cryptography 是 Python 中一个强大且广泛使用的加密库,它提供了多种加密算法和工具来支持加密、解密、签名、验证等操作。以下是如何在 Python 中使用 cryptography 库的一些基本示例。
![图片[1]_利用Python Cryptography库实现高级加密功能_知途无界](https://zhituwujie.com/wp-content/uploads/2025/01/d2b5ca33bd20250116122203.png)
首先,你需要安装 cryptography 库。你可以使用 pip 来安装它:
pip install cryptographypip install cryptographypip install cryptography
对称加密
对称加密是一种使用相同密钥进行加密和解密的加密方法。以下是如何使用 cryptography 库进行对称加密和解密的示例:
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modesfrom cryptography.hazmat.primitives import paddingfrom cryptography.hazmat.backends import default_backendimport os# 生成一个随机的密钥key = os.urandom(32) # AES-256 需要 32 字节的密钥iv = os.urandom(16) # 初始化向量 (IV)# 原始数据data = b"Secret Message"# 填充数据以符合块大小要求padder = padding.PKCS7(algorithms.AES.block_size).padder()padded_data = padder.update(data) + padder.finalize()# 创建加密器cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())encryptor = cipher.encryptor()# 加密数据encrypted_data = encryptor.update(padded_data) + encryptor.finalize()print("Encrypted:", encrypted_data)# 创建解密器decipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())decryptor = decipher.decryptor()# 解密数据decrypted_padded_data = decryptor.update(encrypted_data) + decryptor.finalize()# 去除填充unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()decrypted_data = unpadder.update(decrypted_padded_data) + unpadder.finalize()print("Decrypted:", decrypted_data.decode())from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives import padding from cryptography.hazmat.backends import default_backend import os # 生成一个随机的密钥 key = os.urandom(32) # AES-256 需要 32 字节的密钥 iv = os.urandom(16) # 初始化向量 (IV) # 原始数据 data = b"Secret Message" # 填充数据以符合块大小要求 padder = padding.PKCS7(algorithms.AES.block_size).padder() padded_data = padder.update(data) + padder.finalize() # 创建加密器 cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # 加密数据 encrypted_data = encryptor.update(padded_data) + encryptor.finalize() print("Encrypted:", encrypted_data) # 创建解密器 decipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) decryptor = decipher.decryptor() # 解密数据 decrypted_padded_data = decryptor.update(encrypted_data) + decryptor.finalize() # 去除填充 unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder() decrypted_data = unpadder.update(decrypted_padded_data) + unpadder.finalize() print("Decrypted:", decrypted_data.decode())from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives import padding from cryptography.hazmat.backends import default_backend import os # 生成一个随机的密钥 key = os.urandom(32) # AES-256 需要 32 字节的密钥 iv = os.urandom(16) # 初始化向量 (IV) # 原始数据 data = b"Secret Message" # 填充数据以符合块大小要求 padder = padding.PKCS7(algorithms.AES.block_size).padder() padded_data = padder.update(data) + padder.finalize() # 创建加密器 cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) encryptor = cipher.encryptor() # 加密数据 encrypted_data = encryptor.update(padded_data) + encryptor.finalize() print("Encrypted:", encrypted_data) # 创建解密器 decipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) decryptor = decipher.decryptor() # 解密数据 decrypted_padded_data = decryptor.update(encrypted_data) + decryptor.finalize() # 去除填充 unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder() decrypted_data = unpadder.update(decrypted_padded_data) + unpadder.finalize() print("Decrypted:", decrypted_data.decode())
非对称加密
非对称加密使用一对密钥(公钥和私钥)进行加密和解密。以下是如何使用 cryptography 库进行非对称加密和解密的示例:
from cryptography.hazmat.primitives.asymmetric import rsa, paddingfrom cryptography.hazmat.primitives import hashesfrom cryptography.hazmat.primitives import serialization# 生成私钥private_key = rsa.generate_private_key(public_exponent=65537,key_size=2048,backend=default_backend())# 生成公钥public_key = private_key.public_key()# 原始数据data = b"Secret Message"# 使用公钥加密ciphertext = public_key.encrypt(data,padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(),label=None))print("Encrypted:", ciphertext)# 使用私钥解密plaintext = private_key.decrypt(ciphertext,padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),algorithm=hashes.SHA256(),label=None))print("Decrypted:", plaintext.decode())from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import serialization # 生成私钥 private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend() ) # 生成公钥 public_key = private_key.public_key() # 原始数据 data = b"Secret Message" # 使用公钥加密 ciphertext = public_key.encrypt( data, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None ) ) print("Encrypted:", ciphertext) # 使用私钥解密 plaintext = private_key.decrypt( ciphertext, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None ) ) print("Decrypted:", plaintext.decode())from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import serialization # 生成私钥 private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend() ) # 生成公钥 public_key = private_key.public_key() # 原始数据 data = b"Secret Message" # 使用公钥加密 ciphertext = public_key.encrypt( data, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None ) ) print("Encrypted:", ciphertext) # 使用私钥解密 plaintext = private_key.decrypt( ciphertext, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None ) ) print("Decrypted:", plaintext.decode())
数字签名
数字签名用于验证数据的完整性和来源。以下是如何使用 cryptography 库进行数字签名和验证的示例:
from cryptography.hazmat.primitives import hashesfrom cryptography.hazmat.primitives.asymmetric import rsa, paddingfrom cryptography.hazmat.primitives import serialization# 生成私钥private_key = rsa.generate_private_key(public_exponent=65537,key_size=2048,backend=default_backend())# 生成公钥public_key = private_key.public_key()# 原始数据data = b"Message to sign"# 创建签名signature = private_key.sign(data,padding.PSS(mgf=padding.MGF1(hashes.SHA256()),salt_length=padding.PSS.MAX_LENGTH),hashes.SHA256())print("Signature:", signature)# 验证签名try:public_key.verify(signature,data,padding.PSS(mgf=padding.MGF1(hashes.SHA256()),salt_length=padding.PSS.MAX_LENGTH),hashes.SHA256())print("Signature is valid.")except Exception as e:print("Signature is invalid:", e)from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives import serialization # 生成私钥 private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend() ) # 生成公钥 public_key = private_key.public_key() # 原始数据 data = b"Message to sign" # 创建签名 signature = private_key.sign( data, padding.PSS( mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA256() ) print("Signature:", signature) # 验证签名 try: public_key.verify( signature, data, padding.PSS( mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA256() ) print("Signature is valid.") except Exception as e: print("Signature is invalid:", e)from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import rsa, padding from cryptography.hazmat.primitives import serialization # 生成私钥 private_key = rsa.generate_private_key( public_exponent=65537, key_size=2048, backend=default_backend() ) # 生成公钥 public_key = private_key.public_key() # 原始数据 data = b"Message to sign" # 创建签名 signature = private_key.sign( data, padding.PSS( mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA256() ) print("Signature:", signature) # 验证签名 try: public_key.verify( signature, data, padding.PSS( mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH ), hashes.SHA256() ) print("Signature is valid.") except Exception as e: print("Signature is invalid:", e)
这些示例展示了如何使用 cryptography 库进行基本的加密、解密、签名和验证操作。你可以根据需求调整这些示例以适应更复杂的场景。
© 版权声明
文中内容均来源于公开资料,受限于信息的时效性和复杂性,可能存在误差或遗漏。我们已尽力确保内容的准确性,但对于因信息变更或错误导致的任何后果,本站不承担任何责任。如需引用本文内容,请注明出处并尊重原作者的版权。
THE END
暂无评论内容