我试图使用SHA1哈希实现Python和密码学库对PHP的openssl_pkey_get_private和openssl_sign的功能等效签名。我读到PHP使用PKCS1v15填充,所以这就是我试图使用的。我的代码是:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.backends import default_backend
pk = open('key.pem', 'rb')
key = load_pem_private_key(pk.read(), password=None, backend=default_backend())
message = b'hello world'
signature = key.sign(
message,
padding.PKCS1v15,
hashes.SHA1()
)
执行结果为:
---------------------------------------------------------------------------
TypeError Traceback (most recent call last)
<ipython-input-21-ef3db8a6f4a8> in <module>()
3 message,
4 padding.PKCS1v15,
----> 5 hashes.SHA1()
6 )
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
613
614 def sign(self, data, padding, algorithm):
--> 615 signer = self.signer(padding, algorithm)
616 signer.update(data)
617 signature = signer.finalize()
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in signer(self, padding, algorithm)
550
551 def signer(self, padding, algorithm):
--> 552 return _RSASignatureContext(self._backend, self, padding, algorithm)
553
554 def decrypt(self, ciphertext, padding):
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in __init__(self, backend, private_key, padding, algorithm)
170
171 if not isinstance(padding, AsymmetricPadding):
--> 172 raise TypeError("Expected provider of AsymmetricPadding.")
173
174 self._pkey_size = self._backend._lib.EVP_PKEY_size(
TypeError: Expected provider of AsymmetricPadding.
操作符isinstance表示padding.PKCS1v15需要是一个实例,而不是类型(类)本身。这意味着对象实例应该通过调用构造函数来创建。
添加括号,即padding.PKCS1v15()。