Question

我正在创建执行不同任务的各种流程。其中一个，只有其中一个，有一个安全模块，可以创建PyCrypto对象。所以我的程序启动，创建各种进程，处理消息的进程使用安全模块解密，我得到以下错误：

   firstSymKeybin = self.cipher.decrypt(encFirstSymKeybin, '')
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Cipher/PKCS1_v1_5.py", line 206, in decrypt
    m = self._key.decrypt(ct)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 174, in decrypt
    return pubkey.pubkey.decrypt(self, ciphertext)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/pubkey.py", line 93, in decrypt
    plaintext=self._decrypt(ciphertext)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 235, in _decrypt
    r = getRandomRange(1, self.key.n-1, randfunc=self._randfunc)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Util/number.py", line 123, in getRandomRange
    value = getRandomInteger(bits, randfunc)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Util/number.py", line 104, in getRandomInteger
    S = randfunc(N>>3)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 187, in read
    return self._singleton.read(bytes)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 163, in read
    return _UserFriendlyRNG.read(self, bytes)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 122, in read
    self._check_pid()
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 138, in _check_pid
    raise AssertionError("PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()")
AssertionError: PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()

当没有从进程调用时，解密在交互式上运行良好。

我的安全模块如下所示：

'''
Created on 25 Apr 2013

@author: max
'''

import base64, ast, binascii
from Crypto.Cipher import AES
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey import RSA
import br_consts

class SecurityMod(object):
    '''
    classdocs
    '''

    def __init__(self):
        '''
        Constructor
        '''
        super(SecurityMod,self).__init__()
        self.privkey = RSA.importKey(open('./privkeyBR.pem', 'r').read())
        self.cipher = PKCS1_v1_5.new(self.privkey)
        self.ridToKeySalt = {}

    #depending on the type of message, encryption format is different 
    def encrypt(self, msg, rqId, rid):
        ##code
        return encMsg

    #return string of object so it can be parse by JSON
    def decrypt(self, encMsg, rqId, rid):

       #code
        return msgObjStr



    def pad_data(self,data):
        if len(data) == 0:
            return data
        if len(data) % 16 == 0:
            padding_required = 15
        else:
            padding_required = 15 - (len(data) % 16)
        data = '%s\x80' % data
        data = '%s%s' % (data, '\x00' * padding_required)
        return data


    def unpad_data(self,data):
        if not data:
            return data
        data = data.rstrip('\x00')
        if data[-1] == '\x80': 
            return data[:-1]
        else:
            return data

Answer 1

您需要在Crypto.Random.atfork()

之后致电os.fork()

我只是将__init__()放在安全模块中，而不是其他

Answer 2

安装pycryptodome软件包在Mac和Linux上为我解决了这个问题。它是Pycrypto包的一个分支。

pip install pycryptodome

以下是其文档的链接：https://pycryptodome.readthedocs.io/en/latest/index.html

PyCrypto：AssertionError（“PID检查失败。必须在fork（）之后重新初始化RNG。提示：尝试Random.atfork（）”）

2 个答案: