|
|
|
|
|
1.CryptoTest模块,该模块包括四个类,分别是是aestest、hashtest、rsatest和signverify。
|
|
|
|
|
|
# CryptoTest.py
|
|
|
|
|
|
# 封装4个类
|
|
|
|
|
|
from Crypto.Cipher import AES
|
|
|
|
|
|
from binascii import b2a_hex, a2b_hex
|
|
|
|
|
|
import hashlib, base64
|
|
|
|
|
|
from Crypto.Cipher import PKCS1_OAEP
|
|
|
|
|
|
from Crypto.PublicKey import RSA
|
|
|
|
|
|
from Crypto.Signature import PKCS1_v1_5
|
|
|
|
|
|
from Crypto.Hash import SHA256
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# AES算法类,实现AES的加密和解密
|
|
|
|
|
|
class aestest():
|
|
|
|
|
|
def __init__(self, key):
|
|
|
|
|
|
self.key = key
|
|
|
|
|
|
self.mode = AES.MODE_CBC
|
|
|
|
|
|
|
|
|
|
|
|
def encrypt(self, text):
|
|
|
|
|
|
cryptor = AES.new(self.key, self.mode, self.key)
|
|
|
|
|
|
text = text.encode("utf-8")
|
|
|
|
|
|
length = 16
|
|
|
|
|
|
count = len(text)
|
|
|
|
|
|
add = length - (count % length)
|
|
|
|
|
|
text = text + (b'\0' * add)
|
|
|
|
|
|
self.ciphertext = cryptor.encrypt(text)
|
|
|
|
|
|
entext = b2a_hex(self.ciphertext).decode("utf-8")
|
|
|
|
|
|
# ciphertext.bin是生成的密文文件
|
|
|
|
|
|
with open('ciphertext.bin', 'w') as f1:
|
|
|
|
|
|
f1.write(entext)
|
|
|
|
|
|
return entext
|
|
|
|
|
|
|
|
|
|
|
|
def decrypt(self, text):
|
|
|
|
|
|
cryptor = AES.new(self.key, self.mode, self.key)
|
|
|
|
|
|
plain_text = cryptor.decrypt(a2b_hex(text))
|
|
|
|
|
|
plaintext = plain_text.rstrip(b'\0').decode("utf-8")
|
|
|
|
|
|
with open('plaintext.bin', 'w') as f2:
|
|
|
|
|
|
f2.write(plaintext)
|
|
|
|
|
|
return plaintext
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# hash类,实现摘要值的计算
|
|
|
|
|
|
class hashtest():
|
|
|
|
|
|
hash = hashlib.sha256()
|
|
|
|
|
|
hash.update('admin'.encode('utf-8'))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# RSA类,实现密钥产生、加密和解密
|
|
|
|
|
|
class rsatest():
|
|
|
|
|
|
privkey = []
|
|
|
|
|
|
pubkey = []
|
|
|
|
|
|
|
|
|
|
|
|
def generatekeys(self, file1, file2):
|
|
|
|
|
|
key = RSA.generate(2048)
|
|
|
|
|
|
encrypted_key = key.exportKey(pkcs=8)
|
|
|
|
|
|
self.privkey = encrypted_key
|
|
|
|
|
|
self.pubkey = key.publickey().exportKey()
|
|
|
|
|
|
with open(file1, 'wb') as f:
|
|
|
|
|
|
f.write(encrypted_key)
|
|
|
|
|
|
with open(file2, 'wb') as f:
|
|
|
|
|
|
f.write(key.publickey().exportKey())
|
|
|
|
|
|
|
|
|
|
|
|
def encrypt(self, file, encryptedfile, pubk):
|
|
|
|
|
|
with open(file, 'rb') as f:
|
|
|
|
|
|
recipient_key = RSA.import_key(open(pubk).read())
|
|
|
|
|
|
cipher_rsa = PKCS1_OAEP.new(recipient_key)
|
|
|
|
|
|
c = cipher_rsa.encrypt(f.read())
|
|
|
|
|
|
with open(encryptedfile, 'wb') as out_file:
|
|
|
|
|
|
out_file.write(c)
|
|
|
|
|
|
|
|
|
|
|
|
def decrypt(self, file, decryptedfile, prik):
|
|
|
|
|
|
with open(file, 'rb') as f:
|
|
|
|
|
|
