更新时间:2023-11-23 21:42:04
两个代码之间有很多区别:
There are a lot of differences between both codes:
{:< 24}
更改为 [:24]
并不能真正使它变得更好).最后的第二个更改 digested_passkey [:24]
与 digested_passkey
相同,并且可以正常工作,因为 PyCryptodome 会根据2自动将密钥扩展到24个字节键的三重DES.{: <24}
to [:24]
does not really make it better). The 2nd change finally, digested_passkey[:24]
, is identical to digested_passkey
and works because PyCryptodome automatically extends the key to 24 bytes according to 2-key Triple DES.此外,使用的算法是不安全的(MD5)或过时/慢速的(Triple DES),如注释中已经提到的那样.同样,IV的0向量是完全不安全的.
Apart from that, the algorithms used are insecure (MD5) or outdated/slow (Triple DES), as already mentioned in the comment. Also a 0-vector as IV is completely insecure.
import base64
#from Crypto.Cipher import AES
from Crypto.Cipher import DES3
from Crypto.Util.Padding import pad
#import pyDes
#from Crypto import Random
import hashlib
def encrypt(message, passkey):
#hash_object = hashlib.md5(passkey.encode("utf-8"))
hash_object = hashlib.md5(passkey)
digested_passkey = hash_object.digest()
print(digested_passkey)
#key24 = "[:24]".format(digested_passkey)
key24 = digested_passkey + digested_passkey[0:8] # Derive key as in Java
#des = pyDes.des(key24); # Remove pyDes
#message = message.encode('utf-8')
#message = message + (16 - len(message) % 16) * chr(16 - len(message) % 16)
message = pad(message, 8) # Use padding from PyCryptodome
#iv = Random.new().read(AES.block_size) # For Java code compliance: Use 0-IV
iv = bytes.fromhex('0000000000000000')
#cipher = AES.new(des, AES.MODE_CBC, iv) # For Java code compliance: Use TripleDES
cipher = DES3.new(key24, DES3.MODE_CBC, iv)
#return base64.b64encode(iv + cipher.encrypt(message)) # For Java code compliance: Don't concatenate IV and ciphertext
return base64.b64encode(cipher.encrypt(message))
#print(encrypt('aug@2019', 'Lgp!kdao2020')) # Better: Pass binary data
print(encrypt(b'aug@2019', b'Lgp!kdao2020'))
以Java代码( 7B0aNUwOU1ECqKqnIZs6mQ ==
)给出结果.
which gives the result form the Java code (7B0aNUwOU1ECqKqnIZs6mQ==
).