我最近一直试图弄清楚如何让 PyCrypto 识别由 Google Chrome 打包过程产生的 PEM。问题是标准的 importKey 方法会导致错误。经过相当长的过程,我终于意识到我可以通过对 DerSequence.decode 方法进行逆向工程来初步模拟导入(所有细节都在这里)。不幸的是,它给我留下了一个未解决的问题。
我可以得到导入的密钥,看起来还算一致,但我还剩下 40 个字符。
import binascii
# read the pem file into chromepem
# the first and last lines are useless,
# we need it to be a string, not a tuple
# and it needs to be one string with no newlines.
chromepem = ''.join(open("chrome.pem","r").readlines()[1:-1]).replace("\n","")
# not sure why, but it looks like the first 40 characters aren't necessary.
# removing them seems to create a consistent public key anyway...
pem = binascii.a2b_base64(chromepem[40:])
有谁知道为什么有这 40 个字符?忽略它们会导致某些私钥/公钥对出现问题吗?