安装与使用crypto 算法库在 python 中最初叫 pycrypto,这个作者有点懒,好几年没有更新,后来就有大佬写了个替代库 pycryptodome。这个库目前只支持 python3,安装也很简单pip install pycryptodome就行了!详细的用法可以看看 官方文档
常见对称密码在 crypto.cipher 库下,主要有:des 3des aes rc4 salsa20
非对称密码在 crypto.publickey 库下,主要有:rsa ecc dsa
哈希密码在 crypto.hash 库下,常用的有:md5 sha-1 sha-128 sha-256
随机数在 crypto.random 库下
实用小工具在 crypto.util 库下
数字签名在 crypto.signature 库下
对称密码aes注意:python3 和 python2 在字符串方面有个明显的区别 - python3 中有字节串 b'byte',python2 中没有字节。由于这个库是在 python3 下的,所以加解密用的都是字节!
使用这个库来加解密特别简单,记住这四步:
导入所需库
from crypto.cipher import aes
初始化 key
key = b'this_is_a_key'
实例化加解密对象
aes = aes.new(key,aes.mode_ecb)
使用实例加解密
text_enc = aes.encrypt(b'helloworld')
from crypto.cipher import aesimport base64key = bytes('this_is_a_key'.ljust(16,' '),encoding='utf8')aes = aes.new(key,aes.mode_ecb)# encryptplain_text = bytes('this_is_a_plain'.ljust(16,' '),encoding='utf8')text_enc = aes.encrypt(plain_text)text_enc_b64 = base64.b64encode(text_enc)print(text_enc_b64.decode(encoding='utf8'))# decryptmsg_enc = base64.b64decode(text_enc_b64)msg = aes.decrypt(msg_enc)print(msg.decode(encoding='utf8'))
注意:key和明文是需要填充到指定位数的,可以使用ljust或者zfill之类的填充,也可以用util中的pad()函数填充!
对称密码desfrom crypto.cipher import desimport base64key = bytes('test_key'.ljust(8,' '),encoding='utf8')des = des.new(key,des.mode_ecb)# encryptplain_text = bytes('this_is_a_plain'.ljust(16,' '),encoding='utf8')text_enc = des.encrypt(plain_text)text_enc_b64 = base64.b64encode(text_enc)print(text_enc_b64.decode(encoding='utf8'))# decryptmsg_enc = base64.b64decode(text_enc_b64)msg = des.decrypt(msg_enc)print(msg.decode(encoding='utf8'))
非对称密码rsa这个库的 rsa 主要是用来生成公钥文件/私钥文件或者读取公钥文件/私钥文件
生成公/私钥文件:
from crypto.publickey import rsarsa = rsa.generate(2048) # 返回的是密钥对象public_pem = rsa.publickey().exportkey('pem') # 生成公钥字节流private_pem = rsa.exportkey('pem') # 生成私钥字节流f = open('public.pem','wb')f.write(public_pem) # 将字节流写入文件f.close()f = open('private.pem','wb')f.write(private_pem) # 将字节流写入文件f.close()#-----begin public key-----miibijanbgkqhkig9w0baqefaaocaq8amiibcgkcaqearreg3ix19dbszqsdbkhr9cm495xak9pbqjwhiwjkv6s1tk5h7xl9/fpziity1m1k8lwuosjpac/zck6rygmbdt9tmvlbi6cdwnl5agvue2wgsb/eifecfnz9kit9xtrpmj5bjql9h+znsea1azlpitukrh1frd3szzivnq/pbly3qbst13uduhbmigeqto8wl9v0sj+smfoizy+xhsckiedov4/jixw0q2tmtse3hrgax9cxvk6u9zjch3eezl0w9eqr8tt7ql3gjg2hj9sdbiebjimluuii7nv20qlopij8qr6o531kmq1gykisfqj6ahqxkufxthklcshj9b8f8qidaqab-----end public key----------begin rsa private key-----miieowibaakcaqearreg3ix19dbszqsdbkhr9cm495xak9pbqjwhiwjkv6s1tk5h7xl9/fpziity1m1k8lwuosjpac/zck6rygmbdt9tmvlbi6cdwnl5agvue2wgsb/eifecfnz9kit9xtrpmj5bjql9h+znsea1azlpitukrh1frd3szzivnq/pbly3qbst13uduhbmigeqto8wl9v0sj+smfoizy+xhsckiedov4/jixw0q2tmtse3hrgax9cxvk6u9zjch3eezl0w9eqr8tt7ql3gjg2hj9sdbiebjimluuii7nv20qlopij8qr6o531kmq1gykisfqj6ahqxkufxthklcshj9b8f8qidaqabaoi...-----end rsa private key-----
