[Cryptography-dev] Extracting pub key from a csr

Robert Moskowitz rgm at htt-consult.com
Thu Aug 29 23:12:04 EDT 2024 

I want a variable that is the bits of the public key so that if I print 
it, I get something like:

0xf32938f7ff6918d5bbdc52483f31e3725875456a9aeb83f915461a5ea629acda

or whatever type that I can then change to what I need elsewhere.

On 8/29/24 23:02, Alex Gaynor wrote:
> You're getting back the public key object for that CSR. When you say
> you want the "public key itself" what do you mean?
>
> Alex
>
> On Thu, Aug 29, 2024 at 10:54 PM Robert Moskowitz <rgm at htt-consult.com> wrote:
>> I have a csr with an eddsa25519 key:
>>
>> -----BEGIN CERTIFICATE REQUEST-----
>> MIGPMEMCAQAwEDEOMAwGA1UEBRMFeDEyMjQwKjAFBgMrZXADIQAqLOv73gF8OMT9
>> dvXIai0HOzyoT0kWkwziuPObnb+PbaAAMAUGAytlcANBAMbkfr344AGb2NHMJOk7
>> hUdknmKY3XOrAKITLbE0X5NiSxfsZ8ovLG4SnmIEE86t5pWfaPAFhJ8t+jMGJUzQ
>> XgM=
>> -----END CERTIFICATE REQUEST-----
>>
>> I want the Pbkey of
>>
>>           Subject Public Key Info:
>>               Public Key Algorithm: ED25519
>>                   ED25519 Public-Key:
>>                   pub:
>>                       e7:3f:5c:a1:b7:78:8a:75:e4:7b:91:4c:0c:1c:48:
>>                       d7:f8:06:c1:f1:9d:58:b0:4d:c9:48:7f:3d:1d:bc:
>>                       ac:16
>>
>> I am following
>>
>> https://cryptography.io/en/3.4.7/x509/reference.html#loading-certificate-signing-requests
>> and
>> https://cryptography.io/en/3.4.7/x509/reference.html#x-509-csr-certificate-signing-request-builder-object
>>
>> I tried the following to get the key:
>>
>> from cryptography.hazmat.primitives import serialization
>> from cryptography.hazmat.primitives.asymmetric import ed25519
>> from cryptography import x509
>> from cryptography.x509.oid import NameOID
>> from cryptography.hazmat.primitives.serialization import load_pem_private_key
>>
>> with open(uacsr, "rb") as f:
>>       pem_req_data = f.read()
>>       csr = x509.load_pem_x509_csr(pem_req_data)
>> csr_pbkey = csr.public_key()
>> print(csr_pbkey)
>>
>> and get:
>>
>> <cryptography.hazmat.backends.openssl.ed25519._Ed25519PublicKey object at 0x7f513f0d39d0>
>>
>> not the public key itself.
>>
>> What am I missing here?
>>
>> thanks
>>
>> _______________________________________________
>> Cryptography-dev mailing list
>> Cryptography-dev at python.org
>> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>

More information about the Cryptography-dev mailing list