diff options
author | elie <elie> | 2012-04-10 16:40:40 +0000 |
---|---|---|
committer | elie <elie> | 2012-04-10 16:40:40 +0000 |
commit | a1217325690dfb5141a5b7d23231ddf71bf4f9c3 (patch) | |
tree | 0e7015a546d4dc17b43b456cd4d1e6108d043414 /tools/pkcs1dump.py | |
parent | 3853133c789622910c8cb2c8c03ba31d678f39a3 (diff) | |
download | pyasn1-modules-a1217325690dfb5141a5b7d23231ddf71bf4f9c3.tar.gz |
minor fixes and unification
Diffstat (limited to 'tools/pkcs1dump.py')
-rw-r--r-- | tools/pkcs1dump.py | 75 |
1 files changed, 26 insertions, 49 deletions
diff --git a/tools/pkcs1dump.py b/tools/pkcs1dump.py index c7a4189..030adef 100644 --- a/tools/pkcs1dump.py +++ b/tools/pkcs1dump.py @@ -1,62 +1,39 @@ # Read unencrypted PKCS#1/PKIX-compliant, PEM&DER encoded private keys on # stdin, print them pretty and encode back into original wire format. # Private keys can be generated with "openssl genrsa|gendsa" commands. -import sys, base64 -from pyasn1_modules import rfc2459, rfc2437 +from pyasn1_modules import rfc2459, rfc2437, pem from pyasn1.codec.der import encoder, decoder - -keyMagic = { - '-----BEGIN DSA PRIVATE KEY-----': - {'-----END DSA PRIVATE KEY-----': rfc2459.DSAPrivateKey() }, - '-----BEGIN RSA PRIVATE KEY-----': - {'-----END RSA PRIVATE KEY-----': rfc2437.RSAPrivateKey() } - } - -# Read PEM keys from stdin and print them out in plain text +import sys if len(sys.argv) != 1: print("""Usage: -$ openssl genrsa -out /tmp/myprivatekey.pem -$ cat /tmp/myprivatekey.pem | %s""" % sys.argv[0]) +$ cat rsakey.pem | %s""" % sys.argv[0]) sys.exit(-1) - -stSpam, stHam, stDump = 0, 1, 2 -state = stSpam -keyCnt = 0 + +cnt = 0 -for keyLine in sys.stdin.readlines(): - keyLine = keyLine.strip() - if state == stSpam: - if keyLine in keyMagic: - keyMagicTail = keyMagic[keyLine] - keyLines = [] - state = stHam - continue - if state == stHam: - if keyLine in keyMagicTail: - asn1Spec = keyMagicTail[keyLine] - state = stDump - else: - keyLines.append(keyLine.encode()) - if state == stDump: - substrate = ''.encode() - try: - for keyLine in keyLines: - substrate = substrate + base64.decodestring(keyLine) - except TypeError: - print('%s, possibly encrypted key' % (sys.exc_info()[1], )) - state = stSpam - continue +while 1: + idx, substrate = pem.readPemFromFile(sys.stdin, ('-----BEGIN RSA PRIVATE KEY-----', '-----END RSA PRIVATE KEY-----'), ('-----BEGIN DSA PRIVATE KEY-----', '-----END DSA PRIVATE KEY-----') ) + if not substrate: + break - key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) + if idx == 0: + asn1Spec = rfc2437.RSAPrivateKey() + elif idx == 1: + asn1Spec = rfc2459.DSAPrivateKey() + else: + break - if rest: substrate = substrate[:-len(rest)] - - print(key.prettyPrint()) - - assert encoder.encode(key) == substrate, 'key re-code fails' + key, rest = decoder.decode(substrate, asn1Spec=asn1Spec) + + if rest: substrate = substrate[:-len(rest)] - keyCnt = keyCnt + 1 - state = stSpam + print(key.prettyPrint()) -print('*** %s private key(s) re/serialized' % keyCnt) + assert encoder.encode(key, defMode=False) == substrate or \ + encoder.encode(key, defMode=True) == substrate, \ + 'pkcs8 recode fails' + + cnt = cnt + 1 + +print('*** %s key(s) re/serialized' % cnt) |