說明
- python、java 雙向驗證RSA奸腺、加解密餐禁、簽名
- 支持RSA 1024、2048加解密
- python突照、java AES雙向加解密
參考
java代碼--AES
package encrypt;
import cn.hutool.core.codec.Base64;
import com.sun.istack.internal.NotNull;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random;
public class AESUtils {
private static String cipherMode = "AES/ECB/PKCS5Padding";//算法/模式/補碼方式
/* AES秘鑰支持128bit/192bit/256bit三種長度的秘鑰帮非,一個字節(jié)等于8bit,
* 因此支持生成的字符串的長度應該是 16/24/32
* */
private static int keyLength = 24;
public static void main(String[] args) {
/*構建一個隨機密碼*/
String key = getRandomKey(keyLength);
System.out.println("隨機生成的key:" + key);
String data = "1234567890111111111111111111111111";
try {
String encriptData = AESUtils.encrypt(data, key);
System.out.println("加密后的數據:" + encriptData);
String decryptData = decrypt(encriptData, key);
System.out.println("解密后的數據:" + decryptData);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* @param length 需要生成的字符串長度
* @return 隨機生成的字符串
*/
public static String getRandomKey(int length) {
if (length != 16 && length != 24 && length != 32) {
System.out.println("長度必須為16/24/32");
return null;
}
String str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
Random random = new Random();
StringBuilder stringBuilder = new StringBuilder();
for (int i = 0; i < length; i++) {
int number = random.nextInt(62);
stringBuilder.append(str.charAt(number));
}
return stringBuilder.toString();
}
/**
* @param data 需要加密的數據
* @param key 加密使用的key
* @return 加密后的數據(Base64編碼)
* @throws Exception
*/
public static String encrypt(String data, @NotNull String key) throws Exception {
int length = key.length();
if (length != 16 && length != 24 && length != 32) {
System.out.println("長度必須為16/24/32");
return null;
}
byte[] raw = key.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance(cipherMode);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(data.getBytes("utf-8"));
return Base64.encode(encrypted);
}
/**
* @param data 需要解密的數據
* @param key 解密用的key
* @return 解密后的數據
* @throws Exception
*/
public static String decrypt(String data, @NotNull String key) throws Exception {
try {
int length = key.length();
if (length != 16 && length != 24 && length != 32) {
System.out.println("長度必須為16/24/32");
return null;
}
byte[] raw = key.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance(cipherMode);
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] encrypted = Base64.decode(data);//先用base64解密
try {
byte[] original = cipher.doFinal(encrypted);
return new String(original, "utf-8");
} catch (Exception e) {
System.out.println(e.toString());
return null;
}
} catch (Exception ex) {
