1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
#!/usr/bin/env python
#
# This file is part of pyasn1-modules software.
#
# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
# License: https://www.pysnmp.com/pyasn1/license.html
#
# Read unencrypted PKCS#1/PKIX-compliant, PEM&DER encoded private keys on
# stdin, print them pretty and encode back into original wire format.
# Private keys can be generated with "openssl genrsa|gendsa" commands.
#
import sys
from pyasn1.codec.der import decoder, encoder
from pyasn1_modules import pem, rfc2437, rfc2459
if len(sys.argv) != 1:
print(
"""Usage:
$ cat rsakey.pem | %s"""
% sys.argv[0]
)
sys.exit(-1)
cnt = 0
while True:
idx, substrate = pem.readPemBlocksFromFile(
sys.stdin,
("-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----"),
("-----BEGIN DSA PRIVATE KEY-----", "-----END DSA PRIVATE KEY-----"),
)
if not substrate:
break
if idx == 0:
asn1Spec = rfc2437.RSAPrivateKey()
elif idx == 1:
asn1Spec = rfc2459.DSAPrivateKey()
else:
break
key, rest = decoder.decode(substrate, asn1Spec=asn1Spec)
if rest:
substrate = substrate[: -len(rest)]
print(key.prettyPrint())
assert encoder.encode(key) == substrate, "pkcs8 recode fails"
cnt += 1
print("*** %s key(s) re/serialized" % cnt)
|
