加密解密 - Python RSA 公钥加密结果不一致
高洛峰
高洛峰 2017-04-17 14:55:11
0
2
1404

首先使用rsa生成了公钥,然后将公钥(pubkey)n和e部分转成字符,又将字符转成公钥(pub),使用pubkey和pub进行加密后的结果(test1, test2)并不一样,求解。

>>> import rsa
>>> (pubkey, privkey) = rsa.newkeys(512, poolsize=8)
>>> pubkey.n
10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391L
>>> pubkey.e
65537
>>> type(pubkey.e)
<type 'int'>
>>> type(pubkey.n)
<type 'long'>
>>> type(pubkey)
<class 'rsa.key.PublicKey'>
>>> n = str(pubkey.n)
>>> e = str(pubkey.e)
>>> n
'10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391'
>>> e
'65537'
>>> message = 'test'
>>> pub = rsa.PublicKey(long(n), int(e))
>>> pub
PublicKey(10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391, 65537)
>>> test1 =  rsa.encrypt(message, pub)
>>> test2 =  rsa.encrypt(message, pubkey)
>>> test1 == test2
False
>>> test1
"\xbbVcE\x1e\x1f\xa3\x84\x90]\x19\xbf5\xb9\x8aM\xed<\x7f\xcd\xf3UC\x87f]a\x15/\xb2\xe8\xa3\x05w\xc4Y'#\x9f\xd3\xc0}\xc81\x15F\xba\xc6\xf8\x92\xb6\x11\x1a\xe2\xc7\xfbLZo\xb0Q~\xf0\xf6"
>>> test2
'Z1\xf1\xbd\xe6}!\x11\x0c\xa2\xe2"lx\xb2\xa2\xdf\x15{\x95\xe6\x9aX\xbc)\xfb\xe4!\xf1"\xf0\xfc3y\xbb\x90\x92\x8e\x83\x0c\xbd\xc5\xf9\x0b\xdf\xdd\xd5\xbc\x0ey\x05\x055\xde\x9dh\xb0+\x0f\x8c\x88J\x98\xf1'
>>> pub == pubkey
True
>>> pub 
PublicKey(10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391, 65537)
>>> pubkey
PublicKey(10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391, 65537)
>>> import chardet
>>> chardet.detect(test1)
{'confidence': 0.0, 'encoding': None}
>>> type(pub)
<class 'rsa.key.PublicKey'>
>>> type(pubkey)
<class 'rsa.key.PublicKey'>
>>> chardet.detect(test2)
{'confidence': 0.0, 'encoding': None}
>>> 

解密结果是相同的

>>> rsa.decrypt(test1, privkey)
'test'
>>> rsa.decrypt(test2, privkey)
'test'
>>> 

私钥解密:

>>> n = str(privkey.n)
>>> e = str(privkey.e)
>>> d = str(privkey.d)
>>> p = str(privkey.p)
>>> q = str(privkey.q)
>>> n
'10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391'
>>> e
'65537'
>>> d
'8903648270921220617431832654452301896482433185548143048222170107118994148084511997041768437603762728926301730747011307923395996108348985220136737777676929'
>>> p
'6711170401751480754571255050059571447514931755192869446968529815316138668726356067'
>>> q
'1612046449861751533076589670955589879512068088293380286297803374041352573'
>>> pr = rsa.PrivateKey(long(n), int(e), long(d), long(p), long(q))
>>> pr
PrivateKey(10818718420560739313346002978990665036149681542592492045226497373002401361706250920089394493353909096589940348075365896188466224763409423854599514284610391, 65537, 8903648270921220617431832654452301896482433185548143048222170107118994148084511997041768437603762728926301730747011307923395996108348985220136737777676929, 6711170401751480754571255050059571447514931755192869446968529815316138668726356067, 1612046449861751533076589670955589879512068088293380286297803374041352573)
>>> pr = privkey
>>> pr = rsa.PrivateKey(long(n), int(e), long(d), long(p), long(q))
>>> pr ==  privkey
True
>>> rsa.decrypt(test1, pr)
'test'
>>> rsa.decrypt(test2, pr)
'test'
>>> 

已采纳@依云的答案,滚回去看书了:

