def decrypt(self, enc):
"""
Decryption algorithm.
Decrypt raw message only if length > 2.
Padding is not working for lenght less than 2.
"""
decrypted = "{}"
print("Decrypting", enc)
try:
if enc and len(enc) > 2:
enc = base64.b64decode(enc)
print("Encrypted string: ", enc)
if len(enc) % BS != 0:
enc = self._pad(enc)
cipher = Decrypter(AESModeOfOperationECB(self._key),
padding=PADDING_NONE)
decrypted = cipher.feed(enc) + cipher.feed()
return decrypted.decode("utf8").rstrip(chr(0))
return decrypted
except UnicodeDecodeError as err:
_LOGGER.error(f"Unable to decrypt: {decrypted} with error: {err}")
print("CAN'T DECRYPT")
except Exception as err:
print("ERROR ENCRYPTION")
def decrypt(self, enc):
# trying to decrypt empty data fails
if not enc:
return ""
enc = base64.b64decode(enc)
cipher = Decrypter(AESModeOfOperationECB(self.key), padding=PADDING_NONE)
decrypted = cipher.feed(enc) + cipher.feed()
return decrypted.decode("utf8").rstrip(chr(0))
def _set_session_key(self):
kex = KeyExchange()
resp = self._api_put('security', {'diffie': kex.get_public_key()},
False)
tmp_key = kex.get_exchanged_key(resp['hellman'])
dec = Decrypter(AESModeOfOperationCBC(tmp_key))
self.session_key += dec.feed(bytes.fromhex(resp['key']))
self.session_key += dec.feed()
def aes_decrypt_with_iv(key, iv, data):
if AES:
cipher = AES.new(key, AES.MODE_CBC, iv)
data = cipher.decrypt(data)
else:
aes_cbc = AESModeOfOperationCBC(key, iv=iv)
aes = Decrypter(aes_cbc, PADDING_NONE)
data = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer
return _strip_PKCS7_padding(data)
def decrypt(self, edata: bytes) -> bytes:
if not self._password_hash:
raise Exception('You need to call .init() for first')
elif not isinstance(edata, bytes):
raise Exception('edata must be bytes')
else:
aes_cbc = Decrypter(
AESModeOfOperationCBC(self._password_hash, self.__iv))
decrypted = aes_cbc.feed(edata)
decrypted += aes_cbc.feed()
return strip_PKCS7_padding(decrypted)
def decrypt(self, enc):
# trying to decrypt empty data fails
if not enc:
return ""
enc = base64.b64decode(enc)
cipher = Decrypter(AESModeOfOperationECB(self.key),
padding=PADDING_NONE)
decrypted = cipher.feed(enc) + cipher.feed()
try:
r = decrypted.decode("utf8").rstrip(chr(0))
except UnicodeDecodeError as e:
raise SystemError("Decryption error (%s). Wrong password?", e)
return r
def decrypt(self, edata: bytes) -> bytes:
if not self._scrypt_key:
raise Exception('You need to call .init() for first')
elif not isinstance(edata, bytes):
raise Exception('edata must be bytes')
else:
iv = edata[-16:]
edata = edata[:-16] # LAST 16 BYTES OF ENCRYPTED DATA IS IV !
aes_cbc = Decrypter(AESModeOfOperationCBC(self._scrypt_key, iv))
decrypted = aes_cbc.feed(edata)
decrypted += aes_cbc.feed()
try:
return strip_PKCS7_padding(decrypted)
except ValueError:
return decrypted # no padding
def aes_cbc_decrypt(key: bytes,
iv: bytes,
encrypted_data: bytes,
padding: str = "default") -> bytes:
"""Decrypts data encrypted in cipher block chaining mode of operation.
Args:
key: The AES key used at encryption.
iv: The initialization vector used at encryption.
encrypted_data: The encrypted data to decrypt.
padding: Can be ``default`` or ``none`` (Default: default)
Returns:
The decrypted data.
