我一直在寻找一个python库来帮助解密openssl blowfish加密密码。
我已经设法在Java中实现了这一点,但是支持它的python库看起来更像是一个学习曲线,并且需要自己编写。
就我们需要实现的目标而言,密码是未加密的并使用密码,出于这个问题的目的,我将其设置为“AAAAAAAA”。密码是“Blowfish / CBC / PKCS5Padding”。加密文本将作为字符串读入,与密钥和iv相同。
在openssl中,这只是'简单':
~$ # This is encrypting
~$ echo -n 'password' | openssl enc -bf -nosalt -a -K AAAAAAAA -iv AAAAAAAA
eAIUXziwB8QbBexkiIDR3A==
~$ # This is reversing the encryption
~$ echo 'eAIUXziwB8QbBexkiIDR3A==' | openssl enc -d -bf -nosalt -a -K AAAAAAAA -iv AAAAAAAA
password
在java中,解密是按照以下方式进行的:
private static final String KEY = "AAAAAAAA000000000000000000000000";
private static final String IV = "AAAAAAAA00000000";
private static final String FCN = "Blowfish/CBC/PKCS5Padding";
private static final String CN = "Blowfish";
final byte[] encoded = Base64.decode("eAIUXziwB8QbBexkiIDR3A==");
final SecretKeySpec key =
new SecretKeySpec(Hex.decodeHex(KEY.toCharArray()), CN);
final Cipher cipher = Cipher.getInstance(FCN, JCE_PROVIDER);
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(Hex.decodeHex(IV.toCharArray())));
final byte[] decrypted = cipher.doFinal(encoded);
return new String(decrypted);
有人可以为python提供一些指导吗?
答案 0 :(得分:2)
解码十六进制和base64编码的字符串是内置的:
In [1]: "AAAAAAAA000000000000000000000000".decode('hex')
Out[1]: '\xaa\xaa\xaa\xaa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
In [2]: "eAIUXziwB8QbBexkiIDR3A==".decode('base64')
Out[2]: 'x\x02\x14_8\xb0\x07\xc4\x1b\x05\xecd\x88\x80\xd1\xdc'
In [1]: from Crypto.Cipher import Blowfish
In [2]: KEY = "AAAAAAAA000000000000000000000000".decode('hex')
In [3]: IV = "AAAAAAAA00000000".decode('hex')
In [4]: cipher = Blowfish.new(KEY, Blowfish.MODE_CBC, IV)
In [5]: ciphertext = "eAIUXziwB8QbBexkiIDR3A==".decode('base64')
In [6]: cipher.decrypt(ciphertext)
Out[6]: 'password\x08\x08\x08\x08\x08\x08\x08\x08'
如果你想一次性从明文中剥离填充:
In [14]: cipher.decrypt(ciphertext).replace('\x08', '')
Out[14]: 'password'