python3使用pycryptodome库进行RSA操作代码

最近用到了RSA加密算法,参考了网上几篇文章,总结一下并改为python3版本代码,分享出来,全部经过测试,可以直接拷贝使用,支持中文;

主要是用 pycryptodome进行RSA生成公钥、私钥,加密、解密、签名、验签,如果要加密的内容是超长字符串,直接分块for一下就行 :)(ps:有的代码将分块操作放到加密步骤里面,我觉得这样如果是大文件加密的话太占用内存了,主要是对我这样的新手很不友好,所以个人还是推荐内容先分块再执行加密步骤

修改后记得自己添加try

#!/usr/bin/python
# conding = gbk
# python version 3.6
# pycryptodome进行RSA生成公钥、私钥,加密、解密、签名、验签
# 参考1 https://blog.csdn.net/u010693827/article/details/78629268
# 参考2 https://www.cnblogs.com/huxianglin/p/6387045.html
# 参考3 https://blog.csdn.net/orangleliu/article/details/72964948
from Crypto.Hash import SHA
from Crypto import Random
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
from Crypto.Signature import PKCS1_v1_5 as Signature_pkcs1_v1_5
import base64

'''
加密的 plaintext 最大长度是 证书key位数/8 - 11
1024 bit的证书,被加密的最长 1024/8 - 11=117
2048 bit的证书,被加密的最长 2048/8 - 11 =245
'''
encode_gbk_utf8 = 'utf-8'  # 全局编码方式 utf-8 | gbk
key_num = 1024  # 证书key位数


# RSA的公私钥生成
def RSA_Create_Key():
    random_generator = Random.new().read  # 伪随机数生成器
    rsa = RSA.generate(key_num, random_generator)  # rsa算法生成实例
    private_pem = rsa.exportKey()  # master的秘钥对的生成
    # 生成公私钥对文件
    with open('master-private.pem', 'wb') as f:
        f.write(private_pem)

    public_pem = rsa.publickey().exportKey()
    with open('master-public.pem', 'wb') as f:
        f.write(public_pem)
    # ghost的秘钥对的生成,与master内容一样,如果想不一样请重新生成rsa实例
    private_pem = rsa.exportKey()
    with open('ghost-private.pem', 'wb') as f:
        f.write(private_pem)

    public_pem = rsa.publickey().exportKey()
    with open('ghost-public.pem', 'wb') as f:
        f.write(public_pem)


# ghost使用公钥加密
def RSA_gKey_Encrypt(message):
    with open('ghost-public.pem', 'rb') as f:
        key = f.read()
        rsakey = RSA.importKey(key)  # 导入读取到的公钥
        cipher = Cipher_pkcs1_v1_5.new(rsakey)  # 生成对象
        # 加密message明文,python3加密的数据必须是bytes,不能是str
        cipher_text = base64.b64encode(cipher.encrypt(
            message.encode(encoding=encode_gbk_utf8)))
        return cipher_text


# ghost使用私钥解密
def RSA_gKey_Decrypt(cipher_text):
    with open('ghost-private.pem', 'rb') as f:
        key = f.read()
        rsakey = RSA.importKey(key)  # 导入读取到的私钥
        cipher = Cipher_pkcs1_v1_5.new(rsakey)  # 生成对象
        # 将密文解密成明文,返回的是bytes类型,需要自己转成str,主要是对中文的处理
        text = cipher.decrypt(base64.b64decode(cipher_text), "ERROR")
        return text.decode(encoding=encode_gbk_utf8)


# master 使用私钥对内容进行签名
def RSA_mKey_Sign(message):
    with open('master-private.pem', 'rb') as f:
        key = f.read()
        rsakey = RSA.importKey(key)
        signer = Signature_pkcs1_v1_5.new(rsakey)
        digest = SHA.new()
        digest.update(message.encode(encoding=encode_gbk_utf8))
        sign = signer.sign(digest)
        signature = base64.b64encode(sign)  # 对结果进行base64编码
    return signature


# master 使用公钥对内容进行验签
def RSA_mKey_CheckSign(message, signature):
    with open('master-public.pem', 'rb') as f:
        key = f.read()
        rsakey = RSA.importKey(key)
        verifier = Signature_pkcs1_v1_5.new(rsakey)
        digest = SHA.new()
        # 注意内容编码和base64解码问题
        digest.update(message.encode(encoding=encode_gbk_utf8))
        is_verify = verifier.verify(digest, base64.b64decode(signature))
    return is_verify


if __name__ == "__main__":

    '''
    # 如果要加密的内容是超长字符串或大文件,直接for一下进行分块操作就行
    try:
        with open('test_100MB.txt','rb') as f:
            while True:
            message = f.read(64) #长度由证书位数决定
            #rsa操作代码
    except EOFError:
        pass
    '''
    message = 'hello world, 你好世界 !'
    RSA_Create_Key()
    try:
        cipher_text = RSA_gKey_Encrypt(message)
        print(cipher_text)
        text = RSA_gKey_Decrypt(cipher_text)
        print(text)

        signature = RSA_mKey_Sign(message)
        print(signature)
        is_verify = RSA_mKey_CheckSign(message, signature)
        print(is_verify)
    except:
        print('rsa run error')

运行结果

Connected to pydev debugger (build 192.6817.19)
b'hz9g0Nx0i8R7PMOzuN5GSI3LcngZUFoycCZ663hUzwvn2bsW2yIz2e7j12lZ38Z+h/dNQBKOO6NeSI+0PIhbenwCOQjDhN6USbHjyEKkK6KL6e1jUUWb9NlFbZ3Fv7ldu7hzIaEpm9oonDuAdstqrOrUNXzzEq34KYKGtI00Tc4='
hello world, 你好世界 !
b'odQyUrpgoVWVE4zG4M1cGB5Bi2Fkt4YMpTpgAlQqcOV+FLHLPd6I9PLuAbHQW+iKdjyKu2niHavc0ANz77wHsp1M58YGcUEXYv0BsAHtqQ2HZFqM1SW3iOG7O5NKFhQUaLmJXfEmTRSe5RvNH/rsrNFY4SjtItNg+H1SraRGOf4='
True

Process finished with exit code 0

 

你可能感兴趣的:(编程,python3,pycryptodome,rsa)