AES篇

吐槽

DES和AES还是看得有点头大，仅做到过一遍，权当积累吧

流程

flowchart TD
    subgraph Encryption
        A1[明文] --> B1[初始轮密钥加]
        B1 --> C1[进入轮循环]
        C1 --> D1["字节替换<br>SubBytes"]
        D1 --> E1["行移位<br>ShiftRows"]
        E1 --> F1["列混淆<br>MixColumns"]
        F1 --> G1["轮密钥加<br>AddRoundKey"]
        G1 --> C1
        C1 -- 完成指定轮数后 --> H1[最终轮]
        H1 --> I1[密文]
    end
    
    subgraph Decryption
        A2[密文] --> B2["初始轮密钥加<br>（使用最后一轮密钥）"]
        B2 --> C2[进入轮循环]
        C2 --> D2["逆行移位<br>InvShiftRows"]
        D2 --> E2["逆字节替换<br>InvSubBytes"]
        E2 --> F2["轮密钥加<br>AddRoundKey"]
        F2 --> G2["逆列混淆<br>InvMixColumns"]
        G2 --> C2
        C2 -- 完成指定轮数后 --> H2[最终轮]
        H2 --> I2[明文]
    end

库调用

from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
from Crypto.Random import get_random_bytes
import base64

class AESCryptor:
    def __init__(self,key):
        # self.key = get_random_bytes(16)
        if(len(key) not in [16,24,32]):
            raise ValueError("密钥长度必须为16, 24或32字节")
        self.key = key

    def ecb_encrypt(self,data):
        cipher = AES.new(self.key, AES.MODE_ECB)
        pad_data=pad(data.encode('utf-8'), AES.block_size)
        enc=cipher.encrypt(pad_data)
        return base64.b64encode(enc).decode('utf-8')

    def ecb_decrypt(self,data):
        cipher = AES.new(self.key, AES.MODE_ECB)
        dec=cipher.decrypt(base64.b64decode(data))
        unpad_dec=unpad(dec,AES.block_size)
        return unpad_dec.decode('utf-8')

    def cbc_encrypt(self,data,iv):
        # iv = get_random_bytes(AES.block_size)
        # iv_1=base64.b64decode(iv.decode('utf-8'))
        iv_1=bytes.fromhex(iv)
        cipher = AES.new(self.key, AES.MODE_CBC,iv_1)
        pad_data=pad(data.encode('utf-8'), AES.block_size)
        enc=cipher.encrypt(pad_data)
        return base64.b64encode(enc).decode('utf-8')

    def cbc_decrypt(self,data,iv):
        # iv_1 = base64.b64decode(iv.decode('utf-8'))
        iv_1=bytes.fromhex(iv)
        cipher = AES.new(self.key, AES.MODE_CBC,iv_1)
        dec=cipher.decrypt(base64.b64decode(data))
        unpad_dec=unpad(dec,AES.block_size)
        return unpad_dec.decode('utf-8')

def demo():
    m = 're100dayzhuji'
    print(f"明文：{m}")
    key=b'ThisIsASecretKey'
    # iv=b'MMxRKMu6oT//1s7RcRi4tQ=='
    iv='ef45667890abcdef0123456789abcdef'
    cryptor = AESCryptor(key)
    print("\n=== 密钥信息 ===")
    print(f"Base64编码密钥: {base64.b64encode(key)}")
    # print(f"Hex编码密钥: {hex(key)}")
    print(f"使用的IV: {iv}")

    print("=== AES ECB模式加解密演示 ===")
    enc_ecb=cryptor.ecb_encrypt(m)
    print(f"ECB加密结果: {enc_ecb}")
    dec_ecb=cryptor.ecb_decrypt(enc_ecb)
    print(f"ECB解密结果: {dec_ecb}")

    print("\n=== AES CBC模式加解密演示 ===")
    enc_cbc=cryptor.cbc_encrypt(m,iv)
    print(f"CBC加密结果: {enc_cbc}")
    dec_cbc=cryptor.cbc_decrypt(enc_cbc,iv)
    print(f"CBC解密结果: {dec_cbc}")


if __name__=='__main__':
    demo()

源码实现

import os
import struct
from typing import Union,List

class AES:
    """
        AES加密算法实现，支持ECB和CBC模式
        支持128位、192位、256位密钥
        """
    # AES常量定义
    RCON = [
        0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36,
        0x6C, 0xD8, 0xAB, 0x4D, 0x9A, 0x2F, 0x5E, 0xBC, 0x63, 0xC6,
        0x97, 0x35, 0x6A, 0xD4, 0xB3, 0x7D, 0xFA, 0xEF, 0xC5, 0x91
    ]
    SBOX = [
        0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
        0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
        0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
        0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
        0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
        0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
        0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
        0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
        0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
        0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
        0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
        0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
        0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
        0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
        0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
        0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
    ]
    INV_SBOX = [
        0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
        0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
        0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
        0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
        0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
        0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
        0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
        0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
        0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
        0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
        0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
        0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
        0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
        0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
        0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
        0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
    ]

    def __init__(self,key:bytes):
        if len(key) not in [16, 24, 32]:
            raise ValueError("密钥长度必须是16、24或32字节")
        self.key=key
        self.key_size=len(key)*8
        self.n_rounds={128:10,192:12,256:14}[self.key_size]
        self.expand_key=self._key_expansion()

    def _key_expansion(self) -> List[List[int]]:
        nk=len(self.key)//4   # 4字节字的数量
        nr=self.n_rounds
        # 将密钥转换为4字节字列表
        key_words = []
        for i in range(0,len(self.key),4):
            key_words.append(self.key[i:i+4])
        # 扩展密钥
        for i in range(nk,4*(nr+1)):
            tmp=key_words[i-1][:]  #[:]copy*1
            if i%nk==0:
                # 字循环、字节代换、轮常数异或
                tmp=tmp[1:]+tmp[:1]
                tmp=[self.SBOX[b] for b in tmp]
                tmp[0]^=self.RCON[i//nk-1]
            elif nk>6 and i%nk==4:
                # 对于256位密钥的特殊处理
                tmp=[self.SBOX[b] for b in tmp]
        # 与前一个字异或
            new_word=[key_words[i-nk][j]^tmp[j] for j in range(4)]
            key_words.append(new_word)
        return key_words

    def _sub_bytes(self,state: List[int]) -> List[List[int]]:
        """字节代换"""
        return [[self.SBOX[b] for b in row] for row in state]

    def _inv_sub_bytes(self, state: List[List[int]]) -> List[List[int]]:
        """逆字节代换"""
        return [[self.INV_SBOX[b] for b in row] for row in state]

    def _shift_rows(self, state: List[List[int]]) -> List[List[int]]:
        """行移位"""
        return [
            [state[0][0], state[0][1], state[0][2], state[0][3]],
            [state[1][1], state[1][2], state[1][3], state[1][0]],
            [state[2][2], state[2][3], state[2][0], state[2][1]],
            [state[3][3], state[3][0], state[3][1], state[3][2]]
        ]

    def _inv_shift_rows(self, state: List[List[int]]) -> List[List[int]]:
        """逆行移位"""
        return [
            [state[0][0], state[0][1], state[0][2], state[0][3]],
            [state[1][3], state[1][0], state[1][1], state[1][2]],
            [state[2][2], state[2][3], state[2][0], state[2][1]],
            [state[3][1], state[3][2], state[3][3], state[3][0]]
        ]

    def _mix_columns(self, state: List[List[int]]) -> List[List[int]]:
        """列混合"""
        new_state = [[0] * 4 for _ in range(4)]

        for i in range(4):
            s0 = state[0][i]
            s1 = state[1][i]
            s2 = state[2][i]
            s3 = state[3][i]

            new_state[0][i] = self._gmul(0x02, s0) ^ self._gmul(0x03, s1) ^ s2 ^ s3
            new_state[1][i] = s0 ^ self._gmul(0x02, s1) ^ self._gmul(0x03, s2) ^ s3
            new_state[2][i] = s0 ^ s1 ^ self._gmul(0x02, s2) ^ self._gmul(0x03, s3)
            new_state[3][i] = self._gmul(0x03, s0) ^ s1 ^ s2 ^ self._gmul(0x02, s3)

        return new_state

    def _inv_mix_columns(self, state: List[List[int]]) -> List[List[int]]:
        """逆列混合"""
        new_state = [[0] * 4 for _ in range(4)]

        for i in range(4):
            s0 = state[0][i]
            s1 = state[1][i]
            s2 = state[2][i]
            s3 = state[3][i]