System.out.println(ex.toString());
return null;
}
}
}
java代碼--RSA
package encrypt;
import cn.hutool.core.codec.Base64;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
public class RSAUtils {
/**
* 加密算法RSA
*/
private static final String KEY_ALGORITHM = "RSA";
/**
* 簽名算法
*/
private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";
/**
* 獲取公鑰的key
*/
private static final String PUBLIC_KEY = "RSAPublicKey";
/**
* 獲取私鑰的key
*/
private static final String PRIVATE_KEY = "RSAPrivateKey";
/**
* RSA最大加密明文大小
*/
private static final int MAX_ENCRYPT_BLOCK = 117;
/**
* RSA最大解密密文大小
*/
private static final int MAX_DECRYPT_BLOCK = 256;
public static void main(String[] args) {
/*RSA 1024 */
// String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCIarYvrIMZGHKa8f2E6ubg0//28R1zJ4ArD+XELXYvDrM8UBR42PqJCpjPN3hC91YAnnk2Y9U+X5o/rGxH5ZTZzYy+rkAmZFJa1fK2mWDxPYJoxH+DGHQc+h8t83BMB4pKqVPhcJVF6Ie+qpD5RFUU/e5iEz8ZZFDroVE3ubKaKwIDAQAB";
// String privateKey = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAIhqti+sgxkYcprx/YTq5uDT//bxHXMngCsP5cQtdi8OszxQFHjY+okKmM83eEL3VgCeeTZj1T5fmj+sbEfllNnNjL6uQCZkUlrV8raZYPE9gmjEf4MYdBz6Hy3zcEwHikqpU+FwlUXoh76qkPlEVRT97mITPxlkUOuhUTe5sporAgMBAAECgYA0aSND37iifKUTaKOpXIKFoI23910EMAnrAXmaTIkafUBZjL7Ay0Q+QIcDHeGjgNlW9YvGXMbB5wMhMYKMgOUV1FpeqQdDslO4Z7zynRjkDJkjOKkE2/j10CvmNO8e2uCWKsYYUE9IyTkxcypjBCv16ifT0qmdxb7uKLccYI16eQJBANMutfNO/q7kUKiYvilBLN9+pZOg6eTmKmV0Xygoa3ClpQTfurwLA8W/Fv3oXnjHXTryNVHeoxSH69imo0RZ9kcCQQClXhMbXlfvl5iInmwziFhtYBztvkLuyQ084FgszR7iR0nuOWoURLQa5O7sLL724FNRlSvOCmmmWguh2vmQgRr9AkBDS5tHkWCvMqpRT3spgk9eWOlChgCCpKXV9qNsFJVILEDNsM28pnXpSd91wdp4+m7HHe/Hyv6EyFtrio50dYZ5AkAODVVwUO8GBArJKTUml+JzwOQUa8OCSQFf9+xmOjPypH4qySQzfrcTRfrrhM3haqSJ3TQwuP/LTAGLCnGEjwP9AkBqFFyrrQviPOhwel3NWjRv8mftOFgnm0Isk/NQJ4JtoahYvPDeUyP80WSuVWnPyV4zHz9Kw7BggYCPc4xZDACV";
/*RSA 2048*/
String publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAichGTEP0QFswnvn+ZAQrgGHM8VeDZLJuezGhgxh4d9SyRUfnIW/zefT71rwS4bZUs1MPxJwavOyxABJOHLuckdHXknCsGEWz78gsA6D0+O+9dl1gCZR29nnN/NlzmNbSjFnzvsTJYBlS88qSr35RXFE+6DM7uPsS8Fm2I+65FteJ8p2yMvpSg72QkIX8xvI1F1uwXrciIB+4u7uTozxIplMOo4a6uhAm3W+Kjpz3ni2btjGqHRbqb3ebSZyl+nFfnjQaBe3XyVxAWDSanjgFj/wbqbeug9FBs+nQFVPIZR9z0aE5Ndi5o3eSkV7HFmWpkxaiPZ0BLRK3XHMaBtuSpwIDAQAB";
