哈希验证,RSA加解密及签名认证
将明文转化成哈希值(常用于数据库存储,哈希不可逆)
import bcrypt
# 用户的明文密码
password = "123456"
# 将密码转换成 bytes 类型
password_bytes = password.encode('utf-8')
# 生成密码的 BCrypt 哈希
salt = bcrypt.gensalt()
hashed_password_bytes = bcrypt.hashpw(password_bytes, salt)
# 将 bytes 类型的哈希值转换成字符串类型
hashed_password = hashed_password_bytes.decode('utf-8')
print("BCrypt 哈希值:", hashed_password)
# 校验密码是否匹配
if bcrypt.checkpw(password_bytes, hashed_password_bytes):
print("密码匹配!")
else:
print("密码不匹配!")
用于生成RAS的公钥和私钥文件
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
# 生成一个 2048 位的 RSA 私钥
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
# 从私钥中获取公钥
public_key = private_key.public_key()
# 将私钥导出为 PEM 格式
pem_private_key = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption() # 没有密码保护
)
# 将公钥导出为 PEM 格式
pem_public_key = public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
# 将 PEM 编码的密钥转换为字符串
private_key_str = pem_private_key.decode('utf-8')
public_key_str = pem_public_key.decode('utf-8')
# 打印密钥
print("私钥:")
print(private_key_str)
print("公钥:")
print(public_key_str)
# 如果需要,您可以将这些字符串写入到文件中
with open('private_key.pem', 'w') as f:
f.write(private_key_str)
with open('public_key.pem', 'w') as f:
f.write(public_key_str)
将明文使用公钥来加密
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes
import base64
# 假设的公钥PEM格式字符串(您需要替换为您自己的公钥)
public_key_str = """
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLp70NpjWCPnvijysoNW
ydOujsOIVuBJuIokgujtTKALEG/a0eaAf5GssnqEH5lzupZHIXMuj3mUE738VGqW
mVZ8FAVfRxP5k+D17TCcGnMiNRvktonl6H7GhAJqrama5pnWe00fzMj9kAdT6KmP
AAwDikeNvtEwdPU9RCcCdzzRujx+TP5wex3hcd2m4RziuW7XftI7TzWHNdaW0LnD
fRXSj7pLUILnc2YpCSAQIA6lifkPgCN97ERUB05du96FtnfAP2ufLpGmffFOiqr6
h/o3VIKxIIHBG9wnd58S22VLDEk7neNxmBgCQhmGHUuhLOTP51POgf0ABl756oqs
4QIDAQAB
-----END PUBLIC KEY-----
"""
# 加载公钥
public_key = serialization.load_pem_public_key(
public_key_str.encode(),
backend=default_backend()
)
# 要加密的数据
data_to_encrypt = "20020712"
# 使用公钥加密数据
encrypted = public_key.encrypt(
data_to_encrypt.encode('utf-8'),
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
# 打印加密后的数据的Base64编码
print(base64.b64encode(encrypted).decode('utf-8'))
使用私钥来解密成明文
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes
import base64
# 假设的私钥PEM格式字符串(您需要替换为您自己的私钥)
private_key_str = """
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEApLp70NpjWCPnvijysoNWydOujsOIVuBJuIokgujtTKALEG/a
0eaAf5GssnqEH5lzupZHIXMuj3mUE738VGqWmVZ8FAVfRxP5k+D17TCcGnMiNRvk
tonl6H7GhAJqrama5pnWe00fzMj9kAdT6KmPAAwDikeNvtEwdPU9RCcCdzzRujx+
TP5wex3hcd2m4RziuW7XftI7TzWHNdaW0LnDfRXSj7pLUILnc2YpCSAQIA6lifkP
gCN97ERUB05du96FtnfAP2ufLpGmffFOiqr6h/o3VIKxIIHBG9wnd58S22VLDEk7
neNxmBgCQhmGHUuhLOTP51POgf0ABl756oqs4QIDAQABAoIBADkSayd3Iog9GGNn
6H40xvLyJj5MPIZs+t227uN0NBMiN/Mf7d5fUBHitMS5ceFI1zHEMyzBrVYEN2uH
