我在bash中这样做:
head -c 128 <signed_fw_image> > <image_sign>
openssl rsautl -verify -inkey <public_rsa_key> -in <image_sign> -pubin > <out_sign_result>
md5sum <raw_image_bin> | xxd -r -p > <out_orig_result>
diff <out_sign_result> <out_orig_result>
我如何在python中实现它以及我应该使用哪些库?
答案 0 :(得分:0)
我最近也遇到了类似的问题,我来到这里是为了最终阅读rsautl源代码。它仅执行一次原始RSA回合。以下Python 3脚本可用于重现rsautl -verify的行为,并依赖于pycryptodome包,我为此任务建议使用该包:
# emulates the command: openssl rsautl -verify -pubin -inkey $1
import sys
import re
from Crypto.PublicKey import RSA
with open(sys.argv[1], 'rb') as keyfile:
key = RSA.import_key(keyfile.read())
msg = sys.stdin.buffer.read()
assert len(msg) <= key.size_in_bytes(), 'block too large.'
msg = int.from_bytes(msg, byteorder='big')
# RSA happens here:
dec = pow(msg, key.e, key.n)
dec = dec.to_bytes(key.size_in_bytes(), byteorder='big')
dec = re.match(BR'^\x00\x01\xFF+\x00(.*)$', dec, flags=re.DOTALL)
assert dec, 'output format invalid'
sys.stdout.buffer.write(dec.group(1))
我认为这是棘手的部分,您可以使用内置的hashlib模块来计算文件的MD5校验和。