douzhang1926 2019-01-14 06:49
浏览 460
已采纳

在PHP中加密文本并在Python中解密

I am using following code snippet to encrypt a text in PHP7:

$plaintext = "message to be encrypted";
$cipher = "aes-256-cbc";
$ivlen = openssl_cipher_iv_length($cipher);
$iv = "0123456789012345";
$key = "akshayakshayaksh";
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv);
print $ciphertext;

Output: cUXDhOEGz19QEo9XDvMzXkGFmg/YQUnXEqKVpfYtUGo=

Now, when I try to decrypt this in Python3 it gives error:

from Crypto.Cipher import AES
obj2 = AES.new('akshayakshayaksh', AES.MODE_CBC, '0123456789012345')
ciphertext = "cUXDhOEGz19QEo9XDvMzXkGFmg/YQUnXEqKVpfYtUGo="
obj2.decrypt(ciphertext)

Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/anaconda3/lib/python3.6/site-packages/Crypto/Cipher/blockalgo.py", line 295, in decrypt return self._cipher.decrypt(ciphertext) ValueError: Input strings must be a multiple of 16 in length

I get that AES is a block cipher algorithm. However, how should I fix my PHP code so that it generates "padded" cipher, any clues?

  • 写回答

1条回答 默认 最新

  • dsa456369 2019-01-14 09:51
    关注

    The main issue here is that you're using different key-size. PHP's openssl_encrypt determines the key size from the encryption algorithm string ("aes-256-cbc" in this case) so it expects a 256 bit key. If the key is shorter it is padded with zero bytes, so the actual key used by openssl_encrypt is:

    "akshayakshayaksh\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
    

    Pycryptodome determines the key size from the actual size of the key, so your Python code uses AES-128-CBC. Also, as mentioned in the coments by kelalaka, the ciphertext is base64 encoded (openssl_encrypt base64-encodes the ciphertext by default - we can get raw bytes if we use OPENSSL_RAW_DATA in $options). Pycryptodome doesn't decode the ciphertext, so we must use b64decode().

    key = b'akshayakshayaksh\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0'
    obj2 = AES.new(key, AES.MODE_CBC, b'0123456789012345')
    ciphertext = b"cUXDhOEGz19QEo9XDvMzXkGFmg/YQUnXEqKVpfYtUGo="
    print(obj2.decrypt(b64decode(ciphertext)))
    #b'message to be encrypted\t\t\t\t\t\t\t\t\t'
    

    The extra \t characters at the end is the padding - CBC requires padding. Pycryptodome doesn't remove padding automatically but it provides padding functions in Crypto.Util.Padding.

    from Crypto.Cipher import AES
    from Crypto.Util.Padding import unpad
    from base64 import b64decode
    
    key = b'akshayakshayaksh\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0'
    obj2 = AES.new(key, AES.MODE_CBC, b'0123456789012345')
    ciphertext = b"cUXDhOEGz19QEo9XDvMzXkGFmg/YQUnXEqKVpfYtUGo="
    plaintext = obj2.decrypt(b64decode(ciphertext))
    plaintext = unpad(plaintext, AES.block_size)
    

    Although PHP's openssl accepts arbitrary sized keys, it's best to use key size specified in the algorithm string, to prevent confusion at the very least. Also the key bytes should be as random as possible.

    As noted by Maarten Bodewes in the comments this key uses a limited range of bytes and so it's very weak. Furthermore it is created by repeating a word and that makes it vulnerable to dictionary attacks (which are much faster than bruteforce attacks).

    In PHP we can get cryptographically secure random bytes with random_bytes(),

    $key = random_bytes(32);  
    

    and in Python with os.urandom()

    key = os.urandom(32)
    

    (You can use the same functions to create the IV; you shouldn't use a static IV, the IV must be unpredictable)

    You could also derive a key from your password with a KDF. In this case it is important to use a random salt and a high enough number of iterations. PHP provies a PBKDF2 algorithm with the hash_pbkdf2 function, and Python with hashlib.pbkdf2_hmac.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 filenotfounderror:文件是存在的,权限也给了,但还一直报错
  • ¥15 关于远程桌面的鼠标位置转换
  • ¥15 MATLAB和mosek的求解问题
  • ¥20 修改中兴光猫sn的时候提示失败
  • ¥15 java大作业爬取网页
  • ¥15 怎么获取欧易的btc永续合约和交割合约的5m级的历史数据用来回测套利策略?
  • ¥15 有没有办法利用libusb读取usb设备数据
  • ¥15 为什么openeluer里面按不了python3呢?
  • ¥15 关于#matlab#的问题:训练序列与输入层维度不一样
  • ¥15 关于Ubuntu20.04.3LTS遇到的问题:在安装完CUDA驱动后,电脑会进入卡死的情况,但可以通过键盘按键进入安全重启,但重启完又会进入该情况!