[pycrypto] extract RSA public from X509 certificate file

Legrandin gooksankoo at hoiptorrow.mailexpire.com
Tue Sep 20 12:27:30 CST 2011

Hi Dolf,

> But is it possible to use pycrypto (or another library) to extract the
> public key from the certificate file (like openssl does)?

No, it is not possible. The encoding is not currently supported.

> But the difference between RSA public and private keys is only
> the name. Which one is public, and which one is private is just a matter of
> choice, not a technical difference right?

In theory you are right: the term "public RSA key" is just a
convention for "the RSA key with known and typically short exponent".
However, implementation-wise it's more common to distinguish the two.
It makes optimizations easier to handle.

In case of pycrypto, the RSA object has got one attribute name for the
private exponent (d) and one for the public (e).
I cannot tell where it breaks exactly, but I can guess that
pubkey1.decrypt() will try to use the former, which is not available.

More information about the pycrypto mailing list