當(dāng)前位置：首頁(yè) > 编程资源 > 综合教程 >内容正文

综合教程

x509证书的一些总结

發(fā)布時(shí)間：2023/12/13 综合教程 26 生活家

生活随笔收集整理的這篇文章主要介紹了 x509证书的一些总结小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

1.獲取/修改 X509object的各個(gè)元素

https://www.cnblogs.com/yunlong-study/p/14537390.html

這篇博文中，X509證書(shū)結(jié)構(gòu)，Openssl 庫(kù)進(jìn)行解析，拿取各項(xiàng)值。也有示例代碼。

2.數(shù)字簽名，數(shù)字證書(shū)，交互過(guò)程及X.509數(shù)字證書(shū)的結(jié)構(gòu)

https://www.cnblogs.com/yunlong-study/p/14537023.html

這篇，數(shù)字簽名，數(shù)字證書(shū)，如何交互的，講得非常清楚。

3.pyOpenSSL庫(kù)講解

https://pyopenssl.org/en/0.15.1/api/crypto.html

4.x509結(jié)構(gòu)更詳細(xì)的請(qǐng)看這個(gè)，每個(gè)字節(jié)代表什么

https://wenku.baidu.com/view/988c262aed630b1c59eeb56b.html

5.驗(yàn)證簽名

import rsa
rsa.verify(message,sig,public_key)
#message: bytes, signature: bytes, pub_key: key.PublicKey
    """Verifies that the signature matches the message.

    The hash method is detected automatically from the signature.

    :param message: the signed message. Can be an 8-bit string or a file-like
        object. If ``message`` has a ``read()`` method, it is assumed to be a
        file-like object.
    :param signature: the signature block, as created with :py:func:`rsa.sign`.
    :param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message.
    :raise VerificationError: when the signature doesn't match the message.
    :returns: the name of the used hash.

    """

6.獲取公鑰

from rsa import PublicKey
#獲取公鑰 public_key類型為<class 'rsa.key.PublicKey'>
publickey = OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM, cert.get_pubkey()).decode('utf-8')
print(publickey)
public_key = PublicKey.load_pkcs1_openssl_pem(publickey)
# print(type(public_key))
# print(public_key.e,public_key.n)

7.從證書(shū)中直接獲取簽名

# openssl x509 -inform DER -in test.cer -out certificate.crt  
#rb，證書(shū)是二進(jìn)制的，r，要用上面的命令行來(lái)轉(zhuǎn)一下
with open("c:/證書(shū)名稱", "rb") as fp:
    crt_data = fp.read()

print(crt_data)

#轉(zhuǎn)換成str，str可以取索引
crt_cert_hex = crt_data.hex()
print(crt_cert_hex)

#獲取證書(shū)的簽名
#匹配固定字段，取到的值再轉(zhuǎn)成bytes
if '03820101005c6a14b1bac86acfdeb0e0e3fabc' in crt_cert_hex:
    print("true")
    index = crt_cert_hex.find('03820101005c6a14b1bac86acfdeb0e0e3fabc')
    #print(index)
    sig_str_hex = crt_cert_hex[index+10:]
    print(type(sig_str_hex))
    sig = bytes.fromhex(sig_str_hex)
    print("簽名為：",sig)

8.bytes轉(zhuǎn)成int，轉(zhuǎn)成base64

#bytes轉(zhuǎn)成int
result = 0
for b in sig:
    result = result * 256 + int(b)
#也可以用int.from_bytes()
# aa = int.from_bytes(sig,byteorder='big',signed=False)

#bytes轉(zhuǎn)成base64
import base64
ss = base64.b64encode(sig)
print('ss',ss)

9.獲取證書(shū)整體，asn.1打開(kāi)

#計(jì)算證書(shū)的digest
print(crt_cert_hex[index-31],'test')
aa = crt_cert_hex[8:index-30]
print(len(aa))
message = bytes.fromhex(aa)

總結(jié)

以上是生活随笔為你收集整理的x509证书的一些总结的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

证书

上一篇： UVA1493 - Draw a Mes
下一篇： graalvm 简单试用