我正在尝试使用SHA1哈希与Python和Cryptography库实现与PHP的openssl_pkey_get_private和openssl_sign等效的功能签名.我已经读过PHP使用PKCS1v15填充,这也是我尝试使用的填充.我的代码是:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.backends import default_backend
pk = open('key.pem', 'rb')
key = load_pem_private_key(pk.read(), password=None, backend=default_backend())
message = b'hello world'
signature = key.sign(
message,
padding.PKCS1v15,
hashes.SHA1()
)
执行此操作将导致:
---------------------------------------------------------------------------
TypeError Traceback (most recent call last)
<ipython-input-21-ef3db8a6f4a8> in <module>()
3 message,
4 padding.PKCS1v15,
----> 5 hashes.SHA1()
6 )
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
613
614 def sign(self, data, padding, algorithm):
--> 615 signer = self.signer(padding, algorithm)
616 signer.update(data)
617 signature = signer.finalize()
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in signer(self, padding, algorithm)
550
551 def signer(self, padding, algorithm):
--> 552 return _RSASignatureContext(self._backend, self, padding, algorithm)
553
554 def decrypt(self, ciphertext, padding):
/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in __init__(self, backend, private_key, padding, algorithm)
170
171 if not isinstance(padding, AsymmetricPadding):
--> 172 raise TypeError("Expected provider of AsymmetricPadding.")
173
174 self._pkey_size = self._backend._lib.EVP_PKEY_size(
TypeError: Expected provider of AsymmetricPadding.
解决方法:
运算符isinstance指示padding.PKCS1v15必须是一个实例,而不是类型(类)本身.这意味着应该通过调用构造函数来创建对象实例.
为此,请添加括号,即padding.PKCS1v15().