From a788d8f3b8280bc6f4dc093d0587035451862e82 Mon Sep 17 00:00:00 2001 From: shaohuzhang1 <80892890+shaohuzhang1@users.noreply.github.com> Date: Mon, 29 Apr 2024 13:53:49 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=E8=B6=85=E9=95=BF?= =?UTF-8?q?=E6=96=87=E6=9C=ACrsa=E5=8A=A0=E5=AF=86=E8=A7=A3=E5=AF=86=20(#3?= =?UTF-8?q?12)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/common/util/rsa_util.py | 62 ++++++++++++++---------------------- 1 file changed, 24 insertions(+), 38 deletions(-) diff --git a/apps/common/util/rsa_util.py b/apps/common/util/rsa_util.py index b808548b1..003018672 100644 --- a/apps/common/util/rsa_util.py +++ b/apps/common/util/rsa_util.py @@ -62,18 +62,6 @@ def get_key_pair_by_sql(): return system_setting.meta -# def get_key_pair(): -# if not os.path.exists("/opt/maxkb/conf/receiver.pem"): -# kv = generate() -# private_file_out = open("/opt/maxkb/conf/private.pem", "wb") -# private_file_out.write(kv.get('value')) -# private_file_out.close() -# receiver_file_out = open("/opt/maxkb/conf/receiver.pem", "wb") -# receiver_file_out.write(kv.get('key')) -# receiver_file_out.close() -# return {'key': open("/opt/maxkb/conf/receiver.pem").read(), 'value': open("/opt/maxkb/conf/private.pem").read()} - - def encrypt(msg, public_key: str | None = None): """ 加密 @@ -111,28 +99,27 @@ def rsa_long_encrypt(message, public_key: str | None = None, length=200): :param length: 1024bit的证书用100, 2048bit的证书用 200 :return: 加密后的数据 """ - # 读取公钥 if public_key is None: public_key = get_key_pair().get('key') - cipher = PKCS1_cipher.new(RSA.importKey(extern_key=public_key, - passphrase=secret_code)) - # 处理:Plaintext is too long. 分段加密 - if len(message) <= length: - # 对编码的数据进行加密,并通过base64进行编码 - result = base64.b64encode(cipher.encrypt(message.encode('utf-8'))) - else: - rsa_text = [] - # 对编码后的数据进行切片,原因:加密长度不能过长 - for i in range(0, len(message), length): - cont = message[i:i + length] - # 对切片后的数据进行加密,并新增到text后面 - rsa_text.append(cipher.encrypt(cont.encode('utf-8'))) - # 加密完进行拼接 - cipher_text = b''.join(rsa_text) - # base64进行编码 - result = base64.b64encode(cipher_text) - return result.decode() + cipher = PKCS1_cipher.new(RSA.importKey(extern_key=public_key, + passphrase=secret_code)) + # 处理:Plaintext is too long. 分段加密 + if len(message) <= length: + # 对编码的数据进行加密,并通过base64进行编码 + result = base64.b64encode(cipher.encrypt(message.encode('utf-8'))) + else: + rsa_text = [] + # 对编码后的数据进行切片,原因:加密长度不能过长 + for i in range(0, len(message), length): + cont = message[i:i + length] + # 对切片后的数据进行加密,并新增到text后面 + rsa_text.append(cipher.encrypt(cont.encode('utf-8'))) + # 加密完进行拼接 + cipher_text = b''.join(rsa_text) + # base64进行编码 + result = base64.b64encode(cipher_text) + return result.decode() def rsa_long_decrypt(message, pri_key: str | None = None, length=256): @@ -143,12 +130,11 @@ def rsa_long_decrypt(message, pri_key: str | None = None, length=256): :param length : 1024bit的证书用128,2048bit证书用256位 :return: 解密后的数据 """ - if pri_key is None: pri_key = get_key_pair().get('value') - cipher = PKCS1_cipher.new(RSA.importKey(pri_key, passphrase=secret_code)) - base64_de = base64.b64decode(message) - res = [] - for i in range(0, len(base64_de), length): - res.append(cipher.decrypt(base64_de[i:i + length], 0)) - return b"".join(res).decode() + cipher = PKCS1_cipher.new(RSA.importKey(pri_key, passphrase=secret_code)) + base64_de = base64.b64decode(message) + res = [] + for i in range(0, len(base64_de), length): + res.append(cipher.decrypt(base64_de[i:i + length], 0)) + return b"".join(res).decode()