pyjwt(cryptograhy)rsa产生非对称密钥的两种方式

概述

pyjwt 是jwt的一种实现方式
jwt由三部分组成,headers, pyaload, secret_key
常用的加密是hs256, rs256
pyjwt是基于cryptograhy和ecdsa封装实现的

本地的rsa证书

1.生成本地rsa证书

sudo openssl genrsa -out rsa_private_key.pem 1024
openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout 
或一条语句
openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem -days 3650
  1. 代码
# 自带证书方式
def self_certificate_rsa():
    with open("rsa/rsa_private_key.pem", "rb") as key_file:
        private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=None,
            backend=default_backend()
        )

    # Private Key serialization
    pem_private = private_key.private_bytes(encoding=serialization.Encoding.PEM,
                                    format=serialization.PrivateFormat.PKCS8,
                                    encryption_algorithm=serialization.NoEncryption()
                )

    # Public Key serialization
    public_key = private_key.public_key()
    pem_public = public_key.public_bytes(encoding=serialization.Encoding.PEM,
                                  format=serialization.PublicFormat.SubjectPublicKeyInfo)

    return {"pem_private": pem_private, "pem_public": pem_public}

cryptograhy 生成key的方式

代码

# cryptography 生成证书言式
def crypto_certificate_rsa():
    private_key = rsa.generate_private_key(
                    public_exponent=65537,
                    key_size=2048,
                    backend=default_backend()
            )

    # Private Key serialization
    pem_private = private_key.private_bytes(encoding=serialization.Encoding.PEM,
                                            format=serialization.PrivateFormat.PKCS8,
                                            encryption_algorithm=serialization.NoEncryption()
                                            )

    # Public Key serialization
    public_key = private_key.public_key()
    pem_public = public_key.public_bytes(encoding=serialization.Encoding.PEM,
                                         format=serialization.PublicFormat.SubjectPublicKeyInfo)

    return {"pem_private": pem_private, "pem_public": pem_public}

测试验证

pyjwt(cryptograhy)rsa产生非对称密钥的两种方式_第1张图片
image.png
image.png

连写在一起

import jwt

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization

from cryptography.hazmat.primitives.asymmetric import rsa


# cryptography 生成证书言式
def crypto_certificate_rsa():
    private_key = rsa.generate_private_key(
                    public_exponent=65537,
                    key_size=2048,
                    backend=default_backend()
            )

    # Private Key serialization
    pem_private = private_key.private_bytes(encoding=serialization.Encoding.PEM,
                                            format=serialization.PrivateFormat.PKCS8,
                                            encryption_algorithm=serialization.NoEncryption()
                                            )

    # Public Key serialization
    public_key = private_key.public_key()
    pem_public = public_key.public_bytes(encoding=serialization.Encoding.PEM,
                                         format=serialization.PublicFormat.SubjectPublicKeyInfo)

    return {"key_private": pem_private, "key_public": pem_public}


# 自带证书方式
def self_certificate_rsa():
    with open("rsa/rsa_private_key.pem", "rb") as key_file:
        private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=None,
            backend=default_backend()
        )

    # Private Key serialization
    pem_private = private_key.private_bytes(encoding=serialization.Encoding.PEM,
                                    format=serialization.PrivateFormat.PKCS8,
                                    encryption_algorithm=serialization.NoEncryption()
                )

    # Public Key serialization
    public_key = private_key.public_key()
    pem_public = public_key.public_bytes(encoding=serialization.Encoding.PEM,
                                  format=serialization.PublicFormat.SubjectPublicKeyInfo)

    return {"key_private": pem_private, "key_public": pem_public}


def rsa_256_encoded(data_dict, key_private):
    encoded = jwt.encode(data_dict, key_private, algorithm='RS256')
    return encoded


def rsa_256_decoded(data_bytes, key_public):
    encoded = jwt.decode(data_bytes, key_public, algorithm='RS256')
    return encoded


if __name__ == "__main__":

    key = crypto_certificate_rsa()

    data_encoded = rsa_256_encoded({"hello": "test"}, key.get("key_private"))
    data_decoded = rsa_256_decoded(data_encoded, key.get("key_public"))
    print(data_encoded)
    print(data_decoded)

参考

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/?highlight=rsa

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/?highlight=rsa

你可能感兴趣的:(pyjwt(cryptograhy)rsa产生非对称密钥的两种方式)