def write_data_on_file(ciphertext_outfile=None, data=None, debug=0):
"""
Append given data on the given file
:param ciphertext_outfile: file where data will be written
:param data: data to write
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
"""
import logging
import os.path
# Check if ciphertext_outfile is set and it exists
if ciphertext_outfile is None or not os.path.exists(ciphertext_outfile):
logging.error('write_data_on_file ciphertext_outfile exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in write_data_on_file ciphertext_outfile')
raise Exception
# Check if data is set
if data is None:
logging.error('write_data_on_file data exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in write_data_on_file data')
raise Exception
from old.FunctionUtils import write_bytes_on_file
# Append data to the end of the given outfile
write_bytes_on_file(ciphertext_outfile, data, 'ab', 0, debug)
def add_re_enc_params(file=None, enc_seed_key_len=None, iv=None, debug=0):
"""
Update the given file adding all the parameters required to decrypt the re-encryption operation
:param file: file to update
:param enc_seed_key_len: encrypted seed, key and re-encryption length (first element to randomly generate a set of
're-encryption length' (third element) bytes positions for punctured encryption, second
element used in the symmetric re-encryption
:param iv: IV used in the cipher
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
"""
import logging
import os.path
# Check if file is set and exists
if file is None or not os.path.isfile(file):
logging.error('add_re_enc_params file exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in add_re_enc_params file')
raise Exception
# Check if enc_seed_key_len is set
if enc_seed_key_len is None:
logging.error('add_re_enc_params enc_seed_key_len exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in add_re_enc_params enc_seed_key_len')
raise Exception
# Check if iv is set
if iv is None:
logging.error('add_re_enc_params iv exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in add_re_enc_params iv')
raise Exception
from old.crypto.Const import IV_DEFAULT_SIZE
import struct
# Create the struct of data to append to the ciphertext file
struct_format = '%ds%dsH' % (len(enc_seed_key_len), IV_DEFAULT_SIZE)
data_to_append = struct.pack(struct_format, enc_seed_key_len, iv,
len(enc_seed_key_len))
from old.FunctionUtils import write_bytes_on_file
# Append data bytes to the file
write_bytes_on_file(file, data_to_append, 'ab', 0, debug)
# Update re-encryptions number increasing its value by 1
update_re_enc_num(file, 1, debug)
def remove_aont_enc(ciphertext_infile=None,
plaintext_outfile=None,
n=AONT_DEFAULT_N,
k0=AONT_DEFAULT_K0,
encoding=AONT_DEFAULT_ENCODING,
ciphertext_length=None,
sym_key=None,
iv=None,
transf_ciphertext_offset=None,
transf_ciphertext_length=None,
chunk_size=AONT_DEFAULT_N // 8,
debug=0):
"""
Remove All-Or-Nothing transformation and symmetric encryption applied to the ciphertext.
:param ciphertext_infile: file with the ciphertext to anti-transform and decrypt
:param plaintext_outfile: file where plaintext will be saved
:param n: transformation chunk size in bytes
:param k0: random number length in bytes
:param encoding: used encoding
:param ciphertext_length: length of the anti-transformed ciphertext
:param sym_key: symmetric key to use for decryption
:param iv: initialisation vector to use for decryption
:param transf_ciphertext_offset: transformed ciphertext position in the given file
:param transf_ciphertext_length: transformed ciphertext length
:param chunk_size: number of bytes of each chunk of the ciphertext to anti-transform and decrypt
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
"""
import logging
import os.path
# Check if ciphertext_infile is set and it exists
if ciphertext_infile is None or not os.path.exists(ciphertext_infile):
logging.error('remove_aont_enc ciphertext_infile exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc ciphertext_infile')
raise Exception
# Check if plaintext_outfile is set
if plaintext_outfile is None:
logging.error('remove_aont_enc plaintext_outfile exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc plaintext_outfile')
raise Exception
# Check if ciphertext_length is set
if ciphertext_length is None:
logging.error('remove_aont_enc ciphertext_length exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc ciphertext_length')
raise Exception
# Check if sym_key is set
if sym_key is None:
logging.error('remove_aont_enc sym_key exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc sym_key')
raise Exception
# Check if iv is set
if iv is None:
logging.error('remove_aont_enc IV exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc IV')
raise Exception
# Check if transf_ciphertext_offset is set
if transf_ciphertext_offset is None:
logging.error('remove_aont_enc transf_ciphertext_offset exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc transf_ciphertext_offset')
raise Exception
# Check if transf_ciphertext_length is set
if transf_ciphertext_length is None:
