Python模拟CryptoJS.AES.encrypt

问题描述

Python 模拟 CryptoJS.AES.encrypt

解决方案

安装

pip install pycryptodome

代码

import base64
from hashlib import md5

from Crypto import Random
from Crypto.Cipher import AES

BLOCK_SIZE = 16


def pad(data):
    length = BLOCK_SIZE - (len(data) % BLOCK_SIZE)
    return data + (chr(length) * length).encode()


def unpad(data):
    return data[:-(data[-1] if type(data[-1]) == int else ord(data[-1]))]


def bytes_to_key(data, salt, output=48):
    assert len(salt) == 8, len(salt)
    data += salt
    key = md5(data).digest()
    final_key = key
    while len(final_key) < output:
        key = md5(key + data).digest()
        final_key += key
    return final_key[:output]


def encrypt(message, passphrase):
    salt = Random.new().read(8)
    key_iv = bytes_to_key(passphrase, salt, 32 + 16)
    key = key_iv[:32]
    iv = key_iv[32:]
    aes = AES.new(key, AES.MODE_CBC, iv)
    return base64.b64encode(b'Salted__' + salt + aes.encrypt(pad(message)))


def decrypt(encrypted, passphrase):
    encrypted = base64.b64decode(encrypted)
    assert encrypted[0:8] == b'Salted__'
    salt = encrypted[8:16]
    key_iv = bytes_to_key(passphrase, salt, 32 + 16)
    key = key_iv[:32]
    iv = key_iv[32:]
    aes = AES.new(key, AES.MODE_CBC, iv)
    return unpad(aes.decrypt(encrypted[16:]))


if __name__ == '__main__':
    password = b'Hello'
    encrypted = encrypt(b'World', password)
    decrypted = decrypt(encrypted, password)
    print(encrypted, type(encrypted))
    print(decrypted, type(decrypted))

每次执行结果会有所不同

参考文献

1. How to decrypt password from JavaScript CryptoJS.AES.encrypt(password, passphrase) in Python
2. crypto-js GitHub