将Php中的openssl AES转换为Python AES

时间:2017-09-21 14:18:04

标签: php python encryption cryptography aes

我有一个php文件,如下所示:

$encryption_encoded_key = 'c7e1wJFz+PBwQix80D1MbIwwOmOceZOzFGoidzDkF5g=';

function my_encrypt($data, $key) {
    $encryption_key = base64_decode($key);
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cfb'));

    $encrypted = openssl_encrypt($data, 'aes-256-cfb', $encryption_key, 1, $iv);

    // The $iv is just as important as the key for decrypting, so save it with encrypted data using a unique separator (::)
    return base64_encode($encrypted . '::' . $iv);
}

function my_decrypt($data, $key) {
    // Remove the base64 encoding from key
    $encryption_key = base64_decode($key);

    // To decrypt, split the encrypted data from IV - unique separator used was "::"
    list($encrypted_data, $iv) = explode('::', base64_decode($data), 2);

    return openssl_decrypt($encrypted_data, 'aes-256-cfb', $encryption_key, 1, $iv);
}

$data = 'USER_ID||NAME||EMAIL||MOBILE';
$data_encrypted = my_encrypt($data, $encryption_encoded_key);
echo $data_encrypted;
$data_decrypted = my_decrypt($data_encrypted, $encryption_encoded_key);
echo "Decrypted string: ". $data_decrypted;

这很好用,并且能够使用加密密钥加密/解密,现在我也有一个python文件:

import hashlib
import base64
from Crypto.Cipher import AES
from Crypto import Random

encryption_encoded_key = 'c7e1wJFz+PBwQix80D1MbIwwOmOceZOzFGoidzDkF5g='

def my_encrypt(data, key):
    #Remove the base64 encoding from key
    encryption_key = base64.b64decode(key)
    #Generate an initialization vector
    bs = AES.block_size
    iv = Random.new().read(bs)

    cipher = AES.new(encryption_key, AES.MODE_CFB, iv)
    #Encrypt the data using AES 256 encryption in CBC mode using our encryption key and initialization vector.
    encrypted = cipher.encrypt(data)

    #The iv is just as important as the key for decrypting, so save it with encrypted data using a unique separator (::)
    return base64.b64encode(encrypted + '::' + iv)


def my_decrypt(data, key):
    #Remove the base64 encoding from key
    encryption_key = base64.b64decode(key)

    #To decrypt, split the encrypted data from IV - unique separator used was "::"
    encrypted_data, iv = base64.b64decode(data).split('::')

    cipher = AES.new(encryption_key, AES.MODE_CFB, iv)

    return cipher.decrypt(encrypted_data)

data = 'USER_ID||NAME||EMAIL||MOBILE'

print "Actual string: %s" %(data)
data_encrypted = my_encrypt(data, encryption_encoded_key)
print data_encrypted

data_decrypted = my_decrypt(data_encrypted, encryption_encoded_key)
print "Decrypted string: %s" %(data_decrypted)

当我尝试从python使用它时,这也可以正常工作,它能够加密/解密输入字符串, 我想使用php文件加密并解密python中的输出,两者都应该使用CFB模式的AES 256加密,我做错了什么?

1 个答案:

答案 0 :(得分:2)

要使用CFB mode,您需要为其指定段大小。 OpenSSL具有aes-256-cfb(128位),aes-256-cfb1(即1位)和aes-256-cfb8(8位)(以及AES-128和192的类似模式)。所以你在php代码中使用了128位cfb。

Python库接受segment_size的{​​{1}}参数,但默认值为 8 ,因此您在两个版本中使用不同的模式。

要获取Python代码以解密PHP代码的输出,请将段大小128添加到密码对象:

AES.new

(N.B。这是使用较新的PyCryptodome fork PyCrypto.PyCrypto在这里有一个错误,不起作用。)

或者,您可以通过设置密码来获取PHP代码以使用CFB-8(显然不要同时更改两者):

cipher = AES.new(encryption_key, AES.MODE_CFB, iv, segment_size=128)
相关问题
最新问题