pythonを使ったサンプル
pycryptoを使ったサンプルを作ってみました.これで一通り,動作が確認できます.
samp_rsa.py←右クリックで保存できます.
#!/usr/bin/env python
#encoding: utf-8
import sys
import time
import base64
import Crypto.PublicKey.RSA as RSA
import Crypto.Util.randpool as RANDOM
#################
# 0. parameters #
#################
def error(msg):
time.sleep(2)
print 'ERROR: ' + msg
sys.exit()
passphrase = 'passphrase'
nbits = 2048
nbyteschallenge = nbits/8-1
###################################
# 1. [local] RSA keys' generation #
###################################
rand = RANDOM.RandomPool()
# generate the RSA keys
rsa = RSA.generate(nbits, rand.get_bytes )
# save the RSA keys with path phrase
rsa_key = rsa.exportKey(passphrase=passphrase)
with file('rsa', 'w') as fp:
fp.write(rsa_key)
# save the public key
pub_rsa = rsa.publickey()
pub_rsa_key = pub_rsa.exportKey()
with file('rsa.pub', 'w') as fp:
fp.write(pub_rsa_key)
print 'rsa:'
print ' n: ' + str( hasattr( rsa, 'n' ) )
print ' e: ' + str( hasattr( rsa, 'e' ) )
print ' d: ' + str( hasattr( rsa, 'd' ) )
print
print 'pub_rsa:'
print ' n: ' + str( hasattr( pub_rsa, 'n' ) )
print ' e: ' + str( hasattr( pub_rsa, 'e' ) )
print ' d: ' + str( hasattr( pub_rsa, 'd' ) )
print
print 'rsa.n == pub_rsa.n -> ' + str( rsa.n == pub_rsa.n )
print 'rsa.e == pub_rsa.e -> ' + str( rsa.e == pub_rsa.e )
print
#################################################
# 2. [local] decode the RSA key with passphrase #
#################################################
# read the RSA key
try:
with file('rsa', 'r') as fp:
rsa_key = fp.read()
except:
error('The RSA file is not found.')
# decode the RSA key with the given passpharse
try:
rsa = RSA.importKey(rsa_key,passphrase=passphrase)
except:
error('The passphraes may be wrong.')
######################################
# 3. [server] generate the challenge #
######################################
# read and import the public key
try:
with file('rsa.pub', 'r') as fp:
pub_rsa_key = fp.read()
pub_rsa = RSA.importKey(pub_rsa_key)
except:
error('The public key cannot be imported.')
try:
# generate the random bits for the challenge
challengebits = RANDOM.RandomPool().get_bytes(nbyteschallenge)
# encrypt the generated bits with the public key
challenge, = pub_rsa.encrypt(challengebits, '')
# encode the challenge
challenge_b64 = base64.urlsafe_b64encode(challenge)
except:
error('The challenge cannot be generated.')
######################################################
# 4. [local] generage the response for the challenge #
######################################################
try:
# decode the challenge
challenge = base64.urlsafe_b64decode(challenge_b64)
# decrypt the challenge with the RSA key to generate the response
response = rsa.decrypt(challenge)
# encode the response
response_b64 = base64.urlsafe_b64encode(response)
except:
error('The response cannot be generated.')
###################################
# 5. [server] velify the response #
###################################
# decode the response
response = base64.urlsafe_b64decode(response_b64)
if( response != challengebits ):
error('The response does not match.')
print 'User is certificated.'
