python中使用javascrypt解密的rsa加密

2024-04-19 14:36:42 发布

您现在位置:Python中文网/ 问答频道 /正文
9671 3

我正在尝试使用混合加密js在javascript中使用Wix Velo进行加密, 使用PKCS1_v1_5使用python进行解密,得到的长度错误不正确

这是我的Javascript代码:

    var Crypt = require('hybrid-crypto-js').Crypt;
    var crypt = new Crypt();

    var publicKey = "publicKey";

    var privateKey = "privateKey";

    var message = 'Hello world!';
    
    // Encryption with one public RSA key
    var encrypted = crypt.encrypt(publicKey, message);

在python中:


def decrypt_rsa(data: bytes, key: str = rsa_key) -> str:
    key = key.replace("-----BEGIN RSA PRIVATE KEY-----", "").replace("-----END RSA PRIVATE KEY-----",
                                                                     "").replace("\n", "")
    key = b64decode(key)
    key = RSA.importKey(key)

    cipher = PKCS1_v1_5.new(key)
    return cipher.decrypt(data, "Error while decrypting".encode('utf-8')).decode('utf-8')

Tags: keymessagenewvarjsrsareplacev1
1条回答
网友
1楼 · 发布于 2024-04-19 14:36:42

解释这一点最简单的方法是用一个例子。以下密钥对用于示例:

var publicKey = `  -BEGIN PUBLIC KEY  -
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfm2uMTvb+gqXRFxWHnfCKcHfH
v7aMN6oiEqTJj0BixtTYBXH89N+xuYgoIBnfMXPXPIg/UNWEOZtAETsOVvya+YBo
ZZTquYJ2I0PaxtpUKkpCiEQ/bTCQIDAeUwHr0l4vUn/fmslD0rZ3+jo4Dsl8nX0O
pwZQ2grQaXLb347RQwIDAQAB
  -END PUBLIC KEY  -`;

var privateKey = `  -BEGIN RSA PRIVATE KEY  -
MIICXQIBAAKBgQCfm2uMTvb+gqXRFxWHnfCKcHfHv7aMN6oiEqTJj0BixtTYBXH8
9N+xuYgoIBnfMXPXPIg/UNWEOZtAETsOVvya+YBoZZTquYJ2I0PaxtpUKkpCiEQ/
bTCQIDAeUwHr0l4vUn/fmslD0rZ3+jo4Dsl8nX0OpwZQ2grQaXLb347RQwIDAQAB
AoGBAJHi3s/10X/a7TOMFQrLy3TOzj1PN808iA7y2Zq+jIx8z0nQ2FrtfJYXTqPW
i69dpVOkKakt+qwMd6J83W0DB4oyRAQriBPI2BNuTQguzeBmvC3bkrAhbfRU313G
fdlUFprS+LTvb0+KCbAMM8/I0pwQMZm0K1lWSp7ILkW2/ICJAkEAz22+7TN9bx44
0VYm2HunmbuDA5APwDmBl9VmDCCcB9/mHPbHXIuMHAWxaZma+euq2uLeCdCzVdwE
nk3bSNhLFwJBAMT7BeJLuob6iA4BsUyfjxQjdjTMaP4J6JWCfcFQvd2hcwcikm/W
0qcbrKv8yCgMg1C0U9iwV3g+G6RRobbYVrUCQQDLNN1FLRsl33qUAY0+qS0Q2vTH
abs0emGtqB43pT6WLE8Xct7tl7vju+QI6rU7Pxd7JaOWBAGcDFXt66H2ZAZzAkA4
sHmgB+VVpVJ0nX4WLDF0PURuq4ln2xgptxVUBlWuLCG7ovJ751pWp3tJQAWmqPs9
xbf/u7hgrZcs8iVVRuulAkBAoBFO1gN1utEtr97z3lHSHjL150Tqu/w0qXI4lbuH
CaAiwWj6QRUnVkYlVK56Nzl/S3MLc6OT9GN9X/B+1Ebl
  -END RSA PRIVATE KEY  -`

出于空间原因,使用1024位密钥。但是,请注意,出于安全原因,目前在实践中必须使用大小至少为2048位的RSA密钥

使用此密钥对发布的JavaScript代码的一个可能输出是:

