问题
This works perfectly in command-line, I would like to do the same using M2Crypto in Python code.
openssl smime -binary -sign -signer certificate.pem -inkey key.pem \
-in some_file.txt -out signed_file -outform DER \
-passin pass:somepassword
回答1:
This is how I have been using M2Crypto to sign a file.
text = open('/path/to/some_file.txt').read()
passphrase = 'somepassword'
buffer = M2Crypto.BIO.MemoryBuffer(text)
signer = M2Crypto.SMIME.SMIME()
signer.load_key('/path/to/key.pem', '/path/to/certificate.pem', lambda x: passphrase)
p7 = signer.sign(buffer, flags=M2Crypto.SMIME.PKCS7_DETACHED)
out = M2Crypto.BIO.MemoryBuffer()
p7.write_der(out)
signature = out.getvalue()
print signature
This works well for me. You may need to play around with the flags in signer.sign if your signature is not exactly how you want it.
来源:https://stackoverflow.com/questions/11819188/how-to-recreate-the-following-signing-cmd-line-openssl-call-using-m2crypto-in-py