Created
February 27, 2011 22:12
-
-
Save cosmin/846606 to your computer and use it in GitHub Desktop.
Utilities for fingerprinting RSA keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| from hashlib import sha1, md5 | |
| import re | |
| from pyasn1.codec.ber import encoder | |
| from pyasn1.type.univ import * | |
| def rsa_key_to_der(key): | |
| seq = Sequence() | |
| for index, key in enumerate([0, key.n, key.e, key.d, key.p, key.q, key.d % (key.p - 1), key.d % (key.q - 1), paramiko.util.mod_inverse(key.q, key.p)]): | |
| seq.setComponentByPosition(index, Integer(key)) | |
| return encoder.encode(seq) | |
| def strip_pem_header_footer(data): | |
| return re.sub('-.*-', '', data.replace('\r', '')).replace('\n', '') | |
| def rsa_pem_to_der(data): | |
| assert "RSA PRIVATE KEY" in data | |
| return base64.decodestring(strip_pem_header_footer(data)) | |
| def rsa_to_pkcs8_der(key=None, pem=None, der=None): | |
| if not der: | |
| if key: | |
| der = rsa_key_to_der(key) | |
| elif pem: | |
| der = rsa_pem_to_der(pem) | |
| seq = Sequence() | |
| seq.setComponentByPosition(0, Integer(0)) | |
| seq.setComponentByPosition(1, Sequence().setComponentByPosition(0, ObjectIdentifier('1.2.840.113549.1.1.1')).setComponentByPosition(1, Null(''))) | |
| seq.setComponentByPosition(2, OctetString(der)) | |
| return encoder.encode(seq) | |
| def format_digest(digest): | |
| return re.sub(r'(\w{2})(?!$)', r'\1:', digest) | |
| def fingerprint(key=None, pem=None, der=None): | |
| pkcs8_der = rsa_to_pkcs8_der(key, pem, der) | |
| plain_sha1 = sha1(pkcs8_der).hexdigest() | |
| plain_md5 = md5(pkcs8_der).hexdigest() | |
| return {'md5' : format_digest(plain_md5), 'sha1' : format_digest(plain_sha1)} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment