PyCrypto不支持X.509证书。您必须首先使用以下命令提取公钥:
openssl x509 -inform pem -in mycert.pem -pubkey -noout > publickey.pem
然后,您可以
RSA.importKey在上使用
publickey.pem。
如果您不想或不能使用openssl,则可以获取PEM X.509证书,并使用纯Python进行认证,如下所示:
from Crypto.Util.asn1 import DerSequencefrom Crypto.PublicKey import RSAfrom binascii import a2b_base64# Convert from PEM to DERpem = open("mycert.pem").read()lines = pem.replace(" ",'').split()der = a2b_base64(''.join(lines[1:-1]))# Extract subjectPublicKeyInfo field from X.509 certificate (see RFC3280)cert = DerSequence()cert.depre(der)tbsCertificate = DerSequence()tbsCertificate.depre(cert[0])subjectPublicKeyInfo = tbsCertificate[6]# Initialize RSA keyrsa_key = RSA.importKey(subjectPublicKeyInfo)
