相关依赖:
- gmssl==3.2.2
- pycryptodome == 3.9.7
基类:
import abc
import base64
import random
from enum import Enum
from Crypto.Cipher import PKCS1_OAEP, AES
from Crypto.Hash import SHA256, SHA1
from Crypto.PublicKey import RSA
from Crypto.Signature import pss
from gmssl import sm2, sm4
def pad_to_16(key):
while len(key) % 16 != 0:
key += '\0'
return str.encode(key)
class BaseEncryption(metaclass=abc.ABCMeta):
@abc.abstractmethod
def encrypt(self, *args, **kwargs): pass
@abc.abstractmethod
def decrypt(self, *args, **kwargs): pass
Rsa分段加解密实现(适用于pkcs1/8格式的2048bit私钥):
class RsaEncryption(BaseEncryption):
@staticmethod
def encrypt(plaintext, public_key):
"""
公钥分段加密
rsa/ecb/oaepwithsha-256andmgf1padding 算法加密
"""
max_encrypt_block = 190
public_key = RSA.import_key(public_key)
data = plaintext.encode('utf-8')
cipher = PKCS1_OAEP.new(public_key, hashAlgo=SHA256, mgfunc=lambda x, y: pss.MGF1(x, y, SHA1))
if len(data) <= max_encrypt_block:
text = cipher.encrypt(data)
else:
text = b''
for i in range(0, len(data), max_encrypt_block):
text += cipher.encrypt(data[i:i + max_encrypt_block])
return base64.b64encode(text).decode()
@staticmethod
def decrypt(encrypt_text, private_key):
"""
私钥分段解密
对 rsa/ecb/oaepwithsha-256andmgf1padding 加密的信息做解密
"""
max_decrypt_block = 256
res = []
b64_data = base64.b64decode(encrypt_text)
private_key = RSA.import_key