Python实现RSA信息加密及身份签名验签

前期曾尝试用python RSA库,但是rsa.newkeys方法已经不能使用,因此本程序采用了Python Crypto库实现RSA信息加密功能,并进行身份签名验签 

# -*- coding: utf-8 -*-
# coding: utf-8
"""
本程序实现两部分内容:
1.实现RSA加密通信双方公私钥生成,并实现发起方Alice使用接收方Bob公钥加密发送数据,Bob接收后使用自身私钥解密数据
2.实现对Bob身份的验证,Bob使用自身私钥进行签名,Alice收到后使用Bob公钥进行解密验签
"""

from Crypto import Random
from Crypto.Hash import SHA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
from Crypto.Signature import PKCS1_v1_5 as Signature_pkcs1_v1_5
from Crypto.PublicKey import RSA
import base64

"""实现RSA通信双方公私钥生成,并实现接收方公钥加密,接收方私钥解密功能"""
random_generator = Random.new().read
rsa = RSA.generate(1024, random_generator)
# 生成Alice的公钥和私钥
private_pem = rsa.exportKey()
public_pem = rsa.publickey().exportKey()
with open('key/alice_private.pem', 'wb') as f:
    f.write(private_pem)
with open('key/alice_public.pem', 'wb') as f:
    f.write(public_pem)

# 生成Bob的公钥和私钥
private_pem = rsa.exportKey()
public_pem = rsa.publickey().exportKey()
with open('key/bob_private.pem', 'wb') as f:
    f.write(private_pem)
with open('key/bob_public.pem', 'wb') as f:
    f.write(public_pem)

# Alice向Bob发送加密信息,使用Bob的公钥加密
message = 'hello,bob!'
print('sending words:')
print(message)
with open('key/bob_public.pem') as f:
    key = f.read()
    pubkey = RSA.importKey(key)  # 将bob_public.pem中的公钥导出
    cipher = Cipher_pkcs1_v1_5.new(pubkey)  # 按照pkcs1_v1_5的标准对公钥进行处理,如填充字段等
    # 对message使用公钥进行加密,加密结果再用base64进行处理生成最终密文
    # 用base64进行处理的原因是为了防止原来的二进制数据某些字符被当做控制指令,或者一些不可见的二进制字符(ascii值在128~255之间的)在路由传输过程中被滤过
    # 使用base64可将所有不可见二进制字符显示
    cipher_text = base64.b64encode(cipher.encrypt(message.encode(encoding="utf-8")))
    #输出密文
    print('encrypt text is:')
    print(cipher_text)

# Bob收到密文后使用自己的私钥进行解密
with open('key/bob_private.pem') as f:
    key = f.read()
    prikey = RSA.importKey(key)
    cipher = Cipher_pkcs1_v1_5.new(prikey)
    plain_text = cipher.decrypt(base64.b64decode(cipher_text), random_generator)
    plain_text = plain_text.decode()
    #输出明文
    print('plain text is:')
    print(plain_text)

print()

"""对Bob身份进行验证,Bob用自己的私钥进行签名,Alice收到签名后,用Bob公钥进行解密验签"""
#签名
with open('key/bob_private.pem') as f:
    key=f.read()
    signkey=RSA.importKey(key)
    signer=Signature_pkcs1_v1_5.new(signkey)    #按照pkcs1_v1_5的标准对私钥进行处理,用于签名计算,将处理后的私钥存入signer变量
    digest=SHA.new()
    digest.update(message.encode("utf8"))   #对message用SHA进行散列计算,得到摘要,防止篡改
    sign=signer.sign(digest)    #对摘要用私钥进行处理
    signature=base64.b64encode(sign)
    print('signature is:')
    print(signature)
#验签
with open('key/bob_public.pem') as f:
    key=f.read()
    unsignkey=RSA.importKey(key)
    unsigner=Signature_pkcs1_v1_5.new(unsignkey)    #按照pkcs1_v1_5的标准对公钥进行处理,用于签名解密,将处理后的公钥存入unsigner变量
    digest=SHA.new()
    digest.update(message.encode("utf8"))
    is_verify = unsigner.verify(digest, base64.b64decode(signature))    #将签名数据用unsigner进行解密,然后与原文digest的摘要进行比较是否一致
    print('verify result is:',is_verify)

以上运行结果如下(公私钥为随机生成)

sending words:
hello,bob!
encrypt text is:
b'NTLHSI8YAowmaRumkO1pl273Jtlfx4ztICZHPuGY9nYVPt1gXQRWvmhVZpi1uXcJckKrtG+8SRTjORZErs0fZm+BPt6btjXGSoPtb9y59iJQ/fsKf9A7QW1vOZhzJYr3qjSShwbyPB/nL6xDCqSKD/ynT8G8QZEbkEd6uzMc9zw='
plain text is:
hello,bob!

signature is:
b'jfKdug+WkvG4dbwqlxYoHaB1DHfciAeV8+Eiv2tjZkCK4E66Oiu4pN96xR7Hn7Tx10Mjt92luTRgl67zK6gxI8+4zSifYo/LJp2q2Hc6zP+ZfBK4HOhwfPBbkFvVwu9lZ2krX+gNslxH9XrNEFujXEkT9c7IMfXt5eXrkmHNrog='
verify result is: True

 

你可能感兴趣的:(网络安全)