解密AnsibleValults的Python快捷方式?

2024-05-29 00:13:52 发布

您现在位置:Python中文网/ 问答频道 /正文
5140 3

我想创建一个在Windows和Unix上使用Ansible Vault的工具,不幸的是,在Windows机器上安装Ansible并不方便。但是我注意到加密算法是AES256,所以我认为可以使用pythons-Chipper或pyAesCrypt包。 但它们产生二进制输入和输出。Ansible Vault将二进制文件转换为ASCII格式

如何在不安装Ansible的情况下解密Ansible vault

小更新(EDIT1)

import os, binascii
from backports.pbkdf2 import pbkdf2_hmac

test = """\
39646166383265396433613964363733633431323236303136643162393233313763346431323836
3437633530383663633066636461643366663561636637320a613939343931376638386539623131
39333661336633626330373263323239663462383561646266663835666663386561666666353232
6662623338646636620a333063613932633762613737326364373265306661356235313935623036
6634"""

print(ord('\n'))

test = test.replace('\n', '')


output = []
#for (int charIdx = 0; charIdx < dataLen; charIdx+=2) {
#            output[charIdx/2] = (byte) ((Character.digit(hexed.charAt(charIdx), 16) << 4)
#                    + Character.digit(hexed.charAt(charIdx+1), 16));
#        }


for charIdx in range(0, int(len(test) / 2)):
    tests = ord('3')
    out = int(test[charIdx * 2],  base=16) * 16 + int(test[charIdx * 2 + 1], base=16)
    output.append(out)

str_salt_id = 0
str_hcm_id = 0
for index, item in enumerate(output):
    if item == ord('\n'):
        break

    str_salt_id += 1

for index, item in enumerate(output):
    if item == ord('\n') and index > str_salt_id:
        break

    str_hcm_id += 1

print(output[str_salt_id])
print(output[str_hcm_id])

str_salt = output[:str_salt_id]
str_hcm = output[str_salt_id + 1:str_hcm_id]
str_data = output[str_hcm_id + 1:]

print('-')
print(len(str_salt))
print(len(str_hcm))
print(len(str_data))
print('-')

str_salt_byte = bytearray(str_salt)


print(output.index(ord('\n')))
print(output.index(ord('\n')))

b_output = bytearray(output)

# salt = binascii.unhexlify('aaef2d3f4d77ac66e9c5a6c3d8f921d1')
passwd = "test".encode("utf8")
key = pbkdf2_hmac("sha256", passwd, str_salt_byte, 1000, 32)

print("Derived key:", binascii.hexlify(key))

def print_hi(name):
    # Use a breakpoint in the code line below to debug your script.
    print(f'Hi, {name}')  # Press Strg+F8 to toggle the breakpoint.


# Press the green button in the gutter to run the script.
if __name__ == '__main__':
    print_hi('PyCharm')

# See PyCharm help at https://www.jetbrains.com/help/pycharm/

我将结果与java版本进行了比较,似乎所有的东西都是正确的,正确的芯片密钥,正确的数据。现在,我正在寻找一个可以像以下java SnipSet一样解密的库:

// Class CypherAES256.java in  github.com/Wedjaa/JavaAnsibleVault 
public byte[] decryptAES(byte[] cypher, byte[] key, byte[] iv) throws IOException
    {

        SecretKeySpec keySpec = new SecretKeySpec(key, CYPHER_KEY_ALGO);
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        try
        {
            Cipher cipher = Cipher.getInstance(CYPHER_ALGO);
            cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
            byte[] decrypted = cipher.doFinal(cypher);
            return unpad(decrypted);
        }
        catch (Exception ex)
        {
            throw new IOException("Failed to decrypt data: " + ex.getMessage());
        }
    }

我的文件是:

$ANSIBLE_VAULT;1.1;AES256
39646166383265396433613964363733633431323236303136643162393233313763346431323836
3437633530383663633066636461643366663561636637320a613939343931376638386539623131
39333661336633626330373263323239663462383561646266663835666663386561666666353232
6662623338646636620a333063613932633762613737326364373265306661356235313935623036
6634

密码为“test”,加密文本为“This is a test”


Tags: thekeyintestidoutputindexansible
0条回答

目前没有回答

相关问题 更多 >

    编程相关推荐

    热门问题