cryptography是python語言中非常著名的加解密庫,在算法層面提供了高層次的抽象,使用起來非常簡單、直觀,pythonic,同時還保留了各種不同算法的低級別接口,保留靈活性。
我們知道加密一般分爲對稱加密(Symmetric Key Encryption)和非對稱加密(Asymmetric Key Encryption)。,各自對應多種不同的算法,每種算法又有不同的密鑰位長要求,另外還涉及到不同的分組加密模式,以及末尾補齊方式。因此需要高層次的抽象,把這些參數封裝起來,讓我們使用時,不用關心這麼多參數,只要知道這麼用足夠安全就夠了。
對稱加密又分爲分組加密和序列加密,本文只討論對稱分組加密。
主流對稱分組加密算法:DES、3DES、AES
主流對稱分組加密模式:ECB、CBC、CFB、OFB
主流填充標準:PKCS7、ISO 10126、ANSI X.923、Zero padding
在cryptography庫中,對稱加密算法的抽象是fernet模塊,包括了對數據的加解密以及簽名驗證功能,以及密鑰過期機制。
該模塊採用如下定義:
加解密算法爲AES,密鑰位長128,CBC模式,填充標準PKCS7
簽名算法爲SHA256的HMAC,密鑰位長128位
密鑰可以設置過期時間
通過分析JS同等加密,JS如下:
密鑰:
var generateKey = function(){
var date = new Date();
var components = [
date.getYear(),
date.getMonth(),
date.getDate(),
date.getHours(),
date.getMinutes(),
date.getSeconds(),
date.getMilliseconds()
];
return((components.join("") + Math.random()).replace(".",""));
}
var ENCRYPTION_KEY = generateKey();
function setHeader(xhr){
xhr.setRequestHeader('adsHeader', ENCRYPTION_KEY);
xhr.setRequestHeader('googleCookie', 'airtel.com');
xhr.setRequestHeader('Content-Type', 'application/json');
}
function doAjaxRequestPostNew(url,callback,params)
{
//console.log(url+" params:"+params);
//params = "channelType=Web&rtn=9958777600&channelName=DevicePortal";
params = queryStringToJSON(params);
//console.log(url+" params:"+params);
//Encryption :
ENCRYPTION_KEY = generateKey();
var ENCRYPTED_REQUEST = CryptoJS.DES.encrypt(params,
CryptoJS.enc.Utf8.parse(ENCRYPTION_KEY),{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
}).toString();
//console.log(url+" params:"+ENCRYPTED_REQUEST);
url = url.replace("/account/AuthApp/", "/as/app/wl-service/airtel-digital-profile/rest/customer/authapp/v1/").toLowerCase();
$.ajax({
url: url,
type: 'POST',
async: true,
dataType: 'text',
data: ENCRYPTED_REQUEST,
success: function(response, status, xhr) { //function(response) { //
//console.log('response: '+response);
response = (response.split("<SCRIPT"))[0];
//console.log('response: '+response);
//console.log('status: '+status);
//Decryption :
var DEC_KEY = xhr.getResponseHeader('googlecookie');
//console.log('DEC_KEY: '+DEC_KEY);
var DECRYPTED_RESPONSE = JSON.parse(
CryptoJS.DES.decrypt(response.replace('"',''),
CryptoJS.enc.Utf8.parse(DEC_KEY),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
}).toString(CryptoJS.enc.Utf8));
console.log('DECRYPTED_RESPONSE: '+JSON.stringify(DECRYPTED_RESPONSE));
if (typeof(DECRYPTED_RESPONSE.requestkey) != 'undefined'){
requestKey = DECRYPTED_RESPONSE.requestkey;
}
getCallbackFunctionNew(DECRYPTED_RESPONSE.result, callback).call();
},error: function(xhr, status, error){
console.log('Error: '+xhr.responseText);
var objJSON = JSON.parse(xhr.responseText)
getCallbackFunctionNew(objJSON.code, callback).call();
},beforeSend:setHeader
});
}
解析後同等加密:
import base64
import time
import hashlib
import random
from cryptography.hazmat.primitives.ciphers import algorithms
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers import modes
from cryptography.hazmat.backends import default_backend
import requests
from http.cookiejar import MozillaCookieJar
from fake_useragent import UserAgent
主要的加密函數代碼:
#解密函數
def des_decrypt(key, content, pad):
ciphertext = base64.b64decode(content)
algorithm = algorithms.TripleDES(key[:8].encode())
cipher = Cipher(algorithm, modes.ECB(), backend=default_backend())
decryptor = cipher.decryptor()
data = decryptor.update(ciphertext)
print(data)
return data.rstrip(pad).decode()
#加密函數一
def sha1_encrypt(content):
return hashlib.sha1(content.encode()).hexdigest()
#加密函數二
def des_encrypt(key, content, pad):
if not isinstance(content, bytes):
content = content.encode()
content += pad * (8 - len(content) % 8)
algorithm = algorithms.TripleDES(key[:8].encode())
cipher = Cipher(algorithm, modes.ECB(), backend=default_backend())
