def decrypt(bytes, password):
""" Decrypt the given encrypted text using the given 256-bit password.
The parameters are as follows:
'bytes'
The encrypted text, as a string of binary data.
'password'
The password to use for the decryption process.
We use the Output Feedback (OFB) mode of AES256 to decrypt the given
text using the given password. Upon completion, we return the
decrypted text, as a string.
"""
# Prepare to decrypt the text.
key = pyAES.passwordToKey(password)
chunks = _splitString(bytes, 16)
output = [] # Array of bytes.
# Load the initialisation vector from the first chunk.
initialisation_vector = _textToBytes(chunks[0])
# Process each chunk in turn.
for chunk_num,chunk in enumerate(chunks[1:]):
if chunk_num == 0:
block_key = pyAES.aesEncrypt(initialisation_vector, key)
else:
block_key = pyAES.aesEncrypt(block_key, key)
block = _textToBytes(chunk)
plaintext = []
for i in range(16):
plaintext.append(block[i] ^ block_key[i])
# If we're in the last chunk, throw out the number of bytes represented
# by the last byte in the chunk.
if chunk_num == len(chunks)-2:
plaintext = plaintext[0:-(plaintext[-1])]
# Add the plaintext to the output.
for c in plaintext:
output.append(chr(c))
# Finally, return the decrypted output back to the caller.
return "".join(output)
def encrypt(text, password):
""" Encrypt the given text using the given 256-bit password.
The parameters are as follows:
'text'
A string of source text to encrypt.
'password'
The password to use for the encryption process.
We use the Output Feedback (OFB) mode of AES256 to encrypt the given
text using the given password. The given text can be any length. Upon
completion, we return a string of binary data containing the encrypted
form of the text.
Note that this is a modified version of the pyAES.encrypt() function.
The supplied encrypt() function requires the source and destination
text to be stored as files on disk; this rewrite doesn't have that
limitation, though it works in exactly the same way.
"""
# Create an initialisation vector for the encrytion.
initialisation_vector = []
for i in range(16):
initialisation_vector.append(random.randint(0, 255))
# Prepare to encrypt the source text using the given password.
key = pyAES.passwordToKey(password)
chunks = _splitString(text, 16)
output = [] # Array of bytes.
# Add the initialisation vector to the output.
for byte in initialisation_vector:
output.append(chr(byte))
# Process each chunk in turn.
first_round = True
for chunk in chunks:
if len(chunk) < 16:
# Pad the chunk with a string representing the number of missing
# bytes.
padChar = chr(16 - len(chunk))
while len(chunk) < 16:
chunk = chunk + padChar
block = _textToBytes(chunk)
if first_round:
block_key = pyAES.aesEncrypt(initialisation_vector, key)
first_round = False
else:
block_key = pyAES.aesEncrypt(block_key, key)
ciphertext = []
for i in range(16):
ciphertext.append(block[i] ^ block_key[i])
for c in ciphertext:
output.append(chr(c))
# If the source text was a multiple of 16 bytes long, we need to add an
# extra block of padding.
if len(chunks[-1]) == 16:
output.append(16*chr(16))
# Finally, return the output back to the caller.
return "".join(output)
