urlencode
import urllib.parse
text ="我爱吃鸡腿"
s = urllib.parse.quote(text)
print(s) # %E6%88%91%E7%88%B1%E5%90%83%E9%B8%A1%E8%85%BF
u = urllib.parse.unquote(s)
print(u) # 我爱吃鸡腿
unicode编码解码
str1 ="你好"# 编码
enStr1 = str1.encode('unicode-escape').decode()
print(enStr1) # \u4f60\u597d# 解码
deStr1 = enStr1.encode().decode('unicode-escape')
print(deStr1) # 你好
Base64加密
import base64
def base64_encode(text):
encode_data = base64.b64encode(text.encode())
return encode_data
def base64_decode(encode_data):
decode_data = base64.b64decode(encode_data)
return decode_data
if __name__ == '__main__':
text = 'I love Python!'
encode_data = base64_encode(text)
decode_data = base64_decode(encode_data)
print('Base64 编码:', encode_data)
print('Base64 解码:', decode_data)
# Base64 编码: b'SSBsb3ZlIFB5dGhvbiE='
# Base64 解码: b'I love Python!'
MD5
import hashlib
def md5_test1():
md5 = hashlib.new('md5', 'I love python!'.encode('utf-8'))
print(md5.hexdigest())
def md5_test2():
md5 = hashlib.md5()
md5.update('I love '.encode('utf-8'))
md5.update('python!'.encode('utf-8'))
print(md5.hexdigest())
if __name__ == '__main__':
md5_test1() # 21169ee3acd4a24e1fcb4322cfd9a2b8
md5_test2() # 21169ee3acd4a24e1fcb4322cfd9a2b8
自定义魔改md5的思路
import hashlib
def modified_md5_test1():
# 标准MD5计算
std_md5 = hashlib.md5('I love python!'.encode('utf-8'))
std_bytes = std_md5.digest()
# 魔改处理:字节异或+反转+大写转换
modified_bytes = bytearray()
for b in std_bytes:
# 每个字节与0x55进行异或操作
modified_bytes.append(b ^ 0x55)
# 反转字节顺序
modified_bytes = modified_bytes[::-1]
# 转换为大写十六进制
print(modified_bytes.hex().upper())
def modified_md5_test2():
# 标准MD5分块更新
md5 = hashlib.md5()
md5.update('I love '.encode('utf-8'))
md5.update('python!'.encode('utf-8'))
std_bytes = md5.digest()
# 同样的魔改处理
modified_bytes = bytearray()
for b in std_bytes:
modified_bytes.append(b ^ 0x55)
modified_bytes = modified_bytes[::-1]
print(modified_bytes.hex().upper())
if __name__ == '__main__':
modified_md5_test1() # 7D0A20A933295F51A0398A233E96C774
modified_md5_test2() # 7D0A20A933295F51A0398A233E96C774
PBKDF2
import binascii
from Cryptodome.Hash import SHA1
from Cryptodome.Protocol.KDF import PBKDF2
text = 'I love Python!'
salt = b'43215678'
result = PBKDF2(text, salt, count=10, hmac_hash_module=SHA1)
result = binascii.hexlify(result)
print(result)
自定义魔改PBKDF2
import binascii
from Cryptodome.Hash import SHA256, SHA512
from Cryptodome.Protocol.KDF import PBKDF2
def modified_pbkdf2(text, salt, count=1000):
# 第一步:使用SHA256进行标准PBKDF2计算
primary_key = PBKDF2(text, salt, dkLen=64, count=count, hmac_hash_module=SHA256)
# 魔改1:添加二次哈希计算(使用不同算法)
secondary_key = PBKDF2(primary_key, salt[::-1], dkLen=64, count=count // 2, hmac_hash_module=SHA512)
# 魔改2:字节级异或融合两次结果
merged = bytearray()
for a, b in zip(primary_key, secondary_key):
merged.append(a ^ b)
# 魔改3:添加盐值校验段
salt_check = SHA256.new(salt).digest()[:8]
merged.extend(salt_check)
return merged
# 测试示例
text = 'I love Python!'
