堆栈内存溢出
  简体   繁体   English

使用 Python 密码库

[英]Working with the Python Cryptographic Library

 原文  2019-10-29 14:23:13       python/ cryptography/ python-3.7/ django-rest-framework-jwt

问题描述

I'm attempting to add the JWT_PUBLIC and JWT_PRIVATE key functionality to djangorestframework-jwt .我正在尝试将JWT_PUBLICJWT_PRIVATE密钥功能添加到djangorestframework-jwt This is the section in the documentation which gives details as to how to use it:这是文档中的部分,详细介绍了如何使用它:

Django REST 框架 JWT 公钥和私钥

To start, I have the following:首先,我有以下内容:

from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey, RSAPrivateKey

JWT_SECRET_KEY = 'supercrazysecretjwtstringwowamazing'

JWT_PUBLIC_KEY = RSAPublicKey().encrypt(JWT_SECRET_KEY)

JWT_PRIVAT_KEY = RSAPrivateKey().encrypt(JWT_SECRET_KEY)

However, I am receiving the following error:但是,我收到以下错误:

TypeError: Can't instantiate abstract class RSAPublicKey with abstract methods encrypt, key_size, public_bytes, public_numbers, verifier, verify

Having looked through the documentation, I am none the wiser as to what the is specifically asking me to do/change.浏览了文档后,我对具体要求我做什么/改变一无所知。

So, my question/(s) is/are:所以,我的问题是/是:

1.) How do we use the JWT_PUBLIC_KEY and JWT_PRIVATE_KEY functionality of this package? 1.) 我们如何使用这个 package 的JWT_PUBLIC_KEYJWT_PRIVATE_KEY功能?

2.) What does the " Can't instantiate abstract class X with abstract methods " actually mean in a Python context? 2.) “ Can't instantiate abstract class X with abstract methods ”在 Python 上下文中的实际含义是什么?

1 个解决方案

解决方案1
 0  2019-10-29 15:14:39

asymmetric crypto (ie having public and private keys) is different from symmetric crypto (ie just having a single secret key).非对称加密(即拥有公钥和私钥)不同于对称加密(即只有一个密钥)。 you can't (generally) derive an asymmetric (public/private) key pair from a passphrase, you have to generate them with something like openssl您不能(通常)从密码中派生非对称(公钥/私钥)密钥对,您必须使用 openssl 之类的内容生成它们

those docs also look incorrect, the code just passes the private and public keys to PyJWT which in turn expects strings这些文档看起来也不正确,代码只是将私钥和公钥传递给 PyJWT ,而 PyJWT 又需要字符串

to solve your problem:解决您的问题:

  1. start by generating the keypair , and extracting the public part into a separate file首先生成密钥对,然后将公共部分提取到单独的文件中
  2. change your config to something like:将您的配置更改为:
JWT_ALGORITHM = 'RS256'
JWT_PUBLIC_KEY = open('public.pem').read()
JWT_PRIVATE_KEY = open('private.pem').read()

and things will hopefully work!一切都会有希望的!

looks like I misread the code, you can load keys with something like:看起来我误读了代码,您可以使用以下内容加载键:

def load_rsa_private_key(path):
    from cryptography.hazmat.backends import default_backend
    from cryptography.hazmat.primitives import serialization

    with open(path, 'rb') as priv:
        private_key = serialization.load_pem_private_key(
            priv.read(), password=None, backend=default_backend())

    return private_key

JWT_PRIVATE_KEY = load_rsa_private_key('keypair.pem')
JWT_PUBLIC_KEY = JWT_PRIVATE_KEY.public_key()

I'm doing it in a function so that it doesn't pollute your config namespace too much我在 function 中这样做,这样它就不会过多地污染您的配置命名空间

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Python中的加密哈希函数 - Cryptographic hash functions in Python 推荐的Python加密模块? - Recommended Python cryptographic module? XOR加密算法不适用于> 54个字符 - XOR cryptographic algorithm not working for > 54 chars 是否有适用于Python 3的OAuth库? - Is there a working OAuth library for Python 3? Python映像库正在运行 - Python imaging library in working Python Turtle 库方法不起作用 - Python Turtle library methods not working 使用 Python 模块/库 (Scipy) - Working with Python Module/Library (Scipy) 其他 python 库在 macos 上不起作用 - Additional python library not working on macos 键盘库在 python 3.9.1 中不起作用 - keyboard library not working in python 3.9.1 在另一个文件夹python中使用库 - working with a library in a different folder python
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM