一、簽名和驗籤
# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
def get_keys():
random_generator = Random.new().read # 僞隨機數生成器
rsa = RSA.generate(1024, random_generator) # rsa算法生成實例
private_key = rsa.exportKey() # 生成私鑰
public_key = rsa.publickey().exportKey() # 生成公鑰
return public_key, private_key
def get_sign(message, private_key):
private_key = RSA.importKey(private_key) # 導入私鑰
rsa = PKCS1_v1_5.new(private_key)
rsa_message = rsa.sign(SHA.new(data=message)) # 生成簽名
rsa_message = base64.b64encode(rsa_message) # 簽名轉換爲base64便於存儲或傳輸
return rsa_message
def verify_sign(message, sign, public_key):
sign = base64.b64decode(sign) # base64解碼
public_key = RSA.importKey(public_key) # 導入公鑰
rsa = PKCS1_v1_5.new(public_key)
is_verify = rsa.verify(SHA.new(data=message), sign) # 根據原始內容和簽名進行驗籤
return is_verify
message = 'Hello world !'
public_key, private_key = get_keys() # 生成公鑰和私鑰
sign = get_sign(message, private_key) # 私鑰簽名
is_verify = verify_sign(message, sign, public_key) # 公鑰驗籤
print public_key
print private_key
print 'message:', message
print 'sign:', sign
print 'is verify:', is_verify
二、加密解密
# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
def get_keys():
random_generator = Random.new().read # 僞隨機數生成器
rsa = RSA.generate(1024, random_generator) # rsa算法生成實例
private_key = rsa.exportKey() # 生成私鑰
public_key = rsa.publickey().exportKey() # 生成公鑰
return public_key, private_key
def aes_encrypt(message, public_key):
public_key = RSA.importKey(public_key) # 導入公鑰
cipher = PKCS1_v1_5.new(public_key)
cipher_text = cipher.encrypt(message) # 生成加密結果
cipher_text = base64.b64encode(cipher_text) # 加密結果轉換爲base64便於存儲或傳輸
return cipher_text
def aes_decrypt(cipher_text, private_key):
random_generator = Random.new().read
private_key = RSA.importKey(private_key) # 導入私鑰
cipher = PKCS1_v1_5.new(private_key)
cipher_text = base64.b64decode(cipher_text) # base64解碼
message = cipher.decrypt(cipher_text, random_generator) # 解密
return message
message = 'Hello world !'
public_key, private_key = get_keys() # 生成公鑰和私鑰
cipher_text = aes_encrypt(message, public_key) # 公鑰加密
new_message = aes_decrypt(cipher_text, private_key) # 私鑰解密
print public_key
print private_key
print 'message:', message
print 'cipher_text:', cipher_text
print 'decrypt ok:', new_message == message
三、與java對接
最近對接的一個服務是用java寫的,對方參考了 https://blog.csdn.net/baidu_38990811/article/details/83416532 這篇文章進行驗籤,該文章中使用的hash方式和本文是不同的,爲了與其對接,需要MD5的hash方式:
# -*- coding: utf-8 -*-
import base64
from Crypto import Random
from Crypto.Hash import MD5
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
def get_keys():
random_generator = Random.new().read # 僞隨機數生成器
rsa = RSA.generate(1024, random_generator) # rsa算法生成實例
private_key = rsa.exportKey() # 生成私鑰
public_key = rsa.publickey().exportKey() # 生成公鑰
return public_key, private_key
def get_sign(message, private_key):
private_key = RSA.importKey(private_key) # 導入私鑰
rsa = PKCS1_v1_5.new(private_key)
rsa_message = rsa.sign(MD5.new(data=message)) # 生成簽名
rsa_message = base64.b64encode(rsa_message) # 簽名轉換爲base64便於存儲或傳輸
return rsa_message
def verify_sign(message, sign, public_key):
sign = base64.b64decode(sign) # base64解碼
public_key = RSA.importKey(public_key) # 導入公鑰
rsa = PKCS1_v1_5.new(public_key)
is_verify = rsa.verify(MD5.new(data=message), sign) # 根據原始內容和簽名進行驗籤
return is_verify
message = 'Hello world !'
public_key, private_key = get_keys() # 生成公鑰和私鑰
sign = get_sign(message, private_key) # 私鑰簽名
is_verify = verify_sign(message, sign, public_key) # 公鑰驗籤
print public_key
print private_key
print 'message:', message
print 'sign:', sign
print 'is verify:', is_verify