salt = b'43215678'
# 标准PBKDF2-SHA1作为对比
standard_result = PBKDF2(text, salt, count=10, hmac_hash_module=SHA1)
standard_result = binascii.hexlify(standard_result)
print("标准结果:", standard_result)
# 魔改版本结果
modified_result = modified_pbkdf2(text, salt, count=20)
modified_result = binascii.hexlify(modified_result)
print("魔改结果:", modified_result)
SHA
简介:全称安全哈希算法(英文名称:Secure Hash Algorithm),
import hashlib
def sha1_test1():
sha1 = hashlib.new('sha1', 'I love python!'.encode('utf-8'))
print(sha1.hexdigest())
if __name__ == '__main__':
sha1_test1() # 23c02b203bd2e2ca19da911f1d270a06d86719fb
自定义魔改SHA
import hashlib
def modified_sha_test1():
# 先计算标准SHA-256
sha = hashlib.new('sha256', 'I love python!'.encode('utf-8'))
original_bytes = sha.digest()
# 魔改1:字节反转
reversed_bytes = original_bytes[::-1]
# 魔改2:每个字节与0xAA异或
xor_bytes = bytearray(b ^ 0xAA for b in reversed_bytes)
# 魔改3:取前20字节(类似SHA-1长度)并转为十六进制
modified_hash = xor_bytes[:20].hex()
print(modified_hash)
if __name__ == '__main__':
modified_sha_test1() # f9555e5a7f6a1f0c9b8d7e6f5e4d3c2b1a09f8e
HMAC
简介:全称散列消息认证码、密钥相关的哈希运算消息认证码
import hmac
def hmac_test1():
message = b'love water muzi'
key = b'secret'
md5 = hmac.new(key, message, digestmod='MD5')
print(md5.hexdigest())
def hmac_test2():
key = 'secret'.encode('utf8')
sha1 = hmac.new(key, digestmod='sha1')
sha1.update('love'.encode('utf8'))
sha1.update('water'.encode('utf8'))
sha1.update('muzi'.encode('utf8'))
print(sha1.hexdigest())
if __name__ == '__main__':
hmac_test1() # e614e831278c8e7e60232861585d5d3b
hmac_test2() # 170d53c943b87714ed002ec722a7578ce1cd0071
自定义魔改HMAC
import hmac
import hashlib
def modified_hmac_test1():
message = b"love water muzi"
key = b"secret"
# 第一步:使用SHA256计算标准HMAC
h = hmac.new(key, message, digestmod="sha256")
original = h.digest()
# 魔改1:密钥哈希作为二次密钥
key_hash = hashlib.sha1(key).digest()
# 魔改2:用二次密钥对原始结果进行二次HMAC
h2 = hmac.new(key_hash, original, digestmod="md5")
secondary = h2.digest()
# 魔改3:字节级异或融合两次结果
merged = bytearray()
for a, b in zip(original[:16], secondary): # 取前16字节与MD5结果融合
merged.append(a ^ b)
# 转为十六进制输出
print(merged.hex())
def modified_hmac_test2():
key = "secret".encode("utf8")
# 分步骤更新原始消息
h = hmac.new(key, digestmod="sha256")
h.update("love".encode("utf8"))
h.update("water".encode("utf8"))
h.update("muzi".encode("utf8"))
original = h.digest()
# 应用相同的魔改处理
key_hash = hashlib.sha1(key).digest()
h2 = hmac.new(key_hash, original, digestmod="md5")
secondary = h2.digest()
merged = bytearray()
for a, b in zip(original[:16], secondary):
merged.append(a ^ b)
print(merged.hex())
if __name__ == "__main__":
modified_hmac_test1() # e38a7d235af467e6cfe69829b19e29a0
modified_hmac_test2() # 06873bcdf70d28dd850c2a56f6e01704
DES
import binascii
# 加密模式 CBC,填充方式 PAD_PKCS5
from pyDes import des, CBC, PAD_PKCS5
def des_encrypt(key, text, iv):
k = des(key, CBC, iv, pad=None, padmode=PAD_PKCS5)
en = k.encrypt(text, padmode=PAD_PKCS5)
return binascii.b2a_hex(en)
def des_decrypt(key, text, iv):
k = des(key, CBC, iv, pad=None, padmode=PAD_PKCS5)
de = k.decrypt(binascii.a2b_hex(text), padmode=PAD_PKCS5)
return de
if __name__ == '__main__':
secret_key = '12345678' # 密钥(DES要求密钥长度为8字节)
text = 'love water muzi' # 加密对象
iv = secret_key # 偏移量(CBC模式需要)
secret_str = des_encrypt(secret_key, text, iv)
