RSA 在python下可以用二个包来进行加解密和验证签名操作。
pycryptodome 或者 rsa 包
pip3 install pycryptodome
pip3 install rsa
分别写下二种包的操作方法:
使用pycryptodome
# 用包中的Crypto.PublicKey.RSA 生成公钥、私钥
import Crypto.PublicKey.RSA
import Crypto.Random
x = Crypto.PublicKey.RSA.generate(2048)
a = x.exportKey("PEM") # 生成私钥
b = x.publickey().exportKey() # 生成公钥
with open("a.pem", "wb") as x:
x.write(a)
with open("b.pem", "wb") as x:
x.write(b)
y = Crypto.PublicKey.RSA.generate(2048, Crypto.Random.new().read) # 使用 Crypto.Random.new().read 伪随机数生成器
c = y.exportKey() # 生成私钥
d = y.publickey().exportKey() #生成公钥
with open("c.pem", "wb") as x:
x.write(c)
with open("d.pem", "wb") as x:
x.write(d)
# 使用 Crypto.PublicKey.RSA.importKey(private_key) 生成公钥和证书
import Crypto.PublicKey.RSA
with open("a.pem", "rb") as x:
xx = Crypto.PublicKey.RSA.importKey(x.read())
b = xx.publickey().exportKey() # 生成公钥
with open("b.pem", "wb") as x:
x.write(b)
a = xx.exportKey("DER") # 生成 DER 格式的证书
with open("a.der", "wb") as x:
x.write(a)
# 算法实现 使用Crypto模块
import Crypto.PublicKey.RSA
import Crypto.Cipher.PKCS1_v1_5
import Crypto.Random
import Crypto.Signature.PKCS1_v1_5
import Crypto.Hash
y = b"abcdefg1234567"
with open("b.pem", "rb") as x:
b = x.read()
cipher_public = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(b))
cipher_text = cipher_public.encrypt(y) # 使用公钥进行加密
with open("a.pem", "rb") as x:
a = x.read()
# 如果私钥有密码 则使用相应密码 Crypto.PublicKey.RSA.importKey(a, password)
cipher_private = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(a))
text = cipher_private.decrypt(cipher_text, Crypto.Random.new().read) # 使用私钥进行解密
assert text == y # 断言验证
with open("c.pem", "rb") as x:
c = x.read()
c_rsa = Crypto.PublicKey.RSA.importKey(c)
signer = Crypto.Signature.PKCS1_v1_5.new(c_rsa)
msg_hash = Crypto.Hash.SHA256.new()
msg_hash.update(y)
sign = signer.sign(msg_hash) # 使用私钥进行'sha256'签名
with open("d.pem", "rb") as x:
d = x.read()
d_rsa = Crypto.PublicKey.RSA.importKey(d)
verifer = Crypto.Signature.PKCS1_v1_5.new(d_rsa)
msg_hash = Crypto.Hash.SHA256.new()
msg_hash.update(y)
verify = verifer.verify(msg_hash, sign) # 使用公钥验证签名
print(verify)
使用rsa
# 生成公钥、私钥:
import rsa
f, e = rsa.newkeys(2048) # 生成公钥、私钥
e = e.save_pkcs1() # 保存为 .pem 格式
with open("e.pem", "wb") as x: # 保存私钥
x.write(e)
f = f.save_pkcs1() # 保存为 .pem 格式
with open("f.pem", "wb") as x: # 保存公钥
x.write(f)
# rsa 加解密过程:
import rsa
# rsa加密
def rsaEncrypt(str):
# 生成公钥、私钥
(pubkey, privkey) = rsa.newkeys(512)
print("公钥:\n%s\n私钥:\n:%s" % (pubkey, privkey))
# 明文编码格式
content = str.encode("utf-8")
# 公钥加密
crypto = rsa.encrypt(content, pubkey)
return (crypto, privkey)
# rsa解密
def rsaDecrypt(str, pk):
# 私钥解密
content = rsa.decrypt(str, pk)
con = content.decode("utf-8")
return con
if __name__ == "__main__":
str, pk = rsaEncrypt("hello")
print("加密后密文:\n%s" % str)
content = rsaDecrypt(str, pk)
print("解密后明文:\n%s" % content)
# 实现
import rsa
y = b"abcdefg1234567"
with open("e.pem", "rb") as x:
e = x.read()
e = rsa.PrivateKey.load_pkcs1(e) # load 私钥
with open("f.pem", "rb") as x:
f = x.read()
f = rsa.PublicKey.load_pkcs1(f) # load 公钥,由于之前生成的私钥缺少'RSA'字段,故无法 load
cipher_text = rsa.encrypt(y, f) # 使用公钥加密
text = rsa.decrypt(cipher_text, e) # 使用私钥解密
assert text == y # 断言验证
sign = rsa.sign(y, e, "SHA-256") # 使用私钥进行'sha256'签名
verify = rsa.verify(y, sign, f) # 使用公钥验证签名
print(verify)
原文链接:http://www.itawp.com/270.html,转载请注明出处。
评论0