from Cryptodome.Cipher import AES
def aes_encrypt(key, data, associated_data=None, nonce=None, mode=None):
"""
AES-GCM加密
:param key: 密钥。16, 24 or 32字符长度的字符串
:param data: 待加密字符串
:param associated_data: 附加数据,一般为None
:param nonce: 随机值,和MD5的“加盐”有些类似,目的是防止同样的明文块,始终加密成同样的密文块
:return:
"""
# 生成加密器
cipher = AES.new(key, mode, nonce=nonce)
if associated_data is not None:
cipher.update(associated_data)
# 加密数据
cipher_data, auth_tag = cipher.encrypt_and_digest(data)
# 返回base64编码数据
return cipher_data + auth_tag
def aes_decrypt(key, debase64_cipher_data, associated_data=None, nonce=None, mode=None):
"""
AES-GCM解密
:param cipher_data: encrypt_aes_gcm 方法返回的数据
:return:
"""
# 分割数据
cipher_data = debase64_cipher_data[:-16]
auth_tag = debase64_cipher_data[-16:]
cipher = AES.new(key, mode, nonce=nonce)
if associated_data is not None:
cipher.update(associated_data)
# 解密数据
plaintext = cipher.decrypt_and_verify(cipher_data, auth_tag)
return plaintext.decode()
if __name__ == '__main__':
data = b"I will become what I deserve, Is there anything like freewil?"
key = b"0123456789123456"
iv = b"abcdef012345"
aad = b"0011223344556677"
print("原始数据:", data)
cipher_data = aes_encrypt(key, data, associated_data=aad, nonce=iv, mode=AES.MODE_GCM)
print("GCM 加密数据:", cipher_data.hex())
de_data = aes_decrypt(key, cipher_data, associated_data=aad, nonce=iv, mode=AES.MODE_GCM)
print("GCM 解密数据:", de_data)
cipher_data = aes_encrypt(key, data, associated_data=aad, nonce=iv, mode=AES.MODE_CCM)
print("CCM 加密数据:", cipher_data.hex())
de_data = aes_decrypt(key, cipher_data, associated_data=aad, nonce=iv, mode=AES.MODE_CCM)
print("CCM 解密数据:", de_data)原始数据: b'I will become what I deserve, Is there anything like freewil?'
GCM 加密数据: 03feb633afbc123a3ab9f1119694c4becdf1bdc5c1fc584f128d893f1bf08862e1a2e29e821d9c8b59dc1942c1033724e3a1128c9586104c88bf720449d067e05d1155ab4c9f30c5eb194d9f67
GCM 解密数据: I will become what I deserve, Is there anything like freewil?
CCM 加密数据: 4d57a02bbb8991afb56b3708af2fe2756b02275e68042f73bc9bfd954721d2376738b57e377eccc716c3e9debcd06d6cb62bbfa87a52f676a5acb9c2aa3255b4acc847eca7b85bd691ffd10aa7
CCM 解密数据: I will become what I deserve, Is there anything like freewil?
local crypto = require "crypto"
local text = "I will become what I deserve, Is there anything like freewil?"
