f0ng
diff --git a/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144644.png
393 KB b/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144644.png
393 KB
diff --git a/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144836.png
358 KB b/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144836.png
358 KB
diff --git a/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144916.png
177 KB b/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144916.png
177 KB
diff --git a/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144953.png
290 KB b/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/photo/Pasted image 20240306144953.png
290 KB
diff --git a/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/响应包为明文，请求包为密文，请求包需要解密.md
+76 b/‎接口加解密算法的用法/Python/响应包为明文，请求包为密文，请求包需要解密/响应包为明文，请求包为密文，请求包需要解密.md
+76
@@ -0,0 +1,76 @@
+---
+created: 2024-03-06T14:49:08+08:00
+updated: 2024-03-06T14:51:06+08:00
+---
+原数据包如下
+![](photo/Pasted%20image%2020240306144644.png)
+
+请求包为加密、响应包为明文，且需要对请求包的内容进行解密
+
+脚本原理为在解密的时候，判断密文的来源，如果密文从请求包里来，则是真正的密文，需要解密；如果密文从响应包里来，则是明文，原样返回即可
+
+
+脚本如下
+```python
+from flask import Flask, request
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad,unpad
+import base64
+from urllib.parse import parse_qs,quote
+import hashlib
+
+def aes_encrypt(key, data):
+    cipher = AES.new(key, AES.MODE_ECB)
+    padded_data = pad(data.encode(), AES.block_size)
+    cipher_text = cipher.encrypt(padded_data)
+    return base64.b64encode(cipher_text).decode()
+
+def aes_decrypt(key, data):
+    cipher = AES.new(key, AES.MODE_ECB)
+    decrypted_data = cipher.decrypt(base64.b64decode(data))
+    unpadded_data = unpad(decrypted_data, AES.block_size)
+    return unpadded_data.decode()
+
+app = Flask(__name__)
+
+@app.route('/encode', methods=["POST"])
+def encrypt():
+    key = b'xxxxxxxxxxxxxxxx'  # 16 bytes key
+    str1 = 'xxxxxxxxxxxxxxxx'
+    param = request.form.get('dataBody')  # Get POST parameter
+    md5value = param + str1
+    param1 =  quote(aes_encrypt(key,param))
+    param2 = hashlib.md5(md5value.encode()).hexdigest()
+    return f"Param={param1}&Autograph={param2}"
+    '''
+    data = json.loads(param)
+    encrypted_id = aes_encrypt(key, data["id"])
+    encry_param = param.replace(data["id"], encrypted_id)
+    return base64.b64decode(encry_param.encode()).decode()
+    '''
+
+@app.route('/decode', methods=["POST"])  # No decryption
+def decrypt():
+    key = b'xxxxxxxxxxxxxxxx'  # 16 bytes key
+    param = request.form.get('dataBody')  # Get POST parameter
+    reqresp = request.form.get('requestorresponse')
+    if reqresp == "request": # 判断传入的参数来源，如果是请求，则解密，否则，原样返回
+        parsed_params = parse_qs(param)
+        return aes_decrypt(key,parsed_params["Param"][0])
+    else:
+        return param
+
+if __name__ == '__main__':
+    app.debug = True  # Set debug mode, remember to turn it off in production
+    app.run(host="0.0.0.0", port=8888)
+```
+
+配置如下
+![](photo/Pasted%20image%2020240306144836.png)
+
+正常解密
+![](photo/Pasted%20image%2020240306144916.png)
+
+发送明文的请求，也自动进行加密
+
+![](photo/Pasted%20image%2020240306144953.png)