响应包为明文，请求包为密文，请求包需要解密.md

created	updated
2024-03-06 14:49:08 +0800	2024-03-06 14:51:06 +0800

原数据包如下

请求包为加密、响应包为明文，且需要对请求包的内容进行解密

脚本原理为在解密的时候，判断密文的来源，如果密文从请求包里来，则是真正的密文，需要解密；如果密文从响应包里来，则是明文，原样返回即可

脚本如下

from flask import Flask, request
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad,unpad
import base64
from urllib.parse import parse_qs,quote
import hashlib

def aes_encrypt(key, data):
    cipher = AES.new(key, AES.MODE_ECB)
    padded_data = pad(data.encode(), AES.block_size)
    cipher_text = cipher.encrypt(padded_data)
    return base64.b64encode(cipher_text).decode()

def aes_decrypt(key, data):
    cipher = AES.new(key, AES.MODE_ECB)
    decrypted_data = cipher.decrypt(base64.b64decode(data))
    unpadded_data = unpad(decrypted_data, AES.block_size)
    return unpadded_data.decode()

app = Flask(__name__)

@app.route('/encode', methods=["POST"])
def encrypt():
    key = b'xxxxxxxxxxxxxxxx'  # 16 bytes key
    str1 = 'xxxxxxxxxxxxxxxx'
    param = request.form.get('dataBody')  # Get POST parameter
    md5value = param + str1
    param1 =  quote(aes_encrypt(key,param))
    param2 = hashlib.md5(md5value.encode()).hexdigest()
    return f"Param={param1}&Autograph={param2}"
    '''
    data = json.loads(param)
    encrypted_id = aes_encrypt(key, data["id"])
    encry_param = param.replace(data["id"], encrypted_id)
    return base64.b64decode(encry_param.encode()).decode()
    '''

@app.route('/decode', methods=["POST"])  # No decryption
def decrypt():
    key = b'xxxxxxxxxxxxxxxx'  # 16 bytes key
    param = request.form.get('dataBody')  # Get POST parameter
    reqresp = request.form.get('requestorresponse')
    if reqresp == "request": # 判断传入的参数来源，如果是请求，则解密，否则，原样返回
        parsed_params = parse_qs(param)
        return aes_decrypt(key,parsed_params["Param"][0])
    else:
        return param

if __name__ == '__main__':
    app.debug = True  # Set debug mode, remember to turn it off in production
    app.run(host="0.0.0.0", port=8888)

配置如下

正常解密

发送明文的请求，也自动进行加密