如何在从Python传递到C ++并回到Python时保留文字 [英] How do I preserve literals when passing from Python to C++ and back to Python
问题描述
好的,这是交易。我有一个程序,使一个日志在Python。我希望这个日志可以在程序不使用时保护编辑,所以我编写了一个python脚本,它创建了C ++源代码,用于将日志重新打印回Python。一旦我编译这个源,我可以让日志很安全,然后只运行可执行文件来检索它。
问题:当我创建Python日志时,我替换'与等价的字面值( \'),这样它不会毁坏我的字符串,而他们的存储。但是,当我用C ++选择这个,并且它下来,我失去字面量,所以我得到破碎的字符串。是否有一个简单的方法用C ++中的'替换为与Python中的 replace 函数类似的相应字面值。 / p> 可能会有帮助的一些代码段:
如何将字符串写入日志in Python
logFile.write('{}'。format(somestring.replace(',\ \')。encode('ascii','ignore'))
<看起来像:
CRDict = {ID number string:[ [另一个列表]}
如何编写存储Python中日志字符串的C ++行(其中CR {}是 struct )
CFile.write CR {}。somestring ={}; \\\
'.format(num,somestring))
存储字符串的C ++行最终是什么样子
CR0.somestring =这是一个字符串,跟踪文字;
将字符串写回到Python的C ++行( CRPYLog )
CRPYLog< '+ CR0.somestring +',< endl
这是当它被打印回到Python日志时的行看起来像
'这是一个字符串,它不跟踪字面值
上面这行不是句法上有效的,所以当我尝试使用Python日志时会破坏。
为了解决似乎是您的主要目标,即使应用程序的日志在程序不使用时进行编辑时安全
数字签名是用于展示数字消息或文档的真实性的数学方案。有效的数字签名给予接收者相信该消息是由已知发送者创建的理由,使得发送者不能否认已经发送了消息(认证和不可否认),并且消息在传输(完整性)中没有被改变。数字签名通常用于软件分发,金融交易,以及在检测伪造或篡改的其他情况下。
/或加密文件:
在加密中,加密是以第三方不能读取消息(或信息)的方式编码消息(或信息)的过程,但只有授权方可以。
如果使用的(私人)加密密钥被有效地保密,这两种方法都是加密方式,使得非常难以不可见地改变文件内容。
在Python中,您可以使用 GnuPG ( python-gnupg ):
p>
gnupg模块允许Python程序利用GNU Privacy Guard(缩写为GPG或GnuPG)提供的功能。使用这个模块,Python程序可以加密和解密数据,数字签名文档和验证数字签名,管理(生成,列出和删除)加密密钥,使用成熟的基于OpenPGP的公钥基础设施(PKI)加密技术。
我没有自己使用这个Python库,但GnuPG本身有点标准,例如,用于保护电子邮件通信或linux包分发。 p>
请注意,即使您以这种方式加密文件,也可能需要数字签名。这是因为公钥正在用于加密,即按公开定义。在非对称加密中,您需要使用(秘密)私钥来解密密文,并创建一个数字签名,即对接收者(加密)和发送者(签名)的身份进行身份验证。
如果你想加密加完整性检查,请查看这个库:
也就是说,当操作系统的访问控制机制提供的保护足够时,配置它们限制和依赖。 (不需要密码短语检查。)
Ok, here's the deal. I have a program that makes a log in Python. I wanted this log to be secure from edits when the program isn't using it, so I wrote a python script which creates C++ source designed to reprint the log back into Python. Once I compile this source, I can have the log pretty secure, then just run the executable to retrieve it. Its convoluted, but it works
The Issue: When I create the Python log, I replace ' with the equivalent literal (\') so that it doesn't ruin my strings while their stored. But, when I pick this up with C++, and the plop it back down, I lose the literal, so I get broken strings. Is there an easy way to replace the ' in C++ with the corresponding literal similar to the replace function in Python.
Some code snippets that might help:
How I write string to the log in Python
logFile.write(" '{}'".format(somestring.replace("'","\\'").encode('ascii', 'ignore'))
What the Python log looks like:
CRDict = {"ID number string":[list of a bunch of items], "Another ID number: [Another list of things]}
How I write the C++ lines that store strings from the log in Python (where CR{} is struct)
CFile.write(' CR{}.somestring = "{}";\n'.format(num,somestring))
What the C++ line that stores the string ends up looking like
CR0.somestring = "This is a string and it doesn't keep track of literals";
The C++ line which writes the string back into Python (the file called CRPYLog)
CRPYLog << " '" + CR0.somestring + "'," << endl;
And this is what the line looks like when it gets printed back into the Python log
'This is a string and it doesn't keep track of literals'
The above line is not syntactically valid, so it will break when I try to use the Python log
In order to address what seems to be your primary goal, i.e., to make your application's "log to be secure from edits when the program isn't using it", I would suggest to stick with commonly used standard tools that were made for purposes alike.
For example, add a digital signature:
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.
and/or encrypt the file:
In cryptography, encryption is the process of encoding messages (or information) in such a way that third parties cannot read it, but only authorized parties can.
Both approaches are cryptographic ways to make it very hard to alter the file content undetectedly, if the used (private) encryption key is effectively kept secret.
In Python you could use GnuPG (python-gnupg) for both approaches:
The gnupg module allows Python programs to make use of the functionality provided by the GNU Privacy Guard (abbreviated GPG or GnuPG). Using this module, Python programs can encrypt and decrypt data, digitally sign documents and verify digital signatures, manage (generate, list and delete) encryption keys, using proven Public Key Infrastructure (PKI) encryption technology based on OpenPGP.
I haven't used this Python library myself, but GnuPG itself is somewhat standard, e.g., for securing e-mail communication or linux package distribution.
Note that you might need a digital signature even though you have encrypted the file this way. That's because a public key is being used for the encryption, that is by definition public. In asymmetric cryptography you need the (secret) private key to decode the ciphertext and to create a digital signature, that is to authenticate the identity of the recipient (encryption) and the sender (signature).
If you want to go with encryption plus integrity check, have a look at this library:
That is, when the protection provided by your operating system's access control mechanisms suffice, you could just configure them restrictively and rely on that. (No need for passphrase checks then either.)
这篇关于如何在从Python传递到C ++并回到Python时保留文字的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
