一、rsa库(推荐)
1、公钥加密、私钥解密
# -*- coding: utf-8 -*-
import rsa
# rsa加密
def rsaEncrypt(str):
# 生成公钥、私钥
(pubkey, privkey) = rsa.newkeys(512)
print("pub: ", pubkey)
print("priv: ", privkey)
# 明文编码格式
content = str.encode('utf-8')
# 公钥加密
crypto = rsa.encrypt(content, pubkey)
return (crypto, privkey)
# rsa解密
def rsaDecrypt(str, pk):
# 私钥解密
content = rsa.decrypt(str, pk)
con = content.decode('utf-8')
return con
(a, b) = rsaEncrypt("hello")
print('加密后密文:'+ a)
content = rsaDecrypt(a, b)
print('解密后明文:'+ content)
2、密钥导出、签名验证
import rsa
# 先生成一对密钥,然后保存.pem格式文件,当然也可以直接使用
(pubkey, privkey) = rsa.newkeys(1024)
pub = pubkey.save_pkcs1()
pubfile = open('public.pem', 'wb')
pubfile.write(pub)
pubfile.close()
pri = privkey.save_pkcs1()
prifile = open('private.pem', 'wb')
prifile.write(pri)
prifile.close()
# load公钥和密钥
message = 'lovesoo.org'
with open('public.pem', "rb") as publickfile:
p = publickfile.read()
pubkey = rsa.PublicKey.load_pkcs1(p)
print(pubkey)
with open('private.pem', "rb") as privatefile:
p = privatefile.read()
privkey = rsa.PrivateKey.load_pkcs1(p)
print(privkey)
# 用公钥加密、再用私钥解密
crypto = rsa.encrypt(message.encode('utf-8'), pubkey)
message = rsa.decrypt(crypto, privkey)
message = message.decode('utf-8')
print (message)
# sign 用私钥签名认证、再用公钥验证签名
signature = rsa.sign(message.encode('utf-8'), privkey, 'SHA-1')
verify = rsa.verify('lovesoo.org'.encode('utf-8'), signature, pubkey)
print(verify)二、使用 Crypto.PublicKey.RSA库
1、使用 Crypto.PublicKey.RSA 生成公钥、私钥:
import Crypto.PublicKey.RSA
import Crypto.Random
x = Crypto.PublicKey.RSA.generate(2048)
# Crypto.PublicKey.RSA.generate(2048, Crypto.Random.new().read) 使用 Crypto.Random.new().read 伪随机数生成器
a = x.exportKey("PEM") # 生成私钥
b = x.publickey().exportKey() # 生成公钥
with open("a.pem", "wb") as x:
x.write(a)
with open("b.pem", "wb") as x:
x.write(b)
2、使用 Crypto.PublicKey.RSA.importKey(private_key) 生成公钥和证书:
import Crypto.PublicKey.RSA
with open("a.pem", "rb") as x:
xx = Crypto.PublicKey.RSA.importKey(x.read())
b = xx.publickey().exportKey() # 生成公钥
with open("b.pem", "wb") as x:
x.write(b)
a = xx.exportKey("DER") # 生成 DER 格式的证书
with open("a.der", "wb") as x:
x.write(a)3、使用 Crypto进行RSA加解密
import Crypto.PublicKey.RSA
import Crypto.Cipher.PKCS1_v1_5
import Crypto.Random
import Crypto.Signature.PKCS1_v1_5
import Crypto.Hash
y = b"abcdefg1234567"
with open("b.pem", "rb") as x:
b = x.read()
cipher_public = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(b))
cipher_text = cipher_public.encrypt(y) # 使用公钥进行加密
with open("a.pem", "rb") as x:
a = x.read()
# 如果私钥有密码 则使用相应密码 Crypto.PublicKey.RSA.importKey(a, password)
cipher_private = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(a))
text = cipher_private.decrypt(cipher_text, Crypto.Random.new().read) # 使用私钥进行解密
assert text == y # 断言验证
with open("c.pem", "rb") as x:
c = x.read()
c_rsa = Crypto.PublicKey.RSA.importKey(c)
signer = Crypto.Signature.PKCS1_v1_5.new(c_rsa)
msg_hash = Crypto.Hash.SHA256.new()
msg_hash.update(y)
sign = signer.sign(msg_hash) # 使用私钥进行'sha256'签名
with open("d.pem", "rb") as x:
d = x.read()
d_rsa = Crypto.PublicKey.RSA.importKey(d)
verifer = Crypto.Signature.PKCS1_v1_5.new(d_rsa)
msg_hash = Crypto.Hash.SHA256.new()
msg_hash.update(y)
verify = verifer.verify(msg_hash, sign) # 使用公钥验证签名
print(verify)