How to save an RSA key in GAE

时间:2015-07-31 20:36:26

标签: python google-app-engine encryption rsa

I generate an RSA key:

random_generator  = Random.new().read
k1                = RSA.generate(1024,random_generator)

If I create a new key from k1 export all works:

export             = k1.exportKey() 
k2                 = RSA.importKey(export)

If I encrypt with k1 and decrypt with k2 all is fine.

I would like to save "export" and then use it to create a new key, k3, so that I can encrypt with k1 and decrypt with k3. No luck so far. This is what I have tried:

class SavedKey(db.Model):
    k       =    db.BlobProperty()
r = SavedKey()
    r.k = export
    r.put()

What I retrieve does not work:

retrieved =db.GqlQuery("Select * from SavedKey ").fetch(1000)[0]
retrieved = saved.k
k3 = RSA.importKey(retrieved)

"retrieved" is in the correct private key format but of different value than the original "export". k3 works for encryption and decryption, but encrypted by k1 of course does not decrypt with k3, which is what I am trying to achieve.

What am I doing wrong?

1 个答案:

答案 0 :(得分:3)

你做错了是,你正在检索错误的实体。想想

db.GqlQuery("Select * from SavedKey ").fetch(1000)[0]

检索数据存储区中的SavedKey实体中的“随机”实体。相反,如果您要确保检索从export构建的实际内容(很难做到,因为您的SavedKey模型没有标识属性),一切都会正常工作。

以下是一个示例(使用ndb,因为继续使用旧版db毫无意义):

class MainHandler(webapp2.RequestHandler):
    def get(self):
        random_generator = Random.new().read
        k1 = RSA.generate(1024, random_generator)
        export = k1.exportKey() 

        self.response.headers['Content-Type'] = 'text/plain'
        self.response.write(export)

        r = SavedKey()
        r.k = export
        rk = r.put() 

        retrieved = rk.get().k
        self.response.write(retrieved)
        k3 = RSA.importKey(retrieved)

        encrypted = k1.encrypt('four score and seven years ago', 0)
        decrypted = k3.decrypt(encrypted)
        self.response.write('\n' + decrypted)

......这样可以正常工作。

相关问题
最新问题