1,itsdangerous
from itsdangerous import JSONWebSignatureSerializer
SECRET_KEY = 'abc'
s = JSONWebSignatureSerializer(SECRET_KEY)
encrypt_info = s.dumps({
'id': 1,
'name': 'myName',
})
print(encrypt_info)
info = s.loads(encrypt_info)
print(info)
2, sha1 sha224 sha256 sha384 sha512 md5
# 这种加密方式不可逆
#返回info 和 signature,
#本地有key, 使用sha1(info+key) 和signature比较
from hashlib import sha1, sha224, sha256, sha384, sha512
import json
# sha1
info = {
'id': 1,
'user': 'Username'
}
key = 'abc'
signature = sha1((json.dumps(info)+key).encode('utf-8'))
print(signature.hexdigest())
# md5
signature = md5((json.dumps(info)+key).encode('utf-8'))
print(signature.hexdigest())
...
3,AES-128-CBC
#数据采用PKCS#7填充。, 微信小程序开发案例
import base64
import json
from Crypto.Cipher import AES
def _unpad(s):
return s[:-ord(s[len(s) - 1:])]
appId = 'wx4f4bc4dec97d474b'
sessionKey = 'tiihtNczf5v6AKRyjwEUhQ=='
encryptedData = 'CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZMQmRzooG2xrDcvSnxIMXFufNstNGTyaGS9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+3hVbJSRgv+4lGOETKUQz6OYStslQ142dNCuabNPGBzlooOmB231qMM85d2/fV6ChevvXvQP8Hkue1poOFtnEtpyxVLW1zAo6/1Xx1COxFvrc2d7UL/lmHInNlxuacJXwu0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn/Hz7saL8xz+W//FRAUid1OksQaQx4CMs8LOddcQhULW4ucetDf96JcR3g0gfRK4PC7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns/8wR2SiRS7MNACwTyrGvt9ts8p12PKFdlqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYVoKlaRv85IfVunYzO0IKXsyl7JCUjCpoG20f0a04COwfneQAGGwd5oa+T8yO5hzuyDb/XcxxmK01EpqOyuxINew=='
iv = 'r7BXXKkLb8qrSNn05n0qiA=='
# base64处理
sessionKey = base64.b64decode(sessionKey)
encryptedData = base64.b64decode(encryptedData)
iv = base64.b64decode(iv)
cipher = AES.new(sessionKey, AES.MODE_CBC, iv)
decrypted = json.loads(_unpad(cipher.decrypt(encryptedData).decode()))
assert decrypted['watermark']['appid'] == appId
print(decrypted['watermark']['appid'])
print(appId)
4,JWT 加密
'''
JSON Web Token
header . payload . signature
header : 类型, 算法
payload: 内容
signature: sha256(base64.b64encode('header') + '.' + base64.b64encode('payload'), 'SECRET_KEY')
signature加密后类此: SwyHTEx_RQppr97g4J5lKXtabJecpejuef8AqKYMAJc
'''
import base64
from hashlib import sha256
import json
header = {
'type': 'JWT',
'alg': 'sha256'
}
payload = {
'id': 1,
'user': 'UserName',
'gender': 'boy',
'birthday': '1997-12-12'
}
SECRET_KEY = 'abc'
header = base64.b64encode(json.dumps(header).encode('utf-8')).decode()
print(header)
payload = base64.b64encode(json.dumps(payload).encode('utf-8')).decode()
print(payload)
# HS256: signature = HS256(header + '.' + payload, SECRET_KEY)
signature = sha256((header + '.' + payload + SECRET_KEY).encode('utf-8'))
print(signature.hexdigest())
JWT = header + '.' + payload + '.' + signature.hexdigest()
print(JWT)
'''
验证时, 解密header得到加密算法,使用本地的SECRET_KEY重新加密 header+'.'+payload, 比较signature
'''
5,RSA 加密
'''
类如支付包对接时, 使用openssl 生成rsa密钥
$ openssl
$ genrsa -out app_private_key.pem 2048 或者 genrsa -out app_private_key.pem 1024
$ rsa -in app_private_key.pem -pubout -out app_public_key.pem
$ exit
本地指定目录保存私钥, 开发平台指定位置上传公钥匙
'''
'''一下本地测试'''
import rsa
import json
(pubkey, privkey) = rsa.newkeys(1024)
print(pubkey.save_pkcs1())
print(privkey.save_pkcs1())
pubkey = pubkey.save_pkcs1()
privkey = privkey.save_pkcs1()
pubkey = rsa.PublicKey.load_pkcs1(pubkey)
privkey = rsa.PrivateKey.load_pkcs1(privkey)
data = {
'id': 1,
'user': 'UserName',
'gender': '男',
}
# 公钥加密, 私钥解密
encryption = rsa.encrypt(json.dumps(data).encode('utf-8'), pubkey)
decryption = rsa.decrypt(encryption, privkey).decode()
print(json.loads(decryption)) # {'gender': '男', 'id': 1, 'user': 'UserName'}
网友评论