本文介绍了Python中用于信息安全的几种加密技术,包括使用werkzeug库进行加盐哈希密码加密,适用于Flask登录验证;使用Crypto库实现AES加密解密,适用于数据传输;以及使用jwt模块生成和解析JWT令牌,适用于前后端认证。通过实例展示了加密解密的过程和关键代码。
哈希werkzeug.security:
此模块包含了加盐哈希函数方法.
- generate_password_hash:加密
- check_password_hash: 验证
常见场景:
- 用于Flask登录验证模块.
from werkzeug.security import generate_password_hash, check_password_hash
#generate_password_hash:哈希加盐
users=[
{'username': 'Tom', 'password': generate_password_hash('111111')},
{'username': 'Michael', 'password': generate_password_hash('123456')}
]
print(users)
bools=check_password_hash(users[0]['password'], "111111") #True or False
print(bools)
#输出结果:
"""
[{'username': 'Tom', 'password': 'pbkdf2:sha256:260000$vEXq6oPv5K5FsCFM$cb2a2630a3fba671b1ed2f48a14cbc4073aeba13cc914e79bf4abbc3ea07aadd'}, {'username': 'Michael', 'password': 'pbkdf2:sha256:260000$r5648R87Dx8EOWR2$ad370d27537407dcdfe6d13db4e48bea9c993f1af26e5d07300f3b3f7126ae68'}]
False
"""AES加密解密:
模块:Crypto.Cipher 、Crypto.Util.Padding
注:window和Linux下载模块不同,且注意加密密钥(KEY)要保密,不要流出:
- window:pip install pycryptodome
- Linux:pip install pycrypto
常见场景:
- 用于应用后端与其他项目交互传数据的时候加密解密.
import json
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
import hashlib,base64
#key的长度必须为16位,不然报错
AES_KEY="!@qw#$ert%^y&*u("
class AES_Convert:
def __init__(self):
self.key = AES_KEY
#aes 加密
def Encryption(self,aes_str):
# 使用key,选择加密方式
aes = AES.new(self.key.encode('utf-8'), AES.MODE_ECB)
pad_pkcs7 = pad(aes_str.encode('utf-8'), AES.block_size, style='pkcs7') # 选择pkcs7补全
encrypt_aes = aes.encrypt(pad_pkcs7)
# 加密结果
encrypted_text = str(base64.encodebytes(encrypt_aes), encoding='utf-8') # 解码
encrypted_text_str = encrypted_text.replace("\n", "")
return encrypted_text_str
# aes解码
def Decryption(self, aes_str):
aes = AES.new(self.key.encode('utf-8'), AES.MODE_ECB)
# 优先逆向解密base64成bytes
base64_decrypted = base64.decodebytes(aes_str.encode(encoding='utf-8-sig'))
decrypted_text = str(aes.decrypt(base64_decrypted), encoding='utf-8-sig').replace('', '')
# 注意这里解密会产生乱码,所以加密数据时可以用正则匹配掉乱码,具体问题具体对待
# 这里传输的是json字符可以用这种方式匹配
# print(decrypted_text)
# decrypted_text=re.findall('.*\}',decrypted_text)[0]
# decrypted_text = re.findall('.*\]', decrypted_text)[0]
return decrypted_text
if __name__ == '__main__':
datalist=[
{"username":"Ton","password":"Ton@.com"},
{"username":"Michael","password":"Michael@.com"},
]
aes_str=json.dumps(datalist)
EncryptionData = AES_Convert().Encryption(aes_str)
DecryptionData = AES_Convert().Decryption(EncryptionData)
print("加密数据:"+EncryptionData)
print("加密解密:"+DecryptionData)
#输出:
"""
加密数据:7+S0Fk5WHEZjOqbAYV/x3CpJ0lg6kTJU8RKRc2+CsR8rY/1Q8Mw9DrAAVGx/y0/iYoO/0l9Yb6wUdH11fuEHvZG6S+zQdrTN/flF2qxq383hyNETNW7ZCZXv2bTtEaG4z9noeXj6SgH3lhNTX5hZOw==
加密解密:[{"username": "Ton", "password": "Ton@.com"}, {"username": "Michael", "password": "Michael@.com"}]
"""JWT加密解密:
python3内置模块:jwt
注:注意加密密钥(KEY)要保密,不要流出
常见场景:
- 用于应用前后端认证时的token.
import jwt,datetime
SECRECT_KEY="!@qw#$ert%^y&*u("
class Jwt:
def __init__(self):
self.SECRECT_KEY = SECRECT_KEY
# 生成jwt 信息,加密
def jwtEncoding(self,username=None,id=None, some='xxxx'):
datetimes=datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
option = {
"time":datetimes,
"username":username,
"id":id,
"some":some
}
jwtencode = jwt.encode(option, self.SECRECT_KEY, algorithm='HS256')
return jwtencode
# 解密jwt 信息
def jwtDecoding(self,token):
try:
decoded = jwt.decode(token, self.SECRECT_KEY, algorithms=['HS256'])
except jwt.ExpiredSignatureError:
decoded = {"error_msg": "is timeout !!", "some": None}
except Exception:
decoded = {"error_msg": "noknow exception!!", "some": None}
return decoded
if __name__ == '__main__':
jwtencode = Jwt().jwtEncoding(username='admin', id=1)
print(jwtencode)
jwtdeode = Jwt().jwtDecoding(jwtencode)
print(jwtdeode)
#输出
"""
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0aW1lIjoiMjAyMS0wNy0wOSAxOToxMTozMyIsInVzZXJuYW1lIjoiYWRtaW4iLCJpZCI6MSwic29tZSI6Inh4eHgifQ._fwyzwnpeoI5fYBETc-R67T1mzxazMDkPtHvvWAZ4lo
{'time': '2021-07-09 19:11:33', 'username': 'admin', 'id': 1, 'some': 'xxxx'}
"""
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
