python rsa非对称加密

参考文档:地址

  1. 下载安装包:pip install pycryptodome
  2. 使用脚本生成私钥和密钥:
from Crypto import Random
from Crypto.PublicKey import RSA

random_generator = Random.new().read
rsa = RSA.generate(2048, random_generator)
# 生成私钥
private_key = rsa.exportKey()
print(private_key.decode('utf-8'))
# 生成公钥
public_key = rsa.publickey().exportKey()
print(public_key.decode('utf-8'))

with open('/home/rsa_keys/rsa_private_key.pem', 'wb')as f:
    f.write(private_key)

with open('/home/rsa_keys/rsa_public_key.pem', 'wb')as f:
    f.write(public_key)
  1. 使用公钥加密,私钥解密(公钥加密的数据,只有私钥才可以解密)
"""
使用公钥加密,私钥解密:防止数据泄露
"""


import base64
from Crypto.PublicKey import RSA
from Crypto.Hash import SHA
from Crypto.Signature import PKCS1_v1_5 as PKCS1_signature
from Crypto.Cipher import PKCS1_v1_5 as PKCS1_cipher

def get_key(key_file):
    with open(key_file) as f:
        data = f.read()
        key = RSA.importKey(data)
    return key

def encrypt_data(msg):
    public_key = get_key('/home/rsa_keys/rsa_public_key.pem')
    cipher = PKCS1_cipher.new(public_key)
    encrypt_text = base64.b64encode(cipher.encrypt(bytes(msg.encode("utf8"))))
    return encrypt_text.decode('utf-8')

def decrypt_data(encrypt_msg):
    private_key = get_key('/home/rsa_keys/rsa_private_key.pem')
    cipher = PKCS1_cipher.new(private_key)
    back_text = cipher.decrypt(base64.b64decode(encrypt_msg), 0)
    return back_text.decode('utf-8')

def test_encrypt_decrypt():
    msg = "{'app_id':1, 'unid_id':'232323232', 'app_name':'小白'}"
    encrypt_text = encrypt_data(msg)
    print('ssss',encrypt_text)
    decrypt_text = decrypt_data(encrypt_text)
    print('ddd', decrypt_text)
    print(msg == decrypt_text)

if __name__ == '__main__':
    test_encrypt_decrypt()
  1. 使用私钥加密,不能用公钥解密,只能用公钥验证加密后的数据是否被篡改

"""
使用私钥来加密,使用公钥来验签:防止数据被篡改
"""

import base64
from Crypto.PublicKey import RSA
from Crypto.Hash import SHA
from Crypto.Signature import PKCS1_v1_5 as PKCS1_signature
from Crypto.Cipher import PKCS1_v1_5 as PKCS1_cipher

def get_key(key_file):
    with open(key_file) as f:
        data = f.read()
        key = RSA.importKey(data)
    return key
def rsa_private_sign(data):
    private_key = get_key('/home/rsa_keys/rsa_private_key.pem')
    signer = PKCS1_signature.new(private_key)
    digest = SHA.new()
    digest.update(data.encode("utf8"))
    sign = signer.sign(digest)
    signature = base64.b64encode(sign)
    signature = signature.decode('utf-8')
    return signature

def rsa_public_check_sign(text, sign):
    publick_key = get_key('/home/rsa_keys/rsa_public_key.pem')
    verifier = PKCS1_signature.new(publick_key)
    digest = SHA.new()
    digest.update(text.encode("utf8"))
    return verifier.verify(digest, base64.b64decode(sign))

def test_sign():
    msg = 'coolpython.net'
    sign = rsa_private_sign(msg)
    print(rsa_public_check_sign(msg, sign))    # True
if __name__ == '__main__':
    test_sign()
  1. 使用rsa非对称加密的方式,安全,除非别人能够拿到你的公钥和私钥,但是缺点就是RSA算法的秘钥很长,加密的计算量比较大,安全性较高,但是加密速度比较慢,

你可能感兴趣的:(python,密码学,rsa,python)