是否有任何 python 模块可以将密码安全地存储在 .conf/.txt 文件中?
Are there any python modules to store passwords securely in .conf/.txt files?
我正在尝试以安全的方式读写用户名和密码。在我目前的实施中,我正在关注 AES-CBC encryption/decryption but storing the encrypted username the with random key in a config file is a security issue. I found an option that keystore is a better way of storing passwords. I have checked similar ,但我不清楚这些信息。我发现的另一个选项是密钥环,它在 windows 中工作正常,但在 Linux 中,我收到以下错误。我已经检查了可能的解决方案,但找不到一个。
python keyring-test.py
Traceback (most recent call last):
File "keyring-test.py", line 3, in <module>
keyring.set_password(service_name="demo-service",username="admin",password="test")
File "/usr/lib/python2.7/site-packages/keyring/core.py", line 64, in set_password
_keyring_backend.set_password(service_name, username, password)
File "/usr/lib/python2.7/site-packages/keyring/backends/fail.py", line 23, in get_password
raise RuntimeError(msg)
RuntimeError: No recommended backend was available. Install the keyrings.alt package if you want to use the non-recommended backends. See README.rst for details.
有人可以建议我 python 中的任何更好的解决方案或模块来安全地存储密码吗?
我的实现是这样的:
我制作了一个随机字符串并将其存储到一个 txt 文件中,然后在一个密钥下加密其字节文件!我使用了我制作的两个函数,其中 def encrypt_file 接受文件加密其字节,returns 接受加密文件,而 def dencrypt_file 则相反。
from Crypto.Cipher import AES
import hashlib
import os
import pathlib
def encrypt_file(key,filein,fileout=None,IV=None):
modes = [1,2,8,3,6,9,11,12,10,5]
if os.path.isfile(filein):
if IV == None:
IV = 16 * b'\x00'
else:
IV = IV.encode("utf-8")
if len(IV)==16:
if fileout == None:
fileout_path = pathlib.Path(filein).parent
fileout_name = pathlib.Path(filein).name
else:
fileout_path = pathlib.Path(fileout).parent
fileout_name = pathlib.Path(fileout).name
print (fileout_path, fileout_name )
if os.path.exists(fileout_path) == False:
print("Path Does Not Exists")
return
encryptor = AES.new(hashlib.sha256(key.encode("utf-8")).digest(), 3, IV=IV)
with open(filein,"rb") as f :
f = f.read()
encr_bytes = encryptor.encrypt(f)
file = open(str(fileout_path)+"\"+str(fileout_name)+".enc","wb")
file.write(encr_bytes)
file.close()
del encryptor
else:
print ("IV must 16 bytes long")
return
else:
print("No file path")
return
def dencrypt_file(key,filein,fileout=None,IV=None,TXT = False):
if os.path.isfile(filein):
if IV == None:
IV = 16 * b'\x00'
else:
IV = IV.encode("utf-8")
if len(IV)==16:
if fileout == None:
fileout_path = pathlib.Path(filein).parent
fileout_name = pathlib.Path(filein).name
list_name = fileout_name.split(".")
else:
fileout_path = pathlib.Path(fileout).parent
fileout_name = pathlib.Path(fileout).name
list_name = fileout_name.split(".")