nU7aBwdlUWPWYKZNo2C6xjnBZ7Q6Q5XG7jzYFhGxKrI97Bvy8ToH/qmFlQjscf1e
rJGlfWf0wZ09IT0FWRaMiQd9xHruxts7cSrljPvo+Z8FAWCmzzpGgzjWNLodZ3ur
273J/1V9WqiILgSCNyqfM6y8ckoBg/il435dpwLy4/fxBdwBQf1NjwqeF74rE+qp
PwT8poK3olzENc5gDnZe/5Gp/Ktp3kYp/wO/Lef3C/Lam202I0J/3ys7UbZUIhJk
p9wpJ+kCgYEA2wrlNsyw8vQrVrBU4FhCaND1HqX5vlDbX6jPlMpOCsSn0XJeCIWC
0SelnpHpjg4NVTEjNTcE8qh0t8D4LfJtqjMl3j8kWDo7DopLdKiAab9iuA9kwGGo
7mxkpG6mMdVZ1QU/aU4W/h6LDq5BvIoqFrW3n1wbMTc89XupdVifIFMCgYEAwIWZ
Y4ahgniyZSTmsCWuKyeGlKm/PPkYxEFK1507bmeECH1R55i8Wm4LjvQiM8wa6Efy
meexuqI/a86uEBI9Q+Lu42txCLdJ3/n+XCWjDRTUJF657b1nxl5orNsuEY5ZGeQ4
MRaoMi6nfiSUUTtxROq6WcvXZQNt2F04JFgAp3sCgYARhSuUWIcGx9T3mB8R2r1l
GOGiU/BH8ru5SQ1hf1UCs3wg2p7+2379L8iliFJAFIuodse0J/RzXFoJoJu5QRzY
ckLjJfXIQNAcd59Vc2ziCHbi9gg/AxC6EV1zcY5FiiUnTsYlrCNWrCa/Q9zqMbrw
GhTX4EwkgaCUmhGR20bPFQKBgQC1yPCvM16pzcHVE2ToCoxMn0PKeAXlUuf52BUN
Rp/pfcEEKyD9aBDh6mrrjsYE1sLJdbYzcL03FyB/cWaWMkK7KTqcbsUKj9cnr+xn
ofo1zecKeI9jVqb4fgikv0jetuSXOBF++H/U8oyg5XVOxqwLgQB47ary7Kv50vvC
BX6IpQKBgD89SPOKkfikA6YKfvsTbPZf1nc6YMFVcjZOc89dCiSktvdMZiPBBwr0
lt9pFeV9u///FVZmpJtPfnl+1O+N7/AE5zjOzon23u4+0Eci2no7RrQpTUzqejm3
Q6XHivn0HXmY6eElr21wLJ6BVlZyXwgdPYhm/Yk1s9ZnA9Zued6t
-----END RSA PRIVATE KEY-----
"""
# 加载私钥
private_key = serialization.load_pem_private_key(
private_key_str.encode(),
password=None, # 如果私钥有密码保护,提供密码
backend=default_backend()
)
# 被加密且现在需要解密的数据(Base64编码的密文)
encrypted_data = """
QAUX9sdLAeqtM0UtHAs4aHrZZwIJZaCj0K1plgq1OIzV84jAHiGj/8T/UTzfxw/erWH/frsbK0c2x2Cut4W3XEjr9CkdsJXHN+GdPvOPk7JxLut1xbiOWc5QC25fn0rOKGtBUYcagf5qQrbeZinBj3hn9GMPDI3xmMVXNYmNYbukxs/6HTNeaX8tHmM9bkKT//mRtcKORj4QGY5x8tr6HSc2HLWvLcPIZW+WCnbp5L4IpG39BfnARjJG65Oi10RAREpcUycaDafncQUChXnAIL/SpP13Q9Geoe96GNEaTYVIj6F+bImWWiSWhuSfgyk9yPvxC8JxtdgtOnu5mM2ltw==
"""
# Base64解码
decoded_encrypted_data = base64.b64decode(encrypted_data)
# 使用私钥解密数据
try:
decrypted_data = private_key.decrypt(
decoded_encrypted_data,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
# 打印解密后的数据
print("解密后的数据:", decrypted_data.decode('utf-8'))
except Exception as e:
print("解密失败:", e)
使用私钥来给字符串写入证书
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
import base64
# 您的生日
data = "20020712".encode()
# 您的私钥字符串,以 PEM 格式
private_key_str = """-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEApLp70NpjWCPnvijysoNWydOujsOIVuBJuIokgujtTKALEG/a
0eaAf5GssnqEH5lzupZHIXMuj3mUE738VGqWmVZ8FAVfRxP5k+D17TCcGnMiNRvk
tonl6H7GhAJqrama5pnWe00fzMj9kAdT6KmPAAwDikeNvtEwdPU9RCcCdzzRujx+
TP5wex3hcd2m4RziuW7XftI7TzWHNdaW0LnDfRXSj7pLUILnc2YpCSAQIA6lifkP
gCN97ERUB05du96FtnfAP2ufLpGmffFOiqr6h/o3VIKxIIHBG9wnd58S22VLDEk7
neNxmBgCQhmGHUuhLOTP51POgf0ABl756oqs4QIDAQABAoIBADkSayd3Iog9GGNn
6H40xvLyJj5MPIZs+t227uN0NBMiN/Mf7d5fUBHitMS5ceFI1zHEMyzBrVYEN2uH
nU7aBwdlUWPWYKZNo2C6xjnBZ7Q6Q5XG7jzYFhGxKrI97Bvy8ToH/qmFlQjscf1e
rJGlfWf0wZ09IT0FWRaMiQd9xHruxts7cSrljPvo+Z8FAWCmzzpGgzjWNLodZ3ur
