python3 可以使用 Crypto.PublicKey.RSA 和 rsa 生成公钥、私钥。
其中 python3.6 Crypto 库的安装方式请参考连接:https://blog.csdn.net/qq_42486920/article/details/80850974
rsa 加解密的库使用 pip3 install rsa 就行了
C:\WINDOWS\system32>pip3 install rsa
Collecting rsa
Downloading https://files.pythonhosted.org/packages/e1/ae/baedc9cb175552e95f3395c43055a6a5e125ae4d48a1d7a924baca83e92e/rsa-3.4.2-py2.py3-none-any.whl (46kB)
100% |████████████████████████████████| 51kB 99kB/s
Collecting pyasn1>=0.1.3 (from rsa)
Downloading https://files.pythonhosted.org/packages/a0/70/2c27740f08e477499ce19eefe05dbcae6f19fdc49e9e82ce4768be0643b9/pyasn1-0.4.3-py2.py3-none-any.whl (72kB)
100% |████████████████████████████████| 81kB 289kB/s
Installing collected packages: pyasn1, rsa
Successfully installed pyasn1-0.4.3 rsa-3.4.2
使用 Crypto.PublicKey.RSA 生成公钥、私钥:
-
import Crypto.PublicKey.RSA
-
import Crypto.Random
-
-
x = Crypto.PublicKey.RSA.generate(
2048)
-
a = x.exportKey(
"PEM")
# 生成私钥
-
b = x.publickey().exportKey()
# 生成公钥
-
with open(
"a.pem",
"wb")
as x:
-
x.write(a)
-
with open(
"b.pem",
"wb")
as x:
-
x.write(b)
-
-
y = Crypto.PublicKey.RSA.generate(
2048, Crypto.Random.new().read)
# 使用 Crypto.Random.new().read 伪随机数生成器
-
c = y.exportKey()
# 生成私钥
-
d = y.publickey().exportKey()
#生成公钥
-
with open(
"c.pem",
"wb")
as x:
-
x.write(c)
-
with open(
"d.pem",
"wb")
as x:
-
x.write(d)
使用 Crypto.PublicKey.RSA.importKey(private_key) 生成公钥和证书:
-
import Crypto.PublicKey.RSA
-
-
with open(
"a.pem",
"rb")
as x:
-
xx = Crypto.PublicKey.RSA.importKey(x.read())
-
-
b = xx.publickey().exportKey()
# 生成公钥
-
with open(
"b.pem",
"wb")
as x:
-
x.write(b)
-
-
a = xx.exportKey(
"DER")
# 生成 DER 格式的证书
-
with open(
"a.der",
"wb")
as x:
-
x.write(a)
使用 rsa 生成公钥、私钥:
-
import rsa
-
-
f, e = rsa.newkeys(
2048)
# 生成公钥、私钥
-
-
e = e.save_pkcs1()
# 保存为 .pem 格式
-
with open(
"e.pem",
"wb")
as x:
# 保存私钥
-
x.write(e)
-
f = f.save_pkcs1()
# 保存为 .pem 格式
-
with open(
"f.pem",
"wb")
as x:
# 保存公钥
-
x.write(f)
RSA非对称加密算法实现:
使用Crypto模块:
-
import Crypto.PublicKey.RSA
-
import Crypto.Cipher.PKCS1_v1_5
-
import Crypto.Random
-
import Crypto.Signature.PKCS1_v1_5
-
import Crypto.Hash
-
-
y =
b"abcdefg1234567"
-
-
with open(
"b.pem",
"rb")
as x:
-
b = x.read()
-
cipher_public = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(b))
-
cipher_text = cipher_public.encrypt(y)
# 使用公钥进行加密
-
with open(
"a.pem",
"rb")
as x:
-
a = x.read()
-
cipher_private = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(a))
-
text = cipher_private.decrypt(cipher_text, Crypto.Random.new().read)
# 使用私钥进行解密
-
assert text == y
# 断言验证
-
-
with open(
"c.pem",
"rb")
as x:
-
c = x.read()
-
c_rsa = Crypto.PublicKey.RSA.importKey(c)
-
signer = Crypto.Signature.PKCS1_v1_5.new(c_rsa)
-
msg_hash = Crypto.Hash.SHA256.new()
-
msg_hash.update(y)
-
sign = signer.sign(msg_hash)
# 使用私钥进行'sha256'签名
-
with open(
"d.pem",
"rb")
as x:
-
d = x.read()
-
d_rsa = Crypto.PublicKey.RSA.importKey(d)
-
verifer = Crypto.Signature.PKCS1_v1_5.new(d_rsa)
-
msg_hash = Crypto.Hash.SHA256.new()
-
msg_hash.update(y)
-
verify = verifer.verify(msg_hash, sign)
# 使用公钥验证签名
-
print(verify)
运行结果:
True
使用 rsa 模块:
-
import rsa
-
-
y =
b"abcdefg1234567"
-
-
with open(
"e.pem",
"rb")
as x:
-
e = x.read()
-
e = rsa.PrivateKey.load_pkcs1(e)
# load 私钥
-
with open(
"f.pem",
"rb")
as x:
-
f = x.read()
-
f = rsa.PublicKey.load_pkcs1(f)
# load 公钥,由于之前生成的私钥缺少'RSA'字段,故无法 load
-
-
cipher_text = rsa.encrypt(y, f)
# 使用公钥加密
-
text = rsa.decrypt(cipher_text, e)
# 使用私钥解密
-
assert text == y
# 断言验证
-
-
sign = rsa.sign(y, e,
"SHA-256")
# 使用私钥进行'sha256'签名
-
verify = rsa.verify(y, sign, f)
# 使用公钥验证签名
-
print(verify)
运行结果:
True