def _encrypt_data(self):
"""Cerealize, encipher, and base64 the session dict"""
if self.encrypt_key:
nonce = b64encode(os.urandom(40))[:8]
encrypt_key = generateCryptoKeys(self.encrypt_key, self.validate_key + nonce, 1)
ctrcipher = aes.AES(encrypt_key)
data = cPickle.dumps(self.dict, protocol=2)
return nonce + b64encode(ctrcipher.process(data))
else:
data = cPickle.dumps(self.dict, protocol=2)
return b64encode(data)
def _decrypt_data(self):
"""Bas64, decipher, then un-cerealize the data for the session dict"""
if self.encrypt_key:
nonce = self.cookie[self.key].value[:8]
encrypt_key = generateCryptoKeys(self.encrypt_key, self.validate_key + nonce, 1)
ctrcipher = aes.AES(encrypt_key)
payload = b64decode(self.cookie[self.key].value[8:])
data = ctrcipher.process(payload)
return cPickle.loads(data)
else:
data = b64decode(self.cookie[self.key].value)
return cPickle.loads(data)
def aesEncrypt(data, key):
cipher = aes.AES(key)
return cipher.process(data)
def fake_ecb_using_ctr(k, p):
return aes.AES(key=k, iv=p).process('\x00' * 16)
def test_encrypt_zeroes_in_two_parts(self):
cryptor = aes.AES(key="\x00" * 16)
ct1 = cryptor.process("\x00" * 8)
ct2 = cryptor.process("\x00" * 8)
self.failUnlessEqual(self.enc0, b2a_hex(ct1 + ct2))
def test_encrypt_zeroes(self):
cryptor = aes.AES(key="\x00" * 16)
ct = cryptor.process("\x00" * 16)
self.failUnlessEqual(self.enc0, b2a_hex(ct))
def __init__(self, aes_key, initial_counter_value=0):
if initial_counter_value != 0:
raise ValueError(
'This AES CTR implementation only supports counter start value 0.'
)
self.aes = aes.AES(aes_key)
