PyCrypto: creating an RSA password protected by DES3 password

Question

PyCrypto: creating an RSA password protected by DES3 password

I was able to create a password protected RSA key using DES3 (well ... I think because I'm very new to this encryption world) using the command:

openssl genrsa -out "/tmp/myKey.pem" -passout pass:"f00bar" -des3 2048

Now I would like to do this inside a Python script using PyCrypto, if possible. I saw this post that seems to be preventing PyCrypto from being used for this. Is this still true?

Of course, I can always call os.execute and execute the command above, but I would think that this is a "trick" os.execute . I do this quite a bit to learn PyCrypto.

Thanks in advance.

+7

python encryption rsa des pycrypto

Borrajax Apr 2 '12 at 15:39

source share

1 answer

SquareRootOfTwentyThree · Accepted Answer · 2012-04-02T19:46:51+0000

Starting with PyCrypto 2.5, you can export the RSA private key and protect it with a passphrase. The DES triple key is internally derived from a passphrase and is used for actual encryption.

For example:

 from Crypto import RSA from Crypto import Random random_generator = Random.new().read key = RSA.generate(1024, random_generator) exportedKey = key.exportKey('PEM', 'my secret', pkcs=1)

The variable exportedKey contains the ASCII version (PEM) of the key encoded in accordance with PKCS # 1 (cryptographic standard. Another option is pkcs=8 for - guess what is PKCS # 8). Since the result is standard, you can use it with several other programs, including openssl. And of course, you can import it back into python again via PyCrypto!

The exportKey method exportKey documented here .

PyCrypto: creating an RSA password protected by DES3 password

More articles: