PyCrypto:仅使用文件中的公钥进行解密(无私钥+公钥) [英] PyCrypto: Decrypt only with public key in file (no private+public key)
问题描述
大家好。
我正在试图用RSA公钥和私钥,加密/解密与 PyCrypto 遇到和发现,对我来说似乎很奇怪(这可能使它很有意义,现在的工作方式,但我不太了解RSA非对称加密,这就是为什么它令我困惑)。解密只有公钥的东西是无法解决的。
这里是:我有一个服务器和一个客户端。我希望服务器识别并注册客户端,并将其显示在已知设备列表中。客户端将具有服务器的公钥,服务器将具有客户端的公用密钥,所以当客户端与服务器进行通信时,它将使用客户端的私钥和服务器的公钥对其数据进行加密。通过这样做,只有正确的服务器才能打开数据(使用其私钥),并且能够验证发件人实际上是声称是...的客户端...或者至少这是我认为,因为我是这个非对称加密的新手。这个想法是,当其中一个客户端唤醒时,它将发送其公钥(当然,使用服务器的公钥加密,但这可能与此不相关)但是,说:呃,我'是一个新的客户端,这是我的公共密钥,用UUID注册该密钥,服务器将服从该公钥与客户端的UUID关联,并使用该密钥来解密来自该客户端的数据。我只想传送客户端的公钥,保密秘密,秘密,秘密(私有,对吗?)
我正在使用openssl进行一些测试(实际上,甚至在服务器/客户端架构中也没有任何东西,只是使用私钥加密某些东西并用公钥解密)
首先,我创建了一个公钥/私钥集:
openssl genrsa -out〜/ myTestKey.pem -passout pass:f00bar-des3 2048
第一件让我困惑的一点...它只生成一个文件,同时使用私钥和公钥。我可以通过以下方式提取公钥:
openssl rsa -pubout -in〜/ myTestKey.pem -passin pass:f00bar -out〜/ myTestKey.pub
所以我以为我有几个私人(私人) + public,实际)和公钥在〜/ myTestKey.pem 和〜/ myTestKey.pub 分别。好吧,显然我做错了,因为PyCrypto 不喜欢这个程序集。我不知道为什么。
我有两个非常简单的测试脚本, encryptor.py 和 decryptor.py 。 encryptor.py 应使用私钥加密, decryptor.py ,将其解密公钥。我知道...我是原创性的副手...
所以我用我的加密字符串Loren ipsum , encryptor.py (带私钥):
-----------加密器.py ----------------
#!/ usr / bin / python
从Crypto.PublicKey导入RSA
def加密(消息):
externKey =/ home / borrajax / myTestKey.pem
privatekey =打开(externKey,r)
encryptor = RSA.importKey(privatekey,passphrase =f00bar)
encriptedData = encryptor.encrypt(message,0)
file = open( tmp / cryptThingy.txt,wb)
file.write(encriptedData [0])
file.close()
如果__name__ ==__main__:
encryptedThingy = encrypt(Loren ipsum)
它工作正常。嗯...我想是这样,因为在文件 /tmp/cryptThingy.txt 我得到了很多乱七八糟的。它真的真的加密了我。
但是当我尝试使用只包含公钥的文件来解密...
----------- decryptor.py ---------------
来自Crypto.PublicKey导入的$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $
$ b externKey =/ home / borrajax / myTestKey.pub
publickey = open(externKey,r)
decryptor = RSA.importKey(publickey,passphrase =f00bar)
retval =无
file = open(/ tmp / cryptThingy.txt,rb)
retval = decryptor.decrypt(file.read())
file.close ()
return retval
如果__name__ ==__main__:
decryptptedThingy = decrypt()
打印解密:%s%decryptptedThingy
... PyCrypto
文件/usr/local/lib/python2.7/dist-packages/pycrypto- 2.5 py2.7-Linux的i686.egg /加密/公钥/ RS A.py,第107行,在_decrypt
mp = self.key._decrypt(cp)
TypeError:此对象不可用的私钥
是的,当然不可用!我提取了公钥!花了我2个小时找到如何做到正确!
我缺少什么?正如我所说,我在这个公共/私人非对称密钥加密中是新手,所以我可能会有一个核心的概念错误...任何提示将不胜感激。
¡谢谢你提前!
你有错误的方法,你用公钥加密,并解密私人密钥。
公开的加密密钥是广泛分发的,而私有解密密钥仅对收件人是已知的。消息使用收件人的公钥加密,只能使用相应的私钥进行解密。
来源
这个想法是你给发送端公开密钥(任何人都可以拥有,所以你可以在open中分发它),然后加密数据,然后解密它你的私人密钥结束(只有你拥有)。这样数据保持安全。
您可以使用私钥加密某些内容,因为私钥包含创建公钥所需的信息,但这是不寻常的这样做,通常加密数据的人不会具有私钥。
Hello everyone.
I am trying to play a bit with RSA public and private keys and encryption/decryption with PyCrypto and I have encountered and issue that seems kind of strange to me (it probably makes a lot of sense the way it's working now, but I don't know much about RSA asymmetric encryption and that's why it's puzzling me). It is the inability I have encountered to decrypt something having only the public key.
Here's the thing: I have a server and a client. I want the server to "recognize" and register the client and show it in a list of "known devices". The client will have the public key of the server and the server will have the public key of the client, so when the client communicates with the server, it will encrypt its data with his client's private key and with the server's public key. By doing this, only the proper server will be able to open the data (with its private key) and will be able to verify that the sender is actually the client that claims to be... well... or at least, that's what I think, because I'm pretty newbie in this asymmetric encryption. The idea is that when one of those clients wakes up, it will send its public key (encrypted with the server's public key, of course, but that's probably not relevant at this point... yet) saying "Hey, I'm a new client and this is my public key. Register that key with my UUID" and the server will obey, associating that public key with the client's UUID and use that key to decrypt data coming from that client. I just want to transmit the client's public key, keeping its private key secret, secret, secret (it's private, right?)
I am doing some tests with openssl and very simple Python scripts that use PyCrypto (actually, not even in a server/client architecture or anything... just trying to encrypt something with a private key and decrypt it with the public key)
First of all, I have created a public/private key set with:
openssl genrsa -out ~/myTestKey.pem -passout pass:"f00bar" -des3 2048
Ok, first thing that puzzles me a bit... It generates only one file, with both the private and the public keys... Well... O'right... whatever. I can extract the public key with:
openssl rsa -pubout -in ~/myTestKey.pem -passin pass:"f00bar" -out ~/myTestKey.pub
So I thought I had my couple of private (private+public, actually) and public keys in ~/myTestKey.pem and ~/myTestKey.pub respectively. Well... apparently I'm doing something wrong, because PyCrypto doesn't like this assembly. And I don't know why.
I have two very simple test scripts, "encryptor.py" and "decryptor.py". The "encryptor.py" should encrypt something with the private key, and "decryptor.py", decrypt it with the public key. I know... I'm a parangon of originality...
So, I encrypt the string "Loren ipsum" with my "encryptor.py" (with private key):
----------- encryptor.py ----------------
#!/usr/bin/python
from Crypto.PublicKey import RSA
def encrypt(message):
externKey="/home/borrajax/myTestKey.pem"
privatekey = open(externKey, "r")
encryptor = RSA.importKey(privatekey, passphrase="f00bar")
encriptedData=encryptor.encrypt(message, 0)
file = open("/tmp/cryptThingy.txt", "wb")
file.write(encriptedData[0])
file.close()
if __name__ == "__main__":
encryptedThingy=encrypt("Loren ipsum")
And it works fine. Well... I suppose so, because in the file "/tmp/cryptThingy.txt" I get a lot of gibberish. It looks really, really encrypted to me.
But when I try to decrypt it using just the file that contains just the public key...
----------- decryptor.py ---------------
#!/usr/bin/python
from Crypto.PublicKey import RSA
def decrypt():
externKey="/home/borrajax/myTestKey.pub"
publickey = open(externKey, "r")
decryptor = RSA.importKey(publickey, passphrase="f00bar")
retval=None
file = open("/tmp/cryptThingy.txt", "rb")
retval = decryptor.decrypt(file.read())
file.close()
return retval
if __name__ == "__main__":
decryptedThingy=decrypt()
print "Decrypted: %s" % decryptedThingy
... PyCrypto yells at me with a:
File "/usr/local/lib/python2.7/dist-packages/pycrypto-2.5-py2.7-linux-i686.egg/Crypto/PublicKey/RSA.py", line 107, in _decrypt
mp = self.key._decrypt(cp)
TypeError: Private key not available in this object
Yeah, of course it's not available! I extracted the public key! It took me 2 hours finding how to do it properly!!
What am I missing? As I said, I'm pretty newbie in this public/private asymmetric key encryption so I might have a core "conceptual error"... Any hint will be appreciated.
¡Thank you in advance!
You have it the wrong way round, you encrypt with the public key, and decrypt with the private key.
The publicly available encrypting-key is widely distributed, while the private decrypting-key is known only to the recipient. Messages are encrypted with the recipient's public key and can be decrypted only with the corresponding private key. Source
The idea is that you give the sending side the public key (which anyone can have, so you can distribute it in the open) then you encrypt the data with it, then decrypt it on your end with your private key (which only you have). This way the data stays secure.
You can encrypt something with the private key as the private key contains the information required to make the public key, but it would be unusual to do so, as normally the person encrypting the data does not have the private key.
这篇关于PyCrypto:仅使用文件中的公钥进行解密(无私钥+公钥)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
