注意:
- CBC模式中,加密或者解密对象不能被重复使用,即加密了一个明文之后,不能再用此对象加密其他明文。
- key必须为16或24或32个字节长度。
- 明文字节长度必须为16的倍数。
代码:
import base64
from django.conf import settings
from utils.app_util import MD5Util
from utils.vault_util import VaultClient
from Cryptodome.Cipher import AES
class MD5Util(object):
@classmethod
def md5(cls, text, clen=None, salt=''):
import hashlib
m2 = hashlib.md5()
m2.update((text + salt).encode('utf-8'))
code = m2.hexdigest()
if clen is None:
return code
elif clen >= len(code):
return code
else:
return code[0:clen]
class AESUtil(object):
def __init__(self):
self.key = MD5Util.md5('my_key_for_encrypt', 16).encode('utf-8')
self.model = AES.MODE_CBC
self.iv = b'abcdefgh12345678' #密斯偏移量(iv)
self.e_aes = AES.new(self.key, self.model, self.iv)
self.d_esc = AES.new(self.key, self.model, self.iv)
@classmethod
def add_to_16(cls, b_value):
while len(b_value) % 16 != 0:
b_value += b' '
return b_value
def encrypt_str(self, text):
b_text = self.add_to_16(text.encode('utf-8'))
encrypt_text = self.e_aes.encrypt(b_text)
return base64.encodebytes(encrypt_text).decode('utf-8')
def decrypt_str(self, text):
b_text = base64.decodebytes(text.encode('utf-8'))
decrypt_text = self.d_esc.decrypt(b_text)
return decrypt_text.decode('utf-8').rstrip()
def encrypt_file(self, b_text):
b_text = self.add_to_16(b_text)
encrypt_text = self.e_aes.encrypt(b_text)
return encrypt_text
def decrypt_file(self, b_text):
decrypt_text = self.d_esc.decrypt(b_text)
return decrypt_text.rstrip()