Example of RSA encryption and decryption and signature and authentication under Python
- 2020-06-12 09:48:43
- OfStack
This article illustrates RSA encryption/decryption and signature/verification under Python. To share for your reference, specific as follows:
The original is py2 environment, but my environment is py3, so I have made some modifications to the original code: decode(), encode()
import rsa
# Generate the key
(pubkey, privkey) = rsa.newkeys(1024)
# Save the key
with open('public.pem','w+') as f:
f.write(pubkey.save_pkcs1().decode())
with open('private.pem','w+') as f:
f.write(privkey.save_pkcs1().decode())
# Import the key
with open('public.pem','r') as f:
pubkey = rsa.PublicKey.load_pkcs1(f.read().encode())
with open('private.pem','r') as f:
privkey = rsa.PrivateKey.load_pkcs1(f.read().encode())
# clear
message = 'hello'
# Public key encryption
crypto = rsa.encrypt(message.encode(), pubkey)
# Private key to decrypt the
message = rsa.decrypt(crypto, privkey).decode()
print(message)
# The private key signature
signature = rsa.sign(message.encode(), privkey, 'SHA-1')
# A public key to verify
rsa.verify(message.encode(), signature, pubkey)
The improved version:
import rsa
# Generate the key
(pubkey, privkey) = rsa.newkeys(1024)
# =================================
# Scenario: Key save import
# =================================
# Save the key
with open('public.pem','w+') as f:
f.write(pubkey.save_pkcs1().decode())
with open('private.pem','w+') as f:
f.write(privkey.save_pkcs1().decode())
# Import the key
with open('public.pem','r') as f:
pubkey = rsa.PublicKey.load_pkcs1(f.read().encode())
with open('private.pem','r') as f:
privkey = rsa.PrivateKey.load_pkcs1(f.read().encode())
# =================================
# scenario 1 : Data breach problem
# In order to develop the market, the manager of the company assigned 1 Group of salesmen travel around the world to investigate business opportunities.
# The salesmen are very clever and capable, and soon they find a good business opportunity.
# Time is money! They must use it at once email Report to the manager.
# Here's the rub: the network is extremely insecure!
# All kinds of data were caught packets, email passwords leaked ... It's terrible! The methods of commercial competitors are terrible!
# How to get the salesman email Safely delivered to the company manager? ( Even if the data caught packets, email passwords leaked ...)
# It's too unsafe. What can I do?
#
# That's right! Clever you 1 I must have thought of it: encryption.
# =================================
# Plaintext: business opportunities discovered by salesmen
message = ' Here's a business opportunity: ...'
# The salesman encrypts the plaintext with the public key given by the company manager in advance to get the ciphertext
crypto_email_text = rsa.encrypt(message.encode(), pubkey)
# Then, the salesman USES it email Send a cipher
# .
# email In network traffic . (All kinds of data were caught, email password was leaked)
# There is no way, or was someone who saw the letter email:
print(crypto_email_text) # What the hell? Can't understand!
# Finally, the manager of the company received one from the salesmen email . When I open it, I just see it 1 Pile strange characters!
# No problem, the manager of the company USES his private key to decrypt the ciphertext received, the plaintext can be obtained
message = rsa.decrypt(crypto_email_text, privkey).decode()
# Then, you can see the important business message
print(message)
# =================================
# scenario 2 : Identification problem
# In order to develop the market, the manager of the company assigned 1 Group of salesmen to all over the investigation of business opportunities.
# In this process, the company manager often passes email Give important instructions to the salesman
# However, the network is extremely insecure! For example: packet is changed, mailbox password is leaked ...
# Commercial competitors can fake it by various means / Revise the important instruction of company manager!
#
# This morning, as usual, the salesman opened his mailbox and found the manager's 1 seal email He was ordered to go home at once.
# Not ah. Yesterday, we said we would expand our business here. How can it change today?
# The letter, email Is it from the manager himself?
# How to do?
#
# That's right! Clever you 1 I must have thought of it too: signature.
# =================================
# In text: Instructions from the company manager
message = ' This is an important instruction: ...'
# Signature of company manager's private key
crypto_email_text = rsa.sign(message.encode(), privkey, 'SHA-1')
# The salesman receives the instruction plaintext, ciphertext at the same time, then USES the public key verification, carries on the identity confirmation
rsa.verify(message.encode(), crypto_email_text, pubkey)
PS: About encryption and decryption interested friends can also refer to this site online tools:
Text online encryption and decryption tools (including AES, DES, RC4, etc.) :
http://tools.ofstack.com/password/txt_encode
MD5 Online encryption Tools:
http://tools.ofstack.com/password/CreateMD5Password
Online hashing/hashing algorithm encryption tools:
http://tools.ofstack.com/password/hash_encrypt
Online MD5/hash/SHA-1/SHA-2/SHA-256/SHA-512/SHA-3/RIPEMD-160 Encryption tools:
http://tools.ofstack.com/password/hash_md5_sha
Online sha1 sha224 / sha256 sha384 / sha512 encryption tools:
http://tools.ofstack.com/password/sha_encode
For more information about Python, please refer to Python Encryption and Decryption Algorithms and Techniques summary, Python Coding techniques Summary, Python Data Structure and Algorithms Tutorial, Python Functions Using Techniques Summary, Python String Manipulation Techniques Summary and Python Introductory and Advanced Classic Tutorial.
I hope this article has been helpful in Python programming.