def encrypt_oracle(data): """ 随机选择 CBC 模式或者 ECB 模式进行加密, 返回加密所使用的模式以及加密后的结果 :param data: 待加密明文, "plaintext" :return: 模式以及加密结果, ("CBC", b"cipher_text") """ size = 16 key = generate_random_bytes(size) encrypt_mode = random.choice([AES.MODE_CBC, AES.MODE_ECB]) # 随机选择一种加密模式 mode_dict = {AES.MODE_CBC: "CBC", AES.MODE_ECB: "ECB"} data = codecs.encode(data, "ascii") # 将 str 转成 bytes # 对数据进行随机化处理 data = generate_random_bytes(random.randint(5, 10)) + data + generate_random_bytes(random.randint(5, 10)) data = pad(data, size) # 填充操作 if encrypt_mode == AES.MODE_CBC: iv = generate_random_bytes(size) encrypt_tool = AES.new(key, AES.MODE_CBC, IV=iv) elif encrypt_mode == AES.MODE_ECB: encrypt_tool = AES.new(key, AES.MODE_ECB) else: raise RuntimeError("Encrypt_mode is wrong!") after_encrypt_data = encrypt_tool.encrypt(data) return mode_dict[encrypt_mode], after_encrypt_data
def test3(self): for keylen, taglen, result in self.tv3: key = bchr(0) * (keylen // 8 - 1) + bchr(taglen) C = b("") for i in range(128): S = bchr(0) * i N = long_to_bytes(3 * i + 1, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 2, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) C += cipher.encrypt(S) + cipher.encrypt() + cipher.digest() N = long_to_bytes(3 * i + 3, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(S) C += cipher.encrypt() + cipher.digest() N = long_to_bytes(385, 12) cipher = AES.new(key, AES.MODE_OCB, nonce=N, mac_len=taglen // 8) cipher.update(C) result2 = cipher.encrypt() + cipher.digest() self.assertEqual(unhexlify(b(result)), result2)
def WriteZipFile(filename): """ 保存所有kvdb数据,压缩成zip然后aes cbc加密 """ FileBuffer = io.BytesIO() datalist = FindKVDBKeys() if datalist: zfile = zipfile.ZipFile(FileBuffer,mode='w') for data in datalist: # bytedata = (data + "tttttttt").encode(encoding="utf-8") bytedata = kv.get(str(data)) if bytedata: # print(bytedata) zfile.writestr(str(data),bytedata) zfile.close() key = config.keyDataBackUp iv = Random.new().read(AES.block_size) cipher = AES.new(key, AES.MODE_ECB) CryptIV = cipher.encrypt(iv) cipher = AES.new(key, AES.MODE_CBC, iv) bytebuffer = FileBuffer.getvalue() lendata = 16 - len(bytebuffer)%16 bytebuffer = bytebuffer + chr(lendata)*lendata #print(bytebuffer) CryptData = CryptIV + cipher.encrypt(bytebuffer) bucket = Bucket('backup') # print(FileBuffer.getvalue()) bucket.put_object(filename,CryptData) FileBuffer.close()
def ReadZipFile(filename): """ 从storage中读取数据,还原到kvdb中 参数 filename 要还原数据的文件名 """ bucket = Bucket('backup') # print(filename) CryptData = bucket.get_object_contents(filename) # print(CryptData) # -FileBuffer.close() key = config.keyDataBackUp cipher = AES.new(key, AES.MODE_ECB) iv = cipher.decrypt(CryptData[:16]) # print(str(iv)) cipher = AES.new(key, AES.MODE_CBC, iv) bytebuffer = cipher.decrypt(CryptData[16:]) lendata = ord(bytebuffer[-1]) FileBuffer = io.BytesIO(bytebuffer[:-lendata]) zfile = zipfile.ZipFile(FileBuffer,mode='r') namelist = zfile.namelist() for name in namelist: bytedata = zfile.read(name) kv.set(name,bytedata.decode("utf-8")) return u"数据已还原"
def chunk_read(response, outfname, intitlekey, first_iv, chunk_size=0x200000, report_hook=None): fh = open(outfname,'wb') total_size = int(response.getheader('Content-Length')) total_size = int(total_size) bytes_so_far = 0 data = [] first_chunk_read = 0 while 1: if report_hook: report_hook(bytes_so_far, chunk_size, total_size) chunk = response.read(chunk_size) bytes_so_far += len(chunk) if not chunk: break # IV of first chunk should be the Content ID + 28 0s like with the entire file, but each subsequent chunk should be the last 16 bytes of the previous still ciphered chunk if first_chunk_read == 0: decryptor = AES.new(intitlekey, AES.MODE_CBC, unhexlify(first_iv)) first_chunk_read = 1 else: decryptor = AES.new(intitlekey, AES.MODE_CBC, prev_chunk[(0x200000 - 16):0x200000]) dec_chunk = decryptor.decrypt(chunk) prev_chunk = chunk fh.write(dec_chunk) fh.close()
def export_data(self, entrystore, password): "Exports data from an entrystore" # check and pad password if password is None: raise base.PasswordError password = util.pad_right(password[:32], 32, "\0") # generate XML data = RevelationXML.export_data(self, entrystore) # compress data, and right-pad with the repeated ascii # value of the pad length data = zlib.compress(data) padlen = 16 - (len(data) % 16) if padlen == 0: padlen = 16 data += chr(padlen) * padlen # generate an initial vector for the CBC encryption iv = util.random_string(16) # encrypt data AES.block_size = 16 AES.key_size = 32 data = AES.new(password, AES.MODE_CBC, iv).encrypt(data) # encrypt the iv, and prepend it to the data with a header data = self.__generate_header() + AES.new(password).encrypt(iv) + data return data
def test_unknown_parameters(self): self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CTR, 7, counter=self.ctr_128) self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CTR, counter=self.ctr_128, unknown=7) # But some are only known by the base cipher (e.g. use_aesni consumed by the AES module) AES.new(self.key_128, AES.MODE_CTR, counter=self.ctr_128, use_aesni=False)
