def encrypt(data: bytes, d, n): keylength = common.byte_size(n) padded = _pad_for_encryption(data, keylength) num = transform.bytes2int(padded) decrypto = core.encrypt_int(num, d, n) out = transform.int2bytes(decrypto) return out
def encrypt(message, pub_key): '''Encrypts the given message using PKCS#1 v1.5 :param message: the message to encrypt. Must be a byte string no longer than ``k-11`` bytes, where ``k`` is the number of bytes needed to encode the ``n`` component of the public key. :param pub_key: the :py:class:`rsa.PublicKey` to encrypt with. :raise OverflowError: when the message is too large to fit in the padded block. >>> from rsa import key, common >>> (pub_key, priv_key) = key.newkeys(256) >>> message = 'hello' >>> crypto = encrypt(message, pub_key) The crypto text should be just as long as the public key 'n' component: >>> len(crypto) == common.byte_size(pub_key.n) True ''' keylength = common.byte_size(pub_key.n) padded = _pad_for_encryption(message, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, pub_key.e, pub_key.n) block = transform.int2bytes(encrypted, keylength) return block
def encrypt(message, pub_key): keylength = common.byte_size(pub_key.n) padded = _pad_for_encryption(message, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, pub_key.e, pub_key.n) block = transform.int2bytes(encrypted, keylength) return block
def encrypt_with_private_key(message, priv_key): """Encrypts the given message using PKCS#1 v1.5's private key :param message: the message to encrypt. Must be a byte string no longer than ``k-11`` bytes, where ``k`` is the number of bytes needed to encode the ``n`` component of the public key. :param priv_key: the :py:class:`rsa.PrivateKey` to encrypt with. :raise OverflowError: when the message is too large to fit in the padded block. >>> from rsa import key, common >>> (pub_key, priv_key) = key.newkeys(256) >>> message = b'hello' >>> crypto = encrypt_with_private_key(message, priv_key) """ keylength = common.byte_size(priv_key.n) padded = _pad_for_signing(message, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, priv_key.d, priv_key.n) block = transform.int2bytes(encrypted, keylength) return block
def sign(message, priv_key, hash): """Signs the message with the private key. Hashes the message, then signs the hash with the given key. This is known as a "detached signature", because the message itself isn't altered. :param message: the message to sign. Can be an 8-bit string or a file-like object. If ``message`` has a ``read()`` method, it is assumed to be a file-like object. :param priv_key: the :py:class:`rsa.PrivateKey` to sign with :param hash: the hash method used on the message. Use 'MD5', 'SHA-1', 'SHA-256', 'SHA-384' or 'SHA-512'. :return: a message signature block. :raise OverflowError: if the private key is too small to contain the requested hash. """ if hash not in HASH_ASN1: raise ValueError('Invalid hash method: %s' % hash) asn1code = HASH_ASN1[hash] hash = _hash(message, hash) cleartext = asn1code + hash keylength = common.byte_size(priv_key.n) padded = _pad_for_signing(cleartext, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, priv_key.d, priv_key.n) block = transform.int2bytes(encrypted, keylength) return block
def sign(self, string_to_sign): """Sign the data in a emulation of the OpenSSL private_encrypt method""" hashed = sha512(string_to_sign.encode('US-ASCII')).hexdigest() keylength = common.byte_size(self.pk.n) padded = self.pad_for_signing(hashed, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, self.pk.d, self.pk.n) signature = transform.int2bytes(encrypted, keylength).encode('base64').replace('\n','') return signature
def sign(message, priv_key, hash): if hash not in HASH_ASN1: raise ValueError('Invalid hash method: %s' % hash) asn1code = HASH_ASN1[hash] hash = _hash(message, hash) cleartext = asn1code + hash keylength = common.byte_size(priv_key.n) padded = _pad_for_signing(cleartext, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, priv_key.d, priv_key.n) block = transform.int2bytes(encrypted, keylength) return block
