如何在python中加密/解密配置文件 [英] How to encrypt/decrypt a configuration file in python
问题描述
我有一个读取配置文件的python应用程序.我需要对配置文件进行加密,以使其不在磁盘上.然后,我需要在我的应用程序中解密它并读取值.我看到有一个库 Secureconfig ,但仅适用于python 2.可以帮助我做到这一点的python吗?
I have a python application which read a configuration file. I need to encrypt the configuration file so it's not plain on disk. Then I need to decrypt it in my app and read the values. I see there is one library Secureconfig but it's only for python 2. Is there a similar lib in python that can help me do that?
推荐答案
由于您的程序将必须包含解密密钥,因此您将无法保护数据免受确定的用户的侵害,只会使解密变得更加困难.
Since your program will have to contain the decryption key, you won't be able to protect the data from a determined user, only make decrypting it somewhat harder.
根据加密服务-Python 3.7.3文档,Python不会开箱即用,不包含任何真实密码.只有 codecs 具有凯撒的密码和可恢复处理数据的标准编码,例如UUEncode和Base64.
As per Cryptographic Services — Python 3.7.3 documentation, Python doesn't include any true ciphers out of the box. Only codecs have Caesar's cipher and standard encodings that mangle the data recoverably like UUEncode and Base64.
因此,如果以上内容对您来说不够好,则您需要自己实施对称密码或使用库.参见例如无需额外模块的Python AES加密.
So if the above isn't good enough for you, you need to either implement a symmetric cipher yourself or use a library. See e.g. Python AES encryption without extra module.
由于无法在此处提供真正的安全性,因此通过隐蔽性实现安全性:使用非标准密码,不要一次解密所有文件,在进行加密/解密的地方很多,使用混淆的代码,添加隐藏的校验和以防止受到破坏篡改,使用存储在其他意外地方等文件外部的数据位.
Since true security is not possible here, the way to go depending on how hard you want to make it for a hacking user would be security through obscurity: use nonstandard ciphers, don't decrypt all the file at once, make many different place where the encryption/decryption takes place, use obfuscated code, add hidden checksums to protect from tampering, use bits of data outside the file stored in other, unexpected places etc.
如果您只是想让临时用户无法理解该文件,可以将Base64与 XOR结合使用密码已经使使用文本编辑器查看数据时变得完全难以理解.
If you are just interested in making the file unintelligible for a casual user, something like Base64 combined with XOR cipher will already make the data completely unintelligible when viewed with a text editor.
这篇关于如何在python中加密/解密配置文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
