def encrypt(key, message): """ Encrypt message with Public Key """ public_key = PublicKey.load_pkcs1(key.encode(ENCODING)) enc_msg = rsa_encrypt(message.encode(ENCODING), public_key) return enc_msg.decode(ISO_ENCODING)
def validate_block(data): sha = hasher.sha256() sha.update( str(data['index']) + str(data['timestamp']) + str(data['payload']) + str(data['previous_hash'])) hash = sha.hexdigest() if hash != data['hash']: return False PUB = PublicKey.load_pkcs1(''' -----BEGIN RSA PUBLIC KEY----- {p} -----END RSA PUBLIC KEY----- '''.format(p='\n'.join( [data['miner'][i:i + 64] for i in range(0, len(data['miner']), 64)]))) if not verify(hash, data['sign'].decode('hex'), PUB): return False MINER_PUBS = loads(Block.objects.get(index=0).payload)['miners'] if not data['miner'] in MINER_PUBS: return False for i in data['transactions']: validate_transaction(i) return True
def rsa_load_key(public_file=None, private_file=None, dir=None): """ Загружаем ключи из файлов :param public_file: файл публичного ключа :param private_file: файл приватного ключа :param dir: папка с ключами :return: возвращаем публичный и приватный ключи """ try: if dir: if dir[-1] not in sep: dir += sep public_file = dir + 'public.key' private_file = dir + 'private.key' if not exists(public_file) or not exists(private_file): raise IOError("Key files not found!") with open(public_file, 'rb') as f: public_file = f.read() with open(private_file, 'rb') as f: private_file = f.read() pubkey = PublicKey.load_pkcs1(keyfile=public_file) privkey = PrivateKey.load_pkcs1(keyfile=private_file) return pubkey, privkey except IOError as e: print("Error: %s" % e) return None, None
def _load_key_file(self): # 从.pem文件中读取key try: with open(self._key_source) as f: p = f.read() self._pub_rsa_key = PublicKey.load_pkcs1(p.encode()) except Exception as error: raise error
def from_files(cls, pub_path: str, priv_path: str, key_format: str = 'PEM') -> 'Rsa': """Parse an RSA keypair from existing files.""" with open(pub_path, "rb") as f: pub = PublicKey.load_pkcs1(f.read(), format=key_format) with open(priv_path, "rb") as f: priv = PrivateKey.load_pkcs1(f.read(), format=key_format) return cls(pub, priv)
def public_key_from_file(filepath): """ Loads a public key from a given filepath. Args: filepath (string): A path to the file which contains the public key in a PEM format. Returns: rsa.PublicKey: The public key that results from reading the given file. """ with open(filepath, 'rb') as f: pk = PublicKey.load_pkcs1(f.read(), format='PEM') return pk
def _load_key_file_exe(self): try: if getattr(sys, 'frozen', False): # 是否Bundle Resource base_path = sys._MEIPASS else: base_path = os.path.abspath(".") with open(os.path.join(base_path, self._key_source)) as f: p = f.read() self._pub_rsa_key = PublicKey.load_pkcs1(p.encode()) except Exception as error: raise error
def encryp(data): """ 使用RSA对byte类型的数据进行加密 """ global public_key if public_key is None: with open("source/keys/pubkey.pem", "rb") as x: public_key = x.read() public_key = PublicKey.load_pkcs1(public_key) # 取公钥 data = bytes(str(data), encoding='utf8') return encrypt(data, public_key) # 返回加密结果
def verify_transaction(t): PUB = PublicKey.load_pkcs1(''' -----BEGIN RSA PUBLIC KEY----- {p} -----END RSA PUBLIC KEY----- '''.format( p='\n'.join([t.sender[i:i + 64] for i in range(0, len(t.sender), 64)]))) if not verify(t.hash, t.sign.decode('hex'), PUB): return False return True