            new_state[0][i] = self._gmul(0x0e, s0) ^ self._gmul(0x0b, s1) ^ self._gmul(0x0d, s2) ^ self._gmul(0x09, s3)
            new_state[1][i] = self._gmul(0x09, s0) ^ self._gmul(0x0e, s1) ^ self._gmul(0x0b, s2) ^ self._gmul(0x0d, s3)
            new_state[2][i] = self._gmul(0x0d, s0) ^ self._gmul(0x09, s1) ^ self._gmul(0x0e, s2) ^ self._gmul(0x0b, s3)
            new_state[3][i] = self._gmul(0x0b, s0) ^ self._gmul(0x0d, s1) ^ self._gmul(0x09, s2) ^ self._gmul(0x0e, s3)

        return new_state

    def _gmul(self, a: int, b: int) -> int:
        """伽罗瓦域乘法"""
        p = 0
        for _ in range(8):
            if b & 1:
                p ^= a
            hi_bit_set = a & 0x80
            a = (a << 1) & 0xFF
            if hi_bit_set:
                a ^= 0x1B  # AES的约化多项式 x^8 + x^4 + x^3 + x + 1
            b >>= 1
        return p

    def _add_round_key(self, state: List[List[int]], round_key: List[List[int]]) -> List[List[int]]:
        """轮密钥加"""
        return [[state[i][j] ^ round_key[i][j] for j in range(4)] for i in range(4)]

    def _bytes_to_state(self, data: bytes) -> List[List[int]]:
        """将16字节数据转换为状态矩阵"""
        if len(data) != 16:
            raise ValueError("数据长度必须是16字节")

        state = [[0] * 4 for _ in range(4)]
        for i in range(4):
            for j in range(4):
                state[j][i] = data[i * 4 + j]
        return state

    def _state_to_bytes(self, state: List[List[int]]) -> bytes:
        """将状态矩阵转换为16字节数据"""
        result = bytearray(16)
        for i in range(4):
            for j in range(4):
                result[i * 4 + j] = state[j][i]
        return bytes(result)

    def _get_round_key(self, round_num: int) -> List[List[int]]:
        """获取指定轮数的轮密钥"""
        start = round_num * 4
        round_key = [[0] * 4 for _ in range(4)]
        for i in range(4):
            for j in range(4):
                round_key[j][i] = self.expand_key[start + i][j]
        return round_key

    def encrypt_block(self, plaintext: bytes) -> bytes:
        """加密单个16字节数据块"""
        if len(plaintext) != 16:
            raise ValueError("明文块长度必须是16字节")

        state = self._bytes_to_state(plaintext)

        # 初始轮密钥加
        state = self._add_round_key(state, self._get_round_key(0))

        # 主轮次
        for round_num in range(1, self.n_rounds):
            state = self._sub_bytes(state)
            state = self._shift_rows(state)
            state = self._mix_columns(state)
            state = self._add_round_key(state, self._get_round_key(round_num))

        # 最终轮（无列混合）
        state = self._sub_bytes(state)
        state = self._shift_rows(state)
        state = self._add_round_key(state, self._get_round_key(self.n_rounds))

        return self._state_to_bytes(state)

    def decrypt_block(self, ciphertext: bytes) -> bytes:
        """解密单个16字节数据块"""
        if len(ciphertext) != 16:
            raise ValueError("密文块长度必须是16字节")

        state = self._bytes_to_state(ciphertext)

        # 初始轮（反向）
        state = self._add_round_key(state, self._get_round_key(self.n_rounds))
        state = self._inv_shift_rows(state)
        state = self._inv_sub_bytes(state)

        # 主轮次（反向）
        for round_num in range(self.n_rounds - 1, 0, -1):
            state = self._add_round_key(state, self._get_round_key(round_num))
            state = self._inv_mix_columns(state)
            state = self._inv_shift_rows(state)
            state = self._inv_sub_bytes(state)

        # 最终轮密钥加
        state = self._add_round_key(state, self._get_round_key(0))

        return self._state_to_bytes(state)


def pkcs7_pad(data: bytes, block_size: int = 16) -> bytes:
    """PKCS7填充"""
    padding_len = block_size - (len(data) % block_size)
    padding = bytes([padding_len] * padding_len)
    return data + padding


def pkcs7_unpad(data: bytes) -> bytes:
    """PKCS7去填充"""
    if len(data) == 0:
        return data
    padding_len = data[-1]
    if padding_len > len(data):
        raise ValueError("无效的PKCS7填充")
    if not all(byte == padding_len for byte in data[-padding_len:]):
        raise ValueError("无效的PKCS7填充")
    return data[:-padding_len]

class AESMode:
    def __init__(self, aes:AES):
        self.aes = aes

    def encrypt(self, plaintext: bytes) -> bytes:
        raise NotImplementedError

    def decrypt(self, ciphertext: bytes) -> bytes:
        raise NotImplementedError

class ECB(AESMode):
    def encrypt(self, plaintext: bytes) -> bytes:
        # 对明文进行PKCS7填充
        padded_plaintext = pkcs7_pad(plaintext)
        ciphertext = bytearray()
        for i in range(0, len(padded_plaintext), 16):
            block = padded_plaintext[i:i + 16]
            encrypted_block = self.aes.encrypt_block(block)
            ciphertext.extend(encrypted_block)

        return bytes(ciphertext)

    def decrypt(self, ciphertext: bytes) -> bytes:
        if len(ciphertext) % 16 != 0:
            raise ValueError("密文长度必须是16字节的倍数")
        plaintext = bytearray()
        for i in range(0, len(ciphertext), 16):
            block = ciphertext[i:i + 16]
            decrypted_block = self.aes.decrypt_block(block)
            plaintext.extend(decrypted_block)

        # 去除PKCS7填充
        return pkcs7_unpad(bytes(plaintext))

class CBC(AESMode):
    def __init__(self, aes: AES, iv: bytes = None):
        super().__init__(aes)
        if iv is None:
            # iv = os.urandom(16)   生成随机IV
            raise ValueError("IV未设置!!")
        elif len(iv) != 16:
            raise ValueError("IV长度必须是16字节")
        self.iv = iv

    def encrypt(self, plaintext: bytes) -> bytes:
        """CBC模式加密"""
        # 对明文进行PKCS7填充
        padded_plaintext = pkcs7_pad(plaintext)

        ciphertext = bytearray()
        previous_block = self.iv

        for i in range(0, len(padded_plaintext), 16):
            block = padded_plaintext[i:i + 16]
            # 与前一个密文块（或IV）异或
            xor_block = bytes(a ^ b for a, b in zip(block, previous_block))
            encrypted_block = self.aes.encrypt_block(xor_block)
            ciphertext.extend(encrypted_block)
            previous_block = encrypted_block

        return bytes(ciphertext)

    def decrypt(self, ciphertext: bytes) -> bytes:
        """CBC模式解密"""
        if len(ciphertext) % 16 != 0:
            raise ValueError("密文长度必须是16字节的倍数")

        plaintext = bytearray()
        previous_block = self.iv

        for i in range(0, len(ciphertext), 16):
            block = ciphertext[i:i + 16]
            decrypted_block = self.aes.decrypt_block(block)
            # 与前一个密文块（或IV）异或
            xor_block = bytes(a ^ b for a, b in zip(decrypted_block, previous_block))
            plaintext.extend(xor_block)
            previous_block = block

        # 去除PKCS7填充
        return pkcs7_unpad(bytes(plaintext))

def demo():
    print("AES加密解密测试")
    print("=" * 50)

    key = b'0123456789abcdef'  # 128位密钥16字节
    plaintext = b're100dayzhuji'
    print(f"密钥：{key.hex()}")
    print(f"明文：{plaintext}")
    # print()
    aes=AES(key)

    #ecb
    print("=" * 50)
    print("ECB模式:")
    ecb=ECB(aes)
    enc_ecb=ecb.encrypt(plaintext)
    dec_ecb=ecb.decrypt(enc_ecb)
    print(f"密文：{enc_ecb.hex()}")
    print(f"解密：{dec_ecb}")

    #cbc
    print("=" * 50)
    print("CBC模式:")
    iv=b'1234567890abcdef'  # 16字节IV
    cbc=CBC(aes,iv)
    enc_cbc=cbc.encrypt(plaintext)
    dec_cbc=cbc.decrypt(enc_cbc)
    print(f"IV：{iv.decode('utf-8')}")
    print(f"密文：{enc_cbc.hex()}")
    print(f"明文：{dec_cbc}")


if __name__ == "__main__":
    demo()