读取公/私钥文件加解密:
from crypto.publickey import rsafrom crypto.cipher import pkcs1_v1_5import base64def rsa_encrypt(plain): with open('public.pem','rb') as f: data = f.read() key = rsa.importkey(data) rsa = pkcs1_v1_5.new(key) cipher = rsa.encrypt(plain) return base64.b64encode(cipher)def rsa_decrypt(cipher): with open('private.pem','rb') as f: data = f.read() key = rsa.importkey(data) rsa = pkcs1_v1_5.new(key) plain = rsa.decrypt(base64.b64decode(cipher),'error') # 'error'必需 return plainif __name__ == '__main__': plain_text = b'this_is_a_test_string!' cipher = rsa_encrypt(plain_text) print(cipher) plain = rsa_decrypt(cipher) print(plain)
注意:rsa 有两种填充方式,一种是 pkcs1_v1_5,另一种是 pkcs1_oaep
hash算法和 hashlib 库的用法类似,先实例化某个 hash 算法,再用 update() 调用就可以了!
具体栗子:
from crypto.hash import sha1,md5sha1 = sha1.new()sha1.update(b'sha1_test')print(sha1.digest()) # 返回字节串print(sha1.hexdigest()) # 返回16进制字符串md5 = md5.new()md5.update(b'md5_test')print(md5.hexdigest())
数字签名发送发用私钥签名,验证方用公钥验证
from crypto.signature import pkcs1_15from crypto.hash import sha256from crypto.publickey import rsa# 签名message = 'to be signed'key = rsa.import_key(open('private_key.der').read())h = sha256.new(message)signature = pkcs1_15.new(key).sign(h)# 验证key = rsa.import_key(open('public_key.der').read())h = sha.new(message)try: pkcs1_15.new(key).verify(h, signature): print "the signature is valid." except (valueerror, typeerror): print "the signature is not valid."
随机数和 random 库类似。第一个函数很常用
import crypto.randomimport crypto.random.randomprint(crypto.random.get_random_bytes(4)) # 得到n字节的随机字节串print(crypto.random.random.randrange(1,10,1)) # x到y之间的整数,可以给定stepprint(crypto.random.random.randint(1,10)) # x到y之间的整数print(crypto.random.random.getrandbits(16)) # 返回一个最大为n bit的随机整数
其它功能常用到 util 中的pad()函数来填充密钥
from crypto.util.number import *from crypto.util.padding import *# 按照规定的几种类型 pad,自定义 pad可以用 ljust()或者 zfill()str1 = b'helloworld'pad_str1 = pad(str1,16,'pkcs7') # 填充类型默认为'pkcs7',还有'iso7816'和'x923'print(unpad(pad_str1,16))# numberprint(gcd(11,143)) # 最大公约数print(bytes_to_long(b'hello')) # 字节转整数print(long_to_bytes(0x41424344)) # 整数转字节print(getprime(16)) # 返回一个最大为 n bit 的随机素数print(getstrongprime(512)) # 返回强素数print(inverse(10,5)) # 求逆元print(isprime(1227)) # 判断是不是素数
以上就是crypto算法库是什么?crypto算法库的详解的详细内容。