我正在尝试使用属于我朋友的另一个公钥来加密新生成的密钥
recipient_public_key首先,我生成了一个密钥大小为 1024 位的 RSA 密钥对,使用我的名字作为用户名,使用可用的 Pythonic 包(例如 python-gnupg pycryptodome)。我需要生成并签署消息而不对其进行加密,如下所示:
签名信息:这是我的秘密信息
我尝试了以下方法,结束了以下错误:
ValueError:明文太长。
# !pip install pycryptodome
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256
import base64
import pgpy # Import pgpy
# Step 1: Generate RSA key pair
key = RSA.generate(1024)
private_key = key.export_key()
public_key = key.publickey().export_key()
# Step 2: Save your public key for submission
with open("my_public_key.pem", "wb") as f:
f.write(public_key)
# Step 3: Prepare the message with your name
message = "This is my secret messgae"
message_bytes = message.encode()
# Step 4: Sign the message with the private key
hash_message = SHA256.new(message_bytes)
signature = pkcs1_15.new(key).sign(hash_message)
# Step 5: Base64 encode the signature
signature_base64 = base64.b64encode(signature)
# Step 6: Save the public key, message, and signature in a file
with open("final-msg.txt", "wb") as f:
f.write(public_key + b"\n" + message_bytes + b"\n" + signature_base64)
# Step 7: Encrypt the final message with the provided public key
recipient_public_key_pem = """-----BEGIN PGP PUBLIC KEY BLOCK-----
.............
-----END PGP PUBLIC KEY BLOCK-----"""
# Step 7: Encrypt the final message with the provided public key
# **Increased key size to 2048 bits**
key = RSA.generate(2048)
private_key = key.export_key()
public_key = key.publickey().export_key()
# Use pgpy to import the PGP key
recipient_key, _ = pgpy.PGPKey.from_blob(recipient_public_key_pem)
# Re-initialize cipher_rsa with the new key
cipher_rsa = PKCS1_OAEP.new(key)
# Encrypt final-msg.txt with the recipient's public key
with open("final-msg.txt", "rb") as f:
final_msg = f.read()
encrypted_message = cipher_rsa.encrypt(final_msg)
# Step 8: Base64 encode the encrypted message
encrypted_message_base64 = base64.b64encode(encrypted_message)
# Step 9: Save the base64 encoded encrypted message
with open("final_msg_base64.txt.gpg", "wb") as f:
f.write(encrypted_message_base64)
print("Encryption completed. The Base64-encoded encrypted message is saved in 'final_msg_base64.txt.gpg'")
本着DRY的精神,我尝试了第二种方法:
# !pip install python-gnupg
import gnupg
import base64
# Initialize GPG
gpg = gnupg.GPG()
# 1. Generate an RSA Key Pair
input_data = gpg.gen_key_input(
key_type="RSA",
key_length=1024,
name_real="Alice Bob", # Replace with your name
name_email="[email protected]", # Replace with your email
expire_date=0 # Key does not expire
)
key = gpg.gen_key(input_data)
print(f"Generated Key Fingerprint: {key.fingerprint}")
# 2. Create the message
message = f"This is my secret message"
with open("msg.txt", "w") as f:
f.write(message)
# 3. Sign the message
#signed_data = gpg.sign(message, default_key=key.fingerprint, detach=True)
signed_data = gpg.sign(message, keyid=key.fingerprint, detach=True)
# Write the signature data to a file in binary mode
with open("msg.sig", "wb") as f: # Open in binary write mode ("wb")
f.write(signed_data.data) # Write the bytes directly
# 4. Base64 encode the signature
with open("msg.sig", "rb") as sig_file:
signature_base64 = base64.b64encode(sig_file.read()).decode("utf-8")
with open("msg-base64.sig", "w") as encoded_sig_file:
encoded_sig_file.write(signature_base64)
# 5. Export your public key
public_key = gpg.export_keys(key.fingerprint)
with open("my_public_key.asc", "w") as pubkey_file:
pubkey_file.write(public_key)
# 6. Concatenate the public key, message, and Base64-encoded signature
with open("final-msg.txt", "w") as final_file:
final_file.write(public_key)
final_file.write("\n" + message + "\n")
final_file.write(signature_base64)
# 7. Import recipient's public key
recipient_public_key ="""-----BEGIN PGP PUBLIC KEY BLOCK-----
..........
