【模块】：RSA加密、解密

M2Crypto 模块

快速安装:

# 环境centos7.0，提前装好openssl（自行百度安装），windows装不上，暂不考虑了

[root@localhost ~]# pip install m2crypto

# 验证
>>> import M2Crypto
>>> 

先做准备工作：

# centos系统上执行以下命令生成公钥和私钥

[root@localhost ~]# openssl genrsa -out key.pem 1024
[root@localhost ~]# openssl rsa -in key.pem -pubout -out pubkey.pem

-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDhhyVxmY/TU/buuIfwlykV1d5Wg5PRu4Qu14LssRhZH9E9pVbX
lGeP1Q8iJEErHt4Rk5tsFgavDf+L5QIM8zpmydJqbivUJCY/5b9zSwVSnDhFfGaj
LY4Bj7Fq0yngRkxwUVaTmJ/u0FiKzy1mpnk0Xmj/pk7AburWj3YHVsYtuwIDAQAB
AoGATYKhP9XDNKJa79jD/9Az8qk6bQlzuFV2LJMtECQddiQVSdaVbio3HZvgQ5+q
NiO5ttjARfmb+nYZKf9fIQxHOX9GJeepzkvltZJO0LheS0+ZsX2ab62cv8ThUndf
yp/thuqHHXt7ERYIHS7CzvzPUQ303OEA9a6WLDaTL/MpjEECQQD5G5cJrEAL1rGF
0ELSRl0YRRRyywmGmc0Wlx0VHCyqG0/5GgmPJmB+8t7k7CtTgRhzStYSmwExzioh
ylL3vpgTAkEA58SKxKezIGcuFbCB54yuWEtgauYNrBYauQLC7+Z9d6NjFUrcHO00
1cVJ0cvIK++hvvOrCIUpq/86N8JFUyWYuQJACnH5t1IdrWFnODEvXBnPNYFQBjA1
SguQ6e2ULppr1QYoKE3LMNFvImOUrQyqFGpJWCw/JbCSMEBwy9HsAK9hOQJAIV6v
DDmJFPVGMWFEku4yfAv+SeXtugVEu7amEpyBHCSuM3af0ppkrRLG2ioZHBpYk4HJ
8mQZ5+XLoBOcn6geIQJBAIcFTwZETKFs1h6dov3Bp6EPq8zZBABvy7fhCsQk9uX6
6lI0pty9E3KUWGTw4AVp3EwGTc7OqLfiZQTgV65eBcA=
-----END RSA PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhhyVxmY/TU/buuIfwlykV1d5W
g5PRu4Qu14LssRhZH9E9pVbXlGeP1Q8iJEErHt4Rk5tsFgavDf+L5QIM8zpmydJq
bivUJCY/5b9zSwVSnDhFfGajLY4Bj7Fq0yngRkxwUVaTmJ/u0FiKzy1mpnk0Xmj/
pk7AburWj3YHVsYtuwIDAQAB
-----END PUBLIC KEY-----

如何使用

1、私钥加密：

import M2Crypto
import json

# 私钥加密
def pri_encrypt(msg, file_name):
    rsa_pri = M2Crypto.RSA.load_key(file_name)          # 导入秘钥 <M2Crypto.RSA.RSA instance at 0x24da8c0>
    ctxt_pri = rsa_pri.private_encrypt(msg, M2Crypto.RSA.pkcs1_padding)   # 这里的方法选择加密填充方式，所以在解密的时候 要对应。
    print(ctxt_pri,type(ctxt_pri))
    ctxt64_pri = ctxt_pri.encode('base64')  # 密文是base64 只能写base64  方便保存 encode成str
    print ('密文:%s'% ctxt64_pri,type(ctxt64_pri))
    return ctxt64_pri

prikey_file = 'key.pem'
data = {'name':'Jefrey'}
message = json.dumps(data)

pri_encrypt(message,prikey_file)

