python 的rsa 算法 str操作引用了rsa_alg 文件

最新推荐文章于 2025-10-10 21:46:24 发布
原创 最新推荐文章于 2025-10-10 21:46:24 发布 · 942 阅读 · 18 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#python #算法 #密码学 

"""
Author: tanglei
DateTime:2024-11-18 完成
微信:ciss_cedar
欢迎一起学习
文件名:rsa_apply
"""
from rsa_alg import Rsa
from symmetric_apply import AlgName, CipherMode, symmetric_encrypt, symmetric_decrypt


class Rsa_Apply:

    def __init__(self,private_key):
        self.private_key=private_key
        self.public_key=private_key.public_key()
        if(private_key is None):
            self.private_key = Rsa.rsa_gen_keypair(2048)
            self.public_key= self.private_key.public_key()
    @staticmethod
    def rsa_gen_keypair():
        public_key,private_key = Rsa.rsa_gen_keypair()
        return public_key,private_key

    def get_private_key_pem(self):
        myRsa=Rsa(self.private_key)
        private_key_pem=myRsa.get_private_key_pem()
        return private_key_pem

    def get_public_key_pem(self):
        myRsa=Rsa(self.private_key)
        public_key_pem=myRsa.get_public_key_pem()
        return public_key_pem

    def get_public_key_n_e(self):
        public_numbers = self.public_key.public_numbers()
        n = public_numbers.n
        e = public_numbers.e
        return n,e

    def get_private_key_p_q_d(self):
        private_numbers = self.private_key.private_numbers()
        p = private_numbers.p
        q = private_numbers.q
        d = private_numbers.d
        return p,q,d

    def rsa_sign(self,source:str):
        source=source.encode()
        myRsa = Rsa(self.private_key)
        sign_source=myRsa.rsa_sign(source)
        return sign_source.hex().upper()


    @staticmethod
    def rsa_verify(public_key,sign_source:str,source:str):
        sign_source=bytes.fromhex(sign_source)
        source=source.encode()
        #myRsa = Rsa(self.private_key)
        verify_flag=Rsa.rsa_verify(public_key,sign_source,source)
        return verify_flag

    # private_key 可以获取public_key ,只要初始化类后就可以使用public_key验签,只需要传入private_key即可
    def rsa_verify_private_key(self,sign_source:str,source:str):
        sign_source=bytes.fromhex(sign_source)
        source=source.encode()
        myRsa = Rsa(self.private_key)
        verify_flag=myRsa.rsa_verify(sign_source,source)
        return verify_flag

    @staticmethod
    #没有密码,password=None
    def read_pem(filepath,password=None):
        public_key, private_key=Rsa.read_pem(filepath,password)
        return public_key, private_key

    @staticmethod
    def get_key_from_pem_str(private_key_pem_str,public_key_pem_str,password=None):
        public_key, private_key=Rsa.get_key_from_pem_str(private_key_pem_str,public_key_pem_str,password=password)
        return public_key,private_key

    def write_pem(self,filepath,password=None):
        myRsa = Rsa(self.private_key)
        myRsa.write_pem(filepath,password)

    @staticmethod
    def rsa_encrypt(public_key, source):
        # 加密操作
        source=source.encode()
        #myRsa = Rsa(self.private_key)
        enc_source =Rsa.rsa_encrypt(public_key,source)
        return enc_source.hex().upper()

    # private_key 可以获取public_key ,只要初始化类后就可以使用public_key加密,只需要传入private_key即可
    def rsa_encrypt_private_key(self, source:str):
        # 加密操作
        source=source.encode()
        myRsa = Rsa(self.private_key)
        enc_source =myRsa.rsa_encrypt_private_key(source)
        return enc_source.hex().upper()

    def rsa_decrypt(self, enc_source):
        enc_source=bytes.fromhex(enc_source)
        myRsa = Rsa(self.private_key)
        source =myRsa.rsa_decrypt(enc_source)
        return source.decode()
    @staticmethod
    def rsa_digital_envelope(public_key, aes_key, source):
            # 加密操作
            alg_name = AlgName.AES.value
            mode = CipherMode.ECB.value
            iv=aes_key
            enc_source = symmetric_encrypt(aes_key, iv, source, mode, alg_name)
            #plain = symmetric_decrypt(aes_key, iv, cipher, mode, alg_name)

            enc_aes_key =Rsa_Apply.rsa_encrypt(public_key,aes_key)

            return enc_aes_key, enc_source

    @staticmethod
    #private_key 可以获取public_key ,只要初始化类后就可以使用public_key加密,只需要传入private_key即可
    def rsa_digital_envelope_private_key(private_key, aes_key, source):
            # 加密操作
            alg_name = AlgName.AES.value
            mode = CipherMode.ECB.value
            iv=aes_key
            enc_source = symmetric_encrypt(aes_key, iv, source, mode, alg_name)
            #plain = symmetric_decrypt(aes_key, iv, cipher, mode, alg_name)
            #myRsa = Rsa(private_key)
            enc_aes_key =Rsa.rsa_encrypt(private_key,aes_key)

