Fernet(对称加密)在Python中使用 Cryptography 模块
密码术是在从一台计算机传输到另一台计算机或在计算机上存储数据时保护有用信息的做法。密码学处理将明文加密为密文以及将密文解密为明文。 Python支持一个加密包,可以帮助我们加密和解密数据。密码学包的 fernet 模块内置了密钥生成、明文加密成密文、密文解密成明文的函数,分别使用加密和解密方法。 fernet 模块保证使用它加密的数据在没有密钥的情况下无法进一步操作或读取。
使用的方法:
- generate_key() :此方法生成一个新的 fernet 密钥。密钥必须保持安全,因为它是解密密文的最重要的组成部分。如果密钥丢失,则用户无法再解密消息。此外,如果入侵者或黑客获得了密钥,他们不仅可以读取数据,还可以伪造数据。
- encrypt(data) :它加密作为参数传递给方法的数据。这种加密的结果被称为“Fernet 令牌”,它基本上是密文。加密令牌还包含以明文形式生成时的当前时间戳。如果数据不是以字节为单位,则 encrypt 方法会引发异常。
Parameters:
- data (bytes) – The plaintext to be encrypted.
Return value: A ciphertext that cannot be read or altered without the key. It is URL-safe base64-encoded and is referred to as Fernet token.
- 解密(令牌,ttl =无):此方法解密作为参数传递给该方法的Fernet令牌。成功解密后得到原始明文,否则抛出异常。
Parameters:
- token (bytes) – The Fernet token (ciphertext) is passed for decryption.
- ttl (int) – Optionally, one may provide an integer as second parameter in the decrypt method. The ttl denotes the time about how long a token is valid. If the token is older than ttl seconds (from the time it was originally created) an exception is thrown. If ttl is not passed as a parameter, then age of the token is not considered. If the token is somehow invalid, an exception is thrown.
Returns value: Returns the original plaintext.
编写程序的步骤:
首先,需要使用以下命令安装加密包:
pip install cryptography
Python3
# Fernet module is imported from the
# cryptography package
from cryptography.fernet import Fernet
# key is generated
key = Fernet.generate_key()
# value of key is assigned to a variable
f = Fernet(key)
# the plaintext is converted to ciphertext
token = f.encrypt(b"welcome to geeksforgeeks")
# display the ciphertext
print(token)
# decrypting the ciphertext
d = f.decrypt(token)
# display the plaintext
print(d)
Python3
# Fernet module is imported from the
# cryptography package
from cryptography.fernet import Fernet
# key is generated
key = Fernet.generate_key()
# value of key is assigned to a variable
f = Fernet(key)
# the plaintext is converted to ciphertext
token = f.encrypt(b"welcome to geeksforgeeks")
# display the ciphertext
print(token)
# decrypting the ciphertext
d = f.decrypt(token)
# display the plaintext and the decode() method
# converts it from byte to string
print(d.decode())
输出:
b’gAAAAABfYMSL3Cjz8I8Sg7NwatdtTvOtqHtPrNDGXTGx4w1gW-9yvrMBUFz3bAWnwVk2WjcOrhjfAzyX7Z6M1IDbcRDhxPvd2dKPjypVv9hLQ1lARWdf-RE=’
b’welcome to geeksforgeeks’
解密后的输出在原始消息前面有一个“b”,表示字节格式。但是,这可以在打印原始消息时使用 decode() 方法删除。下面的程序实现了 decode() 方法。
蟒蛇3
# Fernet module is imported from the
# cryptography package
from cryptography.fernet import Fernet
# key is generated
key = Fernet.generate_key()
# value of key is assigned to a variable
f = Fernet(key)
# the plaintext is converted to ciphertext
token = f.encrypt(b"welcome to geeksforgeeks")
# display the ciphertext
print(token)
# decrypting the ciphertext
d = f.decrypt(token)
# display the plaintext and the decode() method
# converts it from byte to string
print(d.decode())
输出:
b’gAAAAABfYMTfbEYTSsU6BCyXr9ArUIbpELTu5axUtWRfIxc4zzv3AktmOwdNSd1rH_zrL4Qz7tDi1K067kLx0Ma3S828nSTJlP9Y7L0_ZfVyCelZlayGK3k=’
welcome to geeksforgeeks