"，第 12 行，在seq.decode(keyDER) 文件C:\Python27\lib\site-packages\Crypto\Util\asn1.py"，第 237 行，在解码raise ValueError("Not a DER SEQUENCE.") ValueError: Not a DER SEQUENCE.

解决方案

CSP blob 格式是 Microsoft 专有的，并且文档不全.我不使用那种格式，而是使用 ExportParameters 方法来获取 RSAParameters 结构.从这个结构中，我将直接访问 Exponent 和 Modulus 字节数组，并对它们进行 base64 编码以传输到 python 程序，如下面的代码片段所示:

var rsa = RSA.Create();var RsaParms = rsa.ExportParameters (false);Console.WriteLine (Convert.ToBase64String(RsaParms.Modulus));Console.WriteLine (Convert.ToBase64String (RsaParms.Exponent));

在 python 程序中，PyCrypto 的 RSA importKey 的文档提到了一些可接受格式的选项.其中最简单的是 PKCS#1 RSAPublicKey 结构.这很容易从 asn1 模块构建，如下面的代码片段所示:

<预类= 郎吡prettyprint-越权"> <代码> mod_raw = b64decode( 'qLhDLGNh7 + 9xRahkaWILm5HcG3T0Q4SUoDA3bpQtqLxU3AQ/fmYQWLXh0Se1mhQ3AIMduVgKaJhK1sH + G/toXuQ0n5ENw6PtGMODwsDXF072kaBKD3JBZSESC9a9a8QDoGtv7WwvH1UcIE9di60C7YdBMlqqBgkjMQ6c3CTh9KU =')exp_raw = b64decode('EQ==')mod = int.from_bytes(mod_raw, 'big')exp = int.from_bytes(exp_raw, 'big')seq = asn1.DerSequence()seq.append(mod)seq.append(exp)der = seq.encode()keyPub = RSA.importKey(der)

I have a CPS Blob exported from certificate using RSACryptoServiceProvider.ExportCspBlob in my .NET application.

return Convert.ToBase64String(rsaAlg.ExportCspBlob(false /*includePrivateParameters*/));

Now, I need to import that blob in python application. I tried using pyCrypto, but with no luck.

# that's the value I'm getting from .NET code above
key = 'BgIAAAAkAABSU0ExAAgAAAEAAQARMnLlzOgHkmHssf6ZSFJn8TlTiOBSoRSEnkI4U0UI6n1jFY2bTWS9O5uApMNXz1vr5OyxoXsNVF2XrNM4DOC+lRn3R/H+mZZxZY1F8oXxhe4L5AFOMhyykPreQtu9z+oKOzVB80zR+EU+nc/290POVK9/LGzP94cTk0VHSZdXDgL1eOiXLSg8h1OnJmMGxY6HyNvbF90onoHMWNrIeRue1vP/S5QLwuzkHv6tgm54bSwXWXFdDRbjtrA9HJkbf74hflAIqivO34bx+53whl2fEsC51eXqFdCr7XJJw+bwlENwDF9bUtCXQ+jXbiYtzvMbntRCKZ8LPRqlN9OWrBC2';

from Crypto.PublicKey import RSA
from Crypto.Util import asn1
from base64 import b64decode

# let's decrypt base64 first
keyDER = b64decode(key)

seq = asn1.DerSequence()
seq.decode(keyDER)
keyPub = RSA.importKey(keyDER)

I'm getting

Traceback (most recent call last): File "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensio ns\Microsoft\Python Tools for Visual Studio\2.1\visualstudio_py_util.py", line 1 06, in exec_file exec_code(code, file, global_variables) File "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensio ns\Microsoft\Python Tools for Visual Studio\2.1\visualstudio_py_util.py", line 8 2, in exec_code exec(code_obj, global_variables) File "c:\users\marcinj\documents\visual studio 2013\Projects\PythonApplication 1\PythonApplication1\PythonApplication1.py", line 12, in seq.decode(keyDER) File "C:\Python27\lib\site-packages\Crypto\Util\asn1.py", line 237, in decode raise ValueError("Not a DER SEQUENCE.") ValueError: Not a DER SEQUENCE.

解决方案

The CSP blob format is proprietary to Microsoft and poorly documented. Rather than use that format I would instead use the ExportParameters method to get an RSAParameters struct. From this struct I would directly access the Exponent and Modulus byte arrays and base64 encode them for transfer to the python program, as in the following snippet:

var rsa = RSA.Create ();
var RsaParms = rsa.ExportParameters (false);
Console.WriteLine (Convert.ToBase64String( RsaParms.Modulus));
Console.WriteLine (Convert.ToBase64String (RsaParms.Exponent));

In the python program, the documentation for PyCrypto's RSA importKey mentions a few options for acceptable formats. The simplest of these is the PKCS#1 RSAPublicKey structure. This is quite easy to construct from the asn1 module, as in the following snippet:

mod_raw = b64decode('qLhDLGNh7+9xRahkaWILm5HcG3T0Q4SUoDA3bpQtqLxU3AQ/fmYQWLXh0Se1mhQ3AIMduVgKaJhK1sH+G/toXuQ0n5ENw6PtGMODwsDXF072kaBKD3JBZSESC9a9a8QDoGtv7WwvH1UcIE9di60C7YdBMlqqBgkjMQ6c3CTh9KU=')
exp_raw = b64decode('EQ==')
mod = int.from_bytes(mod_raw, 'big')
exp = int.from_bytes(exp_raw, 'big')
seq = asn1.DerSequence()
seq.append(mod)
seq.append(exp)
der = seq.encode()
keyPub = RSA.importKey(der)

这篇关于将从.NET导出的CSP blob导入python pyCrypto的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！