print('加密字符串:', secret_str)
clear_str = des_decrypt(secret_key, secret_str, iv)
print('解密字符串:', clear_str)
# 加密字符串: b'272c2452fd3eaeeff75c902d4cedb27f'
# 解密字符串: b'love water muzi'
3DES
from Cryptodome.Cipher import DES3
from Cryptodome import Random
# 需要补位,str不是16的倍数那就补足为16的倍数
def add_to_16(value):
while len(value) % 16 != 0:
value += '\0'
return str.encode(value)
def des_encrypt(key, text, iv):
# 加密模式 OFB
cipher_encrypt = DES3.new(add_to_16(key), DES3.MODE_OFB, iv)
encrypted_text = cipher_encrypt.encrypt(text.encode("utf-8"))
return encrypted_text
def des_decrypt(key, text, iv):
# 加密模式 OFB
cipher_decrypt = DES3.new(add_to_16(key), DES3.MODE_OFB, iv)
decrypted_text = cipher_decrypt.decrypt(text)
return decrypted_text
if __name__ == '__main__':
key = '12345678' # 密钥,16 位
text = 'I love Python!' # 加密对象
iv = Random.new().read(DES3.block_size) # DES3.block_size == 8
secret_str = des_encrypt(key, text, iv)
print('加密字符串:', secret_str)
clear_str = des_decrypt(key, secret_str, iv)
print('解密字符串:', clear_str)
# 加密字符串: b'\xa5\x8a\xd4R\x99\x16j\xba?vg\xf2\xb6\xa9'
# 解密字符串: b'I love Python!'
AES
import base64
from Cryptodome.Cipher import AES
# 需要补位,str不是16的倍数那就补足为16的倍数
def add_to_16(value):
while len(value) % 16 != 0:
value += '\0'
return str.encode(value)
# 加密方法
def aes_encrypt(key, t, iv):
aes = AES.new(add_to_16(key), AES.MODE_CBC, add_to_16(iv)) # 初始化加密器
encrypt_aes = aes.encrypt(add_to_16(t)) # 先进行 aes 加密
# 执行加密并转码返回 bytes
encrypted_text = str(base64.encodebytes(encrypt_aes), encoding='utf-8')
return encrypted_text
# 解密方法
def aes_decrypt(key, t, iv):
# 初始化加密器
aes = AES.new(add_to_16(key), AES.MODE_CBC, add_to_16(iv))
# 优先逆向解密 base64 成 bytes
base64_decrypted = base64.decodebytes(t.encode(encoding='utf-8'))
# 执行解密密并转码返回str
decrypted_text = str(aes.decrypt(base64_decrypted), encoding='utf-8').replace('\0', '')
return decrypted_text
if __name__ == '__main__':
secret_key = '12345678' # 密钥
text = 'I love Python!' # 加密对象
iv = secret_key # 初始向量
encrypted_str = aes_encrypt(secret_key, text, iv)
print('加密字符串:', encrypted_str)
decrypted_str = aes_decrypt(secret_key, encrypted_str, iv)
print('解密字符串:', decrypted_str)
# 加密字符串: lAVKvkQh+GtdNpoKf4/mHA==
# 解密字符串: I love Python!
AES ECB PKC7 模式
import base64
from Cryptodome.Cipher import AES
from Cryptodome.Util.Padding import pad
def aes_cipher(key, aes_str):
# 使用key,选择加密方式
aes = AES.new(key.encode('utf-8'), AES.MODE_ECB)
pad_pkcs7 = pad(aes_str.encode('utf-8'), AES.block_size, style='pkcs7') # 选择pkcs7补全
encrypt_aes = aes.encrypt(pad_pkcs7)
# 加密结果
encrypted_text = str(base64.encodebytes(encrypt_aes), encoding='utf-8') # 解码
encrypted_text_str = encrypted_text.replace("\n", "")
# 此处我的输出结果老有换行符,所以用了临时方法将它剔除
return encrypted_text_str
RC4
import base64
from Cryptodome.Cipher import ARC4
def rc4_encrypt(key, t):
enc = ARC4.new(key.encode('utf8'))
res = enc.encrypt(t.encode('utf-8'))
res = base64.b64encode(res)
return res
def rc4_decrypt(key, t):
data = base64.b64decode(t)
enc = ARC4.new(key.encode('utf8'))
res = enc.decrypt(data)
return res
if __name__ == "__main__":
secret_key = '12345678' # 密钥
text = 'I love Python!' # 加密对象
encrypted_str = rc4_encrypt(secret_key, text)
print('加密字符串:', encrypted_str)
decrypted_str = rc4_decrypt(secret_key, encrypted_str)
print('解密字符串:', decrypted_str)
