This article mainly introduces the RSA encryption/decryption and signature/verification functions implemented under Python, and analyzes the implementation method of RSA encryption and decryption in Python, and the use of signature and verification function, which can be referenced by a friend.
This article describes the RSA encryption/decryption and signature/verification functions implemented under Python. Share to everyone for your reference, as follows:
The original is the PY2 environment, and my environment is py3, so the original code has been modified: decode (), encode ()
Import rsa# Generate key (PubKey, Privkey) = Rsa.newkeys (1024) # Save key with open (' Public.pem ', ' w+ ') as F: F.write (pubkey.save_ PKCS1 (). Decode ()) with open (' Private.pem ', ' w+ ') as F: F.write (PRIVKEY.SAVE_PKCS1 (). Decode ()) # Import key with open (' Public.pem ', ' R ') as F: PubKey = RSA. PUBLICKEY.LOAD_PKCS1 (F.read (). Encode ()) with open (' Private.pem ', ' R ') as F: Privkey = RSA. PRIVATEKEY.LOAD_PKCS1 (F.read (). Encode ()) # Clear text message = ' Hello ' # public key Encryption crypto = Rsa.encrypt (Message.encode (), PubKey) # Private key Decryption message = Rsa.decrypt (crypto, Privkey). Decode () print (message) # private key Signature signature = Rsa.sign (Message.encode (), Privkey , ' SHA-1 ') # Public key authentication Rsa.verify (Message.encode (), signature, PubKey)
Improved version:
Import rsa# Generate key (PubKey, Privkey) = Rsa.newkeys (1024) # =================================# Scene 0: Key Save Import # ================ =================# Save key with open (' Public.pem ', ' w+ ') as F:f.write (PUBKEY.SAVE_PKCS1 (). Decode ()) with open (' Private.pem ', ' w+ ') as F:f.write (PRIVKEY.SAVE_PKCS1 (). Decode ()) # Import key with open (' Public.pem ', ' R ') as F:pubkey = RSA. PUBLICKEY.LOAD_PKCS1 (F.read (). Encode ()) with open (' Private.pem ', ' R ') as F:privkey = RSA. PRIVATEKEY.LOAD_PKCS1 (F.read (). Encode ()) # =================================# Scenario One: Data breach problem # to open up the market, The company manager dispatched a group of salesmen to explore the business opportunities all over the world. # The salesmen are very capable, and soon they have found a good business opportunity. # Time is Money! They must report to the manager immediately by email. # This is the trouble: the Internet is not safe! # Various data are caught, email password leaked ... It's horrible! The various means of business rivals are horrible! # How to make the e-mail of the salesman safely sent to the company manager's hand? (even if the data is caught, the mailbox password is compromised ...) # It's not safe, how to do? # # YES! Smart you must have thought: encryption. # =================================# clear: Salesman found the opportunity message = ' This is the opportunity: ... ' # Clerk with the public key given by the company manager in advance to plaintext encryption, get ciphertext Crypto_email_text = Rsa.encrypt (Message.encode (), PubKey) # Then, the clerk sent the ciphertext by email # ... # e-mail in the network transmission ... (All kinds of data is caught, email password leaked) # no way, or be a conscientious to see this letter email:print (crypto_email_text) # WhatGhost? Do not understand Ah! # Finally, the company manager also received e-mail from the salesman. Open, and only see a bunch of strange characters! # no problem, the company manager uses his private key to decrypt the ciphertext received, and can get the plaintext message = Rsa.decrypt (Crypto_email_text, Privkey). Decode () # Then, you can see the important Opportunity information print ( Message) # =================================# Scenario Two: Identification problem # in order to open up the market, the company manager assigned a group of salesman to visit all over the business opportunities. # in this process, the company manager often through email to the salesman issued important instructions # However, the network is and it is not safe! For example: Packet is modified, mailbox password leaked ... # business competitors can forge/modify the important instructions of the company manager by various means! # words this morning, the clerk opened the mailbox as usual and found an email from the manager of the company: ordered him to return home immediately. # No, it's not. Yesterday said to expand business here, how today is changed? # is this email sent by the manager of the company? Do # # YES! Smart You must also think of: signature. # =================================# plaintext: Company manager's directive message = ' This is an important directive: ... ' # company manager private key Signature Crypto_email_text = Rsa.sign ( Message.encode (), Privkey, ' SHA-1 ') # clerk at the same time received instructions plaintext, ciphertext, and then use the public key authentication, identity confirmation Rsa.verify (Message.encode (), Crypto_email_text, PubKey)