我使用 Monkeysphere中的openpgp2pem
完成了这个。
首先,通过执行以下命令获取密钥的ID:
gpg --list-secret-keys
请注意密钥的8位十六进制ID,例如0123ABCD。
公钥
获取公钥的方法如下:
gpg --export --no-armor 0123ABCD | openpgp2pem 0123ABCD
秘钥
使用openpgp2pem
获取秘钥时,不幸的是,GPG秘钥必须先删除其密码。操作步骤如下:
gpg --edit-key 0123ABCD
然后使用passwd
命令删除其密码短语。(您可以在原始GPG homedir的副本上执行此操作,并使用gpg --homedir
选项在临时副本上操作。)
然后在那之后,您可以执行:
gpg --export-secret-keys --no-armor 0123ABCD | openpgp2pem 0123ABCD
将PEM转换为Python可用格式
实际上,我发现所生成的私钥可以直接在PyCrypto中使用:
from Crypto.PublicKey import RSA
with open('secret-key.pem', 'rb') as f:
key_secret = RSA.importKey(f.read())
然而,上述生成的公钥不能直接在PyCrypto中使用(缺少某些内容)。我必须按照以下方式生成一个与PyCrypto兼容的PEM:
from base64 import b64encode, b64decode
from Crypto.PublicKey import RSA
def publicpem2pycrypto(public_pem):
public_64 = public_pem.replace(b"-----BEGIN RSA PUBLIC KEY-----", b"").replace(b"-----END RSA PUBLIC KEY-----", b"")
pub_der = b64decode(public_64)
key_pub = RSA.importKey(pub_der)
key_public_export = key_pub.exportKey('PEM')
print(key_public_export.decode('ascii'))
with open('public-key.pem', 'wb') as f:
f.write(key_public_export)
print("Saved to public-key.pem")
或者,它可以从秘钥生成,方法如下。此外,以下内容允许将口令添加回秘钥中:
from base64 import b64encode, b64decode
from Crypto.PublicKey import RSA
def secretpem2pycrypto(out_secret_filename, out_public_filename, secret_pem, passphrase=None):
secret_64 = secret_pem.replace(b"-----BEGIN RSA PRIVATE KEY-----", b"").replace(b"-----END RSA PRIVATE KEY-----", b"")
secret_64 = secret_64.replace(b"\n", b"")
secret_der = b64decode(secret_64)
key_secret = RSA.importKey(secret_der)
key_secret_export = key_secret.exportKey('PEM', passphrase=passphrase)
key_public_export = key_secret.publickey().exportKey('PEM')
print(key_secret_export.decode('ascii'))
with open(out_secret_filename, 'wb') as f:
f.write(key_secret_export)
print("Saved to " + out_secret_filename)
if True:
print()
print(key_public_export.decode('ascii'))
with open(out_public_filename, 'wb') as f:
f.write(key_public_export)
print("Saved to " + out_public_filename)
一旦秘钥添加了密码短语,它可以通过以下方式使用:
from Crypto.PublicKey import RSA
with open('secret-key.pem', 'rb') as f:
key_secret = RSA.importKey(f.read(), passphrase="xxxxxxxxxxxxxxxxxxxx")