[Cryptography-dev] Extracting pub key from a csr

Alex Gaynor alex.gaynor at gmail.com
Thu Aug 29 23:02:48 EDT 2024 

You're getting back the public key object for that CSR. When you say
you want the "public key itself" what do you mean?

Alex

On Thu, Aug 29, 2024 at 10:54 PM Robert Moskowitz <rgm at htt-consult.com> wrote:
>
> I have a csr with an eddsa25519 key:
>
> -----BEGIN CERTIFICATE REQUEST-----
> MIGPMEMCAQAwEDEOMAwGA1UEBRMFeDEyMjQwKjAFBgMrZXADIQAqLOv73gF8OMT9
> dvXIai0HOzyoT0kWkwziuPObnb+PbaAAMAUGAytlcANBAMbkfr344AGb2NHMJOk7
> hUdknmKY3XOrAKITLbE0X5NiSxfsZ8ovLG4SnmIEE86t5pWfaPAFhJ8t+jMGJUzQ
> XgM=
> -----END CERTIFICATE REQUEST-----
>
> I want the Pbkey of
>
>          Subject Public Key Info:
>              Public Key Algorithm: ED25519
>                  ED25519 Public-Key:
>                  pub:
>                      e7:3f:5c:a1:b7:78:8a:75:e4:7b:91:4c:0c:1c:48:
>                      d7:f8:06:c1:f1:9d:58:b0:4d:c9:48:7f:3d:1d:bc:
>                      ac:16
>
> I am following
>
> https://cryptography.io/en/3.4.7/x509/reference.html#loading-certificate-signing-requests
> and
> https://cryptography.io/en/3.4.7/x509/reference.html#x-509-csr-certificate-signing-request-builder-object
>
> I tried the following to get the key:
>
> from cryptography.hazmat.primitives import serialization
> from cryptography.hazmat.primitives.asymmetric import ed25519
> from cryptography import x509
> from cryptography.x509.oid import NameOID
> from cryptography.hazmat.primitives.serialization import load_pem_private_key
>
> with open(uacsr, "rb") as f:
>      pem_req_data = f.read()
>      csr = x509.load_pem_x509_csr(pem_req_data)
> csr_pbkey = csr.public_key()
> print(csr_pbkey)
>
> and get:
>
> <cryptography.hazmat.backends.openssl.ed25519._Ed25519PublicKey object at 0x7f513f0d39d0>
>
> not the public key itself.
>
> What am I missing here?
>
> thanks
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev



-- 
All that is necessary for evil to succeed is for good people to do nothing.

More information about the Cryptography-dev mailing list