将PHP中的openssl AES转换为Python AES [英] Convert openssl AES in Php to Python AES

问题描述

我有一个如下的php文件:

I have a php file which is as follow:

$encryption_encoded_key = 'c7e1wJFz+PBwQix80D1MbIwwOmOceZOzFGoidzDkF5g=';

function my_encrypt($data, $key) {
    $encryption_key = base64_decode($key);
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cfb'));

    $encrypted = openssl_encrypt($data, 'aes-256-cfb', $encryption_key, 1, $iv);

    // The $iv is just as important as the key for decrypting, so save it with encrypted data using a unique separator (::)
    return base64_encode($encrypted . '::' . $iv);
}

function my_decrypt($data, $key) {
    // Remove the base64 encoding from key
    $encryption_key = base64_decode($key);

    // To decrypt, split the encrypted data from IV - unique separator used was "::"
    list($encrypted_data, $iv) = explode('::', base64_decode($data), 2);

    return openssl_decrypt($encrypted_data, 'aes-256-cfb', $encryption_key, 1, $iv);
}

$data = 'USER_ID||NAME||EMAIL||MOBILE';
$data_encrypted = my_encrypt($data, $encryption_encoded_key);
echo $data_encrypted;
$data_decrypted = my_decrypt($data_encrypted, $encryption_encoded_key);
echo "Decrypted string: ". $data_decrypted;

这很好用，并且能够使用加密密钥进行加密/解密，现在我也有一个python文件:

This works fine, and is able to encrypt/decrypt with the encryption key, now i also have a python file:

import hashlib
import base64
from Crypto.Cipher import AES
from Crypto import Random

encryption_encoded_key = 'c7e1wJFz+PBwQix80D1MbIwwOmOceZOzFGoidzDkF5g='

def my_encrypt(data, key):
    #Remove the base64 encoding from key
    encryption_key = base64.b64decode(key)
    #Generate an initialization vector
    bs = AES.block_size
    iv = Random.new().read(bs)

    cipher = AES.new(encryption_key, AES.MODE_CFB, iv)
    #Encrypt the data using AES 256 encryption in CBC mode using our encryption key and initialization vector.
    encrypted = cipher.encrypt(data)

    #The iv is just as important as the key for decrypting, so save it with encrypted data using a unique separator (::)
    return base64.b64encode(encrypted + '::' + iv)


def my_decrypt(data, key):
    #Remove the base64 encoding from key
    encryption_key = base64.b64decode(key)

    #To decrypt, split the encrypted data from IV - unique separator used was "::"
    encrypted_data, iv = base64.b64decode(data).split('::')

    cipher = AES.new(encryption_key, AES.MODE_CFB, iv)

    return cipher.decrypt(encrypted_data)

data = 'USER_ID||NAME||EMAIL||MOBILE'

print "Actual string: %s" %(data)
data_encrypted = my_encrypt(data, encryption_encoded_key)
print data_encrypted

data_decrypted = my_decrypt(data_encrypted, encryption_encoded_key)
print "Decrypted string: %s" %(data_decrypted)

当我尝试从python使用它时，它也可以正常工作，它能够加密/解密输入字符串，我想使用php文件加密并使用python解密输出，两者都应使用CFB模式使用AES 256加密，我在做什么错了?

This also works fine when i try to use this from python, it is able to encrypt/decrypt input string, I want to encrypt using php file and decrypt the output in python, both should use AES 256 Encryption using CFB mode, what am i doing wrong ?

推荐答案

要使用 CFB模式，则需要为其指定一个段大小.OpenSSL具有 aes-256-cfb (128位)， aes-256-cfb1 (即1位)和 aes-256-cfb8 (8位)(以及AES-128和192的类似模式).因此，您在php代码中使用的是128位cfb.

To use CFB mode you need to specify a segment size for it. OpenSSL has aes-256-cfb (which is 128 bit), aes-256-cfb1 (i.e. 1-bit) and aes-256-cfb8 (8 bit) (and similar modes for AES-128 and 192). So you are using 128 bit cfb in your php code.

Python库接受 AES.new 的 segment_size 参数，但是默认值为 8 ，因此您在两个版本.

The Python library accepts a segment_size argument to AES.new, but the default is 8, so you are using different modes in the two versions.

要获取Python代码以解密PHP代码的输出，请向密码对象添加128的段大小:

To get the Python code to decrypt the output of the PHP code, add a segment size of 128 to the cipher object:

cipher = AES.new(encryption_key, AES.MODE_CFB, iv, segment_size=128)

(注意，这是使用PyCrypto的更新版本 PyCryptodome分支.PyCrypto在这里有错误并赢得了没事.)

(N.B. this is using the newer PyCryptodome fork of PyCrypto. PyCrypto has a bug here and won’t work.)

或者，您可以通过设置密码来获得使用CFB-8的PHP代码(显然不要同时更改两者):

Alternatively, you can get the PHP code to use CFB-8 by setting the cipher (don’t change both, obviously):

$encrypted = openssl_encrypt($data, 'aes-256-cfb8', $encryption_key, 1, $iv);

这篇关于将PHP中的openssl AES转换为Python AES的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！