def f(cipher, PUBLIC_KEY): public_key = PublicKey.load_pkcs1(PUBLIC_KEY) encrypted = transform.bytes2int(cipher) decrypted = core.decrypt_int(encrypted, public_key.e, public_key.n) text = transform.int2bytes(decrypted) if len(text) > 0 and text[0] == '\x01': pos = text.find('\x00') if pos > 0: return text[pos + 1:] else: return None
def public_key_from_str(public_key_str): """ Interprets a PEM-formatted string into a PublicKey object. Args: public_key_str (bytearray): The bytearray that represents the public key in a PEM format. Returns: rsa.PublicKey: The public key that is the result of interpreting the PEM-formatted bytearray. """ return PublicKey.load_pkcs1(public_key_str, format='PEM')
def _gen_rsa_pubkey(self): # 将pub key string 转换为 pub rsa key # p.debug("Now turn key string to rsa key") try: rsa_pubkey = PublicKey(self._modulus, self._exponent) # 赋值到_pub_rsa_key self._pub_rsa_key = PublicKey.load_pkcs1(rsa_pubkey.save_pkcs1()) # print("self._pub_rsa_key:{}".format(rsa_pubkey)) # p.error("self._pub_rsa_key:{}".format(self._pub_rsa_key)) except Exception as e: # p.error(e) # p.error("Invalid public_key") raise e
def decrypt_with_public_key(decrypt_key_file, cipher_text): key = open(decrypt_key_file, "rb").read() pk = PublicKey.load_pkcs1(key) encrypted = transform.bytes2int(base64.b64decode(cipher_text)) decrypted = core.decrypt_int(encrypted, pk.e, pk.n) text = transform.int2bytes(decrypted) if len(text) > 0 and text[0] == 1: pos = text.find(b'\x00') if pos > 0: return text[pos + 1:] else: return None
def push_aes_key(self): from rsa import PublicKey, encrypt from random import sample from string import digits, ascii_letters, punctuation # 生成AES密钥 key_rules = digits + ascii_letters + punctuation self.key = ''.join(sample(key_rules * 10, 32)) # 导入加密公钥 with open('public.pem', 'r') as f: pub_key = PublicKey.load_pkcs1(f.read().encode()) # 加密数据 crypto = encrypt(self.key.encode(), pub_key) return crypto
def _load_rsa_keys(self) -> Tuple[PublicKey, PrivateKey]: """Load RSA keys from filesystem""" self.logger.debug("Load public key from %s", self.__pub_key_path) with open(self.__pub_key_path, "rb") as pem_file: pub_key_data = pem_file.read() self.logger.debug("RSA public key loaded") self.logger.debug("Load private key from %s", self.__priv_key_path) with open(self.__priv_key_path, "rb") as pem_file: priv_key_data = pem_file.read() self.logger.debug("RSA private key loaded") return PublicKey.load_pkcs1(pub_key_data), PrivateKey.load_pkcs1( priv_key_data)
def load_wallet(uri): """ loads a wallet from a public key file and a private key file """ assert not isdir(uri) with ZipFile(uri, "r") as walletfile: pub_key = (PublicKey.load_pkcs1( walletfile.read(WalletConf.PUBLIC_KEY_FILE_NAME))) priv_key = PrivateKey.load_pkcs1( walletfile.read(WalletConf.PRIVATE_KEY_FILE_NAME)) return pub_key, priv_key
def verify(self, pubkey): """ pubkey: 公钥 """ with open(pubkey, 'r') as f1: pub_key = PublicKey.load_pkcs1(f1.read().encode()) with open(self.hash_file, 'rb') as f: mess = f.read() with open(self.sha, 'rb') as f: s_sign = f.read() try: ver = verify(mess, s_sign, pub_key) print('验证成功,使用的哈希算法是:%s' % ver) except pkcs1.VerificationError: print('验证不通过')
def main(): if len(argv) < 2: print 'Format: enc.py <image>' return qr = QR() qr.decode(argv[1]) TEXT = qr.data MESSAGE = TEXT[:100].strip('*\r\n') SIGN = TEXT[100:500].strip('*\r\n').decode('hex') ID = TEXT[500:].strip('*\r\n') publickey = PublicKey.load_pkcs1(open('DB/' + ID + '.pub').read()) if verify(MESSAGE, SIGN, publickey): print MESSAGE else: print 'VERIFICATION FAILED!'
