def New():
"""
Constructs and returns a new _Session instance, containing a newly-generated
AES key and random nonce.
"""
return _Session.__Create(keys.AesKey.Generate(),
util.RandBytes(SESSION_NONCE_SIZE))
def Generate(size=keyinfo.HMAC_SHA1.default_size):
"""
Return a newly generated HMAC-SHA1 key.
@param size: length of key in bits to generate
@type size: integer
@return: an HMAC-SHA1 key
@rtype: L{HmacKey}
"""
key_bytes = util.RandBytes(size // 8)
key_string = util.Base64WSEncode(key_bytes)
return HmacKey(key_string, size)
def Generate(size=keyinfo.AES.default_size):
"""
Return a newly generated AES key.
@param size: length of key in bits to generate
@type size: integer
@return: an AES key
@rtype: L{AesKey}
"""
key_bytes = util.RandBytes(size // 8)
key_string = util.Base64WSEncode(key_bytes)
hmac_key = HmacKey.Generate() # use default HMAC-SHA1 key size
return AesKey(key_string, hmac_key, size)
def EncryptIO(self, reader , writer):
"""
Return ciphertext byte string containing Header|IV|Ciph|Sig.
@param data: plaintext to be encrypted.
@type data: string
@return: raw byte string ciphertext formatted to have Header|IV|Ciph|Sig.
@rtype: string
"""
mac = self.hmac_key.CreateStreamable()
#Write and update mac for header
header = self.Header()
writer.write(header)
mac.Update(header)
#Generate, write, and update mac for IV
iv_bytes = util.RandBytes(self.block_size)
writer.write(iv_bytes)
mac.Update(iv_bytes)
buffer_size = self.block_size * 4
cipher = self.__CreateCipher(self.key_bytes, iv_bytes)
more = True
while more:
data = util.ReadLength(reader, buffer_size)
more = len(data) == buffer_size
if not more:
data = self._Pad(data)
#encrypt, update mac and write out ciphertext
ciph_bytes = cipher.encrypt(data)
mac.Update(ciph_bytes)
writer.write(ciph_bytes)
#call final mac and write whatever is returned
ciph_bytes = cipher.final()
mac.Update(ciph_bytes)
writer.write(ciph_bytes)
#write mac and flush
writer.write(mac.Sign())
writer.flush()
def Encrypt(self, data):
"""
Return ciphertext byte string containing Header|IV|Ciph|Sig.
@param data: plaintext to be encrypted.
@type data: string
@return: raw byte string ciphertext formatted to have Header|IV|Ciph|Sig.
@rtype: string
"""
data = self._Pad(data)
iv_bytes = util.RandBytes(self.block_size)
cipher = self.__CreateCipher(self.key_bytes, iv_bytes)
ciph_bytes = cipher.encrypt(data)
ciph_bytes += cipher.final()
msg_bytes = self.Header() + iv_bytes + ciph_bytes
sig_bytes = self.hmac_key.Sign(msg_bytes) # Sign bytes
return msg_bytes + sig_bytes
def __init__(self, key, output_stream):
"""
Constructor
@param key: Keyczar Key to perform the padding, verification, cipher
creation needed by this stream
@type key: Key
@param output_stream: stream for encrypted output
@type output_stream: 'file-like' object
"""
self.__key = key
self.__output_stream = output_stream
self.__data = b''
self.__closed = False
self.__hmac_stream = key.hmac_key.CreateStreamable()
iv_bytes = util.RandBytes(key.block_size)
self.__cipher = AES.new(key.key_bytes, AES.MODE_CBC, iv_bytes)
hdr = key.Header()
self.__hmac_stream.Update(hdr + iv_bytes)
self.__output_stream.write(hdr + iv_bytes)
def __Encode(self, msg, label=b""):
if len(label) >= 2**61: # the input limit for SHA-1
raise errors.KeyczarError("OAEP parameter string too long.")
k = int(math.floor(math.log(self.key.n, 256)) + 1) # num bytes in n
if len(msg) > k - 2 * util.HLEN - 2:
raise errors.KeyczarError("Message too long to OAEP encode.")
label_hash = util.Hash(label)
pad_octets = (k - len(msg) - 2 * util.HLEN - 2) # Number of zeros to pad
if pad_octets < 0:
raise errors.KeyczarError("Message is too long: %d" % len(msg))
datablock = label_hash + util.RepeatByte(0x00, pad_octets) + b'\x01' + msg
seed = util.RandBytes(util.HLEN)
# Steps 2e, f
datablock_mask = util.MGF(seed, k - util.HLEN - 1)
masked_datablock = util.Xor(datablock, datablock_mask)
# Steps 2g, h
seed_mask = util.MGF(masked_datablock, util.HLEN)
masked_seed = util.Xor(seed, seed_mask)
# Step 2i: Construct the encoded message
return b'\x00' + masked_seed + masked_datablock