logging.error('remove_aont_enc transf_ciphertext_length exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in remove_aont_enc transf_ciphertext_length')
raise Exception
# Anti-transform and decrypt a data chunk read from the ciphertext input file
with (open(ciphertext_infile, 'rb')) as fin:
# Shift file pointer to transformed ciphertext starting byte
fin.seek(transf_ciphertext_offset)
# Remove transformation and encryption from data chunks until all transformed ciphertext is anti-transformed and
# decrypted
while transf_ciphertext_length > 0:
# Read chunk
transf_ciphertext_chunk = fin.read(chunk_size)
# Decrease number of remaining bytes to read
transf_ciphertext_length -= chunk_size
# Anti-transform ciphertext chunk
ciphertext_chunk = remove_aont(transf_ciphertext_chunk, n, k0,
encoding,
min(chunk_size,
ciphertext_length), debug)
# Decrease remaining ciphertext length
ciphertext_length -= (n - k0) // 8
from old.crypto.SymEncPrimitives import sym_decrypt
# Decrypt chunk
dec_plaintext_chunk = sym_decrypt(key=sym_key,
iv=iv,
ciphertext=ciphertext_chunk,
debug=debug)
if debug: # ONLY USE FOR DEBUG
print('DECRYPTED PLAINTEXT = (%d) %s' %
(len(dec_plaintext_chunk), dec_plaintext_chunk))
from old.FunctionUtils import write_bytes_on_file
# Write decrypted plaintext chunk on output file
write_bytes_on_file(plaintext_outfile, dec_plaintext_chunk, 'ab',
0, debug)
def encrypt_seed_key_len(data=None, pk_file=None, policy=None, debug=0):
"""
Encrypt data using ABE scheme with the given public key and policy
:param data: the content to encrypt
:param pk_file: file containing the public key
:param policy: policy to apply during encryption
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
:return: encrypted data
"""
import logging
import os.path
# Check if data is set
if data is None:
logging.error('encrypt_seed_key_len data exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in encrypt_seed_key_len data')
raise Exception
# Check if pk_file is set and it exists
if pk_file is None or not os.path.isfile(pk_file):
logging.error('encrypt_seed_key_len pk_file exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in encrypt_seed_key_len pk_file')
raise Exception
# Check if policy is set
if policy is None:
logging.error('encrypt_seed_key_len policy exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in encrypt_seed_key_len policy')
raise Exception
from old.crypto.Const import TEMP_PATH
# Create temporary files for ABE encryption
temp_file = TEMP_PATH + 'temp'
enc_temp_file = TEMP_PATH + 'enc_' + temp_file.rsplit('/', 1)[1]
from old.FunctionUtils import write_bytes_on_file, read_bytes_from_file
# Write data on temporary file
write_bytes_on_file(temp_file, data, 'wb', 0, debug)
from re_enc_engine.abe_primitives import encrypt
# Encrypt temporary file with ABE
encrypt(enc_outfile=enc_temp_file,
pk_file=pk_file,
plaintext_file=temp_file,
policy=policy,
debug=debug)
# Read encryption result from the output file
enc_data = read_bytes_from_file(enc_temp_file, debug)
if debug: # ONLY USE FOR DEBUG
from binascii import hexlify
print('ENCRYPTED SEED AND KEY = (%d) %s -> %s' %
(len(enc_data), enc_data, hexlify(enc_data)))
# Delete temporary files
os.remove(enc_temp_file)
return enc_data
def write_header_on_file(ciphertext_outfile=None, data=None, debug=0):
"""
Write the header parameters on the given output ciphertext file
:param ciphertext_outfile: file where header will be written
:param data: header params to write
:param debug: if 1, prints will be shown during execution; default 0, no prints are shown
"""
import logging
# Check if ciphertext_outfile is set
if ciphertext_outfile is None:
logging.error('write_header_on_file ciphertext_outfile exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in write_header_on_file ciphertext_outfile')
raise Exception
# Check if data is set
if data is None:
logging.error('write_header_on_file data exception')
if debug: # ONLY USE FOR DEBUG
print('EXCEPTION in write_header_on_file data')
raise Exception
# Get values to write on file
version = data[0]
n = data[1]
k0 = data[2]
enc_key_length = data[3]
enc_key = data[4]
iv = data[5]
ciphertext_length = data[6]
re_enc_num = 0
if debug: # ONLY USE FOR DEBUG
print('VERSION = %d' % version)
print('N = %d' % n)
print('K0 = %d' % k0)
print('ENC SYM KEY = (%d) %s' % (enc_key_length, enc_key))
print('IV = (%d) %s' % (len(iv), iv))
print('CIPHERTEXT LENGTH = %d' % ciphertext_length)
print('RE-ENCRYPTIONS NUM = %d' % re_enc_num)
# Create string format for struct
struct_format = 'BHHH%ds%dsQH' % (enc_key_length, len(iv))
if debug: # ONLY USE FOR DEBUG
print('STRING FORMAT FOR STRUCT = ', struct_format)
import struct
# Create struct with all header parameters
data_to_write = struct.pack(struct_format, version, n, k0, enc_key_length,
enc_key, iv, ciphertext_length, re_enc_num)
if debug: # ONLY USE FOR DEBUG
print('DATA TO WRITE ON FILE = (%d) %s' %
(len(data_to_write), data_to_write))
from old.FunctionUtils import write_bytes_on_file
# Write data bytes on given outfile
write_bytes_on_file(outfile=ciphertext_outfile,
data=data_to_write,
debug=debug)