Python Asymmetric Encryption: Using pre-generated prv/pub keys
Ok first off yes I have searched google and stackoverflow and done some reading (over 4 hours JUST in this sitting) have not found what I need for these reasons:
Many of them suggest just launching an exe like gpg.exe (http://stackoverflow.com/questions/1020320)
Some suggested using PyCrypto or other libraries and looking at them, either a) I can't find how to use any of their API, b) I can't find how to import a pre-existing prv/pub key or c) they use the insecure RandomPool (and me trying to updated it is just asking for trouble)
Some mention it in passing but I could not find what they where linking to (or their was no link at all.
So I know ask you fellow stackoverflow users how can I do this, take a string of a public key (or path (I could just write it to a temp file, (I plan to just have it as a string pub_key = "..." ) ) ) and use it to sign and secure a string (that will be posted on a forum (JSON for updating my a开发者_如何学运维pplication)?
Also these are RSA keys (Putty Gen 4096 bits SSH-2-RSA) that are generated using PuttyGen (can be in any format (OpenSSH, ssh.com, ppk)
This is what the public key looks like
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20101003"
AAAAB3NzaC1yc2EAAAABJQAAAgEAi+91fFsxZ7k1UuudSe5gZoavwARUyZScCtdf WQ0ROoJC+XIqW5vVJfgmr+A1jLS5m4wNsrCqeyoX2B22T6iEwqVXrXt3QcbccKMu WkLKFK1h67q6Coc+3eOTmKrOuZbWc19YQgybdkR/GxF7XAbq4NCGNaCDtMOqX8Q2 L/a9fAYqVdTwg9trpcz3whNmdLk/B0edOABKuVX51UdLV+ZggK503+uAb1JiIIj0 mARwR/HNo4oRLMLf2PjuZsGVYYjJDdVJBU6AN4PUQSRRRPL4+YmsrLJb/TpfJeXA vj4KZMNJv15YXz7/iMZMKznDtr2RJX5wbSpuTUBNZveA7YiIHxvvvis38b/lX9SJ SYPfZ9CeQY6MvQgG2zwDTOOvKgOIB4sTGMXfcoxB8AF/QXOcxWFJkZoj36rvMd9n Po6szLjHXwcEUOUvvQfG4VvdQA0H5gGLHqYL1EehRsgi5qcCoFPaZW2K09ErKcS0 MbrLFjBkQ9KmqAM38bvM8UhCWAMA9VXOGHMxUHBV4Bir9alGS4VX0B8Y0b3dZ+7I MKkHMCwdEUJf7QVdGxGuSQtVsq8RZbIpk3g7wtv8f6I/iEC58ekdrH35tq5+1ilW dkk9+rrhUy4qrZ+HFi7AeemybpiumbSnebvnkMaIPAOo23V8C9BQ0iuxx4gIZf10 o+TPSK8=
---- END SSH2 PUBLIC KEY ----
NOT THIS --> Key Format seems to be PKCS1 so M2Crypto will NOT work (its load key function expects PEM)
Latest reading I think it is SSH Public Key File Format (RFC: http://www.ietf.org/rfc/rfc4716.txt )
I also think below it wrong, I don't think it handles SSH Public Key File Format :(
Also looks like Twisted might be where I should look
http://www.java2s.com/Open-Source/Python/Network/Twisted/Twisted-1.0.3/Twisted-1.0.3/twisted/conch/ssh/keys.py.htm
Also why does SO not allow me to post a bounty immediately??
Ok I found how to load it
from twisted.conch.ssh import keys as Keys
import base64
public_key = """\
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20101003"
AAAAB3NzaC1yc2EAAAABJQAAAgEAi+91fFsxZ7k1UuudSe5gZoavwARUyZScCtdf
WQ0ROoJC+XIqW5vVJfgmr+A1jLS5m4wNsrCqeyoX2B22T6iEwqVXrXt3QcbccKMu
WkLKFK1h67q6Coc+3eOTmKrOuZbWc19YQgybdkR/GxF7XAbq4NCGNaCDtMOqX8Q2
L/a9fAYqVdTwg9trpcz3whNmdLk/B0edOABKuVX51UdLV+ZggK503+uAb1JiIIj0
mARwR/HNo4oRLMLf2PjuZsGVYYjJDdVJBU6AN4PUQSRRRPL4+YmsrLJb/TpfJeXA
vj4KZMNJv15YXz7/iMZMKznDtr2RJX5wbSpuTUBNZveA7YiIHxvvvis38b/lX9SJ
SYPfZ9CeQY6MvQgG2zwDTOOvKgOIB4sTGMXfcoxB8AF/QXOcxWFJkZoj36rvMd9n
Po6szLjHXwcEUOUvvQfG4VvdQA0H5gGLHqYL1EehRsgi5qcCoFPaZW2K09ErKcS0
MbrLFjBkQ9KmqAM38bvM8UhCWAMA9VXOGHMxUHBV4Bir9alGS4VX0B8Y0b3dZ+7I
MKkHMCwdEUJf7QVdGxGuSQtVsq8RZbIpk3g7wtv8f6I/iEC58ekdrH35tq5+1ilW
dkk9+rrhUy4qrZ+HFi7AeemybpiumbSnebvnkMaIPAOo23V8C9BQ0iuxx4gIZf10
o+TPSK8=
---- END SSH2 PUBLIC KEY ----"""
key_data = ''.join(public_key.splitlines()[2:-1])# remove begin, end tags and comment
blob = base64.decodestring(key_data)
key = Keys.Key._fromString_BLOB(blob)
I can think of at least two relatively simple options
- Use OpenSSL (or pyOpenSSL) to convert the BER to PEM
- Use paramiko, twisted or any other python SSH implementation to work with the keys directly
精彩评论