问题描述
嗨,我正在使用套接字和 pycryptodome 制作一个程序,该程序可以将加密消息传输到另一个“客户端”,而无需预先共享密钥。
目前,我将我的程序设置为客户端和服务器都生成 RSA 密钥并相互共享公钥。然后他们使用这些密钥相互发送随机字节,最后使用 AES 加密和解密相互接收和发送消息
我的代码:
'服务器'端:
import os
from Crypto.Cipher import AES
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
def rsa_key_generate():
key = RSA.generate(4096)
private_key = key.exportKey()
public_key = key.publickey().export_key()
del key
return private_key,public_key
def rsa_encrypt_data(data,public_key):
recipient_key = RSA.import_key(public_key)
cipher_rsa = PKCS1_OAEP.new(recipient_key)
del recipient_key
encrypted_data = cipher_rsa.encrypt(data)
del cipher_rsa,data
return encrypted_data
def rsa_decrypt_data(encrypted_data,private_key):
private_key = RSA.import_key(private_key)
rsa_cipher = PKCS1_OAEP.new(private_key)
del private_key
decrypted_data = rsa_cipher.decrypt(encrypted_data)
del rsa_cipher
return decrypted_data
def aes_key_generate():
random_bytes = os.urandom(32)
cipher = AES.new(random_bytes,AES.MODE_EAX)
return cipher,random_bytes
def aes_encrypt_data(text,cipher):
text = text.encode()
ciphertext,tag = cipher.encrypt_and_digest(text)
encrypted = str(cipher.nonce + tag + ciphertext).encode()
return encrypted
def aes_decrypt_data(encrypted,key):
encrypted = encrypted
key = key
nonce,tag,ciphertext = encrypted[:16],encrypted[16:32],encrypted[32:]
cipher = AES.new(key,AES.MODE_EAX,nonce)
decrypted = cipher.decrypt_and_verify(ciphertext,tag)
return decrypted.decode()
if __name__ == '__main__':
HOST = '127.0.0.1'
PORT = 65432
rsa_key = rsa_key_generate()
aes_key = aes_key_generate()
with socket.socket(socket.AF_INET,socket.soCK_STREAM) as socks:
socks.bind((HOST,PORT))
while 1:
socks.listen()
conn,addr = socks.accept()
with conn:
print('Connected by: ',addr)
conn.sendall(rsa_key[1])
client_rsa_public_key = conn.recv(4096)
encrypted_urandom = rsa_encrypt_data(aes_key[1],client_rsa_public_key)
client_encrypted_urandom = conn.recv(4096)
conn.sendall(encrypted_urandom)
client_urandom = rsa_decrypt_data(client_encrypted_urandom,rsa_key[0])
def encrypted_send(socket_name,to_send,cipher):
to_send = aes_encrypt_data(to_send,cipher)
socket_name.sendall(to_send)
def encrypted_receive(socket_name,urandom):
data_received = socket_name.recv(4096)
decrypted_data = aes_decrypt_data(data_received,urandom)
return decrypted_data
encrypted_send(conn,"AAAAAAAAAAA",aes_key[0])
'客户端':
import os
from Crypto.Cipher import AES
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
def rsa_key_generate():
key = RSA.generate(4096)
private_key = key.exportKey()
public_key = key.publickey().export_key()
del key
return private_key,socket.soCK_STREAM) as socks:
socks.connect((HOST,PORT))
server_rsa_public_key = socks.recv(4096)
socks.sendall(rsa_key[1])
encrypted_urandom = rsa_encrypt_data(aes_key[1],server_rsa_public_key)
socks.sendall(encrypted_urandom)
server_encrypted_urandom = socks.recv(4096)
server_urandom = rsa_decrypt_data(server_encrypted_urandom,rsa_key[0])
def encrypted_send(socket_name,cipher):
to_send = aes_encrypt_data(to_send,cipher)
socket_name.sendall(to_send)
def encrypted_receive(socket_name,urandom):
data_received = socket_name.recv(4096)
if len(data_received) != 0:
decrypted_data = aes_decrypt_data(data_received,urandom)
return decrypted_data
else:
return False
print(encrypted_receive(socks,server_urandom))
我得到的错误(在客户端):
Traceback (most recent call last):
File "P:/Python/Pycharm/Work-In-Progress/socks/cs_key_ex_2/client.py",line 85,in <module>
print(encrypted_receive(socks,server_urandom))
File "P:/Python/Pycharm/Work-In-Progress/socks/cs_key_ex_2/client.py",line 79,in encrypted_receive
decrypted_data = aes_decrypt_data(data_received,urandom)
File "P:/Python/Pycharm/Work-In-Progress/socks/cs_key_ex_2/client.py",line 52,in aes_decrypt_data
decrypted = cipher.decrypt_and_verify(ciphertext,tag)
File "C:\python39\lib\site-packages\Crypto\Cipher\_mode_eax.py",line 368,in decrypt_and_verify
self.verify(received_mac_tag)
File "C:\python39\lib\site-packages\Crypto\Cipher\_mode_eax.py",line 309,in verify
raise ValueError("MAC check Failed")
ValueError: MAC check Failed
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)