stackoom
  简体   繁体   中英

Load openssl Ed25519 private key in PEM format into Python ed25519.SigningKey

 原文  2019-07-14 15:36:18       python/ pem/ ed25519

Question

I have some keys generated with openssl: 

openssl genpkey -algorithm Ed25519 -out private_key.pem

and I would like to use them to generate ed25519 signatures in Python. I found the module ed25519 but I can't see a way to load the PEM file generated as above into ed25519.SigningKey .

How can I do it?

1 answers

solution1
 1  2019-10-07 22:58:54

https://pypi.org/project/ed25519/ recommends the use of https://github.com/pyca/pynacl instead.

Reference: https://pypi.org/project/ed25519/

Not Recommended For New Applications:

Use pynacl Instead For new applications, I recommend you use [pynacl ( https://github.com/pyca/pynacl ) instead of this repository. PyNaCl is larger and takes longer to build (it contains the complete NaCl/libsodium library, not just the ed25519 portion), but it is well-maintained by the diligent and conscientious PyCA team, whereas I've allowed this repository to languish. PyNaCl is also about 10-20 times faster.

To create signatures using ed25519 see https://pynacl.readthedocs.io/en/stable/signing/#example

Signer's perspective (SigningKey) 

import nacl.encoding
import nacl.signing

# Generate a new random signing key
signing_key = nacl.signing.SigningKey.generate()

# Sign a message with the signing key
signed = signing_key.sign(b"Attack at Dawn")

# Obtain the verify key for a given signing key
verify_key = signing_key.verify_key

# Serialize the verify key to send it to a third party
verify_key_hex = verify_key.encode(encoder=nacl.encoding.HexEncoder)

Verifier's perspective (VerifyKey) 

import nacl.signing

# Create a VerifyKey object from a hex serialized public key
verify_key = nacl.signing.VerifyKey(verify_key_hex,
                                    encoder=nacl.encoding.HexEncoder)

# Check the validity of a message's signature
# The message and the signature can either be passed separately or
# concatenated together.  These are equivalent:
verify_key.verify(signed)
verify_key.verify(signed.message, signed.signature)

# Alter the signed message text
forged = signed[:-1] + bytes([int(signed[-1]) ^ 1])
# Will raise nacl.exceptions.BadSignatureError, since the signature check
# is failing
verify_key.verify(forged)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Sign a text with pynacl (Ed25519) importing a private key Decrypting Ed25519 private keys using python libraries without ssh-keygen -p How to implement ed25519 algorithm into jwt using python? Sign and verify using ed25519 in near protocol How to use ssh-keygen ed25519 keys for encryption in Python? import ed25519._ed25519 works in powershell but not GAE how to convert ed25519 keys in pgsql database and retrieve them back How to set up a hostkey file using ssh-ed25519 as a key for pysftp Python import simple_salesforce in Databricks gives: No module named cryptography.hazmat.primitives.asymmetric.ed25519 Convert .key formatted private key into .pem format with python3
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM