11

我正在创建执行不同任务的各种进程。其中一个且只有一个具有创建 PyCrypto 对象的安全模块。所以我的程序启动,创建了各种进程,处理消息的进程使用安全模块解密,我得到以下错误:

   firstSymKeybin = self.cipher.decrypt(encFirstSymKeybin, '')
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Cipher/PKCS1_v1_5.py", line 206, in decrypt
    m = self._key.decrypt(ct)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 174, in decrypt
    return pubkey.pubkey.decrypt(self, ciphertext)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/pubkey.py", line 93, in decrypt
    plaintext=self._decrypt(ciphertext)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 235, in _decrypt
    r = getRandomRange(1, self.key.n-1, randfunc=self._randfunc)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Util/number.py", line 123, in getRandomRange
    value = getRandomInteger(bits, randfunc)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Util/number.py", line 104, in getRandomInteger
    S = randfunc(N>>3)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 187, in read
    return self._singleton.read(bytes)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 163, in read
    return _UserFriendlyRNG.read(self, bytes)
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 122, in read
    self._check_pid()
  File "/usr/local/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 138, in _check_pid
    raise AssertionError("PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()")
AssertionError: PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()

当不从进程调用时,解密在交互式上效果很好。

我的安全模块如下所示:

'''
Created on 25 Apr 2013

@author: max
'''

import base64, ast, binascii
from Crypto.Cipher import AES
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey import RSA
import br_consts

class SecurityMod(object):
    '''
    classdocs
    '''

    def __init__(self):
        '''
        Constructor
        '''
        super(SecurityMod,self).__init__()
        self.privkey = RSA.importKey(open('./privkeyBR.pem', 'r').read())
        self.cipher = PKCS1_v1_5.new(self.privkey)
        self.ridToKeySalt = {}

    #depending on the type of message, encryption format is different 
    def encrypt(self, msg, rqId, rid):
        ##code
        return encMsg

    #return string of object so it can be parse by JSON
    def decrypt(self, encMsg, rqId, rid):

       #code
        return msgObjStr



    def pad_data(self,data):
        if len(data) == 0:
            return data
        if len(data) % 16 == 0:
            padding_required = 15
        else:
            padding_required = 15 - (len(data) % 16)
        data = '%s\x80' % data
        data = '%s%s' % (data, '\x00' * padding_required)
        return data


    def unpad_data(self,data):
        if not data:
            return data
        data = data.rstrip('\x00')
        if data[-1] == '\x80': 
            return data[:-1]
        else:
            return data
4

2 回答 2

8

你需要打电话Crypto.Random.atfork()os.fork()

我只是将__init__()安全模块放在其他模块之前

于 2013-06-07T10:14:57.680 回答
0

在 Mac 和 Linux 上安装 pycryptodome 包为我解决了这个问题。它是 Pycrypto 包的一个分支。

pip install pycryptodome

这是他们文档的链接:https ://pycryptodome.readthedocs.io/en/latest/index.html

于 2018-05-15T15:17:38.687 回答