            return enc_aes_key, enc_source
    @staticmethod
    def rsa_digital_envelope_decrypt(private_key, enc_eas_key, enc_source):
            # 解密操作
            myRsa = Rsa_Apply(private_key)
            aes_key = myRsa.rsa_decrypt(enc_eas_key)
            alg_name = AlgName.AES.value
            mode = CipherMode.ECB.value
            iv = aes_key
            source = symmetric_decrypt(aes_key, iv, enc_source, mode, alg_name)
            return aes_key, source

def main():
    #private_key = None
    #public_key, private_key =Rsa.rsa_gen_keypair()
    #print(f'private_key={str(private_key)}')
    #print(f'public_key={str(public_key)}')
    password = 'simkey@20181016'
    filepath = 'D:/Python/backup/RSA'
    public_key, private_key = Rsa_Apply.read_pem(filepath,password)
    myRsa = Rsa_Apply(private_key)
    # myRsa.write_pem(filepath)
    private_key_pem = myRsa.get_private_key_pem()
    public_key_pem = myRsa.get_public_key_pem()
    print(f'private_key_pem={private_key_pem}')
    print(f'public_key_pem={public_key_pem}')

    n,e=myRsa.get_public_key_n_e()
    print(f'n={n}')
    print(f'e={e}')

    p,q,d=myRsa.get_private_key_p_q_d()
    print(f'p={p}')
    print(f'q={q}')
    print(f'd={d}')


    #此填充最大可以加密190个字符
    source = ('1')
    enc_source = myRsa.rsa_encrypt(public_key,source)
    print(f'enc_source={enc_source}')

    source = myRsa.rsa_decrypt(enc_source)
    print(f'source={source}')

    source = '1'
    sign_source = myRsa.rsa_sign(source)
    print(f'sign_source={sign_source}')

    source = '1'
    verify_flag = myRsa.rsa_verify(public_key,sign_source, source)
    print(f'verify_flag={verify_flag}')

    source = '2'
    verify_flag = myRsa.rsa_verify(public_key,sign_source, source)
    print(f'verify_flag={verify_flag}')

