from Crypto.Cipher import AES
def encrypt_file(key, in_filename, out_filename=None, chunksize=64*1024):
""" Encrypts a file using AES (CBC mode) with the
given key.
key:
The encryption key - a string that must be
either 16, 24 or 32 bytes long. Longer keys
are more secure.
in_filename:
Name of the input file
out_filename:
If None, '<in_filename>.enc' will be used.
chunksize:
Sets the size of the chunk which the function
uses to read and encrypt the file. Larger chunk
sizes can be faster for some files and machines.
chunksize must be divisible by 16.
"""
if not out_filename:
out_filename = in_filename + '.enc'
iv = ''.join(chr(random.randint(0, 0xFF)) for i in range(16))
encryptor = AES.new(key, AES.MODE_CBC, iv)
filesize = os.path.getsize(in_filename)
with open(in_filename, 'rb') as infile:
with open(out_filename, 'wb') as outfile:
outfile.write(struct.pack('<Q', filesize))
outfile.write(iv)
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
elif len(chunk) % 16 != 0:
chunk += ' ' * (16 - len(chunk) % 16)
outfile.write(encryptor.encrypt(chunk))
这就是我加密文件的方式,但是如果您在同一个文件上运行它两次或更多次,它将继续加密它,不会提出任何问题,我想添加某种 if 检查它是否尚未由 AES 加密?这可能吗?
最常用的解决方案是在加密文件的开头写入一些“神奇”字符串,后跟加密内容。如果在读取文件时找到该字符串,则拒绝进一步加密。对于描述来说,它被读取为非常确定这是我们加密的文件,但除此之外它被忽略。
想象一下你正在使用“MyCrYpT”作为魔法(尽管这并不重要)what只要它相当独特,您就可以使用。
magic = "MyCrYpT"
# writing the encrypted file
with open(out_filename, 'wb') as outfile:
outfile.write(magic) # write the identifier.
outfile.write(struct.pack('<Q', filesize)) # file size
outfile.write(iv)
# et cetera
现在,当读取文件时,我们读取all数据,然后检查它是否是我们的。然后我们丢弃魔法并处理剩下的部分。
with open(in_filename, 'rb') as infile:
data = infile.read()
if data[:len(magic)] != magic:
raise ValueError('Not an encrypted file')
filedata = data[len(magic):]
# Proces the file data
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