private_key = RSA.import_key(open(prik).read())
|
|
|
|
|
|
cipher_rsa = PKCS1_OAEP.new(private_key)
|
|
|
|
|
|
m = cipher_rsa.decrypt(f.read())
|
|
|
|
|
|
with open(decryptedfile, 'wb') as out_file:
|
|
|
|
|
|
out_file.write(m)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# 签名验证类,实现RSA算法的签名和验证
|
|
|
|
|
|
class signverify:
|
|
|
|
|
|
def sign(self, data, privkeyfile, sigfile):
|
|
|
|
|
|
privkey = open(privkeyfile,\ "rb").read().decode("utf-8")
|
|
|
|
|
|
key = RSA.importKey(privkey)
|
|
|
|
|
|
data1 = open(data, "rb").read()
|
|
|
|
|
|
h = SHA256.new(data1)
|
|
|
|
|
|
signer = PKCS1_v1_5.new(key)
|
|
|
|
|
|
signature = signer.sign(h)
|
|
|
|
|
|
sig = base64.b64encode(signature)
|
|
|
|
|
|
with open(sigfile, "wb") as f:
|
|
|
|
|
|
f.write(sig)
|
|
|
|
|
|
|
|
|
|
|
|
def verify(self, data, pubkeyfile, sigfile):
|
|
|
|
|
|
publickey = open(pubkeyfile,\ "rb").read().decode("utf-8")
|
|
|
|
|
|
key = RSA.importKey(publickey)
|
|
|
|
|
|
data1 = open(data, "rb").read()
|
|
|
|
|
|
h = SHA256.new(data1)
|
|
|
|
|
|
verifier = PKCS1_v1_5.new(key)
|
|
|
|
|
|
signature = open(sigfile, "rb").read().decode('utf-8')
|
|
|
|
|
|
if verifier.verify(h, base64.b64decode(signature)):
|
|
|
|
|
|
return True
|
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2.发送方和接收方产生自己的公钥
|
|
|
|
|
|
# RSAkey.py
|
|
|
|
|
|
# 发送方和接收分别执行产生自己的公私钥
|
|
|
|
|
|
|
|
|
|
|
|
import CryptoTest
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
|
|
myrsa = CryptoTest.rsatest()
|
|
|
|
|
|
file1 = input() # 私钥
|
|
|
|
|
|
file2 = input() # 公钥
|
|
|
|
|
|
myrsa.generatekeys(file1, file2)
|
|
|
|
|
|
|
|
|
|
|
|
3.发送方的操作封包过程
|
|
|
|
|
|
# sender.py
|
|
|
|
|
|
# 发送发封包过程
|
|
|
|
|
|
import CryptoTest
|
|
|
|
|
|
|
|
|
|
|
|
# 发送方A的三步,发送方A已经获得接收方B的公钥Bpubkey.bin
|
|
|
|
|
|
|
|
|
|
|
|
# 第1步,用AES对称密钥加密明文文件
|
|
|
|
|
|
with open('aeskey.txt', 'rb') as f: # aeskey.txt是对称密钥文件
|
|
|
|
|
|
aessymkey = f.read()
|
|
|
|
|
|
Aaestest = CryptoTest.aestest(aessymkey) # 实例化对象
|
|
|
|
|
|
print('请输入要加密的明文文件')
|
|
|
|
|
|
fname = input() # 输入要加密的明文文件
|
|
|
|
|
|
with open(fname, 'r') as f:
|
|
|
|
|
|
m = f.read()
|
|
|
|
|
|
Aaestest.encrypt(m) # AES的CBC模式加密
|
|
|
|
|
|
print("明文文件加密后的密文文件是ciphertext.bin")
|
|
|
|
|
|
|
|
|
|
|
|
# 第2步,用对方公钥Bpubkey.bin加密 对称密钥文件aeskey.txt
|
|
|
|
|
|
Arsa = CryptoTest.rsatest()
|
|
|
|
|
|
Arsa.encrypt('aeskey.txt', 'keyencrypted.bin', 'Bpubkey.bin')
|
|
|
|
|
|
print("对称密钥文件aeskey.txt加密后的文件是keyencrypted.bin")
|
|
|
|
|
|
|
|
|
|
|
|
# 第3步,生成明文的摘要值,用自己的私钥Aprikey.bin对摘要值签名
|
|
|
|
|
|
asign = CryptoTest.signverify()
|
|
|
|
|
|
asign.sign('data.txt', 'Aprikey.bin', 'digitalsign.bin')
|
|
|
|
|
|
print("A签名后的文件是digitalsign.bin")
|
|
|
|
|
|
print("将三个文件ciphertext.bin,keyencrypted.bin,\
|
|
|
|
|
|
digitalsign.bin发送给接收方")
|
