x509证书的一些总结
生活随笔
收集整理的這篇文章主要介紹了
x509证书的一些总结
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
1.獲取/修改 X509object的各個元素
https://www.cnblogs.com/yunlong-study/p/14537390.html
這篇博文中,X509證書結構,Openssl 庫進行解析,拿取各項值。也有示例代碼。
2.數字簽名,數字證書,交互過程及X.509數字證書的結構
https://www.cnblogs.com/yunlong-study/p/14537023.html
這篇,數字簽名,數字證書,如何交互的,講得非常清楚。
3.pyOpenSSL庫講解
https://pyopenssl.org/en/0.15.1/api/crypto.html
4.x509結構更詳細的請看這個,每個字節代表什么
https://wenku.baidu.com/view/988c262aed630b1c59eeb56b.html
5.驗證簽名
import rsa
rsa.verify(message,sig,public_key)
#message: bytes, signature: bytes, pub_key: key.PublicKey
"""Verifies that the signature matches the message.
The hash method is detected automatically from the signature.
:param message: the signed message. Can be an 8-bit string or a file-like
object. If ``message`` has a ``read()`` method, it is assumed to be a
file-like object.
:param signature: the signature block, as created with :py:func:`rsa.sign`.
:param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message.
:raise VerificationError: when the signature doesn't match the message.
:returns: the name of the used hash.
"""
6.獲取公鑰
from rsa import PublicKey
#獲取公鑰 public_key類型為<class 'rsa.key.PublicKey'>
publickey = OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM, cert.get_pubkey()).decode('utf-8')
print(publickey)
public_key = PublicKey.load_pkcs1_openssl_pem(publickey)
# print(type(public_key))
# print(public_key.e,public_key.n)
7.從證書中直接獲取簽名
# openssl x509 -inform DER -in test.cer -out certificate.crt
#rb,證書是二進制的,r,要用上面的命令行來轉一下
with open("c:/證書名稱", "rb") as fp:
crt_data = fp.read()
print(crt_data)
#轉換成str,str可以取索引
crt_cert_hex = crt_data.hex()
print(crt_cert_hex)
#獲取證書的簽名
#匹配固定字段,取到的值再轉成bytes
if '03820101005c6a14b1bac86acfdeb0e0e3fabc' in crt_cert_hex:
print("true")
index = crt_cert_hex.find('03820101005c6a14b1bac86acfdeb0e0e3fabc')
#print(index)
sig_str_hex = crt_cert_hex[index+10:]
print(type(sig_str_hex))
sig = bytes.fromhex(sig_str_hex)
print("簽名為:",sig)
8.bytes轉成int,轉成base64
#bytes轉成int
result = 0
for b in sig:
result = result * 256 + int(b)
#也可以用int.from_bytes()
# aa = int.from_bytes(sig,byteorder='big',signed=False)
#bytes轉成base64
import base64
ss = base64.b64encode(sig)
print('ss',ss)
9.獲取證書整體,asn.1打開
#計算證書的digest print(crt_cert_hex[index-31],'test') aa = crt_cert_hex[8:index-30] print(len(aa)) message = bytes.fromhex(aa)
總結
以上是生活随笔為你收集整理的x509证书的一些总结的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: UVA1493 - Draw a Mes
- 下一篇: graalvm 简单试用