[英]Load openssl Ed25519 private key in PEM format into Python ed25519.SigningKey
I have some keys generated with openssl: 我有一些用openssl生成的密钥:
openssl genpkey -algorithm Ed25519 -out private_key.pem
and I would like to use them to generate ed25519 signatures in Python. 我想用它们在Python中生成ed25519签名。 I found the module ed25519 but I can't see a way to load the PEM file generated as above into
ed25519.SigningKey
. 我找到了ed25519模块,但是找不到将如上所述生成的PEM文件加载到
ed25519.SigningKey
。
How can I do it? 我该怎么做?
https://pypi.org/project/ed25519/ recommends the use of https://github.com/pyca/pynacl instead. https://pypi.org/project/ed25519/建议改用https://github.com/pyca/pynacl 。
Reference: https://pypi.org/project/ed25519/ 参考: https : //pypi.org/project/ed25519/
Not Recommended For New Applications:
不建议用于新应用程序:
Use pynacl Instead For new applications, I recommend you use [pynacl ( https://github.com/pyca/pynacl ) instead of this repository.
使用pynacl代替对于新应用程序,我建议您使用[pynacl( https://github.com/pyca/pynacl )代替此存储库。 PyNaCl is larger and takes longer to build (it contains the complete NaCl/libsodium library, not just the ed25519 portion), but it is well-maintained by the diligent and conscientious PyCA team, whereas I've allowed this repository to languish.
PyNaCl更大,并且构建时间更长(它包含完整的NaCl / libsodium库,而不仅仅是ed25519部分),但是它由勤奋而认真的PyCA团队很好地维护,而我却允许该存储库陷入困境。 PyNaCl is also about 10-20 times faster.
PyNaCl的速度也快约10-20倍。
To create signatures using ed25519 see https://pynacl.readthedocs.io/en/stable/signing/#example 要使用ed25519创建签名,请参见https://pynacl.readthedocs.io/en/stable/signing/#example
Signer's perspective (SigningKey) 签名者的观点(SigningKey)
import nacl.encoding
import nacl.signing
# Generate a new random signing key
signing_key = nacl.signing.SigningKey.generate()
# Sign a message with the signing key
signed = signing_key.sign(b"Attack at Dawn")
# Obtain the verify key for a given signing key
verify_key = signing_key.verify_key
# Serialize the verify key to send it to a third party
verify_key_hex = verify_key.encode(encoder=nacl.encoding.HexEncoder)
Verifier's perspective (VerifyKey) 验证者的观点(VerifyKey)
import nacl.signing
# Create a VerifyKey object from a hex serialized public key
verify_key = nacl.signing.VerifyKey(verify_key_hex,
encoder=nacl.encoding.HexEncoder)
# Check the validity of a message's signature
# The message and the signature can either be passed separately or
# concatenated together. These are equivalent:
verify_key.verify(signed)
verify_key.verify(signed.message, signed.signature)
# Alter the signed message text
forged = signed[:-1] + bytes([int(signed[-1]) ^ 1])
# Will raise nacl.exceptions.BadSignatureError, since the signature check
# is failing
verify_key.verify(forged)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.