if __name__ == '__main__':
    main()
CissSimkey
关注
RSA算法详解:万字文章详解RSA的加密与解密
布啦啦
07-12 7327
为了彻彻底底的研究明白RSA算法,真的是。。煞(lei)费(si)苦(wo)心(le),首先我希望自己前前后后、彻彻底底的琢磨明白,其次我也希望我把他分享出来以后,大家都能读得懂,这篇文章真的是我迄今为止写的又臭又长的一篇文章了,但是我能保证的是,你读完了以后,绝对不会再问RSA是啥玩意儿了。。
pythonrsa解密_RSA密码解密(RSA Cipher Decryption)
weixin_39527163的博客
12-21 1529
RSA密码解密(RSA Cipher Decryption)本章是前一章的延续,我们使用RSA算法逐步实现加密,并详细讨论它。用于解密密文的函数如下 -def decrypt(ciphertext, priv_key):cipher = PKCS1_OAEP.new(priv_key)return cipher.decrypt(ciphertext)对于公钥加密或非对称密钥加密,重要的是保持两个重...
RSA加密与解密原理
Alphamilk的博客
10-15 1万+
一、什么是RSA加密 二、RSA加密原理 三、RSA加解密过程与算法代码
RSA加密算法
xuanli4845的博客
04-20 1万+
前言 一、RSA算法简介 RSA公开密钥密码体制的原理是:根据数论,寻求两个大素数比较简单,而将它们的乘积进行因式分解却极其困难,因此可以将乘积公开作为加密密钥。 RSA绝对是当今应用最为广泛的加密算法,像数字签名,数字证书,SSH,HTTPS加密连接全部都是他的典型应用。 二、数学基础 1.互质 互质又称为互素,如果两个或两个以上的整数的最大公约数是 1,则称它们为互质。 2.欧拉函数 欧拉函数指的是对正整数n,求小于或等于n的正整数中与n互质的数的数目,记作φ(n)。 3.欧拉定理 欧拉定理也称费马-
一文读懂RSA:从原理到应用的全面解析
小相探索IT世界
10-10 1520
摘要:RSA是非对称加密基石,用公钥加密、私钥解密,安全性依赖大数分解难题。它支撑HTTPS、数字签名、密钥交换,已嵌入SSL/TLS与电子商务。密钥长度从1024位升至2048/4096位以对抗算力提升。面对量子威胁,后量子算法(格/哈希/编码)正加速标准化。Python+cryptography可10行代码完成密钥生成、加密、签名。需警惕私钥泄露、公钥篡改与中间人攻击,硬件安全模块(HSM)与证书链是最佳实践。
安防之浅谈RSA
D_猿员的博客
11-05 453
上一篇文章,我们了解了一下Hash算法,那么这篇文章,我们一起来了解一下RSA. RSA概述 首先看这个加密算法的命名.很有意思,它其实是三个人的名字.早在1977年由麻省理工学院的三位数学家Rivest、Shamir 和 Adleman一起提出了这个加密算法,并且用他们三个人姓氏开头字母命名. RSA加密算法是一种非对称加密算法,其玩法打破了以往所有加密算法的规则.在RSA出现之前,所有的加密方...
RSA介绍
实践求真知
09-16 7万+
一 什么是RSA RSA是一种公钥密码算法,它的名字由三位开发者,即Ron Rivest、Adi Shamir和Leonard Adleman的姓氏的首字母组成的。 RSA被用于公钥密码和数字签名。 1983年,RSA公司为RSA算法在美国取得了专利,但现在该专利已经过期。 二 RSA加密 在RSA中,明文、密钥和密文都是数字。RSA的加密过程可以用下面的公式来表达。 RSA的密文...
python3读取txt文件数字签名_在python中使用sha256withrsa验证数字签名失败[重复]
weixin_42511080的博客
02-03 1390
我正在尝试为离线aadhaar-kyc验证应用程序使用给定的证书文件验证数字签名。本说明在验证文件中给出。下载后,aadhaar无纸脱机e-kyc具有以下XML:上述XML的XSD读取整个XML并从中分离S=__XXXX__标记。利用基于RSA的散列和加密技术,使用签名验证算法存在于__s_标记、剩余XML(不带“s”标记)和uidai公钥(此处可用)中的签名值将被送入算法以验证数字签名。组织提供...
jwt的解密和RSA签名验证
boweiqiang的博客
04-26 4653
#!/usr/bin/env python # -*- encoding: utf-8 -*- ''' @File : jwt_base64_test.py @Contact : buweiqiang@civaonline.cn @MTime : 2020-04-26 11:32 @Author: buweiqiang @Version: 1.0 @Desciption: 标准的Base64并...
Python SSL操作手册
一个的博客
06-27 6786
此模块提供对 Client 端和服务器端网络套接字的传输层安全性(通常称为“安全套接字层”)加密和对等身份验证Function的访问。该模块使用 OpenSSL 库。只要在该平台上安装了 OpenSSL,它就可以在所有现代 Unix 系统,Windows,Mac OS X 以及可能的其他平台上使用。由于对 os 套接字 API 进行了调用,因此某些行为可能取决于平台。安装的 OpenSSL 版本也可能导致行为变化。例如,TLSv1.1 和 TLSv1.2 随附 openssl 版本 1.0.1.请勿在未阅读
# coding=utf-8 import ConfigParser import binascii import os import sys import hashlib import struct import re # cp = ConfigParser.SafeConfigParser() # cp.read('config_startcode.conf') if len(sys.argv) == 1: print('\nparameters is wrong\n') exit() elif len(sys.argv) == 2: print('\nparameters is wrong\n') exit() elif len(sys.argv) == 3: code_filename = sys.argv[2] config_filename = sys.argv[1] cp = ConfigParser.SafeConfigParser() cp.read(config_filename) mode = 0 elif len(sys.argv) == 4: code_filename = sys.argv[2] config_filename = sys.argv[1] cp = ConfigParser.SafeConfigParser() cp.read(config_filename) mode = sys.argv[3] else: print('\nparameters is wrong\n') exit() # cp = ConfigParser.SafeConfigParser() # cp.read('config_startcode.conf') if not os.path.exists(code_filename): print('\n{} does not exist\n'.format(code_filename)) exit() if not os.path.exists(config_filename): print('\nconfig file does not exist\n') exit() if int(mode) == 0: print('\nmode is 0, test mode\n') head_key_2048 = cer_key_2048 = '2048_mode0_key.pem' head_key_4096 = cer_key_4096 = '4096_mode0_key.pem' head_key_sm2 = cer_key_sm2 = 'sm3_mode0_key.pem' elif int(mode) == 1: print('\nmode is 1, normal mode\n') head_key_2048 = '2048_head_key.pem' cer_key_2048 = '2048_cer_key.pem' head_key_4096 = '4096_head_key.pem' cer_key_4096 = '4096_cer_key.pem' head_key_sm2 = 'sm2_head_key.pem' cer_key_sm2 = 'sm2_cer_key.pem' else: print('\nmode is wrong\n') exit() class General: def deal_value(self, level1_name, level2_name): protery_value = cp.get(level1_name, level2_name).replace(' ', '') if protery_value.upper().startswith('0X'): protery_value = protery_value[2:] elif protery_value.startswith('\"') or protery_value.startswith('\''): protery_value = protery_value.replace("\'", '').replace('\"', "").encode('hex') else: protery_value = hex(int(protery_value))[2:] if len(protery_value) % 2 == 1: protery_value = '0' + protery_value return protery_value def get_LSignAlg_alg_uwSubKeyLen(self): LSignAlg_alg_value = self.deal_value('HeadArea', 'LSignAlg') uwSubKeyLen_value = self.deal_value('SecondaryKeyCertificate', 'uwSubKeyLen') if LSignAlg_alg_value == '010000' and uwSubKeyLen_value == '0100': print('\n') print('\nLSignAlg = 0x10000, uwSubKeyLen = 0x100, means hash_alg is SHA2-256,sign_alg is RSA_PSS, pub_key length is 2048\n') elif LSignAlg_alg_value == '010000' and uwSubKeyLen_value == '0200': print('\n') print('\nLSignAlg = 0x10000,uwSubKeyLen = 0x200, means hash_alg is SHA2-256,sign_alg is RSA_PSS, pub_key length is 4096\n') elif LSignAlg_alg_value == '200020' and uwSubKeyLen_value == '20': print('\n') print('\nLSignAlg = 0x200020, uwSubKeyLen = 0x20, means hash_alg is SM3, sign_alg is SM2, pub_key length is 32\n') else: print('\nPlease check LSignAlg and uwSubKeyLen\n') exit() return LSignAlg_alg_value, uwSubKeyLen_value def get_uwSubKeySignAlg(self): uwSubKeySignAlg_value = self.deal_value('SecondaryKeyCertificate', 'uwSubKeySignAlg') if uwSubKeySignAlg_value == '010000': print('\nuwSubKeySignAlg_value = 0x10000, means hash_alg is SHA2-256,sign_alg is RSA_PSS, pub_key length is 4096\n') elif uwSubKeySignAlg_value == '200020': print('\nuwSubKeySignAlg = 0x200020, means hash_alg is SM3, sign_alg is SM2, pub_key length is 32\n') else: print('\nPlease check uwSubKeySignAlg\n') exit() return uwSubKeySignAlg_value def get_LcodeHashAlg(self): LcodeHashAlg_value = self.deal_value('HeadArea', 'LcodeHashAlg') if LcodeHashAlg_value == '00': print('\nLcodeHashAlg = 0x00, means SHA256\n') elif LcodeHashAlg_value == '01': print('\nLcodeHashAlg = 0x01, means SHA512\n') elif LcodeHashAlg_value == '02': print('\nLcodeHashAlg = 0x01, means SM3\n') else: print('\nLcodeHashAlg is wrong\n') exit() return LcodeHashAlg_value def get_sm3(self, value): IV = "7380166f 4914b2b9 172442d7 da8a0600 a96f30bc 163138aa e38dee4d b0fb0e4e" IV = int(IV.replace(" ", ""), 16) a = [] for i in range(0, 8): a.append(0) a[i] = (IV >> ((7 - i) * 32)) & 0xFFFFFFFF IV = a def rotate_left(a, k): k = k % 32 return ((a << k) & 0xFFFFFFFF) | ((a & 0xFFFFFFFF) >> (32 - k)) T_j = [] for i in range(0, 16): T_j.append(0) T_j[i] = 0x79cc4519 for i in range(16, 64): T_j.append(0) T_j[i] = 0x7a879d8a def FF_j(X, Y, Z, j): if 0 <= j and j < 16: ret = X ^ Y ^ Z elif 16 <= j and j < 64: ret = (X & Y) | (X & Z) | (Y & Z) return ret def GG_j(X, Y, Z, j): if 0 <= j and j < 16: ret = X ^ Y ^ Z elif 16 <= j and j < 64: ret = (X & Y) | ((~ X) & Z) return ret def P_0(X): return X ^ (rotate_left(X, 9)) ^ (rotate_left(X, 17)) def P_1(X): return X ^ (rotate_left(X, 15)) ^ (rotate_left(X, 23)) def CF(V_i, B_i): W = [] for j in range(0, 16): W.append(0) unpack_list = struct.unpack(">I", B_i[j * 4:(j + 1) * 4]) W[j] = unpack_list[0] for j in range(16, 68): W.append(0) W[j] = P_1(W[j - 16] ^ W[j - 9] ^ (rotate_left(W[j - 3], 15))) ^ (rotate_left(W[j - 13], 7)) ^ W[j - 6] W_1 = [] for j in range(0, 64): W_1.append(0) W_1[j] = W[j] ^ W[j + 4] A, B, C, D, E, F, G, H = V_i for j in range(0, 