- 对称加密(如AES):
- 原理:使用同一个密钥进行加密和解密。在Redis存储字符串对象前,客户端使用AES算法和特定密钥对字符串进行加密,将加密后的密文存储到Redis中。当从Redis读取数据时,客户端再使用相同的密钥对密文进行解密,得到原始字符串。例如,在Python中可以使用
pycryptodome库实现AES加密。代码示例如下:
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
import base64
key = b'16bytekey123456'
cipher = AES.new(key, AES.MODE_CBC)
plaintext = b'Hello, Redis!'
padded_plaintext = pad(plaintext, AES.block_size)
ciphertext = cipher.encrypt(padded_plaintext)
iv_and_ciphertext = cipher.iv + ciphertext
encoded = base64.b64encode(iv_and_ciphertext).decode('utf - 8')
# 将encoded存储到Redis
# 解密过程
decoded = base64.b64decode(encoded)
iv = decoded[:AES.block_size]
ciphertext = decoded[AES.block_size:]
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = unpad(cipher.decrypt(ciphertext), AES.block_size)
print(decrypted.decode('utf - 8'))
- 非对称加密(如RSA):
- 原理:使用一对密钥,即公钥和私钥。客户端使用公钥对Redis字符串对象进行加密,然后将加密后的密文存储到Redis。当需要读取数据时,使用私钥进行解密。公钥用于加密,私钥用于解密,且私钥需妥善保管。例如,在Python中可以使用
cryptography库实现RSA加密。代码示例如下:
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.backends import default_backend
# 生成私钥和公钥
private_key = rsa.generate_private_key(
public_exponent = 65537,
key_size = 2048,
backend = default_backend()
)
public_key = private_key.public_key()
private_pem = private_key.private_bytes(
encoding = serialization.Encoding.PEM,
format = serialization.PrivateFormat.PKCS8,
encryption_algorithm = serialization.NoEncryption()
)
public_pem = public_key.public_bytes(
encoding = serialization.Encoding.PEM,
format = serialization.PublicFormat.SubjectPublicKeyInfo
)
# 加密
message = b'Hello, Redis!'
encrypted = public_key.encrypt(
message,
padding.OAEP(
mgf = padding.MGF1(algorithm = hashes.SHA256()),
algorithm = hashes.SHA256(),
label = None
)
)
# 将encrypted存储到Redis
# 解密
decrypted = private_key.decrypt(
encrypted,
padding.OAEP(
mgf = padding.MGF1(algorithm = hashes.SHA256()),
algorithm = hashes.SHA256(),
label = None
)
)
print(decrypted.decode('utf - 8'))