{
    "v":"hybrid-crypto-js_0.2.4",
    "iv":"qAoNKj6kM0whA07xOdeiPVLF2ntPjKXWXdmy0IhJmF0=",
    "keys":{"e7:de:4a:da:6b:c8:ed:3a:bd:70:4d:87:23:99:9a:23:2a:ad:17:f8":"NvpGk/XyB+m+gC/d/Bzp16xXjxNKIJq4SAsz4y11OWQJa9K42jzjona18CJnsP6OZh/wmF709KgX7ZGYnqVGswQ0Q2PpLpG39t7ipj/N6taqkAy9Mydstt4Agdu5dQ8wLCSBpU3NNrgp6T06nI0Y1ISX2H45kgI47PeQnjYB4gQ="},
    "cipher":"JZIHkdUd1NuKt2aj2OMdLQ=="
}

第一个元素是版本,第二个元素是IV,第三个元素是使用RSA/OAEP加密的AES密钥,第四个元素是使用AES-256/CBC,s加密的密文Hybrid Crypto JS

要解密密钥,可以使用发布的Python/PyCryptodome代码,将填充从PKCS#1 v1.5更改为OAEP,并使用上述RSA密钥和密文:

from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA
import base64

privateKey = """  -BEGIN RSA PRIVATE KEY  -
    MIICXQIBAAKBgQCfm2uMTvb+gqXRFxWHnfCKcHfHv7aMN6oiEqTJj0BixtTYBXH8
    9N+xuYgoIBnfMXPXPIg/UNWEOZtAETsOVvya+YBoZZTquYJ2I0PaxtpUKkpCiEQ/
    bTCQIDAeUwHr0l4vUn/fmslD0rZ3+jo4Dsl8nX0OpwZQ2grQaXLb347RQwIDAQAB
    AoGBAJHi3s/10X/a7TOMFQrLy3TOzj1PN808iA7y2Zq+jIx8z0nQ2FrtfJYXTqPW
    i69dpVOkKakt+qwMd6J83W0DB4oyRAQriBPI2BNuTQguzeBmvC3bkrAhbfRU313G
    fdlUFprS+LTvb0+KCbAMM8/I0pwQMZm0K1lWSp7ILkW2/ICJAkEAz22+7TN9bx44
    0VYm2HunmbuDA5APwDmBl9VmDCCcB9/mHPbHXIuMHAWxaZma+euq2uLeCdCzVdwE
    nk3bSNhLFwJBAMT7BeJLuob6iA4BsUyfjxQjdjTMaP4J6JWCfcFQvd2hcwcikm/W
    0qcbrKv8yCgMg1C0U9iwV3g+G6RRobbYVrUCQQDLNN1FLRsl33qUAY0+qS0Q2vTH
    abs0emGtqB43pT6WLE8Xct7tl7vju+QI6rU7Pxd7JaOWBAGcDFXt66H2ZAZzAkA4
    sHmgB+VVpVJ0nX4WLDF0PURuq4ln2xgptxVUBlWuLCG7ovJ751pWp3tJQAWmqPs9
    xbf/u7hgrZcs8iVVRuulAkBAoBFO1gN1utEtr97z3lHSHjL150Tqu/w0qXI4lbuH
    CaAiwWj6QRUnVkYlVK56Nzl/S3MLc6OT9GN9X/B+1Ebl
      -END RSA PRIVATE KEY  -"""

ciphertext = base64.b64decode("NvpGk/XyB+m+gC/d/Bzp16xXjxNKIJq4SAsz4y11OWQJa9K42jzjona18CJnsP6OZh/wmF709KgX7ZGYnqVGswQ0Q2PpLpG39t7ipj/N6taqkAy9Mydstt4Agdu5dQ8wLCSBpU3NNrgp6T06nI0Y1ISX2H45kgI47PeQnjYB4gQ=")
key = RSA.importKey(privateKey)
cipher = PKCS1_OAEP.new(key)
message = cipher.decrypt(ciphertext)

print(message.hex()) # 8ec759594b7cc96c44d624f5a58bf736a9f761f3191de2fd0ff1e5c2bb3a8868

现在可以解密实际的密文:

from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
from base64 import b64decode

iv = b64decode("qAoNKj6kM0whA07xOdeiPVLF2ntPjKXWXdmy0IhJmF0=")[:AES.block_size]
key = bytes.fromhex("8ec759594b7cc96c44d624f5a58bf736a9f761f3191de2fd0ff1e5c2bb3a8868")
ciphertext = b64decode("JZIHkdUd1NuKt2aj2OMdLQ==")
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = unpad(cipher.decrypt(ciphertext), AES.block_size)
print(str(len(decrypted)) + " - " + decrypted.decode('utf-8')) # 12 - Hello world!

请注意,IV的长度为32个字节,其中只有前16个字节(对应于AES块大小)用于AES

完整性:JavaScript代码密文中使用的指纹e7:de...17:f8是PKCS#1格式的公钥的SHA1散列,DER编码

相关问题 更多 >

    编程相关推荐