# 打印
# ("x8exc8 x98xeaxd5%&xe3xfaxa5xbbu];zZxf0xc1xddxf3x8fxaaxdcxfaxbcxacgxfdx0b3xbbax94Kx91taxda
# xdfxd05xecVxb1xffxf0xc4x07xbfx1cxe0xfcx84&xfcpxf5\xabxd8xf2#xfcxce:]xbae]W47xf7xc9x9aXtxff
# xe9xdax19x82xecDPxb2xcbxd3x8d@x81F'x9f}xfbx8bxb1o>x91xf0Gxc36x19Qxf8x7fxafxbexa2xeexf0Vx88
# xbd[x1e3xafxf0xd3xebuxa9", <type 'str'>)
# ('xe5xafx86xe6x96x87:jsggmOrVJSbj+qW7dV07elrwwd3zj6rc+rysZ/0LM7thlEuRdGHaIN/QNexWsf/wxAe/HOD8hCb8
cPVcq9jyI/zO
# Ol26ZV1XNDf3yZpYdP/p2hmC7ERQssvTjUCBRiefffuLsW8+kfBHwzYZUfh/r76i
7vBWiL1bHjOv8NPrdak=
', <type 'str'>)

2、公钥解密(文件路径)：

import M2Crypto
import json

# 私钥加密
def pri_encrypt(msg, file_name):
    rsa_pri = M2Crypto.RSA.load_key(file_name)          # 导入秘钥
    ctxt_pri = rsa_pri.private_encrypt(msg, M2Crypto.RSA.pkcs1_padding)   # 进行加密 pkcs1_padding加密填充方式，解密的时候要对应。
    ctxt64_pri = ctxt_pri.encode('base64')        # 密文是base64 只能写base64  方便保存 encode成str
    print ('密文:%s'% ctxt64_pri,type(ctxt64_pri))
    return ctxt64_pri

# 公钥解密传入文件路径
def pub_decrypt(msg, file_name):
    rsa_pub = M2Crypto.RSA.load_pub_key(file_name)
    ctxt_pri = msg.decode("base64")     # 先将str转成base64
    maxlength = 128                      # 128位
    output = ''
    while ctxt_pri:
        input = ctxt_pri[:128]
        ctxt_pri = ctxt_pri[128:]
        out = rsa_pub.public_decrypt(input, M2Crypto.RSA.pkcs1_padding) #解密
        output = output + out
    print('明文:%s'% output,type(output))
    print('Json:%s'% json.loads(output),type(json.loads(output)))

prikey_file = 'key.pem'
pubkey_file = 'pubkey.pem'
data = {'name':'Jefrey'}
message = json.dumps(data)

primsg = pri_encrypt(message,prikey_file)
pub_decrypt(primsg,pubkey_file)

# 打印
# ('xe6x98x8exe6x96x87:{"name": "Jefrey"}', <type 'str'>)
# ("Json:{u'name': u'Jefrey'}", <type 'dict'>)

3、公钥解密(字符串)：

import M2Crypto
import json

# 私钥加密
def pri_encrypt(msg, file_name):
    rsa_pri = M2Crypto.RSA.load_key(file_name)          # 导入秘钥
    ctxt_pri = rsa_pri.private_encrypt(msg, M2Crypto.RSA.pkcs1_padding)   # 进行加密 pkcs1_padding加密填充方式，解密的时候要对应。
    ctxt64_pri = ctxt_pri.encode('base64')        # 密文是base64 只能写base64  方便保存 encode成str
    # print ('密文:%s'% ctxt64_pri,type(ctxt64_pri))
    return ctxt64_pri

# 公钥解密传入字符串
def pub_decrypt(msg, pub_key):
    bio = M2Crypto.BIO.MemoryBuffer(pub_key)
    rsa_pub = M2Crypto.RSA.load_pub_key_bio(bio)
    ctxt_pri = msg.decode("base64")     # 先将str转成base64
    output = rsa_pub.public_decrypt(ctxt_pri, M2Crypto.RSA.pkcs1_padding) #解密
    print('明文:%s'% output,type(output))
    print('Json:%s'% json.loads(output),type(json.loads(output)))

prikey_file = 'key.pem'
pubkey_file = 'pubkey.pem'
data = {'name':'Jefrey'}
message = json.dumps(data)

primsg = pri_encrypt(message,prikey_file)
with open(pubkey_file,'r+') as f:
    pub_key = f.read()
pub_decrypt(primsg,pub_key)

# 打印
# ('xe6x98x8exe6x96x87:{"name": "Jefrey"}', <type 'str'>)
# ("Json:{u'name': u'Jefrey'}", <type 'dict'>)

小结：上面写的是私钥加密，公钥解密；反过来也一样，public_encrypt公钥加密，private_decrypt私钥解密；