def encrypt(self, message):
# 1. Encrypt
iv = Random.new().read(16)
encrypter = Cipher(self.enc_alg, self.key_enc, iv, self.ENC_OP)
c = b64encode(encrypter.update(message) + encrypter.final())
encryption = b64encode(iv) + c # b64encode(iv) size is always 24
# 2. Sign
hmac = HMAC(self.key_auth, self.auth_alg)
hmac.update(encryption)
auth_sig = b64encode(hmac.digest()) # auth_sig size is always 28
return auth_sig + encryption
def decrypt(self, sig_encryption):
auth_sig = sig_encryption[:28]
encryption = sig_encryption[28:]
# 1. Verify signature
hmac = HMAC(self.key_auth, self.auth_alg)
hmac.update(encryption)
if auth_sig != b64encode(hmac.digest()):
raise EVPError("Authentication failure: " +
auth_sig + " does not match " + b64encode(hmac.digest()))
# 2. Decrypt
iv = b64decode(encryption[:24])
ciphertext = b64decode(encryption[24:])
decrypter = Cipher(self.enc_alg, self.key_enc, iv, self.DEC_OP)
return decrypter.update(ciphertext) + decrypter.final()
def pycrypto_hmac_digest(key, bytes):
hmac = HMAC(key, digestmod=SHA256)
hmac.update(bytes)
return hmac.digest()
def m2crypto_hmac_digest(key, bytes):
hmac = HMAC(key, 'sha256')
hmac.update(bytes)
return hmac.digest()
def pycrypto_hmac_digest(key, bytes):
hmac = HMAC(key, digestmod = SHA256)
hmac.update(bytes)
return hmac.digest()
def m2crypto_hmac_digest(key, bytes):
hmac = HMAC(key, 'sha256')
hmac.update(bytes)
return hmac.digest()