AES symmetric encryption
AES (Advanced Encryption Standard), also known as Rijndael encryption method in cryptography, is a block encryption standard adopted by the United States. This standard is used to replace the original DES, and has been analyzed by multiple parties and is widely used worldwide. After a five-year selection process, the Advanced Encryption Standard was published by the National Institute of Standards and Technology (NIST) on FIPS PUB 197 on November 26, 2001, and became an effective standard on May 26, 2002. In 2006, advanced encryption standards have become one of the most popular algorithms in symmetric key encryption.
Advanced Encryption Standard (AES, Advanced Encryption Standard) is an advanced encryption standard in cryptography. AES is a packet encryption method that divides plaintexts into groups, each group has equal lengths, encrypting a set of data each time until the complete plaintext is encrypted. In the AES standard specification, the packet length can only be 128 bits, and AES is encrypted in bytes, that is, each packet is 16 bytes (8 bits per byte). The length of the key can be 128 bits, 192 bits, or 256 bits. This results in different key lengths and different recommended number of rounds of encryption.
1. Plain text P
No encrypted data
2. Key K
The password used to encrypt plaintext, in the symmetric encryption algorithm, the encryption and decryption keys are the same. The key is generated by negotiation between the receiver and the sender, but it cannot be transmitted directly on the network, otherwise it will lead to key leakage. The key is usually encrypted through an asymmetric encryption algorithm, and then transmitted to the other party through the network, or the key is negotiated directly face to face. The key must not be leaked, otherwise the attacker will restore the ciphertext and steal confidential data.
Encryption functions
Suppose the AES encryption function is E, then C = E(K, P), where P is plaintext, K is the key, and C is the ciphertext. That is to say, if the plaintext P and key K are input as parameters of the encryption function, the encryption function E will output the ciphertext C.
4. Password C
Data processed by encrypted functions
Decryption function
Suppose the AES decryption function is D, then P = D(K, C), where C is the ciphertext, K is the key, and P is the plaintext. That is to say, if the ciphertext C and key K are input as parameters of the decryption function, the decryption function will output the plaintext P.
Python Crypto encryption library
#The different versions of python are differentpip install pycryptodome (python3.7.3) pip install cryptography (python3.12.2)
python3.7.3 version
from import AES
from import get_random_bytes
from import pad, unpad
def encrypt_config(config_file, encrypted_file):
"""Encrypted configuration file"""
# Generate a 16-byte random key key = get_random_bytes(16)
print("Key: ", key)
# Read the configuration file with open(config_file, 'rb') as f:
plaintext = ()
# Encryption cipher = (key, AES.MODE_CBC)
ciphertext = (pad(plaintext, AES.block_size))
with open(encrypted_file, 'wb') as f:
()
(ciphertext)
print(f'File encrypted: {encrypted_file}')
def encrypt_config_one_key(config_files, encrypted_files):
"""Encrypt configuration files, multiple files use the same key"""
if not isinstance(config_files, list) or not isinstance(encrypted_files, list):
raise TypeError('config_files and encrypted_files must be list')
# Generate a 16-byte random key key = get_random_bytes(16)
print("Key: ", key)
config_add_key(config_files[0], encrypted_files[0], key)
config_add_key(config_files[1], encrypted_files[1], key)
return
def config_add_key(config_file, encrypted_file, key):
# Read the configuration file with open(config_file, 'rb') as f:
plaintext = ()
# Encryption cipher = (key, AES.MODE_CBC)
ciphertext = (pad(plaintext, AES.block_size))
with open(encrypted_file, 'wb') as f:
()
(ciphertext)
print(f'File encrypted: {encrypted_file}')
def decrypt_config(encrypted_file, key):
"""Decrypt configuration files"""
# Decrypt with open(encrypted_file, 'rb') as f:
iv = (16)
encrypted_data = ()
cipher = (key, AES.MODE_CBC, iv)
config_data = unpad((encrypted_data), AES.block_size)
print(f'Decrypted data: {config_data.decode()}')
if __name__ == '__main__':
# file1 = "/home/pi/printer_data/config/"
# target1 = "/home/pi/printer_data/config/test/printer_test.cfg"
# # encrypt_config(file1, target1)
# key1 = b'.)7[\x8c\xab\x12Y\xd6tm\x06\xe2\xd1l\xb5'
# key2 = b'\xf9\x19Uf\x11\xe9q\x0ci\x87\xe32%\xf8:W'
# # decrypt_config(target1, key1)
# decrypt_config(target2, key2)python3.12.2 version
import pickle
import configparser
from import Fernet
import os
def cfg2bin(file, result_file):
# Read the configuration file config = ()
(file)
# Serialize configuration file objects into binary files with open(result_file, 'wb') as f:
(config, f)
def encrypt_config(config_file, encrypted_file):
"""Encrypted configuration file"""
# Generate a key key = Fernet.generate_key()
print("Key: ", key)
# Read the configuration file content with open(config_file, 'r') as f:
config_data = ()
# Encrypt the configuration data using a key fernet = Fernet(key)
encrypted_data = (config_data.encode())
# Write to encrypted files with open(encrypted_file, 'wb') as f:
(encrypted_data)
print(f'The configuration file is encrypted and saved as: {encrypted_file}')
def decrypt_config(encrypted_file, key):
"""Decrypt configuration files"""
# Read encrypted files with open(encrypted_file, 'rb') as f:
encrypted_data = ()
# Use the key to decrypt configuration data fernet = Fernet(key)
config_data = (encrypted_data).decode()
print(f'Decrypted data: {config_data}')
if __name__ == '__main__':
file1 = "/home/cln/printer_data/config/"
file2 = "/home/cln/printer_data/config/"
target1 = "/home/cln/printer_data/config/test/printer_test.cfg"
target2 = "/home/cln/printer_data/config/test/"
# encrypt_config(file1, target1)
key1 = b'FN8eGSYuXtK2K7-X2jUcm6r1FK16PAzdTMOpg6wyLGQ='
decrypt_config(target1, key1)Modules involved
- moonraker dynamically modify configuration file module
- klippy read configuration module
Extruder configuration stripping
After the printer initializes the configuration file, only the parameters of the extruder are assigned to the deprecated parameter value in the configuration file.
Extruder configuration parameter assignment implementation, you can create a constant class (placed in the Util directory), or create an ini configuration of an extruder separately, and place it in the klippy directory.
Or perform extruder configuration parameter assignment before the toolhead module loads the extruder object.
Configuration file parameters
All parameter value information used by extruder
This is the end of this article about implementing configuration file encryption in different versions of Python. For more related Python configuration file encryption content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!