将从.NET导出的CSP blob导入python pyCrypto [英] Import CSP blob exported from .NET into python pyCrypto
问题描述
我有一个使用 RSACryptoServiceProvider.ExportCspBlob
在我的 .NET 应用程序中.
return Convert.ToBase64String(rsaAlg.ExportCspBlob(false/*includePrivateParameters*/));
现在,我需要在 python 应用程序中导入该 blob.我尝试使用 pyCrypto,但没有成功.
# 这是我从上面的 .NET 代码中得到的值键= 'BgIAAAAkAABSU0ExAAgAAAEAAQARMnLlzOgHkmHssf6ZSFJn8TlTiOBSoRSEnkI4U0UI6n1jFY2bTWS9O5uApMNXz1vr5OyxoXsNVF2XrNM4DOC + lRn3R/H + mZZxZY1F8oXxhe4L5AFOMhyykPreQtu9z + oKOzVB80zR + EU + NC/290POVK9/LGzP94cTk0VHSZdXDgL1eOiXLSg8h1OnJmMGxY6HyNvbF90onoHMWNrIeRue1vP/S5QLwuzkHv6tgm54bSwXWXFdDRbjtrA9HJkbf74hflAIqivO34bx + 53whl2fEsC51eXqFdCr7XJJw + bwlENwDF9bUtCXQ + jXbiYtzvMbntRCKZ8LPRqlN9OWrBC2';从 Crypto.PublicKey 导入 RSA从 Crypto.Util 导入 asn1从 base64 导入 b64decode# 我们先解密base64keyDER = b64decode(key)seq = asn1.DerSequence()seq.decode(keyDER)keyPub = RSA.importKey(keyDER)
我要了
<块引用>回溯(最近一次调用最后一次):文件C:\Program Files(x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\Python 可视化工具Studio\2.1\visualstudio_py_util.py",第 1 06 行,在 exec_file 中exec_code(code, file, global_variables) 文件C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensions\Microsoft\Python 可视化工具Studio\2.1\visualstudio_py_util.py", line 8 2, in exec_codeexec(code_obj, global_variables) 文件c:\users\marcinj\documents\visual studio2013\Projects\PythonApplication1\PythonApplication1\PythonApplication1.py",第 12 行,在seq.decode(keyDER) 文件C:\Python27\lib\site-packages\Crypto\Util\asn1.py",第 237 行,在解码raise ValueError("Not a DER SEQUENCE.") ValueError: Not a DER SEQUENCE.
CSP blob 格式是 Microsoft 专有的,并且文档不全.我不使用那种格式,而是使用 ExportParameters
方法来获取 RSAParameters
结构.从这个结构中,我将直接访问 Exponent
和 Modulus
字节数组,并对它们进行 base64 编码以传输到 python 程序,如下面的代码片段所示:
var rsa = RSA.Create();var RsaParms = rsa.ExportParameters (false);Console.WriteLine (Convert.ToBase64String(RsaParms.Modulus));Console.WriteLine (Convert.ToBase64String (RsaParms.Exponent));
在 python 程序中,PyCrypto 的 RSA importKey
的文档提到了一些可接受格式的选项.其中最简单的是 PKCS#1 RSAPublicKey 结构.这很容易从 asn1 模块构建,如下面的代码片段所示:
I have a CPS Blob exported from certificate using RSACryptoServiceProvider.ExportCspBlob
in my .NET application.
return Convert.ToBase64String(rsaAlg.ExportCspBlob(false /*includePrivateParameters*/));
Now, I need to import that blob in python application. I tried using pyCrypto, but with no luck.
# that's the value I'm getting from .NET code above
key = 'BgIAAAAkAABSU0ExAAgAAAEAAQARMnLlzOgHkmHssf6ZSFJn8TlTiOBSoRSEnkI4U0UI6n1jFY2bTWS9O5uApMNXz1vr5OyxoXsNVF2XrNM4DOC+lRn3R/H+mZZxZY1F8oXxhe4L5AFOMhyykPreQtu9z+oKOzVB80zR+EU+nc/290POVK9/LGzP94cTk0VHSZdXDgL1eOiXLSg8h1OnJmMGxY6HyNvbF90onoHMWNrIeRue1vP/S5QLwuzkHv6tgm54bSwXWXFdDRbjtrA9HJkbf74hflAIqivO34bx+53whl2fEsC51eXqFdCr7XJJw+bwlENwDF9bUtCXQ+jXbiYtzvMbntRCKZ8LPRqlN9OWrBC2';
from Crypto.PublicKey import RSA
from Crypto.Util import asn1
from base64 import b64decode
# let's decrypt base64 first
keyDER = b64decode(key)
seq = asn1.DerSequence()
seq.decode(keyDER)
keyPub = RSA.importKey(keyDER)
I'm getting
Traceback (most recent call last): File "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensio ns\Microsoft\Python Tools for Visual Studio\2.1\visualstudio_py_util.py", line 1 06, in exec_file exec_code(code, file, global_variables) File "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\Extensio ns\Microsoft\Python Tools for Visual Studio\2.1\visualstudio_py_util.py", line 8 2, in exec_code exec(code_obj, global_variables) File "c:\users\marcinj\documents\visual studio 2013\Projects\PythonApplication 1\PythonApplication1\PythonApplication1.py", line 12, in seq.decode(keyDER) File "C:\Python27\lib\site-packages\Crypto\Util\asn1.py", line 237, in decode raise ValueError("Not a DER SEQUENCE.") ValueError: Not a DER SEQUENCE.
The CSP blob format is proprietary to Microsoft and poorly documented. Rather than use that format I would instead use the ExportParameters
method to get an RSAParameters
struct. From this struct I would directly access the Exponent
and Modulus
byte arrays and base64 encode them for transfer to the python program, as in the following snippet:
var rsa = RSA.Create ();
var RsaParms = rsa.ExportParameters (false);
Console.WriteLine (Convert.ToBase64String( RsaParms.Modulus));
Console.WriteLine (Convert.ToBase64String (RsaParms.Exponent));
In the python program, the documentation for PyCrypto's RSA importKey
mentions a few options for acceptable formats. The simplest of these is the PKCS#1 RSAPublicKey structure. This is quite easy to construct from the asn1 module, as in the following snippet:
mod_raw = b64decode('qLhDLGNh7+9xRahkaWILm5HcG3T0Q4SUoDA3bpQtqLxU3AQ/fmYQWLXh0Se1mhQ3AIMduVgKaJhK1sH+G/toXuQ0n5ENw6PtGMODwsDXF072kaBKD3JBZSESC9a9a8QDoGtv7WwvH1UcIE9di60C7YdBMlqqBgkjMQ6c3CTh9KU=')
exp_raw = b64decode('EQ==')
mod = int.from_bytes(mod_raw, 'big')
exp = int.from_bytes(exp_raw, 'big')
seq = asn1.DerSequence()
seq.append(mod)
seq.append(exp)
der = seq.encode()
keyPub = RSA.importKey(der)
这篇关于将从.NET导出的CSP blob导入python pyCrypto的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!