"""
decrypter = Decrypter(AESModeOfOperationCBC(key, iv), padding=padding)
decrypted = decrypter.feed(encrypted_data) + decrypter.feed()
return decrypted
def decrypt(self, enc):
"""
Decryption algorithm.
Decrypt raw message only if length > 2.
Padding is not working for lenght less than 2.
"""
try:
if enc and len(enc) > 2:
enc = base64.b64decode(enc)
if len(enc) % self._bs != 0:
enc = self._pad(enc)
cipher = Decrypter(AESModeOfOperationECB(self._key),
padding=PADDING_NONE)
decrypted = cipher.feed(enc) + cipher.feed()
return decrypted.decode("utf8").rstrip(chr(0))
return "{}"
except Exception as err:
raise EncryptionException(f"Unable to decrypt: {err}")
def decrypt(self, token, ttl=None):
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
try:
data = base64.urlsafe_b64decode(token)
except (TypeError, binascii.Error):
raise InvalidToken
# Doing data[0] results in a int bring returned, so we use data[0:1]
if not data or data[0:1] != b'\x80':
raise InvalidToken
try:
timestamp, = struct.unpack(">Q", data[1:9])
except struct.error:
raise InvalidToken
if ttl is not None:
if timestamp + ttl < current_time:
raise InvalidToken
if current_time + _MAX_CLOCK_SKEW < timestamp:
raise InvalidToken
hmactext = hmac.new(self._signing_key, b'', hashlib.sha256)
hmactext.update(data[:-32])
# if not hmac.compare_digest(hmactext.digest(), data[-32:]):
# raise InvalidToken
iv = data[9:25]
ciphertext = data[25:-32]
decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv))
try:
plaintext = decryptor.feed(ciphertext)
plaintext += decryptor.feed()
except ValueError:
raise InvalidToken
return plaintext
def decrypt(self, token, ttl=None):
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
try:
data = base64.urlsafe_b64decode(token)
except (TypeError, binascii.Error):
raise InvalidToken
if not data or data[0] != 0x80:
raise InvalidToken
try:
timestamp, = struct.unpack(">Q", data[1:9])
except struct.error:
raise InvalidToken
if ttl is not None:
if timestamp + ttl < current_time:
raise InvalidToken
if current_time + _MAX_CLOCK_SKEW < timestamp:
raise InvalidToken
h = HMAC.new(self._signing_key, digestmod='sha256')
h.update(data[:-32])
if not HMAC.compare_digest(h.digest(), data[-32:]):
raise InvalidToken
iv = data[9:25]
ciphertext = data[25:-32]
decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv))
try:
plaintext = decryptor.feed(ciphertext)
plaintext += decryptor.feed()
except ValueError:
raise InvalidToken
return plaintext
def decrypt(self, enc):
"""
Decryption algorithm.
Decrypt raw message only if length > 2.
Padding is not working for lenght less than 2.
"""
try:
if enc and len(enc) > 2:
enc = base64.b64decode(enc)
if len(enc) % self._bs != 0:
enc = self._pad(enc)
print("added padding by ourselves")
else:
print("padding already", len(enc) % self._bs)
print(enc)
cipher = Decrypter(AESModeOfOperationECB(self._key),
padding=PADDING_NONE)
decrypted = cipher.feed(enc) + cipher.feed()
print(decrypted)
return decrypted.decode("utf8").rstrip(chr(0))
return "{}"
except Exception as err:
pass
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes) -> str:
decrypter = Decrypter(AESModeOfOperationCBC(key, iv))
decrypted = decrypter.feed(encrypted_data) + decrypter.feed()
return decrypted.decode("utf-8")
def decrypt_data(key, data):
decrypter = Decrypter(AESModeOfOperationCBC(key, iv=data[:16]))
plain = decrypter.feed(data[16:])
plain += decrypter.feed()
return plain
def _decrypt(self, encrypted_message):
dec = Decrypter(AESModeOfOperationCBC(self.session_key))
message = dec.feed(b64decode(encrypted_message))
message += dec.feed()
return json.loads(message[2:].decode())