if os.path.exists(fileout_path) == False:
print("Path Does Not Exists")
return
file_name = list_name[0] + "." + list_name[1]
if os.path.isfile(str(fileout_path)+"\"+str(file_name)):
file_name = list_name[0] + "new" +"." + list_name[1]
print(file_name, "OK")
else:
file_name = file_name
final_path = str(fileout_path) + "\" + file_name
encryptor = AES.new(hashlib.sha256(key.encode("utf-8")).digest(), 3, IV=IV)
with open(filein,"rb") as f :
if TXT == False:
file = open(final_path,"wb")
file.write(encryptor.decrypt(f.read()))
file.close()
else:
return encryptor.decrypt(f.read()).decode("utf-8")
else:
print ("IV must 16 bytes long")
return
else:
print("No file path")
return
参数为
- 密钥:您的密钥
- filein : 您要加密的文件
- fileout : 输出文件
- IV : 初始化 Vector
我正在尝试以安全的方式读写用户名和密码。在我目前的实施中,我正在关注 AES-CBC encryption/decryption but storing the encrypted username the with random key in a config file is a security issue. I found an option that keystore is a better way of storing passwords. I have checked similar
python keyring-test.py
Traceback (most recent call last):
File "keyring-test.py", line 3, in <module>
keyring.set_password(service_name="demo-service",username="admin",password="test")
File "/usr/lib/python2.7/site-packages/keyring/core.py", line 64, in set_password
_keyring_backend.set_password(service_name, username, password)
File "/usr/lib/python2.7/site-packages/keyring/backends/fail.py", line 23, in get_password
raise RuntimeError(msg)
RuntimeError: No recommended backend was available. Install the keyrings.alt package if you want to use the non-recommended backends. See README.rst for details.
有人可以建议我 python 中的任何更好的解决方案或模块来安全地存储密码吗?
我的实现是这样的:
我制作了一个随机字符串并将其存储到一个 txt 文件中,然后在一个密钥下加密其字节文件!我使用了我制作的两个函数,其中 def encrypt_file 接受文件加密其字节,returns 接受加密文件,而 def dencrypt_file 则相反。
from Crypto.Cipher import AES
import hashlib
import os
import pathlib
def encrypt_file(key,filein,fileout=None,IV=None):
modes = [1,2,8,3,6,9,11,12,10,5]
if os.path.isfile(filein):
if IV == None:
IV = 16 * b'\x00'
else:
IV = IV.encode("utf-8")
if len(IV)==16:
if fileout == None:
fileout_path = pathlib.Path(filein).parent
fileout_name = pathlib.Path(filein).name
else:
fileout_path = pathlib.Path(fileout).parent
fileout_name = pathlib.Path(fileout).name
print (fileout_path, fileout_name )
if os.path.exists(fileout_path) == False:
print("Path Does Not Exists")
return
encryptor = AES.new(hashlib.sha256(key.encode("utf-8")).digest(), 3, IV=IV)
with open(filein,"rb") as f :
f = f.read()
encr_bytes = encryptor.encrypt(f)
file = open(str(fileout_path)+"\"+str(fileout_name)+".enc","wb")
file.write(encr_bytes)
file.close()
del encryptor
else:
print ("IV must 16 bytes long")
return
else:
print("No file path")
return
def dencrypt_file(key,filein,fileout=None,IV=None,TXT = False):
if os.path.isfile(filein):
if IV == None:
IV = 16 * b'\x00'
else:
IV = IV.encode("utf-8")
if len(IV)==16:
if fileout == None:
fileout_path = pathlib.Path(filein).parent
fileout_name = pathlib.Path(filein).name
list_name = fileout_name.split(".")
else:
fileout_path = pathlib.Path(fileout).parent
fileout_name = pathlib.Path(fileout).name
list_name = fileout_name.split(".")
if os.path.exists(fileout_path) == False:
print("Path Does Not Exists")
return
file_name = list_name[0] + "." + list_name[1]
if os.path.isfile(str(fileout_path)+"\"+str(file_name)):
file_name = list_name[0] + "new" +"." + list_name[1]
print(file_name, "OK")
else:
file_name = file_name
final_path = str(fileout_path) + "\" + file_name
encryptor = AES.new(hashlib.sha256(key.encode("utf-8")).digest(), 3, IV=IV)
with open(filein,"rb") as f :
if TXT == False:
file = open(final_path,"wb")
file.write(encryptor.decrypt(f.read()))
file.close()
else:
return encryptor.decrypt(f.read()).decode("utf-8")
else:
print ("IV must 16 bytes long")
return
else:
print("No file path")
return
参数为
- 密钥:您的密钥
- filein : 您要加密的文件
- fileout : 输出文件
- IV : 初始化 Vector