加密的 plaintext 最大长度是 证书key位数/8 - 11, 例如1024 bit的证书,被加密的串最长 1024/8 - 11=117,
那么对付 2048bit的证书,被加密的长度最长2048/8 - 11 =245,
办理办法是 分块 加密,然后分块解密就行了,由于 证书key固定的情形下,加密出来的串长度是固定的。也便是说,如果利用2048bit的证书,并且被加密的字符段是小于245个,那么被加密出来的字符长度是344个,以此类推,被加密的字符串可以是688个,1032个等。
fromCrypto.CipherimportPKCS1_v1_5asCipher_pkcs1_v1_5fromCrypto.SignatureimportPKCS1_v1_5fromCrypto.PublicKeyimportRSAfromCrypto.HashimportSHA256importbase64classRsaUtil:def__init__(self,pub_key,pri_key):self.pri_key_obj=Noneself.pub_key_obj=Noneself.verifier=Noneself.signer=Noneifpub_key:pub_key=RSA.importKey(base64.b64decode(pub_key))self.pub_key_obj=Cipher_pkcs1_v1_5.new(pub_key)self.verifier=PKCS1_v1_5.new(pub_key)ifpri_key:pri_key=RSA.importKey(base64.b64decode(pri_key))self.pri_key_obj=Cipher_pkcs1_v1_5.new(pri_key)self.signer=PKCS1_v1_5.new(pri_key)defpublic_long_encrypt(self,data,charset='utf-8'):data=data.encode(charset)length=len(data)default_length=117res=[]foriinrange(0,length,default_length):res.append(self.pub_key_obj.encrypt(data[i:i+default_length]))byte_data=b''.join(res)returnbase64.b64encode(byte_data)defprivate_long_decrypt(self,data,sentinel=b'decrypterror'):data=base64.b64decode(data)length=len(data)default_length=128res=[]foriinrange(0,length,default_length):res.append(self.pri_key_obj.decrypt(data[i:i+default_length],sentinel))returnstr(b''.join(res),encoding="utf-8")defsign(self,data,charset='utf-8'):h=SHA256.new(data.encode(charset))signature=self.signer.sign(h)returnbase64.b64encode(signature)defverify(self,data,sign,charset='utf-8'):h=SHA256.new(data.encode(charset))returnself.verifier.verify(h,base64.b64decode(sign))测试
fromrsa_utilimportRsaUtildata="{\"0\":\"0\",\"1\":\"1\",\"10\":\"10\",\"11\":\"11\",\"12\":\"12\",\"13\":\"13\",\"14\":\"14\",\"15\":\"15\",\"16\":\"16\",\"17\":\"17\",\"18\":\"18\",\"19\":\"19\",\"2\":\"2\",\"3\":\"3\",\"4\":\"4\",\"5\":\"5\",\"6\":\"6\",\"7\":\"7\",\"8\":\"8\",\"9\":\"9\"}"pub_key='''MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQFA4YVQZatJAyO7TsuzkWE8dz17qi8GuOCnegKbKd6alLXkDzKhVG3kd3GijouHtlqsm2zFCK7K+I5MUu8Fuk23OEwIVZn9StltjLzJ1hB1AZC1/NCoCFZG5T2+AaQolrw8LvPS5jH2TuYQf7oLDHR88BKJgV/tZlr22Jicqm0wIDAQAB'''pri_key='''MIICWwIBAAKBgQCQFA4YVQZatJAyO7TsuzkWE8dz17qi8GuOCnegKbKd6alLXkDzKhVG3kd3GijouHtlqsm2zFCK7K+I5MUu8Fuk23OEwIVZn9StltjLzJ1hB1AZC1/NCoCFZG5T2+AaQolrw8LvPS5jH2TuYQf7oLDHR88BKJgV/tZlr22Jicqm0wIDAQABAoGAMP6A5IlVRdcNCef/2Fi6SuWi96OuleYHzR+GGnLTiJuCtFxy3b27yoOf7cJ5ktnZLHNtcLn90aA2+OhCnXmiz+M9PNArzfvtDoAKMlM9UEpBjGW/QYPkcHgnKOs9utAr4OnPB9PFdvCuwya4P8AL/7kpjSW+4zQpUT459BlJFxECQQDYUnQQgyR3CZiGPj9vPfmmFmogpZpJTG9zAuOjOCxa5BQvV4iKhk6pkQAaVsjc7WMobEIhLqXn/I8EldsqIPj1AkEAqoFZULpjke8CQm0rmr2UdbhU74KKYzeS2KKKc/2TdQUzTqvBdY2+VCyc0Ok6BWctBHfsu4FR6YpDYsg3QwvjpwJAEHeuaDdjhkBPwSBp+dDw+UjJiXSx2xSbg1jb9WfoUH7+XmA+f7UbteLY7ChhIBheLQyYuCfx70gVpxa1WW6rJQJAEahRmpWi6CMLZduub1kAvew4B5HKSRohQAQdOIPjOHQwaw5Ie6cRNeBk4RG2K4cS12qf/o8W74udDObVKkFZ8wJAPL8bRWv0IWTlvwM14mKxcVf1qCuhkT8GgrG/YP/8fcW8SiT+DifcA7BVOgQjgbTchSfaA+YNe7A9qiVmA+G4GQ=='''rsa_util=RsaUtil(pub_key,pri_key)print(f'原文:{data}')encrypt=rsa_util.public_long_encrypt(data)print(f'加密:{encrypt}')decrypt_str=rsa_util.private_long_decrypt(encrypt)print(f'解密:{decrypt_str}')sign=rsa_util.sign(data)print(f'sign:{sign}')verify=rsa_util.verify(decrypt_str,sign)print(f'verify:{verify}')测试结果
原文:{"0":"0","1":"1","10":"10","11":"11","12":"12","13":"13","14":"14","15":"15","16":"16","17":"17","18":"18","19":"19","2":"2","3":"3","4":"4","5":"5","6":"6","7":"7","8":"8","9":"9"}加密:b'BXzccjfWEyF061Beh+bhqi0P88jMeB3eI84/mKgNVrVQFIh6wa209xzQLRCfoVJPN16T1T8jtORisdLXFTmdgH2cXHiorIJfYo+y64aJ8jg1hGe2zmUfFws2WcKttTGluhI8x3xbO2wZi1aHS8k8uxUR0bAWu+LHWcBABqGD3DUQf0AJ/graML1G1hIVYVd0JG6+wZnnB5o6wLrViAh7T2TiVtRVzA4dZ+z73mibDzSohHXA5zDb1XAO0RgATBnpMda0krMgZPOVZHhBRlz6PvUcYcv1+kUTsE/bqTDXOPiQJ2H7bnvTAA2ApoM5CRYFAuhKs5FHSHXhOc6K1uOHpQ=='解密:{"0":"0","1":"1","10":"10","11":"11","12":"12","13":"13","14":"14","15":"15","16":"16","17":"17","18":"18","19":"19","2":"2","3":"3","4":"4","5":"5","6":"6","7":"7","8":"8","9":"9"}sign:b'Ho2uhOjKx4GRXulOq/x/owEB01rzztc7WmxTDxjxUzDf7U1cNsp1R7+ahwQuUnGR+lL8RX8G9PxYW/aofc0ApFqIanzEhxbVMsVk87V4M+a/ZEXOJuAgw/0U8IauuMtHl+zaI0KY+TDgrx1rXq5razqU2sU0Ps+y+ILytEK723k='verify:True