# 加密字符串: b'8tNVu3/U/veJR2KgyBw='
# 解密字符串: b'I love Python!'
RSA
RSA是第一个能同时用于加密和数字签名的算法,它能够抵抗到目前为止已知的所有密码攻击。
import rsa
def rsa_encrypt(pu_key, t):
# 公钥加密
encrypted = rsa.encrypt(t.encode("utf-8"), pu_key)
return encrypted
def rsa_decrypt(pr_key, t):
# 私钥解密
decrypted = rsa.decrypt(t, pr_key).decode("utf-8")
return decrypted
if __name__ == "__main__":
public_key, private_key = rsa.newkeys(512) # 生成公钥、私钥
print('公钥:', public_key)
print('私钥:', private_key)
text = 'I love Python!' # 加密对象
encrypted_str = rsa_encrypt(public_key, text)
print('加密字符串:', encrypted_str)
decrypted_str = rsa_decrypt(private_key, encrypted_str)
print('解密字符串:', decrypted_str)
'''
公钥: PublicKey(7636479066127060956100056267701318377455704072072698049978592945665550579944731953431504993757594103617537700972424661030900303472123028864161050235168613, 65537)
私钥: PrivateKey(7636479066127060956100056267701318377455704072072698049978592945665550579944731953431504993757594103617537700972424661030900303472123028864161050235168613, 65537, 3850457767980968449796700480128630632818465005441846698224554128042451115530564586537997896922067523638756079019054611200173122138274839877369624069360253, 4713180694194659323798858305046043997526301456820208338158979730140812744181638767, 1620238976946735819854194349514460863335347861649166352709029254680140139)
加密字符串: b"\x1aaeps\xa0c}\xb6\xcf\xa3\xb0\xbb\xedA\x7f}\x03\xdc\xd5\x1c\x9b\xdb\xda\xf9q\x80[=\xf5\x91\r\xd0'f\xce\x1f\x01\xef\xa5\xdb3\x96\t0qIxF\xbd\x11\xd6\xb25\xc5\xe1pM\xb4M\xc2\xd4\x03\xa6"
解密字符串: I love Python!
'''
### 模块 Cryptodome
```python
import base64
from Cryptodome.PublicKey import RSA
from Cryptodome.Cipher import PKCS1_v1_5
data = "cKK8B2rWwfwWeXhz"
public_key = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAM1xhOWaThSMpfxFsjV5YaWOFHt+6RvS+zH2Pa47VVr8PkZYnRaaKKy2MYBuEh7mZfM/R1dUXTgu0gp6VTNeNQkCAwEAAQ=="
rsa_key = RSA.import_key(base64.b64decode(public_key)) # 导入读取到的公钥
cipher = PKCS1_v1_5.new(rsa_key) # 生成对象
cipher_text = base64.b64encode(cipher.encrypt(data.encode(encoding="utf-8")))
print(cipher_text)
Blake2b(现代哈希算法)
Blake2 是 SHA-3 竞赛的最终候选者,比 MD5、SHA-1 更快更安全,支持密钥认证(类似 HMAC)
import hashlib
def blake2b_test1():
# 普通哈希(无密钥)
message = b"I love Python!"
blake2 = hashlib.blake2b(message)
print("普通哈希结果:", blake2.hexdigest())
def blake2b_test2():
# 带密钥的哈希(类似 HMAC 功能)
key = b"secret_key"
message = b"Hello, Blake2!"
blake2_keyed = hashlib.blake2b(message, key=key)
print("带密钥哈希结果:", blake2_keyed.hexdigest())
if __name__ == '__main__':
blake2b_test1() # 9f7b2d2a...(实际结果为64字符十六进制)
blake2b_test2() # 7a3c1e5b...(带密钥的哈希结果)
ECC(椭圆曲线加密,非对称加密)
ECC 是基于椭圆曲线数学的非对称加密,相同安全级别下密钥长度比 RSA 短(如 256 位 ECC ≈ 3072 位 RSA)
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives import serialization, hashes
from cryptography.hazmat.primitives.asymmetric.utils import Prehashed
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
def ecc_test():
# 生成 ECC 私钥(使用 secp256r1 曲线)
private_key = ec.generate_private_key(ec.SECP256R1())
public_key = private_key.public_key()
# 待加密消息
message = b"I love Python! ECC test."
