summaryrefslogtreecommitdiff
path: root/pipermail/pycrypto/attachments/20110819/33eab5bc/attachment.htm
blob: 2c64398f016693358cb2bc350352d1f8dae098fb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

<tt>
Hey&nbsp;Everyone,&lt;br&gt;&lt;br&gt;I&nbsp;am&nbsp;playing&nbsp;around&nbsp;with&nbsp;PyCrypto&nbsp;and&nbsp;public&nbsp;key&nbsp;encryption&nbsp;using&nbsp;RSA.&lt;br&gt;The&nbsp;thing&nbsp;is&nbsp;that&nbsp;I&nbsp;already&nbsp;have&nbsp;an&nbsp;RSA&nbsp;private&nbsp;key,&nbsp;and&nbsp;an&nbsp;X509&nbsp;certificate&nbsp;which&nbsp;contains&nbsp;the&nbsp;RSA&nbsp;public&nbsp;key&nbsp;belonging&nbsp;to&nbsp;the&nbsp;private&nbsp;key.&lt;br&gt;<br>
<br>
<br>
&lt;br&gt;I&nbsp;succesfully&nbsp;exported&nbsp;the&nbsp;public&nbsp;key&nbsp;starting&nbsp;with&nbsp;the&nbsp;private&nbsp;key&nbsp;file&nbsp;like&nbsp;this.&lt;br&gt;&lt;br&gt;from&nbsp;Crypto.PublicKey&nbsp;import&nbsp;RSA&lt;br&gt;from&nbsp;Crypto&nbsp;import&nbsp;Random&lt;br&gt;privkey1=RSA.importKey(open(&amp;#39;/path/to/private.key&amp;#39;,&amp;#39;r&amp;#39;).read())&lt;br&gt;<br>
<br>
<br>
pubkey1=privkey1.publickey()&lt;br&gt;print&nbsp;pubkey1.exportKey(format=&amp;#39;PEM&amp;#39;)&lt;br&gt;&lt;br&gt;When&nbsp;I&nbsp;compare&nbsp;the&nbsp;print&nbsp;output&nbsp;with&nbsp;the&nbsp;output&nbsp;of&nbsp;the&nbsp;openssl&nbsp;tool&nbsp;which&nbsp;can&nbsp;extrac&nbsp;the&nbsp;public&nbsp;key&nbsp;from&nbsp;an&nbsp;x509&nbsp;certificate&nbsp;file&nbsp;with&nbsp;the&nbsp;following&nbsp;command&lt;br&gt;<br>
<br>
<br>
openssl&nbsp;x509&nbsp;-inform&nbsp;pem&nbsp;-in&nbsp;/path/to/certificate.crt&nbsp;-pubkey&nbsp;-noout&lt;br&gt;&lt;br&gt;The&nbsp;public&nbsp;keys&nbsp;are&nbsp;indeed&nbsp;the&nbsp;same,&nbsp;so&nbsp;the&nbsp;exporting&nbsp;with&nbsp;pycrypto&nbsp;and&nbsp;extracting&nbsp;with&nbsp;openssl&nbsp;produce&nbsp;the&nbsp;same&nbsp;public&nbsp;key.&lt;br&gt;But&nbsp;is&nbsp;it&nbsp;possible&nbsp;to&nbsp;use&nbsp;pycrypto&nbsp;(or&nbsp;another&nbsp;library)&nbsp;to&nbsp;extract&nbsp;the&nbsp;public&nbsp;key&nbsp;from&nbsp;the&nbsp;certificate&nbsp;file&nbsp;(like&nbsp;openssl&nbsp;does)?&lt;br&gt;<br>
<br>
<br>
&lt;br&gt;Another&nbsp;question&nbsp;is&nbsp;the&nbsp;following:&lt;br&gt;&lt;br&gt;rng=Random.new().read&lt;br&gt;&lt;br&gt;This&nbsp;works&nbsp;fine:&lt;br&gt;privkey1.decrypt(pubkey1.encrypt(s,rng))&lt;br&gt;&lt;br&gt;But&nbsp;this&nbsp;raises&nbsp;a&nbsp;typeError:&lt;br&gt;pubkey1.decrypt(privkey1.encrypt(s,rng))&lt;br&nbsp;clear=&quot;all&quot;&gt;<br>
<br>
<br>
&lt;br&gt;But&nbsp;the&nbsp;keys&nbsp;are&nbsp;symmetric&nbsp;right?&nbsp;So&nbsp;it&nbsp;should&nbsp;be&nbsp;possible&nbsp;to&nbsp;encrypt&nbsp;something&nbsp;with&nbsp;the&nbsp;private&nbsp;key&nbsp;and&nbsp;decypt&nbsp;that&nbsp;with&nbsp;the&nbsp;public&nbsp;key.&nbsp;It&nbsp;doesn&amp;#39;t&nbsp;make&nbsp;sense&nbsp;to&nbsp;do&nbsp;this&nbsp;since&nbsp;then&nbsp;anyone&nbsp;can&nbsp;decrypt&nbsp;the&nbsp;data,&nbsp;which&nbsp;you&nbsp;just&nbsp;encrypted&nbsp;with&nbsp;the&nbsp;private&nbsp;key,&nbsp;making&nbsp;encryption&nbsp;useless&nbsp;in&nbsp;the&nbsp;first&nbsp;place.&nbsp;But&nbsp;the&nbsp;difference&nbsp;between&nbsp;RSA&nbsp;public&nbsp;and&nbsp;private&nbsp;keys&nbsp;is&nbsp;only&nbsp;the&nbsp;name.&nbsp;Which&nbsp;one&nbsp;is&nbsp;public,&nbsp;and&nbsp;which&nbsp;one&nbsp;is&nbsp;private&nbsp;is&nbsp;just&nbsp;a&nbsp;matter&nbsp;of&nbsp;choice,&nbsp;not&nbsp;a&nbsp;technical&nbsp;difference&nbsp;right?&nbsp;So&nbsp;why&nbsp;then&nbsp;does&nbsp;the&nbsp;PyCrypto&nbsp;library&nbsp;raise&nbsp;a&nbsp;TypeError&nbsp;in&nbsp;the&nbsp;first&nbsp;case?&lt;br&gt;<br>
<br>
<br>
Cheers,&lt;br&gt;&lt;br&gt;Dolf.&lt;br&gt;<br>

</tt>
View Lorry Controller Status