Crypto/X509 certificate parsing libraries for Pyth

2020-07-10 10:05发布

问题:

Any recommended crypto libraries for Python. I know I've asked something similar in x509 certificate parsing libraries for Java, but I should've split the question in two.

What I need is the ability to parse X.509 Certificates to extract the information contained in them.

Looking around, I've found two options:

  • Python OpenSSL Wrappers (http://sourceforge.net/projects/pow)
  • pyOpenSSL

Of the two, pyOpenSSL seems to be the most "maintained", but I'd like some feedback on anybody who might have experience with them?

回答1:

You might want to try keyczar as mentioned by me in your other post, since that library actually has implementations for both python and java. That would make it easier to use it in both contexts.

A word of warning: I have not actually used this library 8(, so please take this with a grain of salt.



回答2:

Use M2Crypto, it is the most complete tool IMHO



回答3:

My experience is that most crypto libraries are focused on a particular workflow - making a certain set of tasks easier and others hard or perhaps impossible. The exception to this would be ones that have really been around a long time and have matured (e.g. openssl, bounceycastle, but none of the python libraries in my experience). So, you really need to evaluate libraries in the context of what you are trying to do.

More specifically, I've used pyOpenSSL for simple generation of private keys and certificates requests (i.e. being a client to a CA) and am quite happy with it.