String privateKey = "MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCJyEZMQ/RAWzCe+f5kBCuAYczxV4Nksm57MaGDGHh31LJFR+chb/N59PvWvBLhtlSzUw/EnBq87LEAEk4cu5yR0deScKwYRbPvyCwDoPT47712XWAJlHb2ec382XOY1tKMWfO+xMlgGVLzypKvflFcUT7oMzu4+xLwWbYj7rkW14nynbIy+lKDvZCQhfzG8jUXW7BetyIgH7i7u5OjPEimUw6jhrq6ECbdb4qOnPeeLZu2MaodFupvd5tJnKX6cV+eNBoF7dfJXEBYNJqeOAWP/Bupt66D0UGz6dAVU8hlH3PRoTk12Lmjd5KRXscWZamTFqI9nQEtErdccxoG25KnAgMBAAECggEBAIPz1b88ZTMtIgdejA7lH3Q4Nbn8gc1yRPSet3uBd/3rKT/IeMZBHQBzaqxgOgUIRV3n8nXsun6sf2b+IOjLlErimH2agnZMauL85YokH/g4QU6WZl9GXBf41xmMd3SsZ8AadaEBfYoXNqZcHtcLNogfFwvx5QRnD+A3SoRnH8OLBeVvOEe4AqHLT2xEZ9TeCf3fJe0Rf0fUIbw7I5ioiRZV/ir0L1VM7+1k2JODUkdC2Luj5Tl3nl1Eg6EmkYCmGE1bip1NAatsfjPBLMF7XdPNjLboiffjgKVBOjb7Y9vL18BCoLtWeTT2GkMpi5Sr94T1te1Ox77dF4BP33Xn7eECgYEA1TNUrAQsh14NbbkwFtUHXS8/YXt81p9wbSpFBymIawF2Lkk0913TB4CHSun45LhYXjdZZxK/TgqC5EIq5v2RA0jY3cSxoqVe6RZKB04E8wszeJHiEJPdu2vFnpZh9iAyhswiM5FmuKZKoWsVc2SZrBXAI02smSn3lXYok1VBS3sCgYEApXEZS6gjUu4o7ZL53Ur1HDfi/nxpkxqrPh+D1HVYjzjT+4vTeZwtLXt2VCInPWNXH+f11mzhxIrLkI0jMcSCah81DuU8aFXnqvPuyFvt9uaQBYlVWBtkcGZyeaxHFrbfCyeu0jm7SfwmiIg12hKlIHtPTjEZQUX+kkWr8cdaZ8UCgYEAh0Pl+K09QzVc97yC0jmeTnTnlYWvksvdnKUw3nZvYtSukndH75nLhfr524HOs+5xwnUDd+3hCjaJDSEd7yf5lUfmr+1XdoXNTb0igrfxU/JLWbfU4geuqnaaDyACTxHmfLePC4C413ZJ61fxaCDvjsrN+JgTZanGt0EcRT3WC3kCgYEAgf5/GMJxlw0JXbs515a5R8Xl9358Whj/at3KcRsPTeIiNqnkrc54dR9ol60KViMDZ0+VDDobn5pLXzZ26/jzXD1PLHgU4gp18Q6glhAdx/3cNm11gLhtUCA/XLlwVjm0wggZRpgUQIr/IBKe9c3mr8IUS2Uq6e38nKRf+adhst0CgYAM4tvl+U1MPbbz3YzDv8QPepZ7Pglgdfxqfr5OkXA7jNhqTZjSq10B6oClGvirBo1m6f26F02iUKk1n67AuiLlTP/RRZHi1cfq6P9IaXl23PcxJfUMvIxQDS0U+UTFpNXryTw/qNAkSfufN48YzKdGvc8vHrYJyaeemaVlbdJOCw==";
String testData = "BFixnplhXVyWE0uCLFPW2JoNalX1WHlRuytblc2c+fpM5dKa4O65fTwCXfrvZldAFxvYoZVSKs3XTr6M8djoSpog+XyK7xEmp7mZj8/mG6n1x21y9TZzdKVGavSIE2bDxr03ZoLwzZ1tPHQ9zvGr/pspPq307vxsM0f5PB19fXmAlQ4PPeU7qno3xU2CaTVc+GGtwU5JNsRVCbm+ODoTL92P79nLWSFV9y93W3hmZMu1ozAPh8rOZZtGe+Wly1r7Y8cb8XnmgoF4NZmROkb3WAIhUA1AXdbzZAK4y+88INczHsUpIZVeJyX4JAWuNeARJtRWsMxDP7AL+HsWDgrtBw==";
try {
// String data = "測試提交數據";
String data = "h6mZVXRkr6fODpNs0BkaO0ZD";
byte[] publicEncryptBytes = RSAUtils.encryptByPublicKey(data.getBytes(), publicKey);
System.out.println("公鑰加密后的數據:" + Base64.encode(publicEncryptBytes));
byte[] privatDecryptBytes = RSAUtils.decryptByPrivateKey(publicEncryptBytes, privateKey);
System.out.println("私鑰解密后的數據:" + new String(privatDecryptBytes));
// byte[] privatDecryptBytes2 = RSAUtils.decryptByPrivateKey(Base64.decode(testData), privateKey);
// System.out.println("python加密java私鑰解密后的數據:" + new String(privatDecryptBytes2));
System.out.println("--------------------");
byte[] privateKeyEncryptBytes = RSAUtils.encryptByPrivateKey(data.getBytes(), privateKey);
System.out.println("私鑰加密后的數據:" + Base64.encode(privateKeyEncryptBytes));
String singnData = RSAUtils.sign(data.getBytes(), privateKey);
System.out.println("私鑰簽名后的數據:" + singnData);
byte[] publicDecryptBytes = RSAUtils.decryptByPublicKey(privateKeyEncryptBytes, publicKey);