local key16 = "0123456789123456"
local key24 = "012345678912345601234567"
local key32 = "01234567891234560123456789123456"
local iv = "abcdef012345"
local iv7 = "abcdef0"
local aad = "0011223344556677"
local data, raw
print("text base64: ", crypto.hexencode(text, false, true))
print("key base64: ", crypto.hexencode(key32, false, true))
print("iv base64: ", crypto.hexencode(iv, false, true))
print("aad base64: ", crypto.hexencode(aad, false, true))
-- GCM
data = assert(crypto.aes_128_gcm_encrypt(key16, text, iv, aad))
raw = assert(crypto.aes_128_gcm_decrypt(key16, data, iv, aad))
print('128-gcm', crypto.hexencode(data, false, true), raw == text)
data = assert(crypto.aes_192_gcm_encrypt(key24, text, iv, aad))
raw = assert(crypto.aes_192_gcm_decrypt(key24, data, iv, aad))
print('192-gcm', crypto.hexencode(data, false, true), raw == text)
data = assert(crypto.aes_256_gcm_encrypt(key32, text, iv, aad))
raw = assert(crypto.aes_256_gcm_decrypt(key32, data, iv, aad))
print('256-gcm', crypto.hexencode(data, false, true), raw == text)
-- CCM
data = assert(crypto.aes_128_ccm_encrypt(key16, text, iv, aad))
raw = assert(crypto.aes_128_ccm_decrypt(key16, data, iv, aad))
print('128-ccm', crypto.hexencode(data, false, true), raw == text)
data = assert(crypto.aes_192_ccm_encrypt(key24, text, iv, aad))
raw = assert(crypto.aes_192_ccm_decrypt(key24, data, iv, aad))
print('192-ccm', crypto.hexencode(data, false, true), raw == text)
data = assert(crypto.aes_256_ccm_encrypt(key32, text, iv, aad))
raw = assert(crypto.aes_256_ccm_decrypt(key32, data, iv, aad))
print('256-ccm', crypto.hexencode(data, false, true), raw == text)text base64: 49 20 77 69 6c 6c 20 62 65 63 6f 6d 65 20 77 68 61 74 20 49 20 64 65 73 65 72 76 65 2c 20 49 73 20 74 68 65 72 65 20 61 6e 79 74 68 69 6e 67 20 6c 69 6b 65 20 66 72 65 65 77 69 6c 3f
key base64: 30 31 32 33 34 35 36 37 38 39 31 32 33 34 35 36 30 31 32 33 34 35 36 37 38 39 31 32 33 34 35 36
iv base64: 61 62 63 64 65 66 30 31 32 33 34 35
aad base64: 30 30 31 31 32 32 33 33 34 34 35 35 36 36 37 37
128-gcm 03 fe b6 33 af bc 12 3a 3a b9 f1 11 96 94 c4 be cd f1 bd c5 c1 fc 58 4f 12 8d 89 3f 1b f0 88 62 e1 a2 e2 9e 82 1d 9c 8b 59 dc 19 42 c1 03 37 24 e3 a1 12 8c 95 86 10 4c 88 bf 72 04 49 d0 67 e0 5d 11 55 ab 4c 9f 30 c5 eb 19 4d 9f 67 true
192-gcm 07 08 93 6e 4b 6e 26 52 f4 04 b2 e2 0a 7f 81 88 fc d8 46 50 5b 8d 02 f2 1c c9 be 3c 81 d7 05 39 43 d4 23 6e a6 c8 87 62 2b 4f 58 4a 64 af d1 af f8 36 cb e6 9e f0 f3 a5 4b 4a 9a 60 17 ab 65 34 7e 93 e1 83 7b 58 dc f0 d2 7b 50 3c f8 true
256-gcm 8d a1 59 fd 8e 16 8a a2 ed a6 9b 93 41 03 c2 0f 6f 5f 18 3c d6 58 f1 85 54 5f 0d 7a 61 97 c9 22 9d 94 57 ee d5 c1 16 6c 08 e8 38 5d 97 ba 23 7a 4f ae 64 9f 23 87 6d 5d 07 3b e2 57 e6 11 29 fc 91 d5 6c 31 43 bf 80 93 f2 42 69 a6 73 true
128-ccm 4d 57 a0 2b bb 89 91 af b5 6b 37 08 af 2f e2 75 6b 02 27 5e 68 04 2f 73 bc 9b fd 95 47 21 d2 37 67 38 b5 7e 37 7e cc c7 16 c3 e9 de bc d0 6d 6c b6 2b bf a8 7a 52 f6 76 a5 ac b9 c2 aa 32 55 b4 ac c8 47 ec a7 b8 5b d6 91 ff d1 0a a7 true
192-ccm 23 e2 aa 8e 9d 5c cb 23 e3 a9 bb 57 ed 77 b5 f2 46 e1 3a 94 23 f8 98 75 aa ff 6a ea 8e 87 61 5b 32 38 6a 9c a2 46 ab e6 3f 34 45 9d 1c d0 8b 27 aa ed 84 40 07 db 37 cc 03 6e 7a 46 c1 a3 7e 4a c9 04 8e ff ee 46 02 04 01 06 53 ab 6b true
256-ccm 10 85 e5 70 8e ac b1 43 77 f4 6c 00 9f af 34 91 78 b8 af e2 07 a2 82 03 0e 10 ed 3e 2b 05 35 c9 c7 dd a0 11 4a 9e 61 71 39 c0 83 d9 2a 71 65 bc 16 29 1b aa 67 9e 8a 1f 10 7f 34 2b a9 09 ef 58 0d f8 50 da 62 14 20 05 d7 3b 96 8a af true