64): SS1 = rotate_left(((rotate_left(A, 12)) + E + (rotate_left(T_j[j], j))) & 0xFFFFFFFF, 7) SS2 = SS1 ^ (rotate_left(A, 12)) TT1 = (FF_j(A, B, C, j) + D + SS2 + W_1[j]) & 0xFFFFFFFF TT2 = (GG_j(E, F, G, j) + H + SS1 + W[j]) & 0xFFFFFFFF D = C C = rotate_left(B, 9) B = A A = TT1 H = G G = rotate_left(F, 19) F = E E = P_0(TT2) A = A & 0xFFFFFFFF B = B & 0xFFFFFFFF C = C & 0xFFFFFFFF D = D & 0xFFFFFFFF E = E & 0xFFFFFFFF F = F & 0xFFFFFFFF G = G & 0xFFFFFFFF H = H & 0xFFFFFFFF V_i_1 = [] V_i_1.append(A ^ V_i[0]) V_i_1.append(B ^ V_i[1]) V_i_1.append(C ^ V_i[2]) V_i_1.append(D ^ V_i[3]) V_i_1.append(E ^ V_i[4]) V_i_1.append(F ^ V_i[5]) V_i_1.append(G ^ V_i[6]) V_i_1.append(H ^ V_i[7]) return V_i_1 def hash_msg(msg): len1 = len(msg) reserve1 = len1 % 64 msg = msg + chr(0x80) reserve1 = reserve1 + 1 range_end = 56 if reserve1 > range_end: range_end = range_end + 64 for i in range(reserve1, range_end): msg = msg + chr(0x00) bit_length = (len1) * 8 bit_length_string = struct.pack(">Q", bit_length) msg = msg + bit_length_string group_count = len(msg) / 64 B = [] for i in range(0, group_count): B.append(0) B[i] = msg[i * 64:(i + 1) * 64] V = [] V.append(0) V[0] = IV for i in range(0, group_count): V.append(0) V[i + 1] = CF(V[i], B[i]) return V[i + 1] def out_hex(list1): want = '' for i in list1: want += "%08x" % i return want return out_hex(hash_msg(value)) def get_sign_2048(self, key_name, hash_filename, want_sign_filename, sign_filename): if not os.path.exists(key_name): os.system("openssl genrsa -out {} 2048 >/dev/null 2>&1".format(key_name)) dump_key = os.popen('openssl rsa -in {} -text -noout'.format(key_name)).read().replace('\n', '').replace(' ', '') N_value_256 = re.search('(modulus:)(.*)(publicExponent:)', dump_key).group(2).replace(':', '') if N_value_256.startswith('00'): N_value_256 = N_value_256[2:] E_value_256 = re.search('(publicExponent:)(.*)(privateExponent:)', dump_key).group(2).replace(':', '') E_value_256 = re.search('(\(0x)(.*)(\))', E_value_256).group(2) os.system("openssl dgst -sha256 -binary -out {} {} >/dev/null 2>&1".format(hash_filename, want_sign_filename)) os.system('openssl pkeyutl -sign -pkeyopt rsa_padding_mode:pss -pkeyopt digest:sha256 -inkey {} -in {} -out {} >/dev/null 2>&1'.format(key_name, hash_filename, sign_filename)) with open(sign_filename, 'rb') as fp: bin_file = fp.read() sign_256 = binascii.hexlify(bin_file) return N_value_256, E_value_256, sign_256 def get_sign_4096(self, key_name, hash_filename, want_sign_filename, sign_filename): if not os.path.exists(key_name): os.system("openssl genrsa -out {} 4096 >/dev/null 2>&1".format(key_name)) dump_key = os.popen('openssl rsa -in {} -text -noout'.format(key_name)).read().replace('\n', '').replace(' ', '') N_value_256 = re.search('(modulus:)(.*)(publicExponent:)', dump_key).group(2).replace(':', '') if N_value_256.startswith('00'): N_value_256 = N_value_256[2:] E_value_256 = re.search('(publicExponent:)(.*)(privateExponent:)', dump_key).group(2).replace(':', '') E_value_256 = re.search('(\(0x)(.*)(\))', E_value_256).group(2) os.system("openssl dgst -sha256 -binary -out {} {} >/dev/null 2>&1".format(hash_filename, want_sign_filename)) os.system('openssl pkeyutl -sign -pkeyopt rsa_padding_mode:pss -pkeyopt digest:sha256 -inkey {} -in {} -out {} >/dev/null 2>&1'.format(key_name, hash_filename, sign_filename)) with open(sign_filename, 'rb') as fp: bin_file = fp.read() sign_256 = binascii.hexlify(bin_file) return N_value_256, E_value_256, sign_256 def get_sign_sm2(self, key_name, want_sign_filename, sign_filename): if not os.path.exists(key_name): os.system("gmssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:sm2p256v1 -out {} >/dev/null 2>&1".format(key_name)) dump_key_sm2 = os.popen('gmssl sm2 -in {} -noout -text -param_enc explicit'.format(key_name)).read().replace('\n', '').replace(' ', '') sm2_X = re.search('(pub:04:)(.