-----END PGP PUBLIC KEY BLOCK-----"""
# Replace with the actual provided public key
import_result = gpg.import_keys(recipient_public_key)
print("Imported Recipient's Public Key:", import_result.fingerprints)
# 8. Encrypt the final message with the recipient's public key
with open("final-msg.txt", "rb") as final_msg_file:
# Use encrypt instead of encrypt_file
encrypted_data = gpg.encrypt(
final_msg_file.read(), # Read the file content
import_result.fingerprints, # Pass recipients as positional argument
output="final-msg.txt.gpg"
)
if encrypted_data.ok:
print("Message encrypted successfully.")
else:
print(f"Encryption failed: {encrypted_data.status}") # Print the error status
print(encrypted_data.stderr) # Print any error details to help with debugging
# Only proceed to base64 encoding if encryption was successful
if encrypted_data.ok:
# 9. Base64 encode the encrypted file
with open("final-msg.txt.gpg", "rb") as encrypted_file:
encrypted_base64 = base64.b64encode(encrypted_file.read()).decode("utf-8")
with open("final_msg_base64.txt.gpg", "w") as encoded_encrypted_file:
encoded_encrypted_file.write(encrypted_base64)
# Output the Base64 encoded result
print("Base64 Encoded Encrypted Message:")
print(encrypted_base64)
else:
print("Skipping base64 encoding due to encryption failure.")
WARNING:gnupg:potential problem: ERROR: key_generate 83918950
WARNING:gnupg:gpg returned a non-zero error code: 2
WARNING:gnupg:potential problem: FAILURE: sign 17
WARNING:gnupg:gpg returned a non-zero error code: 2
WARNING:gnupg:gpg returned a non-zero error code: 2
WARNING:gnupg:gpg returned a non-zero error code: 2
Generated Key Fingerprint:
Imported Recipient's Public Key: ['1AB8693860852A6B0EE7DD81B8F979BA0A99A039']
Encryption failed: invalid recipient
[GNUPG:] KEY_CONSIDERED 1AB8693860852A6B0EE7DD81B8F979BA0A99A039 0
gpg: 8D7830FB995B0A91: There is no assurance this key belongs to the named user
[GNUPG:] INV_RECP 10 1AB8693860852A6B0EE7DD81B8F979BA0A99A039
[GNUPG:] FAILURE encrypt 53
gpg: [stdin]: encryption failed: Unusable public key
Skipping base64 encoding due to encryption failure.
知道如何使用目标
recipient_public_key我前一段时间做过类似的事情,也做过类似的事情
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Random import get_random_bytes
import base64
def generate_keys():
key = RSA.generate(2048)
private_key = key.export_key()
public_key = key.publickey().export_key()
return private_key, public_key
def encrypt_message(public_key, message):
public_key = RSA.import_key(public_key)
cipher_rsa = PKCS1_OAEP.new(public_key)
encrypted_message = cipher_rsa.encrypt(message.encode())
return base64.b64encode(encrypted_message).decode()
def decrypt_message(private_key, encrypted_message):
private_key = RSA.import_key(private_key)
cipher_rsa = PKCS1_OAEP.new(private_key)
encrypted_message = base64.b64decode(encrypted_message)
decrypted_message = cipher_rsa.decrypt(encrypted_message).decode()
return decrypted_message
private_key, public_key = generate_keys()
message = "This is a secret message!"
encrypted_message = encrypt_message(public_key, message)
print("Encrypted Message:", encrypted_message)
decrypted_message = decrypt_message(private_key, encrypted_message)
print("Decrypted Message:", decrypted_message)
您可以在代码中使用这些函数。 (它在这里运行:https://onecompiler.com/python/42xn25rn5)