def _encrypt(self):
"""
Rebuild the master key from header settings and key-hash list. Encrypt
the stream start bytes and the out-buffer formatted as hashed block
stream with padding added as needed.
"""
# rebuild master key from (possibly) updated header
self._make_master_key()
# make hashed block stream
block_buffer = HashedBlockIO()
block_buffer.write(self.out_buffer.read())
# data is buffered in hashed block io, start a new one
self.out_buffer = io.BytesIO()
# write start bytes (for successful decrypt check)
self.out_buffer.write(self.header.StreamStartBytes)
# append blocked data to out-buffer
block_buffer.write_block_stream(self.out_buffer)
block_buffer.close()
self.out_buffer.seek(0)
# encrypt the whole thing with header settings and master key
data = pad(self.out_buffer.read())
self.out_buffer = aes_cbc_encrypt(data, self.master_key,
self.header.EncryptionIV)
def _encrypt(self):
"""
Rebuild the master key from header settings and key-hash list. Encrypt
the stream start bytes and the out-buffer formatted as hashed block
stream with padding added as needed.
"""
# rebuild master key from (possibly) updated header
self._make_master_key()
# make hashed block stream
block_buffer = HashedBlockIO()
block_buffer.write(self.out_buffer.read())
# data is buffered in hashed block io, start a new one
self.out_buffer = io.BytesIO()
# write start bytes (for successful decrypt check)
self.out_buffer.write(self.header.StreamStartBytes)
# append blocked data to out-buffer
block_buffer.write_block_stream(self.out_buffer)
block_buffer.close()
self.out_buffer.seek(0)
# encrypt the whole thing with header settings and master key
ciphername = self.header.ciphers.get(self.header.CipherID,
self.header.CipherID)
if ciphername == 'AES':
data = pad(self.out_buffer.read())
self.out_buffer = aes_cbc_encrypt(data, self.master_key,
self.header.EncryptionIV)
elif ciphername == 'Twofish':
data = pad(self.out_buffer.read())
self.out_buffer = twofish_cbc_encrypt(data, self.master_key,
self.header.EncryptionIV)
else:
raise IOError('Unsupported encryption type: %s' %
codecs.encode(ciphername, 'hex'))
def _decrypt(self, stream):
"""
Build the master key from header settings and key-hash list.
Start reading from `stream` after the header and decrypt all the data.
Remove padding as needed and feed into hashed block reader, set as
in-buffer.
"""
super(KDB4File, self)._decrypt(stream)
ciphername = self.header.ciphers.get(self.header.CipherID,
self.header.CipherID)
if ciphername == 'AES':
data = aes_cbc_decrypt(stream.read(), self.master_key,
self.header.EncryptionIV)
data = unpad(data)
elif ciphername == 'Twofish':
data = twofish_cbc_decrypt(stream.read(), self.master_key,
self.header.EncryptionIV)
data = unpad(data)
else:
raise IOError('Unsupported decryption type: %s' %
codecs.encode(ciphername, 'hex'))
length = len(self.header.StreamStartBytes)
if self.header.StreamStartBytes == data[:length]:
# skip startbytes and wrap data in a hashed block io
self.in_buffer = HashedBlockIO(initial_bytes=data[length:])
# set successful decryption flag
self.opened = True
else:
raise IOError('Master key invalid.')
def _decrypt(self, stream):
"""
Build the master key from header settings and key-hash list.
Start reading from `stream` after the header and decrypt all the data.
Remove padding as needed and feed into hashed block reader, set as
in-buffer.
"""
super(KDB4File, self)._decrypt(stream)
data = aes_cbc_decrypt(stream.read(), self.master_key,
self.header.EncryptionIV)
data = unpad(data)
length = len(self.header.StreamStartBytes)
if self.header.StreamStartBytes == data[:length]:
# skip startbytes and wrap data in a hashed block io
self.in_buffer = HashedBlockIO(initial_bytes=data[length:])
# set successful decryption flag
self.opened = True
else:
raise IOError('Master key invalid.')
