How do I use a X509 certificate with PyCrypto?

by

PyCrypto does not support X.509 certificates. You must first extract the public key with the command:

openssl x509 -inform pem -in mycert.pem -pubkey -noout > publickey.pem

Then, you can use RSA.importKey on publickey.pem.

If you don’t want or cannot use openssl, you can take the PEM X.509 certificate and do it in pure Python like this:

from Crypto.Util.asn1 import DerSequence
from Crypto.PublicKey import RSA
from binascii import a2b_base64

# Convert from PEM to DER
pem = open("mycert.pem").read()
lines = pem.replace(" ",'').split()
der = a2b_base64(''.join(lines[1:-1]))

# Extract subjectPublicKeyInfo field from X.509 certificate (see RFC3280)
cert = DerSequence()
cert.decode(der)
tbsCertificate = DerSequence()
tbsCertificate.decode(cert[0])
subjectPublicKeyInfo = tbsCertificate[6]

# Initialize RSA key
rsa_key = RSA.importKey(subjectPublicKeyInfo)

More Related Contents:

  1. How to decrypt OpenSSL AES-encrypted files in Python?
  2. RSA encryption and decryption in Python
  3. Pip error: Microsoft Visual C++ 14.0 is required
  4. Updating openssl in python 2.7
  5. Python referencing old SSL version
  6. Encrypt & Decrypt using PyCrypto AES 256
  7. AttributeError: module ‘time’ has no attribute ‘clock’ in Python 3.8
  8. Building Python with SSL support in non-standard location
  9. Python Requests requests.exceptions.SSLError: [Errno 8] _ssl.c:504: EOF occurred in violation of protocol
  10. How do I install PyCrypto on Windows?
  11. ImportError: No module named Crypto.Cipher
  12. certificate verify failed: unable to get local issuer certificate
  13. Python and OpenSSL version reference issue on OS X
  14. Python AttributeError: ‘module’ object has no attribute ‘SSL_ST_INIT’
  15. OpenSSL errors in python requests
  16. ImportError: cannot import name HTTPSHandler using PIP
  17. Python Encrypting with PyCrypto AES
  18. Encrypt and decrypt using PyCrypto AES-256
  19. How do I compile Python 3.4 with custom OpenSSL?
  20. How do you verify an RSA SHA1 signature in Python?
  21. How to enable FIPS mode for libcrypto and libssl packaged with Python?
  22. “ERROR:root:code for hash md5 was not found” when using any hg mercurial commands
  23. Building Python 3.7.1 – SSL module failed
  24. openssl, python requests error: “certificate verify failed”
  25. Broken Pipe error when using pip to install pycrypto on Mac OS X
  26. PyCrypto problem using AES+CTR
  27. Getting certificate chain with Python 3.3 SSL module
  28. SSL error unsafe legacy renegotiation disabled
  29. SSLError: sslv3 alert handshake failure
  30. How to compile python3 on RHEL with SSL? SSL cannot be imported

Leave a Comment