Python 加密模块 save/load RSA 密钥 to/from 文件
Python Cryptography module save/load RSA keys to/from file
使用 Cryptography 模块 Python,
我想将我生成的私钥保存在一个文件中,以供日后使用。
但是我无法从文档中找到为此所需的方法。
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
# Working RSA encryption you can run for yourself
MESSAGE = 'I am a very secret message'
# Create private key
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
# Create public key
public_key = private_key.public_key()
# Encrypt
ciphertext = public_key.encrypt(
MESSAGE,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None
)
)
# Encrypted text
print ciphertext
# Decrypt
plaintext = private_key.decrypt(
ciphertext,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None
)
)
# Decrypted text
print plaintext
# Print human readable key
pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
pem_data = pem.splitlines()
print pem_data
# How to Save//Load
我知道如何生成密钥,但如何才能正确保存到文件中。通过将 pem_data 存储在一个文件中,然后从该文件加载
load_pem_public_key?
由于密码学对我来说仍然是新事物,我想知道在文件中存储 RSA 密钥的正确方法。
这是我目前的尝试,但出现错误。
ValueError: Could not deserialize key data.
if os.path.exists('key.pem'):
print 'file exist'
else:
f = open(os.path.join(__location__, 'key.pem'), 'w')
for i in pem_data:
f.write(i)
f.close()
with open(os.path.join(__location__, 'key.pem'), "rb") as key_file:
private_key = serialization.load_pem_private_key(
key_file.read(),
password=None,
backend=default_backend()
)
您保存私钥的方法丢弃了 load_pem_private_key() 希望看到的换行符。我稍微修改了你的例子来说明这一点。方法save_key_bad()是你的方法,方法save_key()显示了简单正确的方法。
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.serialization import load_pem_private_key
def gen_key():
private_key = rsa.generate_private_key(
public_exponent=65537, key_size=2048, backend=default_backend()
)
return private_key
def save_key(pk, filename):
pem = pk.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
with open(filename, 'wb') as pem_out:
pem_out.write(pem)
def save_key_bad(pk, filename):
pem = pk.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
pem_data = pem.splitlines()
with open(filename, 'wb') as pem_out:
for line in pem_data:
pem_out.write(line)
def load_key(filename):
with open(filename, 'rb') as pem_in:
pemlines = pem_in.read()
private_key = load_pem_private_key(pemlines, None, default_backend())
return private_key
if __name__ == '__main__':
pk = gen_key()
filename = 'privkey.pem'
save_key(pk, filename)
pk2 = load_key(filename)
save_key_bad(pk, filename)
pk3 = load_key(filename)
import rsa
if __name__ == '__main__':
(pubkey, privkey) = rsa.newkeys(512, poolsize=4)
message = b'Say hi!'
crypto = rsa.encrypt(message, pubkey)
PRIV_KEY_DST = 'your path to file'
with open(PRIV_KEY_DST, 'wb+') as f:
pk = rsa.PrivateKey.save_pkcs1(privkey, format='PEM')
f.write(pk)
使用 Cryptography 模块 Python,
我想将我生成的私钥保存在一个文件中,以供日后使用。
但是我无法从文档中找到为此所需的方法。
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
# Working RSA encryption you can run for yourself
MESSAGE = 'I am a very secret message'
# Create private key
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
backend=default_backend()
)
# Create public key
public_key = private_key.public_key()
# Encrypt
ciphertext = public_key.encrypt(
MESSAGE,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None
)
)
# Encrypted text
print ciphertext
# Decrypt
plaintext = private_key.decrypt(
ciphertext,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None
)
)
# Decrypted text
print plaintext
# Print human readable key
pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
pem_data = pem.splitlines()
print pem_data
# How to Save//Load
我知道如何生成密钥,但如何才能正确保存到文件中。通过将 pem_data 存储在一个文件中,然后从该文件加载
load_pem_public_key?
由于密码学对我来说仍然是新事物,我想知道在文件中存储 RSA 密钥的正确方法。
这是我目前的尝试,但出现错误。
ValueError: Could not deserialize key data.
if os.path.exists('key.pem'):
print 'file exist'
else:
f = open(os.path.join(__location__, 'key.pem'), 'w')
for i in pem_data:
f.write(i)
f.close()
with open(os.path.join(__location__, 'key.pem'), "rb") as key_file:
private_key = serialization.load_pem_private_key(
key_file.read(),
password=None,
backend=default_backend()
)
您保存私钥的方法丢弃了 load_pem_private_key() 希望看到的换行符。我稍微修改了你的例子来说明这一点。方法save_key_bad()是你的方法,方法save_key()显示了简单正确的方法。
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.serialization import load_pem_private_key
def gen_key():
private_key = rsa.generate_private_key(
public_exponent=65537, key_size=2048, backend=default_backend()
)
return private_key
def save_key(pk, filename):
pem = pk.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
with open(filename, 'wb') as pem_out:
pem_out.write(pem)
def save_key_bad(pk, filename):
pem = pk.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
pem_data = pem.splitlines()
with open(filename, 'wb') as pem_out:
for line in pem_data:
pem_out.write(line)
def load_key(filename):
with open(filename, 'rb') as pem_in:
pemlines = pem_in.read()
private_key = load_pem_private_key(pemlines, None, default_backend())
return private_key
if __name__ == '__main__':
pk = gen_key()
filename = 'privkey.pem'
save_key(pk, filename)
pk2 = load_key(filename)
save_key_bad(pk, filename)
pk3 = load_key(filename)
import rsa
if __name__ == '__main__':
(pubkey, privkey) = rsa.newkeys(512, poolsize=4)
message = b'Say hi!'
crypto = rsa.encrypt(message, pubkey)
PRIV_KEY_DST = 'your path to file'
with open(PRIV_KEY_DST, 'wb+') as f:
pk = rsa.PrivateKey.save_pkcs1(privkey, format='PEM')
f.write(pk)