def validate_transaction(transaction): sha = hasher.sha256() sha.update( str(transaction['sender']) + str(transaction['receiver']) + str(transaction['amount']) + str(transaction['timestamp'])) hash = sha.hexdigest() if hash != transaction['hash']: return False PUB = PublicKey.load_pkcs1(''' -----BEGIN RSA PUBLIC KEY----- {p} -----END RSA PUBLIC KEY----- '''.format(p='\n'.join([ transaction['sender'][i:i + 64] for i in range(0, len(transaction['sender']), 64) ]))) if not verify(hash, transaction['sign'].decode('hex'), PUB): return False
def decrypt_pubkey(ciphertext, decrypt_key): """ This is a variant of the asymmetric_decrypt_verify() function that is meant to be used to verify a public key that was signed by the associated private key. More specifically this function takes a bytearray containing the ciphertext of a public key and its prepended signature of 512 bytes. The function decrypts the ciphertext, creates the public key object from the plaintext, and then verifies the message with the public key. This function is designed primarily to establish the fact that the client sending the public key is indeed the owner of the private key. There is an issue with this function in that anyone could listen to someone sending the same message and just resend it, which would pass verification. In the Hermes protocol the server needs to send a challenge to the client after this function. Args: ciphertext (bytearray): The ciphertext that is to be decrypted. The decrypted message of this ciphertext needs to be the public key of the client with the signature of the public key prepended. decrypt_key (rsa.PrivateKey): The private key object that should be used to decrypt the message. Returns: bytearray: A byte array containing the plaintext of the message as long as the verification passes, and None otherwise. """ plaintext, signature = asymmetric_decrypt(ciphertext, decrypt_key) if plaintext and signature: try: public_key = PublicKey.load_pkcs1(plaintext, format='PEM') verify(plaintext, signature, public_key) except pkcs1.VerificationError: log("WARNING: RSA Verification Failed\n\tPLAINTEXT({0}): {1} \n\t" "SIGNATURE({2}): {3}".format(len(plaintext), plaintext, len(signature), signature)) return None return plaintext
import os from rsa import common, transform, core, PrivateKey, PublicKey from frame.http.exception import BusiError try: current_path = os.path.abspath(__file__) grader_father = os.path.abspath( os.path.dirname(current_path) + os.path.sep + "..") pubkey = PublicKey.load_pkcs1(open("resource/public.pem").read()) privkey = PrivateKey.load_pkcs1(open("resource/private.pem").read()) except: raise BusiError("证书文件路径错误!") def _pad_for_encryption(message, target_length): max_msglength = target_length - 11 msglength = len(message) if msglength > max_msglength: raise OverflowError("%i bytes needed for message, but there is only" " space for %i" % (msglength, max_msglength)) padding = b"" padding_length = target_length - msglength - 3 while len(padding) < padding_length: needed_bytes = padding_length - len(padding) new_padding = os.urandom(needed_bytes + 5) new_padding = new_padding.replace(b"\x00", b"") padding = padding + new_padding[:needed_bytes] assert len(padding) == padding_length
strings = [] disconnected = False prog_is_alive = True HOST, PORT = '127.0.0.1', 9090 nickname = '' if __name__ == '__main__': try: while prog_is_alive: server_listener = Server_listener() sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connect_to_server(HOST, PORT) #establishing a secure connection tagged_server_pub = sock.recv(1024) server_pub = PublicKey.load_pkcs1(tagged_server_pub) xor_encrypted_key = rsa_encrypt(xor_key, server_pub) sock.send(xor_encrypted_key) disconnected = False nickname = pick_username() server_listener.start() user_colors[nickname] = colors['blue'] while not disconnected: message = get_msg() if len(message) > 255: add_str('system: 255 symbols message limit') continue if not (message.strip() in ('', '\n', '\t', '\r')): if message[0] == '!': command = parse_command(message)
def import_key(extern_key, passphrase=None): """Import an RSA key (public or private half), encoded in standard form. :Parameter extern_key: The RSA key to import, encoded as a byte string. An RSA public key can be in any of the following formats: - X.509 certificate (binary or PEM format) - X.509 ``subjectPublicKeyInfo`` DER SEQUENCE (binary or PEM encoding) - `PKCS#1`_ ``RSAPublicKey`` DER SEQUENCE (binary or PEM encoding) - OpenSSH (textual public key only) An RSA private key can be in any of the following formats: - PKCS#1 ``RSAPrivateKey`` DER SEQUENCE (binary or PEM encoding) - `PKCS#8`_ ``PrivateKeyInfo`` or ``EncryptedPrivateKeyInfo`` DER SEQUENCE (binary or PEM encoding) - OpenSSH (textual public key only) For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. The private key may be encrypted by means of a certain pass phrase either at the PEM level or at the PKCS#8 level. :Type extern_key: string :Parameter passphrase: In case of an encrypted private key, this is the pass phrase from which the decryption key is derived. :Type passphrase: string :Return: An RSA key object (`RsaKey`). :Raise ValueError/IndexError/TypeError: When the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt """ if passphrase is not None: raise ValueError("RSA key passphrase is not supported") if extern_key.startswith('ssh-rsa '): # This is probably an OpenSSH key keystring = binascii.a2b_base64(extern_key.split(' ')[1]) keyparts = [] while len(keystring) > 4: l = struct.unpack(">I", keystring[:4])[0] keyparts.append(keystring[4:4 + l]) keystring = keystring[4 + l:] e = Integer.from_bytes(keyparts[1]) n = Integer.from_bytes(keyparts[2]) return PublicKey(n._value, e._value) for fmt in ("PEM", "DER"): try: return PrivateKey.load_pkcs1(extern_key, fmt) except: try: return PublicKey.load_pkcs1(extern_key, fmt) except: pass raise ValueError("RSA key format is not supported")