从 Python 中的 .pfx 证书获取 Public 密钥
Getting Public Key from a .pfx Certficate in Python
我这样做是为了通过写出一个 pem 文件来处理 pfx 证书。
我怎样才能把public_key也拉出来?我注意到 p12 对象没有 get_publickey() 方法。
import contextlib
import OpenSSL.crypto
import os
import requests
import ssl
import tempfile
pfx_password = 'thiscertpassword'
tpem = 'temppem.pem'
pfxfile = 'fts.pfx'
f_pem = open(tpem, 'wb')
pfx = open(pfxfile, 'rb').read()
p12 = OpenSSL.crypto.load_pkcs12(pfx, pfx_password)
f_pem.write(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
p12.get_privatekey()))
#f_pem.write(OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM,
p12.get_publickey())) # NO SUCH METHOD
f_pem.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
p12.get_certificate()))
提取适合写入文件或进一步处理(例如验证 Signed-JWT)的 Public 密钥的示例代码。重要的一点是 Public 密钥是从证书中提取的。
我将此代码与 Google 服务帐户 P12 凭据一起使用。
此代码生成的 Public 密钥将如下所示:
b'-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFDEADbeefMIIBCgKCAQEA5vFQucW2JW2WBhLI3dB0\n8OIkgCJPJDxoJ65kphmFSB2ZWsejV/iSecoIBYLyD2+HdHJm8pUgOOy05lm07gei\n0BRqLNYtUk2nlQIMoLPXxv23+VOWdpN/mYUsRhRwB13Aq4BybxObq+c7b08YWitI\nEtPmSEv+YkKlpcGzQcfctT7GNjjBqWuUuM1dxAqJll6JIEGAWEsDeTh9YOqnBnRb\nAWxI62D9/9bVnLkRWv0S9gfOZLuboVBhBSbHQyjbeefDeAd1J6nToug7wdxC66r1\n55lLzf9Ow9KPlsj30d6Alv59xX9QEU3MfIEfyxGiIHNTX6g8A3XUHOtgdmDyVB//\nXwIDAQAB\n-----END PUBLIC KEY-----\n'
Python3.x代码:
import OpenSSL.crypto
def load_public_key(pfx_path, pfx_password):
''' Read the public key and return as PEM encoded '''
# print('Opening:', pfx_path)
with open(pfx_path, 'rb') as f:
pfx_data = f.read()
# print('Loading PFX contents:')
pfx = OpenSSL.crypto.load_pkcs12(pfx_data, pfx_password)
public_key = OpenSSL.crypto.dump_publickey(
OpenSSL.crypto.FILETYPE_PEM,
pfx.get_certificate().get_pubkey()) # Change to pfx.
print(public_key)
return public_key
我这样做是为了通过写出一个 pem 文件来处理 pfx 证书。
我怎样才能把public_key也拉出来?我注意到 p12 对象没有 get_publickey() 方法。
import contextlib
import OpenSSL.crypto
import os
import requests
import ssl
import tempfile
pfx_password = 'thiscertpassword'
tpem = 'temppem.pem'
pfxfile = 'fts.pfx'
f_pem = open(tpem, 'wb')
pfx = open(pfxfile, 'rb').read()
p12 = OpenSSL.crypto.load_pkcs12(pfx, pfx_password)
f_pem.write(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
p12.get_privatekey()))
#f_pem.write(OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM,
p12.get_publickey())) # NO SUCH METHOD
f_pem.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
p12.get_certificate()))
提取适合写入文件或进一步处理(例如验证 Signed-JWT)的 Public 密钥的示例代码。重要的一点是 Public 密钥是从证书中提取的。
我将此代码与 Google 服务帐户 P12 凭据一起使用。
此代码生成的 Public 密钥将如下所示:
b'-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFDEADbeefMIIBCgKCAQEA5vFQucW2JW2WBhLI3dB0\n8OIkgCJPJDxoJ65kphmFSB2ZWsejV/iSecoIBYLyD2+HdHJm8pUgOOy05lm07gei\n0BRqLNYtUk2nlQIMoLPXxv23+VOWdpN/mYUsRhRwB13Aq4BybxObq+c7b08YWitI\nEtPmSEv+YkKlpcGzQcfctT7GNjjBqWuUuM1dxAqJll6JIEGAWEsDeTh9YOqnBnRb\nAWxI62D9/9bVnLkRWv0S9gfOZLuboVBhBSbHQyjbeefDeAd1J6nToug7wdxC66r1\n55lLzf9Ow9KPlsj30d6Alv59xX9QEU3MfIEfyxGiIHNTX6g8A3XUHOtgdmDyVB//\nXwIDAQAB\n-----END PUBLIC KEY-----\n'
Python3.x代码:
import OpenSSL.crypto
def load_public_key(pfx_path, pfx_password):
''' Read the public key and return as PEM encoded '''
# print('Opening:', pfx_path)
with open(pfx_path, 'rb') as f:
pfx_data = f.read()
# print('Loading PFX contents:')
pfx = OpenSSL.crypto.load_pkcs12(pfx_data, pfx_password)
public_key = OpenSSL.crypto.dump_publickey(
OpenSSL.crypto.FILETYPE_PEM,
pfx.get_certificate().get_pubkey()) # Change to pfx.
print(public_key)
return public_key