Python中的openssl_seal()

2024-06-17 13:30:00 发布

您现在位置:Python中文网/ 问答频道 /正文
4452 3

为了连接服务器,我发现使用PHP,我需要使用openssl_seal()。没关系,但我想用Python。我无法在等效函数中转换openssl_seal()。在

你能帮我吗?在

这就是openssl_seal()的作用:

Description int openssl_seal ( string $data , string &$sealed_data , array &$env_keys , array $pub_key_ids )

openssl_seal() seals (encrypts) data by using RC4 with a randomly generated
secret key. The key is encrypted with each of the public keys associated
with the identifiers in pub_key_ids and each encrypted key is returned in
env_keys. This means that one can send sealed data to multiple recipients
(provided one has obtained their public keys). Each recipient must receive
both the sealed data and the envelope key that was encrypted with the
recipient's public key.

Tags: thekeyenvidsdatastringwithpublic
2条回答
网友
1楼 · 编辑于 2024-06-17 13:30:00

openssl_seal的作用是:

  1. 从证书中提取公钥
  2. 生成128位(16字节)长的随机密钥(这将用于使用对称算法加密消息,因为它更快)
  3. 使用PKCS#1加密随机密钥
  4. 使用ARC4和随机密钥加密消息
  5. 输出加密的随机密钥和加密的消息

然后,接收方可以使用其私有密钥解密加密的随机密钥,然后使用随机密钥解密加密的密钥消息。在

由于在Python中无法通过标准库来实现这一点,我将“放弃我已经尝试过的3种方法:

# pyca/cryptography (cryptography.io) version
# pip install cryptography

import os

import cryptography
from cryptography import x509


message = 'Super secret secret message'
message = message.encode('utf-8')
certificate_data = open('/path/to/certificate.cer', 'r').read()
certificate_data = certificate_data.encode('utf-8')
certificate = cryptography.x509.load_pem_x509_certificate(data=certificate_data, backend=cryptography.hazmat.backends.default_backend())
public_key = certificate.public_key()
random_key = os.urandom(16)
encrypted_random_key = public_key.encrypt(plaintext=random_key, padding=cryptography.hazmat.primitives.asymmetric.padding.PKCS1v15())
print(encrypted_random_key)
algorithm = cryptography.hazmat.primitives.ciphers.algorithms.ARC4(random_key)
cipher = cryptography.hazmat.primitives.ciphers.Cipher(algorithm=algorithm, mode=None, backend=cryptography.hazmat.backends.default_backend())
encryptor = cipher.encryptor()
encrypted_message = encryptor.update(message)
print(encrypted_message)

一。在

^{pr2}$

一。在

# PyCrypto version
# pip install pycrypto

# Please bear in mind that PyCrypto cannot handle x509 certificates.
# You will have to extract the public_key to a pem file:
# openssl x509 -inform pem -in certificate.cer -pubkey -noout > public_key.pem

from Crypto import Random
from Crypto.Cipher import ARC4
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey import RSA


message = 'Super secret secret message'
message = message.encode('utf-8')
public_key_data = open('/path/to/public_key.pem', 'r').read()
public_key = RSA.importKey(public_key_data)
random_key = Random.new().read(16)
cipher = PKCS1_v1_5.new(public_key)
encrypted_random_key = cipher.encrypt(random_key)
print(encrypted_random_key)
cipher = ARC4.new(random_key)
encrypted_message = cipher.encrypt(message)
print(encrypted_message)

你可以在=>;http://helpfulsheep.com/2017-09-01-openssl-seal-in-python/上查看我的文章

网友
2楼 · 编辑于 2024-06-17 13:30:00

this blogpostopenssl_seal()内部的情况有非常详细的描述。它还有一个java实现。在

由此,我认为在python中使用pyopenssl(其中包括RC4)或更新的实现,应该相对简单(“将证明留给读者练习”有点直截了当),但是为了达到这些目的,tlslite更为集中。在

相关问题 更多 >

    编程相关推荐