将Python移植到Perl脚本时的编码/加密问题
我有一个运行良好的Python脚本。它能够对提供的pwd进行解码/解密,并对其进行编码/加密,如下所示:将Python移植到Perl脚本时的编码/加密问题,python,perl,encryption,decode,encode,Python,Perl,Encryption,Decode,Encode,我有一个运行良好的Python脚本。它能够对提供的pwd进行解码/解密,并对其进行编码/加密,如下所示: #!/usr/bin/python from Crypto.Cipher import DES3 import base64 secret = base64.decodestring('tcxpLw1PsMR0CtXt/HfbIZomvJtDyE6h1Gl4vblX2W4=') key = secret[:24] iv = secret[24:] # Encoded Encrypted
#!/usr/bin/python
from Crypto.Cipher import DES3
import base64
secret = base64.decodestring('tcxpLw1PsMR0CtXt/HfbIZomvJtDyE6h1Gl4vblX2W4=')
key = secret[:24]
iv = secret[24:]
# Encoded Encrypted password
EEpwd = '4TOHTKsvihUXuUd9M3TpoA=='
print "Encoded Encrypted Password : ",EEpwd
# Decoded Encrypted password
DEpwd = base64.decodestring(EEpwd)
# Decoded Decrypted password
DDpwd = DES3.new(key, DES3.MODE_CBC, iv).decrypt(DEpwd)
print "Decoded (Decrypted ( PWD ) ) : ",DDpwd
# New Decoded Encrypted password
NewDEpwd = DES3.new(key, DES3.MODE_CBC, iv).encrypt(DDpwd)
# New Encoded Encrypted password
NewEEpwd = base64.b64encode(NewDEpwd)
print "New Encoded (Encrypted (",DDpwd,") ) : ",NewEEpwd
。。。这为我提供了以下输出:
Encoded Encrypted Password : 4TOHTKsvihUXuUd9M3TpoA==
Decoded (Decrypted ( PWD ) ) : MYweakPW
New Encoded (Encrypted ( MYweakPW ) ) : 4TOHTKsvihUXuUd9M3TpoA==
现在我必须将此脚本迁移到Perl,所以我做到了:
#!/usr/bin/perl
use MIME::Base64;
use Crypt::CBC;
$secret = decode_base64('tcxpLw1PsMR0CtXt/HfbIZomvJtDyE6h1Gl4vblX2W4=');
$key = substr($secret,0,24);
$iv = substr($secret,24);
$cipher = Crypt::CBC->new(
-cipher => 'DES_EDE3',
-key => $key,
-iv => $iv,
-header => 'none',
-padding => 'null',
-literal_key => 1
);
# Encoded Encrypted password
$EEpwd = '4TOHTKsvihUXuUd9M3TpoA==';
print "Encoded Encrypted Password : ". $EEpwd ."\n";
# Decoded Encrypted password
$DEpwd = decode_base64($EEpwd);
# Decoded Decrypted password
$DDpwd = $cipher->decrypt($DEpwd);
print "Decoded (Decrypted ( PWD ) ) : $DDpwd \n";
# New Decoded Encrypted password
$NewDEpwd = $cipher->encrypt($DDpwd);
# New Encoded Encrypted password
$NewEEpwd = encode_base64($NewDEpwd);
print "New Encoded (Encrypted ($DDpwd) ) : $NewEEpwd \n";
。。。但这让我想起:
Encoded Encrypted Password : 4TOHTKsvihUXuUd9M3TpoA==
Decoded (Decrypted ( PWD ) ) : MYweakPW
New Encoded (Encrypted (MYweakPW) ) : 4TOHTKsvihU=
问题:为什么我用Perl加密/编码密码时,它会返回一个缩短的字符串?缺少什么来匹配
问候
RZ
编辑 因为我正在更改已接受的答案,所以让我澄清一下此代码用法的一些方面,以证明某些选择是正确的。 当然,这不是整个脚本。我已经删除了尽可能多的私人信息,以及其他已经运行的脚本片段,隔离了需要注意的代码片段。 该脚本的总体目的是在远程服务器上更改密码时,管理其他一些脚本/应用程序中使用的密码 这段特定的代码用于处理Remmina在保存的会话中存储的密码。不幸的是,Remmina没有提供一个集中的方法来替换保存的密码,所以在我的情况下,每次我在Windows域更改密码时,我保存的Remmina会话都会过时(我有几十个!) Remmina存储密码的方式如下:
- 在
中有一行包含$HOME/.remmina/remmina.pref
,已编码,使用DES3secret=*