def encrypt_zero_padding(message, pub_key): '''Encrypts the given message without random padding ''' keylength = common.byte_size(pub_key.n) padded = _pad_zero(message, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, pub_key.e, pub_key.n) block = transform.int2bytes(encrypted, keylength) return block
def sign(self, string_to_sign): """Sign the data in a emulation of the OpenSSL private_encrypt method :param str string_to_sign: The string to Sign using the RSA private_encrypt method :rtype: str """ string_to_sign = make_bytes(string_to_sign) hashed = sha512(string_to_sign).hexdigest().encode('US-ASCII') keylength = common.byte_size(self.pk.n) padded = self.pad_for_signing(hashed, keylength) padded = make_bytes(padded) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, self.pk.d, self.pk.n) signature = transform.int2bytes(encrypted, keylength) signature = base64.b64encode(signature).decode('US-ASCII').replace('\n', '') return signature
def __rsa_encrypt(self, message, key): """加密方法""" # 判断密钥类型 if isinstance(key, PublicKey): a = key.e b = key.n elif isinstance(key, PrivateKey): a = key.d b = key.n else: raise TypeError("'key' must be PublicKey or PrivateKey") key_length = common.byte_size(b) # 得到信息字节 message_bytes = bytes(message, encoding='utf-8') padded = self.__pad_for_encrypt(message_bytes, key_length) num = transform.bytes2int(padded) decryto = core.encrypt_int(num, a, b) out = transform.int2bytes(decryto) return out
def sign(message, priv_key, hasher='SHA-1', salt_len=None): # type: (bytes, PrivateKey, str, int) -> bytes # Determine the size of the hash output (hLen) try: h_len = pkcs1.HASH_METHODS[hasher]().digest_size except KeyError: raise ValueError( 'Invalid `hasher` specified. Please select one of: {hash_list}'. format(hash_list=', '.join(sorted(pkcs1.HASH_METHODS.keys())))) # Determine the size of the public key in bytes (k) k = common.byte_size(priv_key.n) mod_bits = k * 8 - 1 em_len = math.ceil(mod_bits / 8) if len(message) > 2**61 - 1: raise OverflowError('message too long') m_hash = pkcs1.compute_hash(message, hasher) s_len = salt_len if salt_len is not None else h_len if em_len < h_len + s_len + 2: raise SigningError('Encoding error') salt = b'' if s_len == 0 else randnum.read_random_bits(s_len * 8) m2 = b''.join((b'\x00' * 8, m_hash, salt)) h = pkcs1.compute_hash(m2, hasher) ps = b'\x00' * (em_len - s_len - h_len - 2) db = b'\x01'.join((ps, salt)) db_mask = mgf1(h, em_len - h_len - 1, hasher) masked_db = bytearray(common.xor(db, db_mask)) a = 0xff for _ in range(8 * em_len - mod_bits): a = a >> 1 masked_db[0] &= a # for i in range(8*em_len - mod_bits + 1): # masked_db[0] &= ~(1 << (7-i)) em = b''.join((masked_db, h, b'\xbc')) m = transform.bytes2int(em) # s = priv_key.blinded_encrypt(m) s = core.encrypt_int(m, priv_key.d, priv_key.n) sig = transform.int2bytes(s, k) return sig
def encrypt_with_pubkey(self, message): """ 通过公钥加密信息 :param message: 被加密的信息 :return: 已加密的base64编码字符串 """ encrypt_result = b'' max_length = self.get_max_length() pubkey = rsa.PublicKey(int(self.module, 16), int(self.empoent, 16)) # print(pubkey) message = self.passwd[::-1] randomNo = max_length - len(message) - 3 randompadding = (b"\x00") * randomNo # print(randompadding) # print(randomNo) if len(message) < max_length: message = (b'\x00\x00') + randompadding + ( b"\x00") + message.encode('utf-8') # print(message) pass else: pass # print(max_length) # print(message) # print(pubkey) testmessage = rsa.transform.bytes2int(message) encrypt_result_test = core.encrypt_int(testmessage, pubkey.e, pubkey.n) test_rts = rsa.transform.int2bytes(encrypt_result_test, max_length) # print(test_rts.hex()) # print("^^^^^^^^^^^^^^^^^^^^^^^^^^") # while message: # input = message[:max_length] # message = message[max_length:] # print(input) # out = rsa.encrypt(input, pubkey) # encrypt_result += out #encrypt_result = base64.b64encode(encrypt_result) return test_rts.hex()
