问题
I want to use python to encrypt some data and have come across pycrypto as a possible tool. In order to encrypt the data, I need to:
- Input passphrase string
- SHA-256 the string, giving key for AES-256
- Represent sensitive data as string of 9 digit characters (ascii), with leading ascii 0s if present (the data will always be in this format).
- Encrypt data string using AES-256, NO SALT, using PKCS7 padding from RFC2315, in ecb mode.
- Represent ciphertext as Base64 (RFC 4648), needing 24 characters
Using pycrypto, steps 1-3 are fairly easy. 4 is giving me a little bit of trouble. I'm not sure what PKCS7 padding is, and I am not sure how to ensure that the encryption is not using a SALT. I was hoping someone could point me in the right direction re: step 4.
回答1:
PyCrypto does not have inbuilt feature for padding. But it is quite easy to implement it. Note: PKCS7 Padding will add an extra byte block when the input is already the correct size, which this function does as well. PKCS#7 padding is explained here.
def pad(m):
return m+chr(16-len(m)%16)*(16-len(m)%16)
KEY = sha256(passphrase).digest() #returns 256 bit key
cipher = AES.new(KEY,AES.MODE_ECB) #creates a AES-256 instance using ECB mode
ciphertext = cipher.encrypt(pad(data)).encode('base64')
Hopefully, this is what you are looking for.
During the process of Decryption, the unpad function might come handy.
def unpad(ct):
return ct[:-ct[-1]]
In Python 3, the unpad function may need to cast (depending on usage), looking like this:
def unpad(ct):
return ct[:-ord(ct[-1])]
P.S,
ECB mode of encryption is not cryptographic secure. Please use higher modes such as CBC, OFB or GCM.
GCM or Galois/Counter Mode provides both data confidentiality as well as authentication (Even for associated data, which need not be encrypted).
It is the most secure mode yet unless you use the same nonce twice
来源:https://stackoverflow.com/questions/43199123/encrypting-with-aes-256-and-pkcs7-padding