Python 密码学:无法使用 PKCS1v15 填充使用 RSA 私钥进行签名
Python Cryptography: Cannot sign with RSA private key using PKCS1v15 padding
我正在尝试使用 Python 和加密库实现与 PHP 的 openssl_pkey_get_private 和 openssl_sign 使用 SHA1 哈希的功能等效签名。我读过 PHP 使用 PKCS1v15 填充,所以这也是我正在尝试使用的。我的代码是:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.backends import default_backend
pk = open('key.pem', 'rb')
key = load_pem_private_key(pk.read(), password=None, backend=default_backend())
message = b'hello world'
signature = key.sign(
message,
padding.PKCS1v15,
hashes.SHA1()
)
执行此结果:
---------------------------------------------------------------------------
TypeError Traceback (most recent call last)
<ipython-input-21-ef3db8a6f4a8> in <module>()
3 message,
4 padding.PKCS1v15,
----> 5 hashes.SHA1()
6 )
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
613
614 def sign(self, data, padding, algorithm):
--> 615 signer = self.signer(padding, algorithm)
616 signer.update(data)
617 signature = signer.finalize()
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in signer(self, padding, algorithm)
550
551 def signer(self, padding, algorithm):
--> 552 return _RSASignatureContext(self._backend, self, padding, algorithm)
553
554 def decrypt(self, ciphertext, padding):
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in __init__(self, backend, private_key, padding, algorithm)
170
171 if not isinstance(padding, AsymmetricPadding):
--> 172 raise TypeError("Expected provider of AsymmetricPadding.")
173
174 self._pkey_size = self._backend._lib.EVP_PKEY_size(
TypeError: Expected provider of AsymmetricPadding.
运算符isinstance表示padding.PKCS1v15需要是一个实例而不是类型(class)本身。也就是说应该通过调用构造函数来创建对象实例。
为此添加括号,即 padding.PKCS1v15()。
我正在尝试使用 Python 和加密库实现与 PHP 的 openssl_pkey_get_private 和 openssl_sign 使用 SHA1 哈希的功能等效签名。我读过 PHP 使用 PKCS1v15 填充,所以这也是我正在尝试使用的。我的代码是:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.backends import default_backend
pk = open('key.pem', 'rb')
key = load_pem_private_key(pk.read(), password=None, backend=default_backend())
message = b'hello world'
signature = key.sign(
message,
padding.PKCS1v15,
hashes.SHA1()
)
执行此结果:
---------------------------------------------------------------------------
TypeError Traceback (most recent call last)
<ipython-input-21-ef3db8a6f4a8> in <module>()
3 message,
4 padding.PKCS1v15,
----> 5 hashes.SHA1()
6 )
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
613
614 def sign(self, data, padding, algorithm):
--> 615 signer = self.signer(padding, algorithm)
616 signer.update(data)
617 signature = signer.finalize()
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in signer(self, padding, algorithm)
550
551 def signer(self, padding, algorithm):
--> 552 return _RSASignatureContext(self._backend, self, padding, algorithm)
553
554 def decrypt(self, ciphertext, padding):
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in __init__(self, backend, private_key, padding, algorithm)
170
171 if not isinstance(padding, AsymmetricPadding):
--> 172 raise TypeError("Expected provider of AsymmetricPadding.")
173
174 self._pkey_size = self._backend._lib.EVP_PKEY_size(
TypeError: Expected provider of AsymmetricPadding.
运算符isinstance表示padding.PKCS1v15需要是一个实例而不是类型(class)本身。也就是说应该通过调用构造函数来创建对象实例。
为此添加括号,即 padding.PKCS1v15()。