def OAEP_encrypt(message, pub_key, label=b'', hash_method="SHA-1", mgf1_hash_method=None): """Encrypts the given message using PKCS#1 v2 RSA-OEAP. :param bytes message: the message to encrypt. :param rsa.PublicKey pub_key: the public key to encrypt with. :param bytes label: optional RSA-OAEP label. :param str hash_method: hash function to be used. 'SHA-1' (default), 'SHA-256', 'SHA-384', and 'SHA-512' can be used. """ # NOTE: Some hash method other than listed in the docstring can be used # for hash_method. But the RFC 8017 recommends only them. if mgf1_hash_method is None: mgf1_hash_method = hash_method keylength = common.byte_size(pub_key.n) em = _OAEP_encode(message, keylength, label, hash_method, mgf1_hash_method) m = transform.bytes2int(em) encrypted = core.encrypt_int(m, pub_key.e, pub_key.n) c = transform.int2bytes(encrypted, keylength) return c
def sign(message, priv_key, hash): '''Signs the message with the private key. Hashes the message, then signs the hash with the given key. This is known as a "detached signature", because the message itself isn't altered. :param message: the message to sign. Can be an 8-bit string or a file-like object. If ``message`` has a ``read()`` method, it is assumed to be a file-like object. :param priv_key: the :py:class:`rsa.PrivateKey` to sign with :param hash: the hash method used on the message. Use 'MD5', 'SHA-1', 'SHA-256', 'SHA-384' or 'SHA-512'. :return: a message signature block. :raise OverflowError: if the private key is too small to contain the requested hash. ''' # Get the ASN1 code for this hash method if hash not in HASH_ASN1: raise ValueError('Invalid hash method: %s' % hash) asn1code = HASH_ASN1[hash] # Calculate the hash hash = _hash(message, hash) # Encrypt the hash with the private key cleartext = asn1code + hash keylength = common.byte_size(priv_key.n) padded = _pad_for_signing(cleartext, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, priv_key.d, priv_key.n) block = transform.int2bytes(encrypted, keylength) return block
def sign(message, priv_key, hash): '''Signs the message with the private key. Hashes the message, then signs the hash with the given key. This is known as a "detached signature", because the message itself isn't signed. @param message: the message to sign @param priv_key: the private key to sign with @param hash: the hash method used on the message. Use 'MD5', 'SHA-1', 'SHA-256', 'SHA-384' or 'SHA-512'. @return: a message signature block. @raise OverflowError: if the private key is too small to contain the requested hash. ''' # Get the ASN1 code for this hash method if hash not in HASH_ASN1: raise ValueError('Invalid hash method: %s' % hash) asn1code = HASH_ASN1[hash] # Calculate the hash hash = _hash(message, hash) # Encrypt the hash with the private key cleartext = asn1code + hash keylength = common.byte_size(priv_key['n']) padded = _pad_for_signing(cleartext, keylength) payload = transform.bytes2int(padded) encrypted = core.encrypt_int(payload, priv_key['d'], priv_key['n']) block = transform.int2bytes(encrypted, keylength) return block
def rsa_encrypt_key(data): data = transform.bytes2int(data) encrypted = core.encrypt_int(data, constants.RSA_E, constants.RSA_N) print(constants.RSA_N) block = transform.int2bytes(encrypted, 64) return block
def encrypt(data_bytes, rsa_private_key): data_int = transform.bytes2int(data_bytes) encrypted_int = core.encrypt_int(data_int, rsa_private_key.e, rsa_private_key.n) block = transform.int2bytes(encrypted_int) return block
