pycrypto 和 lua-resty-rsa 进行跨语言的RSA加密解密.md
来源:互联网 发布:初学者吉他 知乎 编辑:程序博客网 时间:2024/05/24 05:33
最近需要在 OpenResty(Nginx lua) 和 Python 中做RSA的加密和解密操作,客户端是Python的使用 pycrypto 库,而服务端使用 OpenResty 来做解密,使用了德江的 lua-resty-rsa。如果不熟悉2个库的同学可能会遇到一些问题,下面说下遇到问题和简单的示例。
主要遇到的问题就是 rsa padding的问题, lua-resty-rsa 默认使用的是 PKCS1 v1.5
模式做的padding,当然也提供了其他的padding方式。
Python部分
#coding:utf-8"""orangleliu 2017.5.14 rsa_test.pypython2.7pycrypto (2.6.1)"""import base64from Crypto.PublicKey import RSA as rsafrom Crypto.Cipher import PKCS1_v1_5pub_key_str = """-----BEGIN RSA PUBLIC KEY-----MIIBCgKCAQEAuw4T755fepEyXTM66pzf6nv8NtnukQTMGnhmBFIFHp/P2vEpxjXUBBDUpzKkVFR3wuK9O1FNmRDAGNGYC0N/9cZNdhykA1NixJfKQzncN31VJTmNqJNZW0x7H9ZGoh2aE0zCCZpRlC1Rf5rL0SVlBoQkn/n9LnYFwyLLIK5/d/y/NZVL6Z6Lcyvga0zRajamLIjY0Dy/8YIwVV6kaSsHeRv2cOB03eam6gbhLGIz/l8wuJhIn1rOyJLQ36IOJymbbNmcC7+2hEQJP40qLvH7hZ1LaAkgQUHjfi8RvH2T1Jmce7XGPxCoEd0yfeFz+pL1KeSWNey6cL3N5hJZE8EntQIDAQAB-----END RSA PUBLIC KEY-----"""priv_key_str = """-----BEGIN RSA PRIVATE KEY-----MIIEpAIBAAKCAQEAuw4T755fepEyXTM66pzf6nv8NtnukQTMGnhmBFIFHp/P2vEpxjXUBBDUpzKkVFR3wuK9O1FNmRDAGNGYC0N/9cZNdhykA1NixJfKQzncN31VJTmNqJNZW0x7H9ZGoh2aE0zCCZpRlC1Rf5rL0SVlBoQkn/n9LnYFwyLLIK5/d/y/NZVL6Z6Lcyvga0zRajamLIjY0Dy/8YIwVV6kaSsHeRv2cOB03eam6gbhLGIz/l8wuJhIn1rOyJLQ36IOJymbbNmcC7+2hEQJP40qLvH7hZ1LaAkgQUHjfi8RvH2T1Jmce7XGPxCoEd0yfeFz+pL1KeSWNey6cL3N5hJZE8EntQIDAQABAoIBAGim1ayIFK8EMQNHuDyui/Aqcc9WWky0PGTK23irUsXxb1708gQ89WNY70Cj6qBrqZ1VMb3QHPP4FSFNkh0rJJoi2g+ssm5R5r5KlhTKeFRrQInVC1Y3KhUUUwZa4aWtnhgSJ7Urq1yVhjU4K7PVkhH1OHBwcp/d1Bd6jd65AgPkY63P+WpcARJkClmQ1RhgoRwThyJdpKrV4/gOha0AUGlJNRNvRwiZxP0zaI5C8RdrG96SnVpeYOcD0z/M1HVlkoYMXsXLKttwLfpK88Igtm6ZJwRpfuMF5VA+9hHaYGCBdGz0B/rMp2fc+EtrOavYQGrWIWi2RL1Qk6RtBUyeTgECgYEA9anj4n/cak1MT+hbNFsL31mJXryl1eVNjEZj/iPMztpdS15CmFgjKjr9UuintjSiK7Is43nZUWWyP1XQjRhVi2uP7PRIv92QNl/YteWD6tYCInJHKe2JQqYyZrElezsdayXb5DK6bi1UIYYji90g79N7x6pOR0UnQNQUXTv+Y8ECgYEAwuzl6Ez4BSXIIL9NK41jfNMa73Utfl5oO1f6mHM2KbILqaFE76PSgEeXDbOKdcjCbbqCKCGjwyPd+Clehg4vkYXTq1y2SQGHwfz7DilPSOxhPY9ND7lGbeNzDUK4x8xe52hdMWKdgqeqCK83e5D0ihzRiMah8dbxmlfLAOZ3sPUCgYEA0dT9Czg/YqUHq7FCReQGrg3iYgMsexjTNh/hxO97PqwRyBCJPWr7DlU4j5qdteobIsubv+kSEI6Ww7Ze3kWMu/tyAeleQlPTnD4d8rBKD0ogpJ+L3WpBNaaToldpNmr149GAktgpmXYqSEA1GIAWZAL11UPIfOO6dYswobpevYECgYEApSosSODnCx2PbMgL8IpWMU+DNEF6sef2s8oBaam9zCi0HyCqE9AhLlb61D48ZT8eF/IAFVcjttauX3dWQ4rDna/iwgHF5yhnyuS8KayxJJ4+avYAmwEnfzdJpoPRpGI0TCovRQhFZI8C0Wb+QTJ7Mofmt9lvIUc64sffGD0wT/0CgYASMf708dmc5Bpzcis++EgMJVb0q+ORmWzSai1NB4bf3LsNS6suWNNUzj/JGtMaGvQo5vzGU4exNkhpQo8yUU5YbHlA8RCj7SYkmP78kCewEqxlx7dbcuj2LAPWpiDca8StTfEphoKEVfCPHaUk0MlBHR4lCrnAkEtz23vhZKWhFw==-----END RSA PRIVATE KEY-----"""def encrypt(pub_key_str, msg): pubobj = rsa.importKey(pub_key_str) pubobj = PKCS1_v1_5.new(pubobj) return base64.b64encode(pubobj.encrypt(msg))def decrypt(priv_key_str, msg): privobj = rsa.importKey(priv_key_str) privobj = PKCS1_v1_5.new(privobj) # 关于 privobj.decrypt 第二个参数请见 # https://github.com/dlitz/pycrypto/blob/master/lib/Crypto/Cipher/PKCS1_v1_5.py#L154 return privobj.decrypt(base64.b64decode(msg), 'xyz')if __name__ == "__main__": msg = "1234567890654xxx" mmsg = encrypt(pub_key_str, msg) print mmsg dmsg = decrypt(priv_key_str, mmsg) print dmsg
Lua 部分的例子
-- orangleliu 2017.5.14-- resty -I ./ rsa_test.lualocal rsa = require "util.rsa" -- lua-resty-rsalocal aes = require "resty.aes"local PUBLIC_KEY = [[-----BEGIN RSA PUBLIC KEY-----MIIBCgKCAQEAuw4T755fepEyXTM66pzf6nv8NtnukQTMGnhmBFIFHp/P2vEpxjXUBBDUpzKkVFR3wuK9O1FNmRDAGNGYC0N/9cZNdhykA1NixJfKQzncN31VJTmNqJNZW0x7H9ZGoh2aE0zCCZpRlC1Rf5rL0SVlBoQkn/n9LnYFwyLLIK5/d/y/NZVL6Z6Lcyvga0zRajamLIjY0Dy/8YIwVV6kaSsHeRv2cOB03eam6gbhLGIz/l8wuJhIn1rOyJLQ36IOJymbbNmcC7+2hEQJP40qLvH7hZ1LaAkgQUHjfi8RvH2T1Jmce7XGPxCoEd0yfeFz+pL1KeSWNey6cL3N5hJZE8EntQIDAQAB-----END RSA PUBLIC KEY-----]]local PRIV_LEY = [[-----BEGIN RSA PRIVATE KEY-----MIIEpAIBAAKCAQEAuw4T755fepEyXTM66pzf6nv8NtnukQTMGnhmBFIFHp/P2vEpxjXUBBDUpzKkVFR3wuK9O1FNmRDAGNGYC0N/9cZNdhykA1NixJfKQzncN31VJTmNqJNZW0x7H9ZGoh2aE0zCCZpRlC1Rf5rL0SVlBoQkn/n9LnYFwyLLIK5/d/y/NZVL6Z6Lcyvga0zRajamLIjY0Dy/8YIwVV6kaSsHeRv2cOB03eam6gbhLGIz/l8wuJhIn1rOyJLQ36IOJymbbNmcC7+2hEQJP40qLvH7hZ1LaAkgQUHjfi8RvH2T1Jmce7XGPxCoEd0yfeFz+pL1KeSWNey6cL3N5hJZE8EntQIDAQABAoIBAGim1ayIFK8EMQNHuDyui/Aqcc9WWky0PGTK23irUsXxb1708gQ89WNY70Cj6qBrqZ1VMb3QHPP4FSFNkh0rJJoi2g+ssm5R5r5KlhTKeFRrQInVC1Y3KhUUUwZa4aWtnhgSJ7Urq1yVhjU4K7PVkhH1OHBwcp/d1Bd6jd65AgPkY63P+WpcARJkClmQ1RhgoRwThyJdpKrV4/gOha0AUGlJNRNvRwiZxP0zaI5C8RdrG96SnVpeYOcD0z/M1HVlkoYMXsXLKttwLfpK88Igtm6ZJwRpfuMF5VA+9hHaYGCBdGz0B/rMp2fc+EtrOavYQGrWIWi2RL1Qk6RtBUyeTgECgYEA9anj4n/cak1MT+hbNFsL31mJXryl1eVNjEZj/iPMztpdS15CmFgjKjr9UuintjSiK7Is43nZUWWyP1XQjRhVi2uP7PRIv92QNl/YteWD6tYCInJHKe2JQqYyZrElezsdayXb5DK6bi1UIYYji90g79N7x6pOR0UnQNQUXTv+Y8ECgYEAwuzl6Ez4BSXIIL9NK41jfNMa73Utfl5oO1f6mHM2KbILqaFE76PSgEeXDbOKdcjCbbqCKCGjwyPd+Clehg4vkYXTq1y2SQGHwfz7DilPSOxhPY9ND7lGbeNzDUK4x8xe52hdMWKdgqeqCK83e5D0ihzRiMah8dbxmlfLAOZ3sPUCgYEA0dT9Czg/YqUHq7FCReQGrg3iYgMsexjTNh/hxO97PqwRyBCJPWr7DlU4j5qdteobIsubv+kSEI6Ww7Ze3kWMu/tyAeleQlPTnD4d8rBKD0ogpJ+L3WpBNaaToldpNmr149GAktgpmXYqSEA1GIAWZAL11UPIfOO6dYswobpevYECgYEApSosSODnCx2PbMgL8IpWMU+DNEF6sef2s8oBaam9zCi0HyCqE9AhLlb61D48ZT8eF/IAFVcjttauX3dWQ4rDna/iwgHF5yhnyuS8KayxJJ4+avYAmwEnfzdJpoPRpGI0TCovRQhFZI8C0Wb+QTJ7Mofmt9lvIUc64sffGD0wT/0CgYASMf708dmc5Bpzcis++EgMJVb0q+ORmWzSai1NB4bf3LsNS6suWNNUzj/JGtMaGvQo5vzGU4exNkhpQo8yUU5YbHlA8RCj7SYkmP78kCewEqxlx7dbcuj2LAPWpiDca8StTfEphoKEVfCPHaUk0MlBHR4lCrnAkEtz23vhZKWhFw==-----END RSA PRIVATE KEY-----]]local function encrypt(msg) local pub, err = rsa:new({ public_key = PUBLIC_KEY }) if not pub then ngx.say("new rsa err: ", err) return end return ngx.encode_base64(pub:encrypt(msg))endlocal function decrypt(msg) local priv, err = rsa:new({ private_key = PRIV_LEY }) if not priv then ngx.say("new rsa err: ", err) return end return priv:decrypt(ngx.decode_base64(msg))endlocal msg = "1234567890654xxx"local mmsg = encrypt(msg)ngx.say(mmsg)local dmsg = decrypt(mmsg)ngx.say(dmsg)
python 和 lua 的加密解密都可以相互进行了,通常我们遇到跨语言的aes rsa des 加密解密不成功,首先应该想到 padding的算法不一致这个问题。
0 0
- pycrypto 和 lua-resty-rsa 进行跨语言的RSA加密解密.md
- lua-string-resty的aes加密解密,无法和python的aes进行对接
- 对输入的字符串进行RSA加密和解密处理
- RSA加密和解密
- RSA 加密和解密
- python 利用pycrypto进行rsa生成公钥、私钥,加密、解密、签名、解签
- RSA加密和解密的完整过程
- js的RSA和AES加密解密
- Python 和 java的 RSA加密解密
- Python使用pycrypto进行RSA长字符串加密
- 加密和解密 DES RSA
- RSA加密解密和数字签名
- RSA加密和解密实现
- iOS RSA加密和解密
- RSA加密和解密问题
- RSA和AES加密解密
- java 使用RSA算法进行加密和解密
- RSA的加密与解密
- 使用Redis实现一个订阅/发布系统
- android 动画框架
- 用os模块构建文件查找器
- HTML中children与childNodes节点的不同
- 分针网—每日分享:图例详解那道setTimeout与循环闭包的经典面试题
- pycrypto 和 lua-resty-rsa 进行跨语言的RSA加密解密.md
- lucene创建索引读取索引简单测试--笔记
- 验证码的生成和验证
- scp命令
- Webmethods IS Truststore四层证书安装
- linux的内网地址映射到公网地址
- 学习
- platform device driver注册过程
- 最短路——洛谷P1027 Car的旅行路线