【发布时间】:2018-02-06 19:50:12
【问题描述】:
我在解密 python 模块中的字符串时面临一个问题。 我在节点 js 文件中对字符串进行了加密并存储在数据库中。 从 Python 文件中的 DB 获取相同的字符串并尝试在 Python 文件中解密该字符串。
我使用以下配置和加密库来加密节点文件中的字符串。
/* jshint node: true */
'use strict';
var crypto = require('crypto');
var secureKeyStore = require('./keyEncryption').keyEncryption;
exports.encryptData = function (data) {
var cipher = crypto.createCipher(secureKeyStore.decrypt('aes-256-ctr'), secureKeyStore.decrypt('1a2a3a4a5a6a7a8b1b2b3b4b5b6b7b8'));
var crypted = cipher.update(data, 'utf8', 'hex');
crypted += cipher.final('hex');
return crypted;
};
exports.decryptData = function (data) {
var decipher = crypto.createDecipher('aes-256-ctr'), secureKeyStore.decrypt('1a2a3a4a5a6a7a8b1b2b3b4b5b6b7b8'));
var dec = decipher.update(data, 'hex', 'utf8');
dec += decipher.final('utf8');
return dec;
};
this.encryptData('abc@test.com');//将返回 3eaef0dd0caa0f40ff52879f67d2af150b77adb2e807cc4721cf
this.decryptData('3eaef0dd0caa0f40ff52879f67d2af150b77adb2e807cc4721cf');//将返回abc@test.com
我想在 Python 中使用相同的方法和配置,请帮助我。我是 python 新手,但我尝试了一些但无法实现我想要的。下面是我的 python 代码。
import sys
import chilkat
crypt = chilkat.CkCrypt2()
# AES is also known as Rijndael.
crypt.put_CryptAlgorithm("aes")
# CipherMode may be "ctr", "cfb", "ecb" or "cbc"
crypt.put_CipherMode("ctr")
# KeyLength may be 128, 192, 256
crypt.put_KeyLength(256)
# Counter mode emits the exact number of bytes input, and therefore
# padding is not used. The PaddingScheme property does not apply with CTR mode.
# EncodingMode specifies the encoding of the output for
# encryption, and the input for decryption.
# It may be "hex", "url", "base64", "quoted-printable", or many other choices.
crypt.put_EncodingMode("hex")
# An initialization vector (nonce) is required if using CTR mode.
# The length of the IV is equal to the algorithm's block size.
# It is NOT equal to the length of the key.
ivHex = "000102030405060708090A0B0C0D0E0F"
crypt.SetEncodedIV(ivHex,"hex")
# The secret key must equal the size of the key. For
# 256-bit encryption, the binary secret key is 32 bytes.
# For 128-bit encryption, the binary secret key is 16 bytes.
keyHex = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
crypt.SetEncodedKey(keyHex,"hex")
# Encrypt a string...
# The input string is 44 ANSI characters (i.e. 44 bytes), so
# the output should be 48 bytes (a multiple of 16).
# Because the output is a hex string, it should
# be 96 characters long (2 chars per byte).
encStr = crypt.encryptStringENC("abc@test.com")
print('coming from here encryptStringENC',encStr)
decrypt = chilkat.CkCrypt2()
decrypt.put_CryptAlgorithm("aes")
decrypt.put_CipherMode("ctr")
decrypt.put_KeyLength(256)
decrypt.put_EncodingMode("hex")
decrypt.SetEncodedIV(ivHex,"hex")
decrypt.SetEncodedKey(keyHex,"hex")
decStr = decrypt.decryptStringENC(encStr)
print('decrypted data',decStr)
提前致谢。
【问题讨论】:
-
ivHex = "000102030405060708090A0B0C0D0E0F"和keyHex = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"来自哪里?它们必须与加密值匹配。 -
当您将函数调用嵌入到函数调用中时,例如
secureKeyStore.decrypt(config.password)可能看起来“leet/1337”,但调试变得非常困难,因为无法检查该值以进行调试。不要那样做,使用中间临时变量。
标签: python node.js encryption cryptography