def encrypt(message, pub_key, label=b'', hasher='SHA-1', **kwargs): # type: (bytes, PublicKey, bytes, str, dict) -> bytes """ Encrypts the given message using OAEP. For a complete documentation see https://tools.ietf.org/html/rfc8017#section-7.1.1 :param message: Message to be encrypted. The length must be smaller than or equal to k - 2hLen - 2. Where hLen denotes the length in octets of the hash function output and k denotes the length on octets of the RSA modulus n. :param pub_key: Recipient's RSA public key :param label: Optional label to be associated with the message :param hasher: The hash function's name :param kwargs: Used internally for testing-purposes :return: The ciphertext of length k """ # The following code implements RSAES-OAEP-ENCRYPT (rfc8017 7.1.1). The variable names of the specification are # put in parentheses. Also, the corresponding step# from the document is included in the comments. # Determine the size of the hash output (hLen) try: h_len = pkcs1.HASH_METHODS[hasher]().digest_size except KeyError: raise ValueError( 'Invalid `hasher` specified. Please select one of: {hash_list}'. format(hash_list=', '.join(sorted(pkcs1.HASH_METHODS.keys())))) # Determine the length of the message in bytes (mLen) m_len = len(message) # Step 1: Length checking: # a.) The label cannot be longer than the maximum input-length of the hash-function # Hardcoded the maximum input-length to 2**61 - 1 (SHA-1) if len(label) > 2**61 - 1: raise OverflowError('Label too long') # Determine the size of the public key in bytes (k) k = common.byte_size(pub_key.n) # b.) The message length can be at most k - 2hLen - 2 if m_len > k - 2 * h_len - 2: raise OverflowError('Message too long') # Step 2: EME-OAEP encoding # a.) l_hash = Hash(label) l_hash = pkcs1.compute_hash(label, hasher) # b.) Generate a padding string (ps) ps = b'\x00' * (k - m_len - 2 * h_len - 2) # c.) Construct the data block (db) # db = l_hash || ps || 0x01 || message db = b''.join((l_hash, ps, b'\x01', message)) # d.) Generate a random hash # Used only for testing-purposes. This should NEVER be set in production as it might compromise security! if 'test_seed' in kwargs: seed = kwargs['test_seed'] else: seed = randnum.read_random_bits(h_len * 8) # e-h.) Calculate the masks db_mask = mgf1(seed, k - h_len - 1, hasher) masked_db = common.xor(db, db_mask) seed_mask = mgf1(masked_db, h_len, hasher) masked_seed = common.xor(seed, seed_mask) # i.) Construct the encoded message # em = 0x00 || masked_seed || masked_db em = b''.join((b'\x00', masked_seed, masked_db)) # Step 3: RSA encryption # a.) Convert em to an integer # m = OS2IP(em) m = transform.bytes2int(em) # b.) Apply the RSAEP encryption primitive # c = RSAEP(pub_key, m) c = core.encrypt_int(m, pub_key.e, pub_key.n) # c.) Convert c to bytes (the ciphertext C) # ct = I2OSP(c, k) ct = transform.int2bytes(c, k) return ct
if __name__ == '__main__': choice = sys.argv[1] p = 97 n = 400 if choice == 'g': public_key, private_key = rsa.newkeys(int(sys.argv[2])) with open("private_key", "wb") as f: pickle.dump(private_key, f) with open("public_key", "wb") as f: pickle.dump(public_key, f) if choice == 'e': with open(sys.argv[2], "rb") as f: public_key = pickle.load(f) x = random.randint(10000, 20000) b = int(sys.argv[3]) encrypted = core.encrypt_int(x, public_key.e, public_key.n) print "encrypt: {0}\nx: {1}\n".format(encrypted - b, x) if choice == 'd': with open(sys.argv[2], "rb") as f: private_key = pickle.load(f) c = int(sys.argv[3]) a = int(sys.argv[4]) d = [] for i in range(c + 1, c + n + 1): d.append(private_key.blinded_decrypt(i) % p) for i in range(a, n): d[i] = d[i] + 1 with open("compare", "wb") as f: pickle.dump(d, f) if choice == 'c': with open(sys.argv[2], "rb") as f:
def sign_bytes(message, private_key): hash_int = int.from_bytes(md5(message).digest(), sys.byteorder) signature_int = encrypt_int(hash_int, private_key.d, private_key.n) key_length = byte_size(private_key.n) return signature_int.to_bytes(key_length, sys.byteorder)