可以使用OpenSSL将PKCS7转换为PkiPath吗?

huangapple go评论69阅读模式
英文:

Is It possible convert PKCS7 to PkiPath with OpenSSL?

问题

I'm here to provide translations for the code you've provided. Here's the translation of your code:

我正在尝试将用Clojure编写的代码转换为OpenSSL我想使用OpenSSL而不是Clojure),但我遇到了以下代码行

在这里放入Clojure代码

使用OpenSSL我只能使用pkcs7编码来复制

在这里放入Python代码

我的问题是是否可以像Clojure中的这段代码一样使用OpenSSL将pkcs7或pem转换为pkipath

Please note that I've provided the translations only for the code portions and your question, as you requested.

英文:

I'm trying to translate a code written in clojure to openssl (I want to use this instead of clojure), but I came across the following line of code:

(def cert-path-encoded (.getEncoded cert-path "PkiPath"))
(def cert-path-encoded-b64 (.encodeToString (java.util.Base64/getEncoder)
                                            cert-path-encoded))

With openssl I was only able to reproduce using pkcs7 encoding:

import subprocess
with open('./certificado.pem', 'rb') as file:
    cert_p7b = subprocess.check_output([
        'openssl', 'crl2pkcs7', '-nocrl', '-certfile', file.name,
        '-out', 'certificado.p7b'
    ])

My question is: Is It possible convert pkcs7 or pem to pkipath like this code in clojure using openssl?

答案1

得分: 1

你的Python代码使用subprocess模块来运行openssl命令并带有一些参数。代码期望一个名为file的变量,并始终将证书转换为文件certificado.p7b

在Clojure中可以使用clojure.java.shell命名空间的sh函数来表达相同的功能。我稍微修改了它,所以它不再需要一个文件,而是只需文件名,并通过将-out参数更改为-,来将转换的输出返回给函数。

要使用它,我创建了一个测试的自签名证书:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

代码如下:

(ns ssldemo.core
  (:use [clojure.java.shell :only [sh]]))

(defn convert-to-pkcs7 [filename]
  (let [result (sh "openssl" "crl2pkcs7" "-nocrl" "-certfile" filename "-out" "-")]
    (get result :out)))

(comment

  ;; 示例调用:
  (convert-to-pkcs7 "cert.pem")
  ;; 输出 "-----BEGIN PKCS7-----\nMIIFmgYJKoZIhvcNAQcCoIIFizCCBYcCAQ..."
  )

英文:

Your Python code is using the subprocess module to run the openssl command with some parameters. The code expects a variable with the name file and it always converts the certificate to the file certificado.p7b.

The same can be expressed in Clojure using the sh function from the clojure.java.shell namespace. I've changed it a bit, so instead of taking a file, it just takes the filename and the output of the conversion is returned to the function by changing the -out parameter to -, which denotes the standard output.

To use it, I created a test self-signed certificate with:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

The code looks like:

(ns ssldemo.core
  (:use [clojure.java.shell :only [sh]]))

(defn convert-to-pkcs7 [filename]
  (let [result (sh "openssl" "crl2pkcs7" "-nocrl" "-certfile" filename "-out" "-")]
    (get result :out)))

(comment

  ;; Example call:
  (convert-to-pkcs7 "cert.pem")
  ;; outputs "-----BEGIN PKCS7-----\nMIIFmgYJKoZIhvcNAQcCoIIFizCCBYcCAQ..."
  )

huangapple
  • 本文由 发表于 2023年5月11日 01:44:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/76221268.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定