用python实现有AES加密和RAS加密的接口登录

登录逻辑：
1.调用接口返回随机数randomString、AES密钥aesKey和RAS公钥rasPublicKey
2.用AES密钥对随机数进行加密
3.在步骤2的结果和加：密码进行拼接
4.对步骤3的结果进行RAS加密得到登录密码
一.调用接口获得返回数据
接口返回数据：
{
“code”: 200,
“data”: {
“encrytionKey”: true,
“randomString”: “0bd4d34d-1be7-4582-b939-956170a8f033-4f4jivbutz”,
“rasPublicKey”: “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaU3pFuKJ43znRPK5CnJb+bb/q5JqiGR5W5K//Qtgga9B+/rnJh6zwlPcWfFD5TC06wpriVoXdelWuFSZXx+zzHqPgxyKlGBg95/4bysoBapD5MytTXVy1cViQxYyXEmVy8ZtTWh0ABL7CAl7Dc3Oc77Zg3FYdHAy6ZfON1qLdcwIDAQAB”,
“aesKey”: “MAVxZEZb+J1+//VIAyWLcQ==”
}
}
从接口返回数据我们得到了随机数randomString、AES密钥aesKey和RAS公钥rasPublicKey
二、对随机数进行AES加密
AES加密函数如下。模块为AES

import base64
from Crypto.Cipher import AES

class EncryptDate:
    def __init__(self, key):
        '''
        python实现AES中ECB模式pkcs5padding填充加密/解密
        :param key:
        '''
        self.key = key.encode("utf-8")  # 初始化密钥
        self.length = AES.block_size  # 初始化数据块大小
        self.aes = AES.new(self.key, AES.MODE_ECB)  # 初始化AES,ECB模式的实例
        # 截断函数，去除填充的字符
        self.unpad = lambda date: date[0:-ord(date[-1])]

    def pad(self, text):
        """
        #填充函数，使被加密数据的字节码长度是block_size的整数倍
        """
        count = len(text.encode('utf-8'))
        add = self.length - (count % self.length)
        entext = text + (chr(add) * add)
        return entext

    def encrypt(self, encrData):  # 加密函数
        res = self.aes.encrypt(self.pad(encrData).encode("utf8"))
        msg = str(base64.b64encode(res), encoding="utf8")
        return msg

 

三、RAS加密函数
RAS加密函数如下。模块为RAS

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
import base64

def rsa_encryption(rasPubkey,aesStrPwd):
    '''
    rsa加密
    :return: rsa加密后的字符串
    '''

    aeskeypwd=aesStrPwd
    public_key = rasPubkey
    public_key = f'''-----BEGIN PUBLIC KEY-----
    {public_key}
    -----END PUBLIC KEY-----
    '''
    publickey = RSA.importKey(public_key)
    # 分段加密
    pk = PKCS1_v1_5.new(publickey)
    encrypt_text = []
    for i in range(0, len(aeskeypwd), 100):
        cont = aeskeypwd[i:i + 100]
        encrypt_text.append(pk.encrypt(cont.encode()))
    # 加密完进行拼接
    cipher_text = b''.join(encrypt_text)
    # base64进行编码
    result = base64.b64encode(cipher_text)

    return result.decode()

四、调用函数实现登录

import requests
from AES import  EncryptDate
from RSA import rsa_encryption
import json

def login(user,pwd):
    '''项目登录接口'''
    url1 = 'http://10.22.1.101:10001/login-encryption-keys'   #获取随机数、AES密钥、RAS公钥接口
    url2 = 'http://10.22.1.101:10002/login'     #登录接口
    res = requests.get(url=url1).json()     #调用接口获取随机数、AES密钥、RAS公钥
    # print(res)
    randomString = res['data']['randomString']      #随机数
    # print(f'获取的随机数:{randomString}')
    rasPublicKey = res['data']['rasPublicKey']      #RAS公钥
    # print(f'获取的RAS公钥:{rasPublicKey}')
    aesKey = res['data']['aesKey']      #AES密钥
    # print(f'获取的aes密钥：{aesKey}')
    aes_Str = EncryptDate(aesKey).encrypt(randomString)     #调用类对随机数进行AES加密
    # print(f'随机数进行AES加密后：{aes_Str}')
    Splicingpassword = aes_Str+":"+f"{pwd}"       #拼接输入的密码
    # print(f'AES加密后拼接输入后的密码：{Splicingpassword}')
    result = rsa_encryption(rasPublicKey,Splicingpassword)      #对拼接密码的进行RAS加密
    # print(f'RAS加密后：{result}')
    data = {"username":f"{user}","password":f"{result}"}       #登录接口的请求参数
    res2 = requests.post(url=url2,json=data).json()         #登录
    # print(res2)
    return res2

调用登录函数的时候传入用户名user和密码pwd即可登录