def TestInput(input_bytes): if len(input_bytes) < 12: return fdp = atheris.FuzzedDataProvider(input_bytes) choice = fdp.ConsumeIntInRange(1, 4) if choice == 1: cipher = aead.ChaCha20Poly1305(aead.ChaCha20Poly1305.generate_key()) if choice == 2: cipher = aead.AESGCM(aead.AESGCM.generate_key(bit_length=128)) if choice == 3: cipher = aead.AESOCB3(aead.AESOCB3.generate_key(bit_length=128)) if choice == 4: cipher = aead.AESCCM(aead.AESCCM.generate_key(bit_length=128)) msg = fdp.ConsumeBytes(32) authentext = fdp.ConsumeBytes(32) nonce = fdp.ConsumeBytes(12) if len(nonce) < 12: return ciphertext = cipher.encrypt(nonce, msg, authentext) plaintext = cipher.decrypt(nonce, ciphertext, authentext) assert (plaintext == msg), "Encryption/Decrption error!"
def chacha20_poly1305_decrypt(*, key: bytes, nonce: bytes, associated_data: bytes = None, data: bytes) -> bytes: assert isinstance(key, (bytes, bytearray)) assert isinstance(nonce, (bytes, bytearray)) assert isinstance(associated_data, (bytes, bytearray, type(None))) assert isinstance(data, (bytes, bytearray)) assert len(key) == 32, f"unexpected key size: {len(key)} (expected: 32)" assert len( nonce) == 12, f"unexpected nonce size: {len(nonce)} (expected: 12)" if HAS_CRYPTODOME: cipher = CD_ChaCha20_Poly1305.new(key=key, nonce=nonce) if associated_data is not None: cipher.update(associated_data) # raises ValueError if not valid (e.g. incorrect MAC) return cipher.decrypt_and_verify(ciphertext=data[:-16], received_mac_tag=data[-16:]) if HAS_CRYPTOGRAPHY: a = CG_aead.ChaCha20Poly1305(key) try: return a.decrypt(nonce, data, associated_data) except cryptography.exceptions.InvalidTag as e: raise ValueError("invalid tag") from e raise Exception("no chacha20 backend found")
def get_aead_cipher(key, method): '''get_aead_cipher method should be AEAD method''' if method.startswith('aes'): return aead.AESGCM(key) try: return aead.ChaCha20Poly1305(key) except Exception: from .ctypes_libsodium import SodiumAeadCrypto return SodiumAeadCrypto(method, key)
def chacha20_poly1305_encrypt(*, key: bytes, nonce: bytes, associated_data: bytes, data: bytes) -> bytes: assert isinstance(key, (bytes, bytearray)) assert isinstance(nonce, (bytes, bytearray)) assert isinstance(associated_data, (bytes, bytearray)) assert isinstance(data, (bytes, bytearray)) if HAS_CRYPTODOME: cipher = CD_ChaCha20_Poly1305.new(key=key, nonce=nonce) cipher.update(associated_data) ciphertext, mac = cipher.encrypt_and_digest(plaintext=data) return ciphertext + mac if HAS_CRYPTOGRAPHY: a = CG_aead.ChaCha20Poly1305(key) return a.encrypt(nonce, data, associated_data) raise Exception("no chacha20 backend found")
def chacha20_poly1305_encrypt(*, key: bytes, nonce: bytes, associated_data: bytes = None, data: bytes) -> bytes: assert isinstance(key, (bytes, bytearray)) assert isinstance(nonce, (bytes, bytearray)) assert isinstance(associated_data, (bytes, bytearray, type(None))) assert isinstance(data, (bytes, bytearray)) assert len(key) == 32, f"unexpected key size: {len(key)} (expected: 32)" assert len( nonce) == 12, f"unexpected nonce size: {len(nonce)} (expected: 12)" if HAS_CRYPTODOME: cipher = CD_ChaCha20_Poly1305.new(key=key, nonce=nonce) if associated_data is not None: cipher.update(associated_data) ciphertext, mac = cipher.encrypt_and_digest(plaintext=data) return ciphertext + mac if HAS_CRYPTOGRAPHY: a = CG_aead.ChaCha20Poly1305(key) return a.encrypt(nonce, data, associated_data) raise Exception("no chacha20 backend found")
# prompt for input on stderr def einput(text): sys.stderr.write(text) return input() # getpass and encode passwd = lambda prompt='Enter Password: '******'utf-8') # split string at index split = lambda string, index: (string[:index], string[index:]) # get aead cipher depending on arguments aead = lambda key, cipher: AEAD.AESGCM(key) if cipher == Aenker.cipher_t.Value( 'AESGCM') else AEAD.ChaCha20Poly1305(key) # key derivation wrappers class KDF: argon2 = lambda password, blob :\ split(argon2_raw(password, blob.nonce, \ blob.kdf_opts.time_cost, 2**blob.kdf_opts.memory_cost, blob.kdf_opts.parallelism, \ hash_len=44, type=argon2_type.I), 12) # parse commandline arguments argparser = argparse.ArgumentParser() # arg_grp: input / output files
def decrypt(cls, ciphertext_and_tag, aad, key, iv): try: return aead.ChaCha20Poly1305(key).decrypt(iv, ciphertext_and_tag, aad) except cryptography.exceptions.InvalidTag: raise ProtectionInvalid("Tag invalid")
def encrypt(cls, plaintext, aad, key, iv): return aead.ChaCha20Poly1305(key).encrypt(iv, plaintext, aad)
def get_aead_cipher(key, method): '''get_aead_cipher method should be AEAD method''' if method.startswith('aes'): return aead.AESGCM(key) return aead.ChaCha20Poly1305(key)
def __init__(self, reader, key, info, chunksize=1984): self.reader = reader self.cipher = aead.ChaCha20Poly1305(key) self.info = info self.chunksize = chunksize + 16 self.i = 0