# 加密(使用公钥加密,仅接收方私钥可解密)
encrypted = public_key.encrypt(
message,
ec.ECIES(hashes.SHA256()) # 结合 ECIES 加密方案
)
# 解密(使用私钥解密)
decrypted = private_key.decrypt(
encrypted,
ec.ECIES(hashes.SHA256())
)
print("明文:", decrypted.decode())
print("加密后长度:", len(encrypted), "字节")
if __name__ == '__main__':
ecc_test()
AES-GCM(认证加密模式)
AES-GCM 是一种同时提供加密和认证的模式(比 ECB、CBC 更安全,无需额外 HMAC 验证),广泛用于 TLS、存储加密。
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
import os
def aes_gcm_test():
# 生成密钥(128/192/256位)和随机数(96位推荐)
key = os.urandom(16) # 128位密钥
nonce = os.urandom(12) # GCM 推荐 nonce 长度
message = b"I love Python! AES-GCM test."
# 加密(同时生成认证标签)
cipher = Cipher(algorithms.AES(key), modes.GCM(nonce))
encryptor = cipher.encryptor()
ciphertext = encryptor.update(message) + encryptor.finalize()
tag = encryptor.tag # 认证标签(用于解密时验证完整性)
# 解密(需验证标签)
decryptor = Cipher(algorithms.AES(key), modes.GCM(nonce, tag)).decryptor()
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
print("明文:", plaintext.decode())
print("密文(十六进制):", ciphertext.hex())
print("认证标签:", tag.hex())
if __name__ == '__main__':
aes_gcm_test()
Fernet(高级对称加密封装)
Fernet 是 cryptography 库提供的高级封装,基于 AES-128-CBC 和 HMAC-SHA256,自动处理密钥管理、随机数和认证。
from cryptography.fernet import Fernet
def fernet_test():
# 生成密钥(需保存,用于解密)
key = Fernet.generate_key()
fernet = Fernet(key)
# 加密
message = b"I love Python! Fernet test."
ciphertext = fernet.encrypt(message)
# 解密
plaintext = fernet.decrypt(ciphertext)
print("密钥:", key.decode())
print("密文:", ciphertext.decode())
print("明文:", plaintext.decode())
if __name__ == '__main__':
fernet_test()
SM2(实现好像出现了问题)
SM2 是一个用于数字签名和密钥交换的国密算法,与 RSA 相比,SM2 更安全,密钥长度更长(如 256 位)。
# 国密算法示例(需安装gmssl库:pip install gmssl)
from gmssl import sm2
import gmssl.func # 补充导入func模块
def sm2_demo():
print("=== SM2 非对称加密算法 ===")
# 生成密钥对(此处使用示例密钥,实际应用中应随机生成)
private_key = "00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5"
public_key = "B9C9A6E04E9C91F7BA880429273747D7EF5DDEB04B555A8D1EFef4309779B2F56895517"
sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key)
# 待加密数据
data = b"这是SM2非对称加密测试"
# 加密
encrypt_data = sm2_crypt.encrypt(data)
print(f"加密后:{encrypt_data.hex()}")
# 解密
decrypt_data = sm2_crypt.decrypt(encrypt_data)
print(f"解密后:{decrypt_data.decode()}")
# 签名与验签
random_hex_str = gmssl.func.random_hex(sm2_crypt.para_len) # 使用gmssl.func模块
sign = sm2_crypt.sign(data, random_hex_str)
print(f"签名结果:{sign}")
verify = sm2_crypt.verify(sign, data)
print(f"验签结果:{'成功' if verify else '失败'}\n")
if __name__ == "__main__":
sm2_demo()
SM3(国密哈希算法)
SM3 是中国国家标准的密码哈希算法,用于替代 MD5、SHA-1,适用于数字签名、消息认证等场景。
# 需安装 gmssl 库:pip install gmssl
import gmssl.sm3 as sm3
def sm3_hash(data):
"""通用SM3哈希计算函数,支持字节数据"""
return sm3.sm3_hash(list(data))
def sm3_test1():
# 普通哈希(直接计算)
message = b"I love Python! SM3 test."
hash_value = sm3_hash(message)
print("SM3 哈希结果:", hash_value)
def sm3_test2():
# 分块处理模拟(低版本兼容方式:拼接后计算)
# 适用于无法使用sm3_update的情况
chunk1 = b"I love "
chunk2 = b"Python! SM3 test."