273J/1V9WqiILgSCNyqfM6y8ckoBg/il435dpwLy4/fxBdwBQf1NjwqeF74rE+qp
PwT8poK3olzENc5gDnZe/5Gp/Ktp3kYp/wO/Lef3C/Lam202I0J/3ys7UbZUIhJk
p9wpJ+kCgYEA2wrlNsyw8vQrVrBU4FhCaND1HqX5vlDbX6jPlMpOCsSn0XJeCIWC
0SelnpHpjg4NVTEjNTcE8qh0t8D4LfJtqjMl3j8kWDo7DopLdKiAab9iuA9kwGGo
7mxkpG6mMdVZ1QU/aU4W/h6LDq5BvIoqFrW3n1wbMTc89XupdVifIFMCgYEAwIWZ
Y4ahgniyZSTmsCWuKyeGlKm/PPkYxEFK1507bmeECH1R55i8Wm4LjvQiM8wa6Efy
meexuqI/a86uEBI9Q+Lu42txCLdJ3/n+XCWjDRTUJF657b1nxl5orNsuEY5ZGeQ4
MRaoMi6nfiSUUTtxROq6WcvXZQNt2F04JFgAp3sCgYARhSuUWIcGx9T3mB8R2r1l
GOGiU/BH8ru5SQ1hf1UCs3wg2p7+2379L8iliFJAFIuodse0J/RzXFoJoJu5QRzY
ckLjJfXIQNAcd59Vc2ziCHbi9gg/AxC6EV1zcY5FiiUnTsYlrCNWrCa/Q9zqMbrw
GhTX4EwkgaCUmhGR20bPFQKBgQC1yPCvM16pzcHVE2ToCoxMn0PKeAXlUuf52BUN
Rp/pfcEEKyD9aBDh6mrrjsYE1sLJdbYzcL03FyB/cWaWMkK7KTqcbsUKj9cnr+xn
ofo1zecKeI9jVqb4fgikv0jetuSXOBF++H/U8oyg5XVOxqwLgQB47ary7Kv50vvC
BX6IpQKBgD89SPOKkfikA6YKfvsTbPZf1nc6YMFVcjZOc89dCiSktvdMZiPBBwr0
lt9pFeV9u///FVZmpJtPfnl+1O+N7/AE5zjOzon23u4+0Eci2no7RrQpTUzqejm3
Q6XHivn0HXmY6eElr21wLJ6BVlZyXwgdPYhm/Yk1s9ZnA9Zued6t
-----END RSA PRIVATE KEY-----"""
# 从 PEM 格式的私钥字符串加载私钥
private_key = serialization.load_pem_private_key(
private_key_str.encode(),
password=None,
backend=default_backend()
)
# 使用私钥对数据进行签名
signature = private_key.sign(
data,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA256()
)
# 打印签名的 Base64 编码字符串
signature_b64 = base64.b64encode(signature)
print("数字签名(Base64 编码):", signature_b64.decode())
使用公钥来验证数字证书
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
import base64
# 原始数据
data = "20020712".encode()
# 您的公钥字符串,以 PEM 格式
public_key_str = """-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLp70NpjWCPnvijysoNW
ydOujsOIVuBJuIokgujtTKALEG/a0eaAf5GssnqEH5lzupZHIXMuj3mUE738VGqW
mVZ8FAVfRxP5k+D17TCcGnMiNRvktonl6H7GhAJqrama5pnWe00fzMj9kAdT6KmP
AAwDikeNvtEwdPU9RCcCdzzRujx+TP5wex3hcd2m4RziuW7XftI7TzWHNdaW0LnD
fRXSj7pLUILnc2YpCSAQIA6lifkPgCN97ERUB05du96FtnfAP2ufLpGmffFOiqr6
h/o3VIKxIIHBG9wnd58S22VLDEk7neNxmBgCQhmGHUuhLOTP51POgf0ABl756oqs
4QIDAQAB
-----END PUBLIC KEY-----"""
# 签名的 Base64 编码字符串(这应该是您之前创建的签名)
signature_b64 = "PXfa6LjJLPB/nqP8uxZ3KZSbXFDllr0EZuAWFFGzkAzMvZ2JjxpmgYAR2EqMgdZ6FsISSqz9QqM901wwRIHSjGmZI9x85S79I7DBCFdCRmUMm30wAkf6RRXc4TQqFdTbEChgA9MIZXx+qQk/jrOTJ2b++tyNPNp/GHJXsUIDwNzEK3a7WmWPlCGJ+wC1YP6768sLpRVnB148QMIEdXRqVt/hzyL14PtBRQQdoNGsYMKqjXOdVjf0U3+KDiqHm6n+Gcs1h6mrCMWz+iJ0txCPNjexrEOXJg22rsaPdN7O+IQTypRQO0XudUeFJi1TixeF4cuzfdjYwrvvzDRH6PZpnw=="
# 将 Base64 编码的签名解码为字节
signature = base64.b64decode(signature_b64)
# 从 PEM 格式的公钥字符串加载公钥
public_key = serialization.load_pem_public_key(
public_key_str.encode(),
backend=default_backend()
)
# 使用公钥验证签名
try:
public_key.verify(
signature,
data,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA256()
)
print("验证成功:签名有效。")
except Exception as e:
print("验证失败:签名无效。")