encryptor = cipher.encryptor()
data = encryptor.update(content)
_data = base64.b64encode(data).decode()
return _data
#獲取加密的key
def get_adsheader():
localtime = time.localtime(time.time())
t = str(localtime.tm_year - 1900) + str(localtime.tm_mon - 1) + str(localtime.tm_mday) + \
str(localtime.tm_hour) + str(localtime.tm_min) + str(localtime.tm_sec) + str(random.randint(0, 1000))
return (t + str(random.random())).replace('.', '')
其它的加密例子:
使用fernet加解密的例子如下:
>>> import os
>>> from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
>>> from cryptography.hazmat.backends import default_backend
>>> backend = default_backend()
>>> key = os.urandom(32)
>>> iv = os.urandom(16)
>>> cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=backend)
>>> encryptor = cipher.encryptor()
>>> ct = encryptor.update(b"a secret message") + encryptor.finalize()
>>> decryptor = cipher.decryptor()
>>> decryptor.update(ct) + decryptor.finalize()
'a secret message'
可見加密時除了指定算法和模式,以及生成隨機的key之外,CBC模式還需要生成一個隨機的初始向量iv;解密時也要提供iv。
cryptography庫的fernet模塊封裝了對稱加密的操作,提供了三個基本操作:
產生對稱密鑰: generate_key
用對稱密鑰加密:encrypt
用對稱密鑰解密:decrypt
generate_key:可見只是產生了一個32位隨機數,並用base64編碼
@classmethod
def generate_key(cls):
return base64.urlsafe_b64encode(os.urandom(32))
生成32位密鑰後,前16位用來計算hmac,後16位用來加解密
self._signing_key = key[:16]
self._encryption_key = key[16:]
self._backend = backend
encrypt:
- 獲取current_time,並隨機生成16位的CBC初始向量iv
- 指定padding方式爲PKCS7
- 把要加密的原始data用padding方式補齊
- 指定用AES算法CBC模式加密
- 加密得到ciphertext
- 把current_time、iv、ciphertext三者合併得到一個basic_parts
basic_parts = (
b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext
)
- 計算basic_parts的hmac值
- 把basic_parts + hmac 做base64計算後返回,這就是我們最終得到的加密數據,裏面包含了時間戳、iv、密文、hmac
def encrypt(self, data):
current_time = int(time.time())
iv = os.urandom(16)
return self._encrypt_from_parts(data, current_time, iv)
def _encrypt_from_parts(self, data, current_time, iv):
if not isinstance(data, bytes):
raise TypeError("data must be bytes.")
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(data) + padder.finalize()
encryptor = Cipher(
algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
).encryptor()
ciphertext = encryptor.update(padded_data) + encryptor.finalize()
basic_parts = (
b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext
)
h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
h.update(basic_parts)
hmac = h.finalize()
return base64.urlsafe_b64encode(basic_parts + hmac)
decrypt:
完全於encrypt相反的操作
- 得到current_time
- base64解碼token,得到包含時間戳、iv、密文、hmac的data
- 根據時間戳和ttl,判斷密鑰是否已經失效
- 計算hmac,並於之前的hmac進行驗證,判斷密鑰有效性
- 獲取iv,和密文,並通過密鑰解密,得到經過pad的明文
- 通過PKCS7進行unpaid操作,得到去掉補齊的明文
- 返回最終結果
def decrypt(self, token, ttl=None):
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
try:
data = base64.urlsafe_b64decode(token)
except (TypeError, binascii.Error):
raise InvalidToken
if not data or six.indexbytes(data, 0) != 0x80:
raise InvalidToken
try:
timestamp, = struct.unpack(">Q", data[1:9])
except struct.error:
raise InvalidToken
if ttl is not None:
if timestamp + ttl < current_time:
raise InvalidToken
if current_time + _MAX_CLOCK_SKEW < timestamp:
raise InvalidToken
h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
h.update(data[:-32])
try:
h.verify(data[-32:])
except InvalidSignature:
raise InvalidToken
iv = data[9:25]
ciphertext = data[25:-32]
decryptor = Cipher(
algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
).decryptor()
plaintext_padded = decryptor.update(ciphertext)
try:
plaintext_padded += decryptor.finalize()
except ValueError:
raise InvalidToken
unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
unpadded = unpadder.update(plaintext_padded)
try:
unpadded += unpadder.finalize()
except ValueError:
raise InvalidToken
return unpadded