System.out.println("公鑰解密后的數據:" + new String(publicDecryptBytes));
boolean isSign = RSAUtils.verify(data.getBytes(), publicKey, singnData);
System.out.println("簽名是否正確:" + isSign);
Map<String, Object> key = genKeyPair(1024);
System.out.println("生成密鑰:" + key.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* @param keySize 生成的秘鑰長度 一般為1024或2048
* @return
* @throws Exception
*/
public static Map<String, Object> genKeyPair(int keySize) throws Exception {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
keyPairGen.initialize(keySize);
KeyPair keyPair = keyPairGen.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
System.out.println("publicKey:" + Base64.encode(publicKey.getEncoded()));
System.out.println("privateKey:" + Base64.encode(privateKey.getEncoded()));
return keyMap;
}
/**
* 對已加密數據進行簽名
*
* @param data 已加密的數據
* @param privateKey 私鑰
* @return 對已加密數據生成的簽名
* @throws Exception
*/
public static String sign(byte[] data, String privateKey) throws Exception {
byte[] keyBytes = Base64.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateK);
signature.update(data);
return Base64.encode(signature.sign());
}
/**
* 驗簽
*
* @param data 簽名之前的數據
* @param publicKey 公鑰
* @param sign 簽名之后的數據
* @return 驗簽是否成功
* @throws Exception
*/
public static boolean verify(byte[] data, String publicKey, String sign) throws Exception {
byte[] keyBytes = Base64.decode(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicK = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicK);
signature.update(data);
return signature.verify(Base64.decode(sign));
}
/**
* 用私鑰對數據進行解密
*
* @param encryptedData 使用公鑰加密過的數據
* @param privateKey 私鑰
* @return 解密后的數據
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey) throws Exception {
byte[] keyBytes = Base64.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
//Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateK);
int inputLen = encryptedData.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 對數據分段解密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
byte[] decryptedData = out.toByteArray();
out.close();
return decryptedData;
}
/**
* 公鑰解密
*
* @param encryptedData 使用私鑰加密過的數據
* @param publicKey 公鑰
* @return 解密后的數據
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey) throws Exception {
byte[] keyBytes = Base64.decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicK);
int inputLen = encryptedData.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 對數據分段解密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
byte[] decryptedData = out.toByteArray();
out.close();
return decryptedData;
