如何从x509证书中提取签名

时间:2017-05-24 16:52:56

标签: python openssl x509 pyopenssl

我正在尝试从加载的x509证书中提取签名。我有其他一切提取(发行者,主题,PEM,签名算法等)。我已经搜索了这个,但是已经很短了。任何帮助将不胜感激!

from OpenSSL import crypto

certobj = crypto.load_certificate(crypto.FILETYPE_ASN1, cert)

issuer = certobj.get_issuer()
subject = certobj.get_subject()

certDetails = {
    "SerialNumber": certobj.get_serial_number(),
    "Signature": None,  # <-- This is what I am trying to get!
    "SignatureAlgorithm": certobj.get_signature_algorithm(),
    "CertificatePEM": crypto.dump_certificate(crypto.FILETYPE_PEM, certobj),
    "SubjectPublicKeyPEM": crypto.dump_publickey(crypto.FILETYPE_PEM, certobj.get_pubkey()),
    "Version": certobj.get_version()
}

2 个答案:

答案 0 :(得分:0)

我知道问了问题已经有一段时间了,但是对于其他需要的人,有两种选择,

signing_algo = cert_obj.signature_hash_algorithm.name


signing_algo = cert_obj.signature_algorithm_oid._name

cert_obj是cryptography.x509.Certificate的实例

答案 1 :(得分:-1)

有点环形交叉口,但我将证书转换为加密证书对象以访问签名:

cryptCert = cert.to_cryptography()

print hexlify(cryptCert.signature)

相关问题
最新问题