【发布时间】:2020-06-07 12:04:04
【问题描述】:
我正在开发一个加密模块,其中请求采用加密 JSON 形式的参数。这种加密是由服务器提供的公钥完成的,如下所示,
def encrypt_bank_request(request_payload):
key = ""
url = "http://localhost/payment/gateways/mybank.pem"
file = urllib.request.urlopen(url)
decoded_file = file.read().decode("utf-8")
for line in decoded_file:
key += line
keyDER = base64.b64decode(key)
keyPub = RSA.importKey(keyDER)
cipher = Cipher_PKCS1_v1_5.new(keyPub)
cipher_text = cipher.encrypt(request_payload.encode())
emsg = base64.b64encode(cipher_text)
print(emsg);
但是当我执行代码时,我在keyPub = RSA.importKey(keyDER) 得到关注,
ValueError at /
不支持 RSA 密钥格式
我想要实现的 PHP 等价物如下,
$pemKey = file_get_contents("http://localhost/payment/gateways/mybank.pem");
openssl_public_encrypt($request_payload, $encrypted, $pemKey);
openssl_public_encryptdocumentation 建议使用公钥加密数据并将结果存储到$encrypted。
我在这里做错了什么?是不是因为该函数需要 RSA 密钥对象并且我提供了字符串,在这种情况下如何将字符串转换为 RSA 密钥对象。
我提到了以下内容, https://stackoverflow.com/a/46356449/11782743
感谢您的建议。
附:我的钥匙如下,
MIIGPjCCBSagAwIBAgIRAJig5hCghJQ8AAAAAFDbeaEwDQYJKoZIhvcNAQELBQAwgboxCzAJBgNV
BAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3Qu
bmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1
dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
dHkgLSBMMUswHhcNMTcwMjE1MDYyMzM5WhcNMTgwMjE0MDY1MzM3WjBxMQswCQYDVQQGEwJJTjEO
MAwGA1UECBMFVGhhbmUxEjAQBgNVBAcTCVBhdGxpcGFkYTEbMBkGA1UEChMSSUNJQ0kgQmFuayBM
aW1pdGVkMSEwHwYDVQQDExhlYXp5cGF5YXBpLmljaWNpYmFuay5jb20wggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQDMzgMIqYh4HJScGoIguQFDg7+dcNY7V9BJRWdxE0L5BVHf83vGi36k
9jXXBFB7n16opD4QBEUV4uRrOisZeWA6cMGG7NTqwx1sCXxVdz/rXNqiAiWUXa+p7SsRqnbroK4k
st0mvLRI0bWvBDLw6AHhVF7+xdFRrR+d3zChM8Y3n58ZHiTMgeFf5gBFNC36frdwGR/Fp/naAu/G
1ntRa7rHLS/wuMjNg+j10ka8jfrkRf6Uxi3ogt/FjnEE0/k+xVqvMp2tlPi1mZlUb08CT2/ulfEb
lg6wBoWvipabnp8plK05L+vt1E4MXLkIbdu2WXuUNGSY5AREbWQRO6zmS12i2i3kdQHgq9bIsvMu
FzIbWuvG19btL+Vs/UtBa6FoHyLrbT+h3UDt4insSwxd0Lsxze/G91wFR8w9xGrcmGv5m2yCQuhz
6bDREiV0u6xNMn8FpTph63zU39OcdE0RQXpkAVRy6c/A2YKlAFLkaeOODDTfMbSohOQLV3DT/2Kr
wQ6o0QkT+WAC4z7RCnbhPujhop5mIzyMWtSIVx/+50fmJOQvF+QqifXOb0/XzJnhtNy8vgw8C7k7
xRMGwcgHEtxVJCU162UU3rjVtA7/DKFDoK/P47DLf4c2VT5OY98jLgz5Ez+GDCquQjY/zocYp4bA
sG/I+LCqnEAxQA2S2lNg4wIDAQABo4IBhTCCAYEwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwx
ay5jcmwwSwYDVR0gBEQwQjA2BgpghkgBhvpsCgEFMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cu
ZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0
dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0
L2wxay1jaGFpbjI1Ni5jZXIwIwYDVR0RBBwwGoIYZWF6eXBheWFwaS5pY2ljaWJhbmsuY29tMB8G
A1UdIwQYMBaAFIKicHTdvFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBSG2RKU6li1ezRacfLkf5Tr
kECMPjAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBvVGUQGLBhs9GNpNjLTVdc3WY5pYQE
5fP/otaX7GBx4bRrRZlPPh/vzIg79Ry9vs/GdvZIiyVczKZeB2ih9PKJySWEPXPgnR+aroHnQMVK
hOhBoKcohtpUmjnQLgL400h6NkQ9GS0yDebLlbJxicGIAhq+OSJhUXeYKLIk38ngPCYwL+PjHPn9
1ds0ehCuOFMuKKaY4e+hsKzc8KZPyTM7hbtw86kbheOizTGQ8M9s8ZTRnTYblSPk5w5A3fqaikG7
bAYKNWcdBGgdOCnHHCDPSP0ghtf4klR1tT99PSW1HHZ/VL8tmvw+/YNXzIdNxB+MPm3OM/A8Dz6i
khpZKNeP
【问题讨论】:
-
密钥字符串。您显示的缺少
-----BEGIN...和----END行我希望是这样的:-----BEGIN RSA PRIVATE KEY-----然后是您的字符串,然后是-----END RSA PRIVATE KEY----- -
进一步你的钥匙串似乎坏了。当我手动添加
BEGIN和END行并尝试使用openssl使用命令openssl rsa -in keyfile.key -noout -text解析字符串时,如果我加载我的有效密钥文件之一,我会得到类似unable to load Private Key 139695176668824:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1217:的输出我得到了关于密钥的完整信息,看起来有点像Private-Key: (2048 bit) modulus: 00:af:9e:d8:fa:9d:7e:da:21:e1:ce:5d:39:eb:aa: -
密钥最初有
-----BEGIN CERTIFICATE-----和-----END CERTIFICATE-----但每当我执行时,我都会得到Incorrect padding -
当我在 8gwifi.org/PemParserFunctions.jsp 上在线查看时,它会为我提供有关密钥的正确信息。
-
您拥有的不是公钥,而是 X.509 证书。在该证书中,仅在其中一个字段中是公钥。您要么需要将
BEGIN..和END ...行放回原处,要么base64 解码您拥有的内容并将其提供给import_key。我假设您使用的是 pycryptodome 包,对吧?
标签: python python-3.x rsa pycrypto