Python3非對稱加密算法RSA實例詳解

更新時間：2018年12月06日 10:21:23 作者：偽善者

這篇文章主要介紹了Python3非對稱加密算法RSA,結合實例形式分析了Python3 RSA加密相關模塊安裝及使用操作技巧,需要的朋友可以參考下

本文實例講述了Python3非對稱加密算法RSA。分享給大家供大家參考，具體如下：

python3 可以使用 Crypto.PublicKey.RSA 和 rsa 生成公鑰、私鑰。

其中 python3.6 Crypto 庫的安裝方式請參考前面一篇《Python3對稱加密算法AES、DES3》

rsa 加解密的庫使用 pip3 install rsa 就行了

C:\WINDOWS\system32>pip3 install rsa
Collecting rsa
Downloading https://files.pythonhosted.org/packages/e1/ae/baedc9cb175552e95f3395c43055a6a5e125ae4d48a1d7a924baca83e92e/rsa-3.4.2-py2.py3-none-any.whl (46kB)
100% |████████████████████████████████| 51kB 99kB/s
Collecting pyasn1>=0.1.3 (from rsa)
Downloading https://files.pythonhosted.org/packages/a0/70/2c27740f08e477499ce19eefe05dbcae6f19fdc49e9e82ce4768be0643b9/pyasn1-0.4.3-py2.py3-none-any.whl (72kB)
100% |████████████████████████████████| 81kB 289kB/s
Installing collected packages: pyasn1, rsa
Successfully installed pyasn1-0.4.3 rsa-3.4.2

使用 Crypto.PublicKey.RSA 生成公鑰、私鑰：

import Crypto.PublicKey.RSA
import Crypto.Random
x = Crypto.PublicKey.RSA.generate(2048)
a = x.exportKey("PEM") # 生成私鑰
b = x.publickey().exportKey()  # 生成公鑰
with open("a.pem", "wb") as x:
  x.write(a)
with open("b.pem", "wb") as x:
  x.write(b)
y = Crypto.PublicKey.RSA.generate(2048, Crypto.Random.new().read)  # 使用 Crypto.Random.new().read 偽隨機數生成器
c = y.exportKey()  # 生成私鑰
d = y.publickey().exportKey()  #生成公鑰
with open("c.pem", "wb") as x:
  x.write(c)
with open("d.pem", "wb") as x:
  x.write(d)

使用 Crypto.PublicKey.RSA.importKey(private_key) 生成公鑰和證書：

import Crypto.PublicKey.RSA
with open("a.pem", "rb") as x:
  xx = Crypto.PublicKey.RSA.importKey(x.read())
b = xx.publickey().exportKey()  # 生成公鑰
with open("b.pem", "wb") as x:
  x.write(b)
a = xx.exportKey("DER")  # 生成 DER 格式的證書
with open("a.der", "wb") as x:
  x.write(a)

使用 rsa 生成公鑰、私鑰：

import rsa
f, e = rsa.newkeys(2048)  # 生成公鑰、私鑰
e = e.save_pkcs1() # 保存為 .pem 格式
with open("e.pem", "wb") as x: # 保存私鑰
  x.write(e)
f = f.save_pkcs1() # 保存為 .pem 格式
with open("f.pem", "wb") as x: # 保存公鑰
  x.write(f)

RSA非對稱加密算法實現：

使用Crypto模塊：

import Crypto.PublicKey.RSA
import Crypto.Cipher.PKCS1_v1_5
import Crypto.Random
import Crypto.Signature.PKCS1_v1_5
import Crypto.Hash
y = b"abcdefg1234567"
with open("b.pem", "rb") as x:
  b = x.read()
  cipher_public = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(b))
  cipher_text = cipher_public.encrypt(y) # 使用公鑰進行加密
with open("a.pem", "rb") as x:
  a = x.read()
  cipher_private = Crypto.Cipher.PKCS1_v1_5.new(Crypto.PublicKey.RSA.importKey(a))
  text = cipher_private.decrypt(cipher_text, Crypto.Random.new().read)  # 使用私鑰進行解密
assert text == y  # 斷言驗證
with open("c.pem", "rb") as x:
  c = x.read()
  c_rsa = Crypto.PublicKey.RSA.importKey(c)
  signer = Crypto.Signature.PKCS1_v1_5.new(c_rsa)
  msg_hash = Crypto.Hash.SHA256.new()
  msg_hash.update(y)
  sign = signer.sign(msg_hash)  # 使用私鑰進行'sha256'簽名
with open("d.pem", "rb") as x:
  d = x.read()
  d_rsa = Crypto.PublicKey.RSA.importKey(d)
  verifer = Crypto.Signature.PKCS1_v1_5.new(d_rsa)
  msg_hash = Crypto.Hash.SHA256.new()
  msg_hash.update(y)
  verify = verifer.verify(msg_hash, sign) # 使用公鑰驗證簽名
  print(verify)

運行結果：

True

使用 rsa 模塊：

import rsa
y = b"abcdefg1234567"
with open("e.pem", "rb") as x:
  e = x.read()
  e = rsa.PrivateKey.load_pkcs1(e)  # load 私鑰
with open("f.pem", "rb") as x:
  f = x.read()
  f = rsa.PublicKey.load_pkcs1(f) # load 公鑰，由于之前生成的私鑰缺少'RSA'字段，故無法 load
cipher_text = rsa.encrypt(y, f) # 使用公鑰加密
text = rsa.decrypt(cipher_text, e)  # 使用私鑰解密
assert text == y  # 斷言驗證
sign = rsa.sign(y, e, "SHA-256") # 使用私鑰進行'sha256'簽名
verify = rsa.verify(y, sign, f) # 使用公鑰驗證簽名
print(verify)

運行結果：