pythonrsa加解密

见贤思齐

今天要说的加密方式RSA，随笔简单记录下。RSA加密是一种非对称加密，通常使用公钥加密，私钥解密，私钥签名，公钥验签。而通常公钥比较短，私钥比较长。在公开密钥密码体制中，加密密钥（即公开密钥）PK是公开信息，而解密密钥（即秘密密钥）SK是需要保密的。RSA算法通常是先生成一对RSA密钥，其中之一是保密密钥，由用户保存；另一个为公开密钥，可对外公开。1.生成公钥&私钥fromCryptoimportRandomfromCrypto.PublicKeyimportRSA#伪随机数生成器random_generator=Random.new().read#rsa算法生成实例rsa=RSA.generate(1024,random_generator)#私钥的生成private_pem=rsa.exportKey()withopen("private.pem","wb")asf:f.write(private_pem)#公钥的生成public_pem=rsa.publickey().exportKey()withopen("public.pem","wb")asf:f.write(public_pem)123456789101112131415161718运行完以后会生成两个文件，private.pem和public.pem。生成的公钥私钥格式是固定的，秘钥中间无空格无换行，秘钥末尾也空格无换行。公钥长这样，一般比较短。私钥长这样，一般比较长。2.使用公钥加密importbase64fromCrypto.PublicKeyimportRSAfromCrypto.CipherimportPKCS1_v1_5asCipher_pkcs1_v1_5#rsa加密defrsa_encrypt(message):public_key="""-----BEGINPUBLICKEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfgDPRwaAYZFyNg7EyjMZOnjIRvPPPu4sC6Iu25SDK9z6aE/yKwNSXI4JF/7gsFlXpV8rjB/SfIjNAunHy0++2djAT1aWJYZSTujBkPblqR/NxRTilTwoc/oRjLHLF3RuoPOIL4on303Uc9Jgzj1CKbIDUSSk4+gy2rfs2SUZ/uwIDAQAB-----ENDPUBLICKEY-----"""rsa_key=RSA.importKey(public_key)cipher=Cipher_pkcs1_v1_5.new(rsa_key)#创建用于执行pkcs1_v1_5加密或解密的密码cipher_text=base64.b64encode(cipher.encrypt(message.encode("utf-8")))returncipher_text.decode("utf-8")if__name__=="__main__":message="Hello,你好,这是一段RSA加密测试代码!"result=rsa_encrypt(message)print(result)1234567891011121314151617181920212223跑一下看看结果：jVzxl5vJ9OsDHqii/uPTCoujxSNFQOBOIvPDno9er6OcMgPhnbqfjnoEfLCSndghPT9x5vUKTC/jy8MK8TezmUVJSho9AVRi/Z3GKGjMXWFRTOfe18K6Ml6U0GaZGiacHZkIG1XOKTQs0HDbY1WhBzeMIakpsqgBEAoU+9wmkpo=1再跑一下看看结果：OdLiI6XPqXAQKbE9t3GX4NjFArQOp6winRSV8xVaEcKm5NstgFD+e+iTZUSLGJrrdys3Ah7+bMW2sa6R3s8Sly3JSDyHVae5fhsKQ7/ouYFFXZf6Umj3BbE5Mykf6L9DM5U4fp2z5ZJ9EyAfXel8t84xIWpRnt8Ym6UOg+JFW8A=1对比两次你会发现，这里每次使用公钥加密后的结果都不一致，跟对数据的padding即填充有关。3.