from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives import constant_time from cryptography.hazmat.backends import default_backend import os import binascii
===============================
AES-192-GCM 加密函数
===============================
def aes_192_gcm_encrypt(key: bytes, plaintext: bytes, associated_data: bytes = b""): """ 使用 AES-192-GCM 进行加密 :param key: 24 字节密钥 :param plaintext: 明文数据 :param associated_data: 附加认证数据(可选) :return: (nonce, ciphertext, tag) """ if len(key) != 24: raise ValueError("AES-192 需要 24 字节密钥")
# 生成 12 字节随机 nonce(GCM 推荐长度)
nonce = os.urandom(12)
encryptor = Cipher(
algorithms.AES(key),
modes.GCM(nonce),
backend=default_backend()
).encryptor()
# 添加 AAD(可选)
encryptor.authenticate_additional_data(associated_data)
# 执行加密
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
# 返回 nonce、密文、tag
return nonce, ciphertext, encryptor.tag
===============================
AES-192-GCM 解密函数
===============================
def aes_192_gcm_decrypt(key: bytes, nonce: bytes, tag: bytes, ciphertext: bytes, associated_data: bytes = b""): """ 使用 AES-192-GCM 进行解密 :param key: 24 字节密钥 :param nonce: 加密时的随机 nonce :param tag: GCM 认证标签 :param ciphertext: 密文数据 :param associated_data: 附加认证数据(可选) :return: plaintext """ decryptor = Cipher( algorithms.AES(key), modes.GCM(nonce, tag), backend=default_backend() ).decryptor()
decryptor.authenticate_additional_data(associated_data)
# 执行解密
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
return plaintext
===============================
示例测试
===============================
if name == "main":
key_hex = "35FE9BD1DFF7FD1939382935F4AEEF62E2C7895D8F441305"
key = bytes.fromhex(key_hex)
plaintext = b"Hello, AES-192-GCM Encryption!"
aad = b"optional_authenticated_data"
print("原文:", plaintext)
# 加密
nonce, ciphertext, tag = aes_192_gcm_encrypt(key, plaintext, aad)
print("Nonce:", nonce.hex())
print("Ciphertext:", ciphertext.hex())
print("Tag:", tag.hex())
# 解密
decrypted = aes_192_gcm_decrypt(key, nonce, tag, ciphertext, aad)
print("解密结果:", decrypted)
# 校验
print("是否一致:", constant_time.bytes_eq(plaintext, decrypted))
《PC微信协议之AES-192-GCM算法》 是转载文章,点击查看原文。