}
/**
* 公鑰加密
*
* @param data 需要加密的數據
* @param publicKey 公鑰
* @return 使用公鑰加密后的數據
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, String publicKey) throws Exception {
byte[] keyBytes = Base64.decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
// 對數據加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 對數據分段加密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
/**
* 私鑰加密
*
* @param data 待加密的數據
* @param privateKey 私鑰
* @return 使用私鑰加密后的數據
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data, String privateKey) throws Exception {
byte[] keyBytes = Base64.decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 對數據分段加密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
/**
* 獲取私鑰
*
* @param keyMap 生成的秘鑰對
* @return
* @throws Exception
*/
public static String getPrivateKey(Map<String, Object> keyMap) throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return Base64.encode(key.getEncoded());
}
/**
* 獲取公鑰
*
* @param keyMap 生成的秘鑰對
* @return
* @throws Exception
*/
public static String getPublicKey(Map<String, Object> keyMap) throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return Base64.encode(key.getEncoded());
}
}
python 版本代碼
# -*- coding:utf-8 -*-
"""
File Name: CryptUtils
Author: wabi
Data: 2020/4/16 13:49
-----------------------
Info:
java讹蘑、python驗證版本
SHA256withRSA 簽名
RSA2 公鑰加密
RSA2 私鑰解密
AES 加密末盔、解密
AES 密鑰生成
-----------------------
Change Activity:
2020/4/16: create
"""
import base64
import binascii
import logging
from Crypto.Random import get_random_bytes
from Crypto.Signature import pkcs1_15, PKCS1_v1_5 as PKCS1_v1_5_sign
from Crypto.Util.Padding import pad, unpad
from Crypto import Random
from Crypto.Cipher import AES, PKCS1_OAEP, PKCS1_v1_5
from Crypto.PublicKey import RSA
from Crypto.Hash import SHA, SHA256
from urllib.parse import unquote
from app.comm.encrypt import fill_public_key_marker, fill_private_key_marker
logger = logging.getLogger(__file__)
class CryptUtils(object):
@staticmethod
def get_sign_data(data: dict):
"""
獲取簽名數據
按照ASCII 字母排序 鍵值
{'a':1,'b':2} => 'a=1&b=1'
@param data:
@return:
"""
sort_param = sorted(
[(key, value) for key, value in data.items() if key not in ['sign', 'sign_type']])
return "&".join("{}={}".format(k, v) for k, v in sort_param)
@staticmethod
def gen_aes_key(length):
"""
生成AES隨機密鑰
@return:
"""
b_key = get_random_bytes(length)
return binascii.hexlify(b_key).decode('utf-8')
@staticmethod
def aes_en(data, aes_key):
"""
AES加密
@param data:
@param aes_key:
@return:
"""
cipher = AES.new(aes_key.encode('utf-8'), AES.MODE_ECB)
ct = cipher.encrypt(pad(data.encode('utf-8'), AES.block_size))