>>> rsa.encrypt(message, pub)
'\xcc\x11\xb5\x8dSM\xd0\x01l\r\xc1\xed]\x17U\xf9)\xbaC\xcf-\x07\xfd\xa6V\xdb.\x94\x8b\xb8\xb3M\x0cG\xa7v\xe3\x11\x9a\xa8\xffV\xefo\x92\xb8\xcd$+\x1f\x99q\x06\xa1E\xd0E\xe5\xaa\xea%\xb5\xf1\x93'
>>> rsa.encrypt(message, pub)
'0\x9a\xd7*+o\x9b\xd2\x92\t\x1bb\x9cY\xfc{\\\xa6\x98\xd3\xd0\xcd\xff\xd9\x94\xb4Pa\xeb8r(s\xfe\x17;\xe0\xbd\xfcs\xcc\xb7\xaau~\xba\n\xdb\xb2G\xb9\xd8\xe6K\x1fA\x8c\xb0{P)9\xd6\xa0'
>>> rsa.encrypt(message, pub)
'BV\xcf\xa1\x93\xb1\xe1\x91$\xbd\x01\x08T\xfc\x7f\xf1uvX\x8f"\xfd\x91\xe5*f\xbb\xec\xb2\x14\xe6ug\xc0`\xf0\xba\xf8|\xec\xad\x85\xeej~Ti*\xc5@I\\vl\xef.\x86S\xa4\xdbcTQ\xea'
>>> rsa.encrypt(message, pub)
'\xb4l0\x10\xb6\x8c\x83\x02\xdeTMC\x1fm\x19\xdb\x02\xa8\xc8\x05\xcb\xf4\xee\x919\xe34x\xaf\xa4\x98dc\xa6\t}\x14\xc4\x07\x0eU8\x08Dr\x0bo\x17\x18\x05j\x89\xc6]\xca\x16s\xd9\x92\x0bN\x95o\x9d'
>>> rsa.encrypt(message, pub)
'}.\x9f\xe5q\xee\xa3\xb91k\xb9\xb0\xa2zK%\x88\xdc\xb1\xd7i\xf3$4\x91\xa6\xd9\xd1-boS\xe0\x9b&\x0cv=\xa2\xe8\xc0\x07\x93\x80\xea\xf3\x06vN\xf8M\xe3\xa2\x0e\x16~\x85X\xab\xf2\x18\xd4\xf1\xd0'
>>> rsa.encrypt(message, pub)
"p\xd7\x82\nZz\xc6\x92\x85\xcb6<\x18\xa5\x1fa{\xef\xaa'~\x8a H\xc9\xbb\x90T\xde5\xe3O\x10\xd5Q\xf8qd\xce\x80\x06\xab\xd6\xd0\xec}\xabq\x8c?\xc7\xb0Z\xddO^\x93\xa4\xaaV\x7f\xe7\xff\xb0"
>>> rsa.encrypt(message, pub)
"Rw\xff\xb3\xf35\xe9\x80|\x90T\x03\xf4\xeb\xe2\x8fA\x84\x1cBm,\xc4\x99J^\xfc\xc5Q\ncl\t\x19\xc9W4'\xdf*\x8bN\x9c\xa8']\\\xa5D\x9b\xe1m}:\xba\x05\xb8Q\xe7\xaa\xafb\xaem"
>>> 
高洛峰
高洛峰

拥有18年软件开发和IT教学经验。曾任多家上市公司技术总监、架构师、项目经理、高级软件工程师等职务。 网络人气名人讲师,...

répondre à tous(2)
小葫芦

更正!以下论述只适用于 AES。RSA 不一样,一般不用 IV 的。密码学很复杂的……


现代加密算法,使用同样的加密密钥,加密相同的明文,每一次得到的密文都会不一样,以防止根据特征进行攻击。

如果每次加密结果相同,比如一个 HTML 文档,很容易猜测到里边很可能会出现的字符串。然后在这个会话过程中请求了多个 HTML,那么相同字符串出现得就更多了。

技术上,每次开始加密时,生成一个密码学安全的随机字符串作为 IV(初始矢量),然后通过某种 chain 的方式将相邻的 block 或者字节关联起来。

当然有特殊需求,你可以使用不带 IV 的加密方案。

洪涛

不同意依云的意见,这应该是随机填充啊。

非对称算法哪来的分组模式啊 = =

Derniers téléchargements
Plus>
effets Web
Code source du site Web
Matériel du site Web
Modèle frontal