RSA签名验签、加密解密，基于Python2下的Crypto

 一、签名和验签

# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5


def get_keys():
    random_generator = Random.new().read  # 伪随机数生成器
    rsa = RSA.generate(1024, random_generator)  # rsa算法生成实例
    private_key = rsa.exportKey()  # 生成私钥
    public_key = rsa.publickey().exportKey()  # 生成公钥
    return public_key, private_key


def get_sign(message, private_key):
    private_key = RSA.importKey(private_key)  # 导入私钥
    rsa = PKCS1_v1_5.new(private_key)
    rsa_message = rsa.sign(SHA.new(data=message))  # 生成签名
    rsa_message = base64.b64encode(rsa_message)  # 签名转换为base64便于存储或传输
    return rsa_message


def verify_sign(message, sign, public_key):
    sign = base64.b64decode(sign)  # base64解码
    public_key = RSA.importKey(public_key)  # 导入公钥
    rsa = PKCS1_v1_5.new(public_key)
    is_verify = rsa.verify(SHA.new(data=message), sign)  # 根据原始内容和签名进行验签
    return is_verify

message = 'Hello world !'
public_key, private_key = get_keys()  # 生成公钥和私钥
sign = get_sign(message, private_key)  # 私钥签名
is_verify = verify_sign(message, sign, public_key)  # 公钥验签

print public_key
print private_key
print 'message:', message
print 'sign:', sign
print 'is verify:', is_verify

二、加密解密

# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5


def get_keys():
    random_generator = Random.new().read  # 伪随机数生成器
    rsa = RSA.generate(1024, random_generator)  # rsa算法生成实例
    private_key = rsa.exportKey()  # 生成私钥
    public_key = rsa.publickey().exportKey()  # 生成公钥
    return public_key, private_key


def aes_encrypt(message, public_key):
    public_key = RSA.importKey(public_key)  # 导入公钥
    cipher = PKCS1_v1_5.new(public_key)
    cipher_text = cipher.encrypt(message)  # 生成加密结果
    cipher_text = base64.b64encode(cipher_text)  # 加密结果转换为base64便于存储或传输
    return cipher_text


def aes_decrypt(cipher_text, private_key):
    random_generator = Random.new().read
    private_key = RSA.importKey(private_key)  # 导入私钥
    cipher = PKCS1_v1_5.new(private_key)
    cipher_text = base64.b64decode(cipher_text)  # base64解码
    message = cipher.decrypt(cipher_text, random_generator)  # 解密
    return message

message = 'Hello world !'
public_key, private_key = get_keys()  # 生成公钥和私钥
cipher_text = aes_encrypt(message, public_key)  # 公钥加密
new_message = aes_decrypt(cipher_text, private_key)  # 私钥解密

print public_key
print private_key
print 'message:', message
print 'cipher_text:', cipher_text
print 'decrypt ok:', new_message == message

三、与java对接

最近对接的一个服务是用java写的，对方参考了 https://blog.csdn.net/baidu_38990811/article/details/83416532 这篇文章进行验签，该文章中使用的hash方式和本文是不同的，为了与其对接，需要MD5的hash方式：

# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.Hash import MD5
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5


def get_keys():
    random_generator = Random.new().read  # 伪随机数生成器
    rsa = RSA.generate(1024, random_generator)  # rsa算法生成实例
    private_key = rsa.exportKey()  # 生成私钥
    public_key = rsa.publickey().exportKey()  # 生成公钥
    return public_key, private_key


def get_sign(message, private_key):
    private_key = RSA.importKey(private_key)  # 导入私钥
    rsa = PKCS1_v1_5.new(private_key)
    rsa_message = rsa.sign(MD5.new(data=message))  # 生成签名
    rsa_message = base64.b64encode(rsa_message)  # 签名转换为base64便于存储或传输
    return rsa_message


def verify_sign(message, sign, public_key):
    sign = base64.b64decode(sign)  # base64解码
    public_key = RSA.importKey(public_key)  # 导入公钥
    rsa = PKCS1_v1_5.new(public_key)
    is_verify = rsa.verify(MD5.new(data=message), sign)  # 根据原始内容和签名进行验签
    return is_verify

message = 'Hello world !'
public_key, private_key = get_keys()  # 生成公钥和私钥
sign = get_sign(message, private_key)  # 私钥签名
is_verify = verify_sign(message, sign, public_key)  # 公钥验签

print public_key
print private_key
print 'message:', message
print 'sign:', sign
print 'is verify:', is_verify