return base64.b64encode(ct).decode('utf-8')
@staticmethod
def aes_de(data, aes_key):
"""
AES解密
@param data:
@param aes_key:
@return:
"""
cipher = AES.new(aes_key.encode('utf-8'), AES.MODE_ECB)
d_str = cipher.decrypt(base64.b64decode(data.encode('utf-8')))
return unpad(d_str, AES.block_size).decode('utf-8')
@staticmethod
def rsa_pkcs_1_v_15_pub_en(data, rsa_key_pub):
"""
rsa 公鑰加密
@param data:
@param rsa_key_pub:
@return:
"""
public_key = fill_public_key_marker(rsa_key_pub)
public_key_obj = RSA.import_key(public_key)
cipher_rsa = PKCS1_v1_5.new(public_key_obj)
enc_data = cipher_rsa.encrypt(data.encode('utf-8'))
return base64.b64encode(enc_data).decode('utf-8')
@staticmethod
def rsa_pkcs_1_v_15_pri_de(data, rsa_key_pri):
"""
RSA 私鑰解密
@param data: 密文
@param rsa_key_pri: 私鑰
@return:
"""
private_key = fill_private_key_marker(rsa_key_pri)
private_key_obj = RSA.import_key(private_key)
cipher_rsa = PKCS1_v1_5.new(private_key_obj)
dsize = SHA.digest_size
sentinel = Random.new().read(15 + dsize)
dec_data = cipher_rsa.decrypt(base64.b64decode(data), sentinel)
return dec_data.decode('utf-8')
@staticmethod
def gen_rsa_sign(data, rsa_key_pri):
"""
rsa 簽名
@param data:
@param rsa_key_pri:
@return:
"""
private_key = fill_private_key_marker(rsa_key_pri)
private_key_obj = RSA.import_key(private_key)
msg_hash = SHA256.new(data.encode())
signature = PKCS1_v1_5_sign.new(private_key_obj).sign(msg_hash)
sign = base64.b64encode(signature).decode()
return sign
@staticmethod
def verify_sign(data, sign, rsa_pub_cus):
"""
SHA256withRSA 驗簽
@param data:
@param sign:
@param rsa_pub_cus:
@return:
"""
public_key = fill_public_key_marker(rsa_pub_cus)
public_key_obj = RSA.import_key(public_key)
msg_hash = SHA256.new(data.encode())
try:
PKCS1_v1_5_sign.new(public_key_obj).verify(msg_hash, base64.b64decode(unquote(sign)))
return True
except (ValueError, TypeError):
return False
# aes_obj = CryptUtils()
# print(aes_obj.get_sign_data({'a': 1, 'b': 2, 'a1': 3}))
# print(aes_obj.gen_aes_key(16))
# aes_key = '5010f29d2834c931b26f10ad5720b108'
# en_data = aes_obj.aes_en('1234567890111111111111111111111111', aes_key)
# print(en_data)
# # # en_data = 'rQUuELRSfJz5CrsmGrPObg=='
# print(aes_obj.aes_de(en_data, aes_key))
# publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAichGTEP0QFswnvn+ZAQrgGHM8VeDZLJuezGhgxh4d9SyRUfnIW/zefT71rwS4bZUs1MPxJwavOyxABJOHLuckdHXknCsGEWz78gsA6D0+O+9dl1gCZR29nnN/NlzmNbSjFnzvsTJYBlS88qSr35RXFE+6DM7uPsS8Fm2I+65FteJ8p2yMvpSg72QkIX8xvI1F1uwXrciIB+4u7uTozxIplMOo4a6uhAm3W+Kjpz3ni2btjGqHRbqb3ebSZyl+nFfnjQaBe3XyVxAWDSanjgFj/wbqbeug9FBs+nQFVPIZR9z0aE5Ndi5o3eSkV7HFmWpkxaiPZ0BLRK3XHMaBtuSpwIDAQAB"
