1.CryptoTest模块,该模块包括四个类,分别是是aestest、hashtest、rsatest和signverify。 # CryptoTest.py # 封装4个类 from Crypto.Cipher import AES from binascii import b2a_hex, a2b_hex import hashlib, base64 from Crypto.Cipher import PKCS1_OAEP from Crypto.PublicKey import RSA from Crypto.Signature import PKCS1_v1_5 from Crypto.Hash import SHA256 # AES算法类,实现AES的加密和解密 class aestest(): def __init__(self, key): self.key = key self.mode = AES.MODE_CBC def encrypt(self, text): cryptor = AES.new(self.key, self.mode, self.key) text = text.encode("utf-8") length = 16 count = len(text) add = length - (count % length) text = text + (b'\0' * add) self.ciphertext = cryptor.encrypt(text) entext = b2a_hex(self.ciphertext).decode("utf-8") # ciphertext.bin是生成的密文文件 with open('ciphertext.bin', 'w') as f1: f1.write(entext) return entext def decrypt(self, text): cryptor = AES.new(self.key, self.mode, self.key) plain_text = cryptor.decrypt(a2b_hex(text)) plaintext = plain_text.rstrip(b'\0').decode("utf-8") with open('plaintext.bin', 'w') as f2: f2.write(plaintext) return plaintext # hash类,实现摘要值的计算 class hashtest(): hash = hashlib.sha256() hash.update('admin'.encode('utf-8')) # RSA类,实现密钥产生、加密和解密 class rsatest(): privkey = [] pubkey = [] def generatekeys(self, file1, file2): key = RSA.generate(2048) encrypted_key = key.exportKey(pkcs=8) self.privkey = encrypted_key self.pubkey = key.publickey().exportKey() with open(file1, 'wb') as f: f.write(encrypted_key) with open(file2, 'wb') as f: f.write(key.publickey().exportKey()) def encrypt(self, file, encryptedfile, pubk): with open(file, 'rb') as f: recipient_key = RSA.import_key(open(pubk).read()) cipher_rsa = PKCS1_OAEP.new(recipient_key) c = cipher_rsa.encrypt(f.read()) with open(encryptedfile, 'wb') as out_file: out_file.write(c) def decrypt(self, file, decryptedfile, prik): with open(file, 'rb') as f: private_key = RSA.import_key(open(prik).read()) cipher_rsa = PKCS1_OAEP.new(private_key) m = cipher_rsa.decrypt(f.read()) with open(decryptedfile, 'wb') as out_file: out_file.write(m) # 签名验证类,实现RSA算法的签名和验证 class signverify: def sign(self, data, privkeyfile, sigfile): privkey = open(privkeyfile,\ "rb").read().decode("utf-8") key = RSA.importKey(privkey) data1 = open(data, "rb").read() h = SHA256.new(data1) signer = PKCS1_v1_5.new(key) signature = signer.sign(h) sig = base64.b64encode(signature) with open(sigfile, "wb") as f: f.write(sig) def verify(self, data, pubkeyfile, sigfile): publickey = open(pubkeyfile,\ "rb").read().decode("utf-8") key = RSA.importKey(publickey) data1 = open(data, "rb").read() h = SHA256.new(data1) verifier = PKCS1_v1_5.new(key) signature = open(sigfile, "rb").read().decode('utf-8') if verifier.verify(h, base64.b64decode(signature)): return True return False 2.发送方和接收方产生自己的公钥 # RSAkey.py # 发送方和接收分别执行产生自己的公私钥 import CryptoTest if __name__ == '__main__': myrsa = CryptoTest.rsatest() file1 = input() # 私钥 file2 = input() # 公钥 myrsa.generatekeys(file1, file2) 3.发送方的操作封包过程 # sender.py # 发送发封包过程 import CryptoTest # 发送方A的三步,发送方A已经获得接收方B的公钥Bpubkey.bin # 第1步,用AES对称密钥加密明文文件 with open('aeskey.txt', 'rb') as f: # aeskey.txt是对称密钥文件 aessymkey = f.read() Aaestest = CryptoTest.aestest(aessymkey) # 实例化对象 print('请输入要加密的明文文件') fname = input() # 输入要加密的明文文件 with open(fname, 'r') as f: m = f.read() Aaestest.encrypt(m) # AES的CBC模式加密 print("明文文件加密后的密文文件是ciphertext.bin") # 第2步,用对方公钥Bpubkey.bin加密 对称密钥文件aeskey.txt Arsa = CryptoTest.rsatest() Arsa.encrypt('aeskey.txt', 'keyencrypted.bin', 'Bpubkey.bin') print("对称密钥文件aeskey.txt加密后的文件是keyencrypted.bin") # 第3步,生成明文的摘要值,用自己的私钥Aprikey.bin对摘要值签名 asign = CryptoTest.signverify() asign.sign('data.txt', 'Aprikey.bin', 'digitalsign.bin') print("A签名后的文件是digitalsign.bin") print("将三个文件ciphertext.bin,keyencrypted.bin,\ digitalsign.bin发送给接收方")