*)(FieldType:prime-field)', dump_key_sm2).group(2).replace(':', '')[0:64] sm2_Y = re.search('(pub:04:)(.*)(FieldType:prime-field)', dump_key_sm2).group(2).replace(':', '')[64:] os.system('gmssl sm2utl -sign -in {} -out {} -inkey {} -id 1234567812345678'.format(want_sign_filename, sign_filename, key_name)) dump_sign = os.popen('gmssl asn1parse -in ./{} -inform DER -dump'.format(sign_filename)).read().replace(' ', '') want_part = re.findall('(INTEGER:)(.*)(\n)', dump_sign) part1 = want_part[0][1] part2 = want_part[1][1] sign_sm2 = part1 + part2 return sm2_X, sm2_Y, sign_sm2 def reverse_hex(self, protery_value): temp_lst = [] temp_len = len(protery_value) for i in range(0, temp_len, 2): temp_lst.append(protery_value[i:i + 2]) return ''.join(temp_lst[::-1]) def add_zero_after(self, protery_value, length): protery_value = protery_value + ('0' * (length * 2 - (len(protery_value)))) return protery_value def add_zero_before(self, protery_value, length): protery_value = '0' * (length * 2 - (len(protery_value))) + protery_value return protery_value def little_endian(self, protery_value, length): protery_value = self.add_zero_before(protery_value, length) return self.reverse_hex(protery_value) def big_endian(self, protery_value, length): protery_value = self.add_zero_before(protery_value, length) return protery_value gen = General() LSignAlg, uwSubKeyLen = gen.get_LSignAlg_alg_uwSubKeyLen() uwSubKeySignAlg = gen.get_uwSubKeySignAlg() LcodeHashAlg = gen.get_LcodeHashAlg() if mode == 0: if LSignAlg != uwSubKeySignAlg: print('\nIn mode 0 ,LSignAlg should be equal uwSubKeySignAlg') exit() if uwSubKeyLen == '0100': print('\nIn mode 0 ,uwSubKeyLen can not supports 256') exit() with open(code_filename, 'rb') as fp: bin_code_file = fp.read() code_file_sha256 = hashlib.sha256(bin_code_file).hexdigest() code_file_sha512 = hashlib.sha512(bin_code_file).hexdigest() code_file_sm3 = gen.get_sm3(bin_code_file) code_file_len = hex(len(bin_code_file))[2:] print('LCodeLen = 0x{}\n'.format(code_file_len)) hex_code_file = binascii.hexlify(bin_code_file) class Get_orange_content: def get_orange_1(self, LcodeHashAlg, code_file_len): if LcodeHashAlg == '00': ucLCodeHash = code_file_sha256 elif LcodeHashAlg == '01': ucLCodeHash = code_file_sha512 elif LcodeHashAlg == '02': ucLCodeHash = code_file_sm3 print('\nucLCodeHash = 0x{}\n'.format(ucLCodeHash)) Lpreamble = gen.little_endian(gen.deal_value('HeadArea', 'Lpreamble'), 4) LHeadLen = gen.little_endian(gen.deal_value('HeadArea', 'LHeadLen'), 4) LSubKeyCertOffset = gen.little_endian(gen.deal_value('HeadArea', 'LSubKeyCertOffset'), 4) LSignAlg = gen.little_endian(gen.deal_value('HeadArea', 'LSignAlg'), 4) LSignOffset = gen.little_endian(gen.deal_value('HeadArea', 'LSignOffset'), 4) LCodeOffset = gen.little_endian(gen.deal_value('HeadArea', 'LCodeOffset'), 4) LCodeLen = gen.little_endian(code_file_len, 4) ucLCodeHash = gen.add_zero_after(ucLCodeHash,64) uwCodeTag = gen.add_zero_after(gen.deal_value('HeadArea', 'uwCodeTag'), 16) uwCodeNVCNT = gen.little_endian(gen.deal_value('HeadArea', 'uwCodeNVCNT'), 4) LcodeHashAlg = gen.little_endian(LcodeHashAlg, 4) LRevListOffset = gen.little_endian(gen.deal_value('HeadArea', 'LRevListOffset'), 4) uwEncryptFlag = gen.little_endian(gen.deal_value('HeadArea', 'uwEncryptFlag'), 4) uwEncryptAlg = gen.little_endian(gen.deal_value('HeadArea', 'uwEncryptAlg'), 4) uwDeriveSeedEK1 = gen.big_endian(gen.deal_value('HeadArea', 'uwDeriveSeedEK1'), 16) uwDeriveSeedEK2 = gen.big_endian(gen.deal_value('HeadArea', 'uwDeriveSeedEK2'), 16) uwDeriveSeedEK3 = gen.big_endian(gen.deal_value('HeadArea', 'uwDeriveSeedEK3'), 32) uwEncryptIv = gen.big_endian(gen.deal_value('HeadArea', 'uwEncryptIv'), 16) uwEncryptTag = gen.little_endian(gen.deal_value('HeadArea', 'uwEncryptTag'), 16) uwEncryptADD = gen.little_endian(gen.deal_value('HeadArea', 'uwEncryptADD'), 16) LUserLen = gen.little_endian(gen.deal_value('HeadArea', 'LUserLen'), 4) ucLUserDefineData = gen.little_endian(gen.deal_value('HeadArea', 'ucLUserDefineData'), 1072) LJumpOffset = gen.little_endian(gen.deal_value('HeadArea', 'LJumpOffset'), 4) ucLUserDefineData += LJumpOffset LHeadMagic = gen.little_endian(gen.deal_value('HeadArea', 'LHeadMagic'), 4) HeadArea_head_1 = Lpreamble + LHeadLen + LSubKeyCertOffset + LSignAlg + LSignOffset + LCodeOffset + LCodeLen + \ ucLCodeHash + uwCodeTag + uwCodeNVCNT + LcodeHashAlg + LRevListOffset + uwEncryptFlag + \ uwEncryptAlg + uwDeriveSeedEK1 + uwDeriveSeedEK2 + uwDeriveSeedEK3 + uwEncryptIv + \ uwEncryptTag + uwEncryptADD + LUserLen + ucLUserDefineData + LHeadMagic return HeadArea_head_1 def get_orange_1_hash(self, LcodeHashAlg, orange_1_content): bin_HeadArea_head_1 = binascii.a2b_hex(orange_1_content) if LcodeHashAlg == '00': ucHeadHash = hashlib.sha256(bin_HeadArea_head_1).hexdigest() elif LcodeHashAlg == '01': ucHeadHash = hashlib.sha512(bin_HeadArea_head_1).hexdigest() elif LcodeHashAlg == '02': ucHeadHash = gen.get_sm3(bin_HeadArea_head_1) print('ucHeadHash = {}\n'.format(ucHeadHash)) return ucHeadHash def get_HeadArea_all_bin(self, HeadArea_head_1, ucHeadHash): ucHeadHash = gen.add_zero_after(ucHeadHash,64) head_Padding = gen.little_endian(gen.deal_value('HeadArea', 'Padding'), 148) HeadArea_all_hex = HeadArea_head_1 + ucHeadHash + head_Padding bin_HeadArea_all = binascii.a2b_hex(HeadArea_all_hex) with open('HeadArea_all.bin', 'wb') as fp1: fp1.write(bin_HeadArea_all) return HeadArea_all_hex class Get_green_content: def get_head_sign(self,key_name_head_2048, key_name_head_4096, key_name_head_sm2, LSignAlg, uwSubKeyLen): if LSignAlg == '010000' and uwSubKeyLen == '0100': N, E, head_sign = gen.get_sign_2048(key_name_head_2048, '2048_hash_head.bin', 'HeadArea_all.bin', '2048_sign_head.bin') elif LSignAlg == '010000' and uwSubKeyLen == '0200': N, E, head_sign = gen.get_sign_4096(key_name_head_4096, '4096_hash_head.bin', 'HeadArea_all.bin', '4096_sign_head.bin') elif LSignAlg == '200020' and uwSubKeyLen == '20': N, E, head_sign = gen.get_sign_sm2(key_name_head_sm2, 'HeadArea_all.bin', 'sm2_sign_head.bin') print('\nhead_sign_N = 0x{}\n'.format(N)) print('\nhead_sign_E = 0x{}\n'.format(E)) print('\nhead_sign = 0x{}\n'.format(head_sign)) return N, E, head_sign class Get_blue_content: def get_blue_1_file(self, LSignAlg, uwSubKeySignAlg, uwSubKeyLen, N, E): uwSubKeyVersion = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'uwSubKeyVersion'), 4) uwSubKeySignAlg = gen.little_endian(uwSubKeySignAlg, 4) uwSubKeyCategory = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'uwSubKeyCategory'), 4) uwSubKeyID = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'uwSubKeyCategory'), 4) uwSubKeyLen = gen.little_endian(uwSubKeyLen, 4) if uwSubKeySignAlg == '00000100': uwSubKeySignLen = '0200' elif uwSubKeySignAlg == '20002000': uwSubKeySignLen = '40' uwSubKeySignLen = gen.little_endian(uwSubKeySignLen, 4) if LSignAlg == '010000' and uwSubKeyLen == '00010000': ucSubKey = gen.big_endian(N, 256) ucSubKeyE = gen.add_zero_before(E, 256) elif LSignAlg == '010000' and uwSubKeyLen == '00020000': ucSubKey = gen.big_endian(N, 512) ucSubKeyE = gen.add_zero_before(E, 512) elif LSignAlg == '200020' and uwSubKeyLen == '20000000': ucSubKey = gen.big_endian(N, 32) ucSubKeyE = gen.add_zero_before(E, 32) blue_1_hex = uwSubKeyVersion + uwSubKeySignAlg + uwSubKeyCategory + uwSubKeyID + uwSubKeyLen + uwSubKeySignLen + ucSubKey + ucSubKeyE blue_1_bin = binascii.a2b_hex(blue_1_hex) with open('blue_head.bin', 'wb') as fp1: fp1.write(blue_1_bin) return blue_1_hex def get_blue1_sign(self, key_name_cer_4096, key_name_cer_sm2, uwSubKeySignAlg): if uwSubKeySignAlg == '010000': N, E, Certificate_sign = gen.get_sign_4096(key_name_cer_4096, '4096_hash_cer_head.bin', 'blue_head.bin', '4096_sign_cer.bin') elif uwSubKeySignAlg == '200020': N, E, Certificate_sign = gen.get_sign_sm2(key_name_cer_sm2, 'blue_head.bin', 'sm2_sign_cer.bin') print('\nCertificate_sign_N = 0x{}\n'.format(N)) print('\nCertificate_sign_E = 0x{}\n'.format(E)) print('\nCertificate_sign = 0x{}\n'.format(Certificate_sign)) return N, E, Certificate_sign get_o = Get_orange_content() get_g = Get_green_content() get_b = Get_blue_content() hex_orange_1 = get_o.get_orange_1(LcodeHashAlg,code_file_len) orange_1_hash = get_o.get_orange_1_hash(LcodeHashAlg, hex_orange_1) orange_all = get_o.get_HeadArea_all_bin(hex_orange_1, orange_1_hash) # N_head, E_head, head_sign = get_g.get_head_sign(head_key_2048, head_key_4096, head_key_sm2, LSignAlg, uwSubKeyLen) blue_1 = get_b.get_blue_1_file(LSignAlg,uwSubKeySignAlg, uwSubKeyLen, N_head,E_head) N_cer, E_cer, blue_1_sign = get_b.get_blue1_sign(cer_key_4096, cer_key_sm2, uwSubKeySignAlg) if uwSubKeyLen == '0100': ucSubKeySign = gen.big_endian(gen.deal_value(blue_1_sign, 512)) ucReserved = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'ucReserved'), 512) SecondaryKeyCertificate_Padding = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'Padding'), 488) head_sign = gen.big_endian(head_sign, 256) HeadAreaSignature_Padding = gen.little_endian(gen.deal_value('HeadAreaSignature', 'Padding'), 256) elif uwSubKeyLen == '0200': ucSubKeySign = gen.big_endian(blue_1_sign, 512) ucReserved = '' SecondaryKeyCertificate_Padding = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'Padding'), 488) head_sign = gen.big_endian(head_sign, 512) HeadAreaSignature_Padding = '' elif uwSubKeyLen == '20': ucSubKeySign = gen.big_endian(blue_1_sign, 64) ucReserved = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'ucReserved'), 1408) SecondaryKeyCertificate_Padding = gen.little_endian(gen.deal_value('SecondaryKeyCertificate', 'Padding'), 488) head_sign = gen.big_endian(head_sign, 64) HeadAreaSignature_Padding = gen.little_endian(gen.deal_value('HeadAreaSignature', 'Padding'), 448) header_all_hex = orange_all + blue_1 + ucSubKeySign + ucReserved + SecondaryKeyCertificate_Padding + head_sign + HeadAreaSignature_Padding + 'FF' * 768 file_all_header = binascii.a2b_hex(header_all_hex) file_all_hex = header_all_hex + hex_code_file file_all = binascii.a2b_hex(file_all_hex) with open('startcode_head.bin', 'wb') as fp1: fp1.write(file_all_header) with open('startcode_all.bin', 'wb') as fp2: fp2.write(file_all) print('\nstartcode_head.bin and startcode_all.bin are generated\n')
最新发布
10-29
我们有一个Python脚本,它根据配置文件生成一个启动代码(startcode)的二进制文件,包括头部区域(HeadArea)、次级密钥证书(SecondaryKeyCertificate)和签名等。 脚本流程: 1. 读取配置文件和要打包的二进制...
RSA 非对称加密原理(小白也能看懂哦~)
热门推荐
jijianshuai的专栏
06-05 10万+
RSA 加密原理 步骤 说明 描述 备注 1 找出质数 P 、Q - 2 计算公共模数 N = P * Q - 3 欧拉函数 φ(N) = (P-1)(Q-1) - 4 计算公钥E 1 &lt; E &lt; φ(N) E的取值必须是整数 E 和 φ(N) 必须是互质数 5 计算私...
RSA
人不风流枉少年
06-27 973
一:简介 RSA 加密算法是一种非对称加密算法,非对称加密需要两个密钥,一个是加密密钥另一个是解密密钥,加密密钥(即公开密钥)PK是公开信息,解密密钥(即秘密密钥)SK是需要保密的,加密算法E和解密算法D也都是公开的。虽然解密密钥SK是由公开密钥PK决定的,但却不能根据PK计算出SK。 RSA是1977年由罗纳德·李维斯特(Ron Rivest)、阿迪·萨莫尔(Adi Shamir)和伦纳德·...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值