键和
iv
- 在每个名为
的会话文件中,都有一行包含您的密码的$HOME/.remmina/*.remmina
,经过编码和加密password=*
*.remmina
文件中检索存储的密码,或者获取一个新密码并替换*.remmina
文件中的密码,因此@jm666在其EDIT2中提出的观点非常相关,因为当我从命令行获得新密码时,之前不会以任何方式对其进行填充
对于我的特定场景,我知道密码永远不会短于8字节,但可以更长,而不是8的倍数,因此我用新的不同密码对此进行了测试,并意识到,要加密Remmina的密码,适当的方法是padding='null'
- 一种特殊情况似乎是密码的长度正好为8字节(或其倍数)。在这种情况下,我必须“手动”在提供的字符串末尾添加一个
字符,以强制填充添加额外的null
字符null
我发现通过将-padding选项更改为“space”,重新加密的密码与原始密码相同。您使用
padding=>“null”询问perl。只需更改以下选项:
$cipher = Crypt::CBC->new(
-cipher => 'DES_EDE3',
-key => $key,
-iv => $iv,
-header => 'none',
-padding => 'null',
-literal_key => 1
);
对于-padding=>'none',
和将获得与python相同的结果
注意:上面给出了想要的输出,但答案是错误的,,还有@harmic的答案。见下面的编辑2
注意,如果您没有输入任何paddig(因为在python代码中没有使用任何填充),例如
填充none
支持了近两年:
编辑2
使用none
或space
是完全不正确的,因为:
您永远无法正确地获取原始4TOHTKsvihUXuUd9M3TpoA=
编码字符串
尝试对直接输入的密码进行加密和编码MYweakPW
。
无论使用了什么填充,您都无法获得原始填充
4TOHTKsvihUXuUd9M3TpoA==
string
您将获得下一个(取决于使用的填充):
明文密码MYweakPW
hextump:
4d597765616b5057
在decode->decrypt
获得后(取决于使用的填充方法:)
当再次尝试加密时,加密算法会再次向字符串添加新的填充(或不添加,具体取决于使用的方法)
在以下脚本中可以看到整个过程(大部分是您的,仅使用十六进制输出):
根据使用的填充,比较解密/加密后的输出。(“oroginal”表示从原始base64编码得到的字符串,“String”表示从直接输入的字符串中得到的字符串值MYweakPW
)
== Padding: standard=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0a26625e0d2ebb3d4
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoKJmJeDS67PU
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15b750347cb6a98122
String (encrypted,encoded) 4TOHTKsvihW3UDR8tqmBIg==
== Padding: space=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: oneandzeroes=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0854bea98199fa99e
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoIVL6pgZn6me
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a152774ef892827e6a2
String (encrypted,encoded) 4TOHTKsvihUndO+JKCfmog==
== Padding: rijndael_compat=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: null=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b5057
New from orig (encrypted) hex: e133874cab2f8a15
New from orig (encrypted+encoded) 4TOHTKsvihU=
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: none=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
结果是:
- 从文本字符串
MYweakPW
(例如,如果在其末尾没有8个零),您永远无法获得所需的输出,无论填充如何(请参见结果)
- 因此,您的原始字符串
4TOHTKsvihUXuUd9M3TpoA==
创建不正确(或者故意在已填充8字节的MYweakPW
中添加了8个空字符)
- 您应该重新检查原始字符串是如何创建的(使用什么填充方法),尤其是密码长度不完全是8字节的。例如,尝试从密码
弱创建base64编码字符串,您将看到它是如何填充的
最后可能是您的逻辑流错误。请尝试反向操作。首先将纯文本转换为base64,然后对其进行加密。首先查看它是否有效。此外,如果您使用“纯文本”一词而不是“解码-解密密码”,则会更容易。不太正确……逻辑是正确的。正如您所看到的,我在Python和Perl上使用了完全相同的序列,因此如果是逻辑问题,Python也会失败。此外,encrypt肯定会给出不可打印的字符,这在
Padding: standard 4TOHTKsvihW3UDR8tqmBIg==
Padding: space 4TOHTKsvihU=
Padding: oneandzeroes 4TOHTKsvihUndO+JKCfmog==
Padding: rijndael_compat 4TOHTKsvihU=
Padding: null 4TOHTKsvihU=
Padding: none 4TOHTKsvihU=
4d597765616b5057
4d597765616b50570000000000000000
#or
4d597765616b5057
use strict;
use warnings;
use MIME::Base64;
use Crypt::CBC;
my $secret = decode_base64('tcxpLw1PsMR0CtXt/HfbIZomvJtDyE6h1Gl4vblX2W4=');
my $iv = substr($secret,24);
my $key = substr($secret,0,24);
for my $padd ( qw(standard space oneandzeroes rijndael_compat null none)) {
my $c = Crypt::CBC->new( -cipher=>'DES_EDE3', -key=>$key, -iv=>$iv,
-header=>'none', -literal_key=>1,
-padding=>$padd
);
print "== Padding: $padd=\n";
display($c);
}
sub display {
my $cipher = shift;
my $EEpwd = '4TOHTKsvihUXuUd9M3TpoA==';
p("Original (encrypted & encoded)", $EEpwd);
my $DEpwd = decode_base64($EEpwd);
ph("Original (decoded still encrypted)", $DEpwd);
my $DDpwd = $cipher->decrypt($DEpwd);
ph("Original plaintext", $DDpwd);
my $NewDEpwd = $cipher->encrypt($DDpwd);
ph("New from orig (encrypted)", $NewDEpwd);
my $NewEEpwd = encode_base64($NewDEpwd);
p( "New from orig (encrypted+encoded)", $NewEEpwd);
my $asc = "MYweakPW";
ph("String $asc", $asc);
my $m1 = $cipher->encrypt($asc);
ph("String (encrypted)", $m1);
p("String (encrypted,encoded)", encode_base64($m1));
}
sub ph { p($_[0] . " hex:", unpack('H*',$_[1]) ) }
sub p { printf "%40.40s %s\n", @_; }
== Padding: standard=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0a26625e0d2ebb3d4
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoKJmJeDS67PU
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15b750347cb6a98122
String (encrypted,encoded) 4TOHTKsvihW3UDR8tqmBIg==
== Padding: space=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: oneandzeroes=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0854bea98199fa99e
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoIVL6pgZn6me
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a152774ef892827e6a2
String (encrypted,encoded) 4TOHTKsvihUndO+JKCfmog==
== Padding: rijndael_compat=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: null=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b5057
New from orig (encrypted) hex: e133874cab2f8a15
New from orig (encrypted+encoded) 4TOHTKsvihU=
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=
== Padding: none=
Original (encrypted & encoded) 4TOHTKsvihUXuUd9M3TpoA==
Original (decoded still encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
Original plaintext hex: 4d597765616b50570000000000000000
New from orig (encrypted) hex: e133874cab2f8a1517b9477d3374e9a0
New from orig (encrypted+encoded) 4TOHTKsvihUXuUd9M3TpoA==
String MYweakPW hex: 4d597765616b5057
String (encrypted) hex: e133874cab2f8a15
String (encrypted,encoded) 4TOHTKsvihU=