# privateKey = "MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCJyEZMQ/RAWzCe+f5kBCuAYczxV4Nksm57MaGDGHh31LJFR+chb/N59PvWvBLhtlSzUw/EnBq87LEAEk4cu5yR0deScKwYRbPvyCwDoPT47712XWAJlHb2ec382XOY1tKMWfO+xMlgGVLzypKvflFcUT7oMzu4+xLwWbYj7rkW14nynbIy+lKDvZCQhfzG8jUXW7BetyIgH7i7u5OjPEimUw6jhrq6ECbdb4qOnPeeLZu2MaodFupvd5tJnKX6cV+eNBoF7dfJXEBYNJqeOAWP/Bupt66D0UGz6dAVU8hlH3PRoTk12Lmjd5KRXscWZamTFqI9nQEtErdccxoG25KnAgMBAAECggEBAIPz1b88ZTMtIgdejA7lH3Q4Nbn8gc1yRPSet3uBd/3rKT/IeMZBHQBzaqxgOgUIRV3n8nXsun6sf2b+IOjLlErimH2agnZMauL85YokH/g4QU6WZl9GXBf41xmMd3SsZ8AadaEBfYoXNqZcHtcLNogfFwvx5QRnD+A3SoRnH8OLBeVvOEe4AqHLT2xEZ9TeCf3fJe0Rf0fUIbw7I5ioiRZV/ir0L1VM7+1k2JODUkdC2Luj5Tl3nl1Eg6EmkYCmGE1bip1NAatsfjPBLMF7XdPNjLboiffjgKVBOjb7Y9vL18BCoLtWeTT2GkMpi5Sr94T1te1Ox77dF4BP33Xn7eECgYEA1TNUrAQsh14NbbkwFtUHXS8/YXt81p9wbSpFBymIawF2Lkk0913TB4CHSun45LhYXjdZZxK/TgqC5EIq5v2RA0jY3cSxoqVe6RZKB04E8wszeJHiEJPdu2vFnpZh9iAyhswiM5FmuKZKoWsVc2SZrBXAI02smSn3lXYok1VBS3sCgYEApXEZS6gjUu4o7ZL53Ur1HDfi/nxpkxqrPh+D1HVYjzjT+4vTeZwtLXt2VCInPWNXH+f11mzhxIrLkI0jMcSCah81DuU8aFXnqvPuyFvt9uaQBYlVWBtkcGZyeaxHFrbfCyeu0jm7SfwmiIg12hKlIHtPTjEZQUX+kkWr8cdaZ8UCgYEAh0Pl+K09QzVc97yC0jmeTnTnlYWvksvdnKUw3nZvYtSukndH75nLhfr524HOs+5xwnUDd+3hCjaJDSEd7yf5lUfmr+1XdoXNTb0igrfxU/JLWbfU4geuqnaaDyACTxHmfLePC4C413ZJ61fxaCDvjsrN+JgTZanGt0EcRT3WC3kCgYEAgf5/GMJxlw0JXbs515a5R8Xl9358Whj/at3KcRsPTeIiNqnkrc54dR9ol60KViMDZ0+VDDobn5pLXzZ26/jzXD1PLHgU4gp18Q6glhAdx/3cNm11gLhtUCA/XLlwVjm0wggZRpgUQIr/IBKe9c3mr8IUS2Uq6e38nKRf+adhst0CgYAM4tvl+U1MPbbz3YzDv8QPepZ7Pglgdfxqfr5OkXA7jNhqTZjSq10B6oClGvirBo1m6f26F02iUKk1n67AuiLlTP/RRZHi1cfq6P9IaXl23PcxJfUMvIxQDS0U+UTFpNXryTw/qNAkSfufN48YzKdGvc8vHrYJyaeemaVlbdJOCw=="
#
# test_data = '測試提交數據'
# ed_data = aes_obj.rsa_en(test_data, publicKey)
# ed_data2 = aes_obj.rsa_pkcs_1_v_15_en(test_data, publicKey)
# print('公鑰加密數據:' + ed_data)
# print('公鑰加密數據ed_data2:' + ed_data2)
# print('私鑰解密數據:' + aes_obj.rsa_de(ed_data, privateKey))
#
# # 測試java加密后密文
# java_en_data = 'ZtqovikGmPL34HK/6SSj148y5wmJRISka04FkL+jrwRHsCpuVOhG/UTrnPItwdvO6G2J9tmY/KN1rtX1F6wIQ5Tx/gysaCk3agKXHjaJYF/wBN/WSUV6vqlvKbfY9H4LJqa6nJGyax0hQ7tvctXwgJ3Pr5pcYbTExrTdJwHlxQXraHH7SzwA8UNwfi1nTMkrPzg6giY1iACVEmyiuTl4MdP609RT8DWxlPwpj7HdZx6V0F9yMigRSx/DQd3/62gxcq+1MafIjr0gdPMUtKHw/cvRvoun5kDJbSI4D1pH9EsLM7UX/gTocpmmBpbLYQaUKY/d2duQ5QXuSlj/ZB2B4g=='
# print('java加密后python私鑰解密數據:' + aes_obj.rsa_pkcs_1_v_15_de(java_en_data, privateKey))
#
# print('簽名驗證.....')
# sign = aes_obj.gen_rsa_sign(test_data, privateKey)
# print('python生成簽名:' + sign)
# print('驗證簽名結果:' + str(aes_obj.verify_sign(test_data, sign, publicKey)))
