Fatal编程技术网
  • python/
  • Python PyCrypto签名导出/导入

Python PyCrypto签名导出/导入

python

Python PyCrypto签名导出/导入,python,rsa,signature,pycrypto,Python,Rsa,Signature,Pycrypto,创建了一个带有套接字的客户机-服务器应用程序,我正在尝试将签名从客户机传输到服务器。我将它从元组转换为字符串,然后再转换回元组。但是,签名停止了工作。如何解决这个问题 from Crypto.Hash import SHA256 from Crypto.PublicKey import RSA public_key_file = open('public.pem','r') public_key = RSA.importKey(public_key_file.read()) signatur

创建了一个带有套接字的客户机-服务器应用程序,我正在尝试将签名从客户机传输到服务器。我将它从元组转换为字符串,然后再转换回元组。但是,签名停止了工作。如何解决这个问题

from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA

public_key_file = open('public.pem','r')
public_key = RSA.importKey(public_key_file.read())

signature = "(90392831408741910958006452852395405116864328891950288888434929210668328849466319419951775157374761930395371626801844365799774616689823184955256615103504859356914334395152128600862146719619859327119380994333493461955529620578485576675021993313219918726432622856542420570716350341841652548574072964446809201965L,)"
signature_tuple = signature.split(",")
message = "Block_Height:1 From:c52030257a864a67ae4ef8a726282ed2b6b273fbccb474885027a857 To:2 Amount:3"

if public_key.verify(message, signature_tuple) == True:
    print "Signature valid"

问题在于反序列化签名元组

PyCrypto需要一个元组,元组的第一个值是整数,您将向它传递一个以“paren”()开头的字符串,然后是一个数字的字符串版本

而不是这样做:

signature_tuple = signature.split(",")
这样做

signature_tuple = eval(signature)
这将正确解析签名

现在,有了。所以,如果我是你,我会想出一个更好的序列化/反序列化过程。

最好的方法是将PKCS1_v1_5用于实际应用程序,并结合base64对客户端和服务器之间的签名进行编码和解码。无需评估

from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
import base64

message = 'To be signed'
key = RSA.importKey(open('privkey.der').read())
h = SHA.new(message)
signer = PKCS1_v1_5.new(key)
signature = signer.sign(h)
signature_enc = str(base64.b64encode(signature))
#print signature_enc


signature_dec = str(base64.b64decode (signature_enc))
#print sugnature_dec
key = RSA.importKey(open('pubkey.der').read())
h = SHA.new(message)
verifier = PKCS1_v1_5.new(key)
if verifier.verify(h, signature_dec):
   print "The signature is authentic."
else:
   print "The signature is not authentic."
非常感谢,这工作了!我只是从这个开始,所以在我完成一些测试阶段之后,我会考虑一个更好的过程。现在我想在评估之前使用类似ReGEXP检查的东西:<代码>匹配= R.Matt(“\(d+l,\)”,签名)如果匹配!=没有:StavaCuultuuple=EVAL(签名):打印“收到恶意代码”好的,所以我将使用
签名\u tuple=ast.literal\u eval(签名)
我应该是安全的。谢谢,我不知道eval有那么邪恶。 
signature_tuple = eval(signature)

from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
from Crypto.PublicKey import RSA
import base64

message = 'To be signed'
key = RSA.importKey(open('privkey.der').read())
h = SHA.new(message)
signer = PKCS1_v1_5.new(key)
signature = signer.sign(h)
signature_enc = str(base64.b64encode(signature))
#print signature_enc


signature_dec = str(base64.b64decode (signature_enc))
#print sugnature_dec
key = RSA.importKey(open('pubkey.der').read())
h = SHA.new(message)
verifier = PKCS1_v1_5.new(key)
if verifier.verify(h, signature_dec):
   print "The signature is authentic."
else:
   print "The signature is not authentic."