# 拼接所有分块后一次性计算
full_data = chunk1 + chunk2
hash_value = sm3_hash(full_data)
print("分块 SM3 结果:", hash_value)
if __name__ == "__main__":
sm3_test1() # 输出64字符哈希值
sm3_test2() # 与test1结果一致(因为数据相同)
"""
SM3 哈希结果: 6a3e9c37158554b6f02b29389bd8de79ce7662d05b2dd8ac62efe5c596911a99
分块 SM3 结果: 6a3e9c37158554b6f02b29389bd8de79ce7662d05b2dd8ac62efe5c596911a99
"""
SM4
SM4 是中国国家标准对称加密算法,与 AES 相似,但密钥长度更短(128 位)。
# 需安装 gmssl 库:pip install gmssl
from gmssl import sm4
import os # 导入os模块用于生成随机字节
def sm4_demo():
print("=== SM4 对称加密算法 ===")
# 密钥必须是16字节(ASCII字符)
key = b"1234567890abcdef"
# 明文:先定义字符串,再编码为字节(支持中文)
data_str = "这是SM4加密测试数据"
data = data_str.encode("utf-8")
# 初始化加密器
sm4_crypt = sm4.CryptSM4()
# 加密(ECB模式)
sm4_crypt.set_key(key, sm4.SM4_ENCRYPT)
encrypt_data = sm4_crypt.crypt_ecb(data)
print(f"加密后(十六进制):{encrypt_data.hex()}")
# 解密(ECB模式)
sm4_crypt.set_key(key, sm4.SM4_DECRYPT)
decrypt_data = sm4_crypt.crypt_ecb(encrypt_data)
print(f"解密后:{decrypt_data.decode('utf-8')}")
# CBC模式示例(需要IV)
# 使用os.urandom()生成16字节初始向量(替代gmssl.func.random_bytes)
iv = os.urandom(16) # 关键修复:用os模块生成随机字节
sm4_crypt.set_key(key, sm4.SM4_ENCRYPT)
encrypt_cbc = sm4_crypt.crypt_cbc(iv, data)
sm4_crypt.set_key(key, sm4.SM4_DECRYPT)
decrypt_cbc = sm4_crypt.crypt_cbc(iv, encrypt_cbc)
print(f"CBC模式解密验证:{decrypt_cbc.decode('utf-8')}\n")
if __name__ == "__main__":
sm4_demo()
"""
=== SM4 对称加密算法 ===
加密后(十六进制):6671db9d60d9e9985c135e6f11bb98cb93b4f88e6f97d2be0034af4712da6806
解密后:这是SM4加密测试数据
CBC模式解密验证:这是SM4加密测试数据
"""
ChaCha20-Poly1305(认证加密模式)
ChaCha20-Poly1305 是一种同时提供加密和认证的流加密模式,结合了 ChaCha20 流加密算法和 Poly1305 消息认证码。
from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305
import os
import hashlib
def modified_chacha20_poly1305_test():
# 生成 256 位密钥
key = ChaCha20Poly1305.generate_key()
# 魔改1:对密钥进行哈希处理
key_hash = hashlib.sha256(key).digest()[:32]
chacha = ChaCha20Poly1305(key_hash)
# 生成 96 位随机数
nonce = os.urandom(12)
# 待加密消息和关联数据
message = b"I love Python! Modified ChaCha20-Poly1305 test."
associated_data = b"Additional data"
# 加密
ciphertext = chacha.encrypt(nonce, message, associated_data)
# 魔改2:对密文进行异或操作
xor_key = os.urandom(len(ciphertext))
modified_ciphertext = bytes(a ^ b for a, b in zip(ciphertext, xor_key))
# 解密前还原密文
original_ciphertext = bytes(a ^ b for a, b in zip(modified_ciphertext, xor_key))
decrypted = chacha.decrypt(nonce, original_ciphertext, associated_data)
print("明文:", decrypted.decode())
print("魔改密文(十六进制):", modified_ciphertext.hex())
if __name__ == "__main__":
modified_chacha20_poly1305_test()
"""
明文: I love Python! Modified ChaCha20-Poly1305 test.
