[Cryptography-dev] Extracting pub key from a csr

Thu Aug 29 22:43:37 EDT 2024

I have a csr with an eddsa25519 key:

-----BEGIN CERTIFICATE REQUEST-----
MIGPMEMCAQAwEDEOMAwGA1UEBRMFeDEyMjQwKjAFBgMrZXADIQAqLOv73gF8OMT9
dvXIai0HOzyoT0kWkwziuPObnb+PbaAAMAUGAytlcANBAMbkfr344AGb2NHMJOk7
hUdknmKY3XOrAKITLbE0X5NiSxfsZ8ovLG4SnmIEE86t5pWfaPAFhJ8t+jMGJUzQ
XgM=
-----END CERTIFICATE REQUEST-----

I want the Pbkey of

          Subject Public Key Info:
              Public Key Algorithm: ED25519
                  ED25519 Public-Key:
                  pub:
e7:3f:5c:a1:b7:78:8a:75:e4:7b:91:4c:0c:1c:48:
d7:f8:06:c1:f1:9d:58:b0:4d:c9:48:7f:3d:1d:bc:
                      ac:16

I am following

https://cryptography.io/en/3.4.7/x509/reference.html#loading-certificate-signing-requests
and
https://cryptography.io/en/3.4.7/x509/reference.html#x-509-csr-certificate-signing-request-builder-object

I tried the following to get the key:

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import ed25519
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.primitives.serialization import 
load_pem_private_key

with open(uacsr, "rb") as f:
      pem_req_data = f.read()
      csr = x509.load_pem_x509_csr(pem_req_data)
csr_pbkey = csr.public_key()
print(csr_pbkey)

and get:

<cryptography.hazmat.backends.openssl.ed25519._Ed25519PublicKey object 
at 0x7f513f0d39d0>

not the public key itself.

What am I missing here?

thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.python.org/pipermail/cryptography-dev/attachments/20240829/9de50877/attachment.html>