from Crypto.Cipher import AES
import os
key = 'mysecretpassword'
iv = os.urandom(16)
plaintext1 = 'Secret Message A'
encobj = AES.new(key, AES.MODE_CBC, iv)
ciphertext1 = encobj.encrypt(plaintext1)
encryptedText = ciphertext1.encode('base64')
print encryptedText
decobj = AES.new(key, AES.MODE_CBC, iv)
print decobj.decrypt(ciphertext1)
我从代码中复制了encryptedText
和key
的打印值并粘贴到以下网站。
http://www.everpassword.com/aes-encryptor
http://www.nakov.com/blog/2011/12/26/online-aes-encryptor-decryptor-javascript/
我希望它能够解密我的密码,但它没有。因此我必须使用pycrypto错误。我该如何解决?这两个站点可以相互加密和解密,但是地雷不能。这两个网站确实都使用CBC模式。
答案 0 :(得分:3)
如果您查看相关网站的网页来源,您会看到它使用gibberish-aes javascript库。要想看到你必须做些什么来使其发挥作用,你必须研究它的作用。
查看其source code,它似乎使用随机盐进行加密。字符串Salted__
前面的字符在它被base64编码之前形成了密文的开头。
randArr = function(num) {
var result = [], i;
for (i = 0; i < num; i++) {
result = result.concat(Math.floor(Math.random() * 256));
}
return result;
},
和
enc = function(string, pass, binary) {
// string, password in plaintext
var salt = randArr(8),
pbe = openSSLKey(s2a(pass, binary), salt),
key = pbe.key,
iv = pbe.iv,
cipherBlocks,
saltBlock = [[83, 97, 108, 116, 101, 100, 95, 95].concat(salt)];
string = s2a(string, binary);
cipherBlocks = rawEncrypt(string, key, iv);
// Spells out 'Salted__'
cipherBlocks = saltBlock.concat(cipherBlocks);
return Base64.encode(cipherBlocks);
},
对于解密,它使用在base64解码(第一个slice
运算符)之后从密文的开头挑出盐的随机部分:
dec = function(string, pass, binary) {
// string, password in plaintext
var cryptArr = Base64.decode(string),
salt = cryptArr.slice(8, 16),
pbe = openSSLKey(s2a(pass, binary), salt),
key = pbe.key,
iv = pbe.iv;
cryptArr = cryptArr.slice(16, cryptArr.length);
// Take off the Salted__ffeeddcc
string = rawDecrypt(cryptArr, key, iv, binary);
return string;
},
现在缺少的部分是openSSLkey
功能:
openSSLKey = function(passwordArr, saltArr) {
// Number of rounds depends on the size of the AES in use
// 3 rounds for 256
// 2 rounds for the key, 1 for the IV
// 2 rounds for 128
// 1 round for the key, 1 round for the IV
// 3 rounds for 192 since it's not evenly divided by 128 bits
var rounds = Nr >= 12 ? 3: 2,
key = [],
iv = [],
md5_hash = [],
result = [],
data00 = passwordArr.concat(saltArr),
i;
md5_hash[0] = GibberishAES.Hash.MD5(data00);
result = md5_hash[0];
for (i = 1; i < rounds; i++) {
md5_hash[i] = GibberishAES.Hash.MD5(md5_hash[i - 1].concat(data00));
result = result.concat(md5_hash[i]);
}
key = result.slice(0, 4 * Nk);
iv = result.slice(4 * Nk, 4 * Nk + 16);
return {
key: key,
iv: iv
};
},
所以基本上你必须将openSSLKey
函数翻译成Python并输入你的密码和盐。这创建了一个(key,iv)元组。使用它们来加密您的数据。在使用base64对字符串进行编码之前,将字符串Salted__
和salt添加到密文。那么它应该可行,我想。