如何使用 pickle 通过套接字将 public 密钥从服务器发送到客户端
How to send public key from server to client VIA socket using pickle
我需要帮助使用 pickle 通过套接字将 public 密钥从服务器发送到客户端。我 运行 都只是通过打开两个命令提示符,所以我不需要通过网络或其他方式发送它,如果它有所不同的话。只是不确定如何使 public_key 成为 pickle 文件并通过套接字发送它。
服务器代码:
import socket
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
from Crypto import Random
from Crypto.Hash import SHA256
from Crypto.Cipher import DES3
random_generator = Random.new().read
import pickle
def main():
host = '127.0.0.1'
port = 5000
s = socket.socket()
s.bind((host,port))
s.listen(1)
c, addr = s.accept()
print "Connection from: "+str(addr)
while True:
data = c.recv(1024)
if not data:
break
print "from connected user: "+str(data)
data = str(data)
#"Step 2 Server says hello and sends the public key certificate."
print "Start SSL Handshake"
print"Press Enter to Generate the key pair."
a = raw_input("")
key = RSA.generate(1024, random_generator)
public_key = key.publickey() <----- need to pickle and send to client
c.send(data)
客户代码:
import socket
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
from Crypto import Random
from Crypto.Hash import SHA256
random_generator = Random.new().readdef main():
host = '127.0.0.1'
port = 5000
s = socket.socket()
s.connect((host,port))
#"Step 1 Client says hello."
message = raw_input("-> ")
while message != 'q':
s.send(message)
data = s.recv(1024)
print 'Received the public key from server: (iCrypto.PublicKey.RSA '
#"Step 3 Client verifies the public key." <------------ need to recieve / depickle key here
message = raw_input("-> Press enter to verify the public key.")
对开放端口的输出进行 picking 是自找麻烦 (understanding pickle insecurity). Furthermore you're just adding a layer of complexity that isn't needed. RSA._RSAobj.exportKey returns a bytes object which can be sent directly over a socket, and is conveniently also exactly the data type needed for RSA.importKey().
服务器:
#conn is your socket
conn.send(key.publickey().exportKey(format='PEM', passphrase=None, pkcs=1))
客户:
#you'll need to decide how to determine N: number of bytes received (should be constant for constant size key)
pub_key = RSA.importKey(conn.recv( N ), passphrase=None)
我需要帮助使用 pickle 通过套接字将 public 密钥从服务器发送到客户端。我 运行 都只是通过打开两个命令提示符,所以我不需要通过网络或其他方式发送它,如果它有所不同的话。只是不确定如何使 public_key 成为 pickle 文件并通过套接字发送它。
服务器代码:
import socket
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
from Crypto import Random
from Crypto.Hash import SHA256
from Crypto.Cipher import DES3
random_generator = Random.new().read
import pickle
def main():
host = '127.0.0.1'
port = 5000
s = socket.socket()
s.bind((host,port))
s.listen(1)
c, addr = s.accept()
print "Connection from: "+str(addr)
while True:
data = c.recv(1024)
if not data:
break
print "from connected user: "+str(data)
data = str(data)
#"Step 2 Server says hello and sends the public key certificate."
print "Start SSL Handshake"
print"Press Enter to Generate the key pair."
a = raw_input("")
key = RSA.generate(1024, random_generator)
public_key = key.publickey() <----- need to pickle and send to client
c.send(data)
客户代码:
import socket
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
from Crypto import Random
from Crypto.Hash import SHA256
random_generator = Random.new().readdef main():
host = '127.0.0.1'
port = 5000
s = socket.socket()
s.connect((host,port))
#"Step 1 Client says hello."
message = raw_input("-> ")
while message != 'q':
s.send(message)
data = s.recv(1024)
print 'Received the public key from server: (iCrypto.PublicKey.RSA '
#"Step 3 Client verifies the public key." <------------ need to recieve / depickle key here
message = raw_input("-> Press enter to verify the public key.")
对开放端口的输出进行 picking 是自找麻烦 (understanding pickle insecurity). Furthermore you're just adding a layer of complexity that isn't needed. RSA._RSAobj.exportKey returns a bytes object which can be sent directly over a socket, and is conveniently also exactly the data type needed for RSA.importKey().
服务器:
#conn is your socket
conn.send(key.publickey().exportKey(format='PEM', passphrase=None, pkcs=1))
客户:
#you'll need to decide how to determine N: number of bytes received (should be constant for constant size key)
pub_key = RSA.importKey(conn.recv( N ), passphrase=None)