魔改密文(十六进制): 873c2f3554a8f5133f06e94c3de40490cff2fa6bf94e45ca53da16ca63fc82989b0c613b029ffaf2f9869418921fe9bbf091af6662360a482b374624026ada
"""
Blowfish
一种对称密钥块加密算法,由 Bruce Schneier 设计,密钥长度可变 (32-448 位)
import os
import base64
# 导入必要的加密模块
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import padding
# Blowfish加密算法
def blowfish_encrypt_decrypt():
print("=== Blowfish 示例 ===")
key = b"secretkey123"
data = b"Hello Blowfish!"
# 生成随机IV(Blowfish块大小为64位,IV长度为8字节)
iv = os.urandom(8)
# 加密
cipher = Cipher(algorithms.Blowfish(key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
# 填充数据以适应64位块大小
padder = padding.PKCS7(64).padder()
padded_data = padder.update(data) + padder.finalize()
encrypted = encryptor.update(padded_data) + encryptor.finalize()
# 解密
decryptor = cipher.decryptor()
decrypted_padded = decryptor.update(encrypted) + decryptor.finalize()
unpadder = padding.PKCS7(64).unpadder()
decrypted = unpadder.update(decrypted_padded) + unpadder.finalize()
print(f"原始数据: {data}")
print(f"加密后: {base64.b64encode(encrypted).decode()}")
print(f"解密后: {decrypted.decode()}\n")
blowfish_encrypt_decrypt()
"""
原始数据: b'Hello Blowfish!'
加密后: heWRmfyNB6rMwRZuPV/LUA==
解密后: Hello Blowfish!
"""
ChaCha20流加密
一种流加密算法,由 Daniel J. Bernstein 设计,常用于替代 RC4,安全性更高,在 TLS 和 SSH 中都有应用
import os
import base64
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
from cryptography.hazmat.backends import default_backend
def chacha20_demo():
print("=== ChaCha20 示例 ===")
# ChaCha20使用256位(32字节)密钥
key = os.urandom(32)
# 根据错误提示,使用128位(16字节)nonce
nonce = os.urandom(16) # 改为16字节
data = b"Hello ChaCha20!"
# 加密(流密码无需填充)
cipher = Cipher(algorithms.ChaCha20(key, nonce), mode=None, backend=default_backend())
encryptor = cipher.encryptor()
encrypted = encryptor.update(data)
# 解密
decryptor = cipher.decryptor()
decrypted = decryptor.update(encrypted)
print(f"原始数据: {data}")
print(f"nonce长度: {len(nonce)}字节 ({len(nonce)*8}位)")
print(f"加密后: {base64.b64encode(encrypted).decode()}")
print(f"解密后: {decrypted.decode()}\n")
chacha20_demo()
"""
=== ChaCha20 示例 ===
原始数据: b'Hello ChaCha20!'
nonce长度: 16字节 (128位)
加密后: ODM6bPZN3XnBJc13ueNb
解密后: Hello ChaCha20!
"""
Scrypt
一种基于密码的密钥派生函数,比 PBKDF2 更能抵抗专用硬件攻击,因为它不仅消耗 CPU,还消耗内存
import os
import scrypt # 需要安装: pip install scrypt
def scrypt_demo():
print("=== Scrypt 示例 ===")
password = b"mypassword"
salt = os.urandom(16) # 随机盐值
# 生成派生密钥(N=16384, r=8, p=1为推荐参数,平衡安全性和性能)
key = scrypt.hash(password, salt, N=16384, r=8, p=1, buflen=32)
# 验证密钥派生结果(通过重新计算并比较)
try:
# 重新计算哈希进行验证
verify_key = scrypt.hash(password, salt, N=16384, r=8, p=1, buflen=32)
if verify_key == key:
verification = "验证成功"
else:
verification = "验证失败"
except Exception as e:
verification = f"验证出错: {str(e)}"
print(f"密码: {password}")
print(f"盐值: {salt.hex()}")
print(f"派生密钥: {key.hex()}")
print(f"验证结果: {verification}\n")
scrypt_demo()
"""
=== Scrypt 示例 ===
密码: b'mypassword'
盐值: 4db44ea59a8b395e9f24a1bea4c89e44
派生密钥: 6896e86338db0a09c118f79a53a58677bb0ee25132e78310698caff930cd8ede
验证结果: 验证成功
"""