使用私钥解密importbase64fromCrypto.PublicKeyimportRSAfromCrypto.CipherimportPKCS1_v1_5asCipher_pkcs1_v1_5#rsa解密defrsa_decrypt(cipher_text):private_key="""-----BEGINRSAPRIVATEKEY-----MIICWwIBAAKBgQCfgDPRwaAYZFyNg7EyjMZOnjIRvPPPu4sC6Iu25SDK9z6aE/yKwNSXI4JF/7gsFlXpV8rjB/SfIjNAunHy0++2djAT1aWJYZSTujBkPblqR/NxRTilTwoc/oRjLHLF3RuoPOIL4on303Uc9Jgzj1CKbIDUSSk4+gy2rfs2SUZ/uwIDAQABAoGAAiZ0zGGbWmjT9JZvZ5qNO9cXHrUY5laFZ7sh0wvgtsvBfMtDLs2tsAHrCi2J2pJMgzJLSmc7jX+lCDzbN2ZTB3Gz57jhx8ytvOZQod2MlEA52oUQGWeIim91hWYWTKF8EoaQMfjUGzKXcZHjkPbZbajRFoad9+8w779jpDVJ/QkCQQC3Gd+cR1d0PI3L/roRRVJKessFk4upqxbRTvqbD5S0pPQjOmzHEUwhluyKJJXfdBuwMbZKfBhO/FdIfpe+m375AkEA3wDtuuNuNVZoJIOdFP/QeglPx8vKyzNHqWHITRels+wyZRKIEJU0QfseNa0s2egqSDCX7EdDZIuujO0ERDM9UwJAGcVCe7Ru0qVTL8sCVTv0gRcXTAmgNpkl9P+wtfJTc7ljwzGN7da5aGDdmfPcRD8LRpk4lvMwWK2be1CV+vXXwQJAfKQyO6DeemVfM/l0FMaeqXcG5m8bW9O/nAaRQ7WR4iyERkXDUzFx0ecfjXTLesfuygaPA3sZSdtgplfbaJsTDQJAdg5IvgiGOksvjvOf5wr3vHy0v0na/pMJVLol7t0GXFtjLHntk5bjwJVx/ltaFSR/zG8nM7zASpid3B9BH3H5qA==-----ENDRSAPRIVATEKEY-----"""decode_text=base64.b64decode(cipher_text)cipher=Cipher_pkcs1_v1_5.new(RSA.importKey(private_key))#创建用于执行pkcs1_v1_5加密或解密的密码decrypt_text=cipher.decrypt(decode_text,b"rsa")returndecrypt_text.decode("utf-8")if__name__=="__main__":result="OdLiI6XPqXAQKbE9t3GX4NjFArQOp6winRSV8xVaEcKm5NstgFD+e+iTZUSLGJrrdys3Ah7+bMW2sa6R3s8Sly3JSDyHVae5fhsKQ7/ouYFFXZf6Umj3BbE5Mykf6L9DM5U4fp2z5ZJ9EyAfXel8t84xIWpRnt8Ym6UOg+JFW8A="message=rsa_decrypt(result)print(message)1234567891011121314151617181920212223242526272829303132运行结果：Hello,你好,这是一段RSA加密测试代码!1可以看到，和加密前的数据一模一样。4.使用私钥加签importbase64fromCrypto.HashimportSHAfromCrypto.PublicKeyimportRSAfromCrypto.SignatureimportPKCS1_v1_5asSignature_pkcs1_v1_5#私钥加签名defrsa_encrypt(message):private_key="""-----BEGINRSAPRIVATEKEY-----MIICWwIBAAKBgQCfgDPRwaAYZFyNg7EyjMZOnjIRvPPPu4sC6Iu25SDK9z6aE/yKwNSXI4JF/7gsFlXpV8rjB/SfIjNAunHy0++2djAT1aWJYZSTujBkPblqR/NxRTilTwoc/oRjLHLF3RuoPOIL4on303Uc9Jgzj1CKbIDUSSk4+gy2rfs2SUZ/uwIDAQABAoGAAiZ0zGGbWmjT9JZvZ5qNO9cXHrUY5laFZ7sh0wvgtsvBfMtDLs2tsAHrCi2J2pJMgzJLSmc7jX+lCDzbN2ZTB3Gz57jhx8ytvOZQod2MlEA52oUQGWeIim91hWYWTKF8EoaQMfjUGzKXcZHjkPbZbajRFoad9+8w779jpDVJ/QkCQQC3Gd+cR1d0PI3L/roRRVJKessFk4upqxbRTvqbD5S0pPQjOmzHEUwhluyKJJXfdBuwMbZKfBhO/FdIfpe+m375AkEA3wDtuuNuNVZoJIOdFP/QeglPx8vKyzNHqWHITRels+wyZRKIEJU0QfseNa0s2egqSDCX7EdDZIuujO0ERDM9UwJAGcVCe7Ru0qVTL8sCVTv0gRcXTAmgNpkl9P+wtfJTc7ljwzGN7da5aGDdmfPcRD8LRpk4lvMwWK2be1CV+vXXwQJAfKQyO6DeemVfM/l0FMaeqXcG5m8bW9O/nAaRQ7WR4iyERkXDUzFx0ecfjXTLesfuygaPA3sZSdtgplfbaJsTDQJAdg5IvgiGOksvjvOf5wr3vHy0v0na/pMJVLol7t0GXFtjLHntk5bjwJVx/ltaFSR/zG8nM7zASpid3B9BH3H5qA==-----ENDRSAPRIVATEKEY-----"""rsa_key=RSA.importKey(private_key)signer=Signature_pkcs1_v1_5.new(rsa_key)digest=SHA.new()digest.update(message.encode("utf-8"))sign=signer.sign(digest)signature=base64.b64encode(sign)returnsignature.decode("utf-8")if__name__=="__main__":message="Hello,你好,这是一段RSA加密测试代码!"signature=rsa_encrypt(message)print(signature)12345678910111213141516171819202122232425262728293031323334353637跑一次:ai3x9IMY+UQysZ+KNlnXsUi29ykqvtOUue6kdysFXvdnviQXKKDb6phGzd1mZEHYOTh81HiB6kS/vN93PRRDpPwCsKxbkB3SPjQnM/we2cZnZGK/bFUXoulL/a0V86UKEwL8vqRMNyDn1zrv9YwhvblTzdu8ywkawXuH6O/8SRw=1再跑一次：ai3x9IMY+UQysZ+KNlnXsUi29ykqvtOUue6kdysFXvdnviQXKKDb6phGzd1mZEHYOTh81HiB6kS/vN93PRRDpPwCsKxbkB3SPjQnM/we2cZnZGK/bFUXoulL/a0V86UKEwL8vqRMNyDn1zrv9YwhvblTzdu8ywkawXuH6O/8SRw=1然后你会很神奇的发现用私钥加签，每次签名是一致的。5.使用公钥验签importbase64fromCrypto.HashimportSHAfromCrypto.PublicKeyimportRSAfromCrypto.SignatureimportPKCS1_v1_5asSignature_pkcs1_v1_5defcheck_verify():public_key="""-----BEGINPUBLICKEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfgDPRwaAYZFyNg7EyjMZOnjIRvPPPu4sC6Iu25SDK9z6aE/yKwNSXI4JF/7gsFlXpV8rjB/SfIjNAunHy0++2djAT1aWJYZSTujBkPblqR/NxRTilTwoc/oRjLHLF3RuoPOIL4on303Uc9Jgzj1CKbIDUSSk4+gy2rfs2SUZ/uwIDAQAB-----ENDPUBLICKEY-----"""message_verify="Hello,你好,这是一段RSA加密测试代码!"signature="ai3x9IMY+UQysZ+KNlnXsUi29ykqvtOUue6kdysFXvdnviQXKKDb6phGzd1mZEHYOTh81HiB6kS/vN93PRRDpPwCsKxbkB3SPjQnM/we2cZnZGK/bFUXoulL/a0V86UKEwL8vqRMNyDn1zrv9YwhvblTzdu8ywkawXuH6O/8SRw="rsa_key=RSA.importKey(public_key)verifier=Signature_pkcs1_v1_5.new(rsa_key)hsmsg=SHA.new()hsmsg.update(message_verify.encode("utf-8"))is_verify=verifier.verify(hsmsg,base64.b64decode(signature))print(is_verify)if__name__=="__main__":check_verify()12345678910111213141516171819202122232425返回结果：True1