def test_bytearray(self): data = b"1" * 16 iv = b"\x00" * 6 + b"\xFF\xFF" # Encrypt cipher1 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64, initial_value=iv) ref1 = cipher1.encrypt(data) cipher2 = AES.new(self.key_128, AES.MODE_CTR, nonce=bytearray(self.nonce_64), initial_value=bytearray(iv)) ref2 = cipher2.encrypt(bytearray(data)) self.assertEqual(ref1, ref2) self.assertEqual(cipher1.nonce, cipher2.nonce) # Decrypt cipher3 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64, initial_value=iv) ref3 = cipher3.decrypt(data) cipher4 = AES.new(self.key_128, AES.MODE_CTR, nonce=bytearray(self.nonce_64), initial_value=bytearray(iv)) ref4 = cipher4.decrypt(bytearray(data)) self.assertEqual(ref3, ref4)
def test_valid_init_verify(self): # Verify path INIT->VERIFY cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) mac = cipher.digest() cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.verify(mac)
def test_invalid_multiple_decrypt_and_verify(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) ct, tag = cipher.encrypt_and_digest(self.data_128) cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.decrypt_and_verify(ct, tag) self.assertRaises(TypeError, cipher.decrypt_and_verify, ct, tag)
def test_data_must_be_bytes(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.encrypt, 'test1234567890-*') cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.decrypt_and_verify, 'test1234567890-*', b("xxxx"))
def test_hex_mac(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) mac_hex = cipher.hexdigest() self.assertEqual(cipher.digest(), unhexlify(mac_hex)) cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.hexverify(mac_hex)
def decryptFile(self, content): from Crypto.Cipher import AES Key = binascii.unhexlify('8C35192D964DC3182C6F84F3252239EB4A320D2500000000') IV = binascii.unhexlify('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF') IV_Cipher = AES.new(Key, AES.MODE_ECB) IV = IV_Cipher.encrypt(IV) obj = AES.new(Key, AES.MODE_CFB, IV) data = content if re.search(r"<title>404 - Not Found</title>", data) is None: data = binascii.unhexlify(''.join(data.split())) data = data.split("\xda") links = [] for link in data: if link == '': continue link = base64.b64decode(link + "\xda") link = obj.decrypt(link) decryptedUrl = link.replace('CCF: ', '') links.append(decryptedUrl) self.log.debug("%s: adding rsdf-package with %d links" % (self.__name__, len(links))) return links
def decrypt_body(self, password, data): import time key = sha256(password).digest() hdr = self.header then = time.time() # sha256 the password, encrypt it upon itself 50000 times, sha256 it again, and sha256 it again concatenated with a random number :| cipher = AES.new(hdr['seed_key'], AES.MODE_ECB) for x in range(hdr['seed_rot_n']): key = cipher.encrypt(key) key = sha256(key).digest() key = sha256(hdr['seed_rand'] + key).digest() cipher = AES.new(key, AES.MODE_CBC, hdr['enc_iv']) body = cipher.decrypt(data) # remove some padding padding = unpack("b", body[-1])[0] body = body[:-padding] now = time.time() print 'spent %.3fms on decryption' % ((now - then) * 1000) if sha256(body).digest() != hdr['checksum']: raise KdbReaderDecodeFailError() return body
def test_aes_192(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'cdc80d6fddf18cab34c25909c99a4174' +\ 'fcc28b8d4c63837c09e81700c1100401' +\ '8d9a9aeac0f6596f559c6d4daf59a5f2' +\ '6d9f200857ca6c3e9cac524bd9acc92a' key = '8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def decrypt_username(encrypted_record,key,mode): """ This functions is used to decrypt usernames. """ # WE DECRYPT THE PASSWORD ACCORDING TO THE MODE IT WAS SAVED # WE RETURN USERNAME:PASSWORD # decrypted_pass[5:] IS USED TO RETURN THE PASSWORD ONLY (WITHOUT SALT) if mode == "1": mode = AES.MODE_ECB pair = encrypted_record.split(":") aes = AES.new(key, mode) decrypted_username = aes.decrypt(base64.b64decode(pair[0])) return decrypted_username elif mode =="2": mode = AES.MODE_CBC pair = encrypted_record.split(":") aes = AES.new(key, mode,base64.b64decode(pair[2])) decrypted_username = aes.decrypt(base64.b64decode(pair[0])) return decrypted_username elif mode =="3": mode = AES.MODE_CTR pair = encrypted_record.split(":") IV = base64.b64decode(pair[2]) ctr = Crypto.Util.Counter.new(128, initial_value=long(IV.encode("hex"), 16)) aes = Crypto.Cipher.AES.new(key, mode, counter=ctr) decrypted_username = aes.decrypt(base64.b64decode(pair[0])) return decrypted_username else: print ""
def test_aes_256(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = 'dc7e84bfda79164b7ecd8486985d3860' +\ '4febdc6740d20b3ac88f6ad82a4fb08d' +\ '71ab47a086e86eedf39d1c5bba97c408' +\ '0126141d67f37be8538f5a8be740e484' key = '603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def _get_cipher(self): """Return a Pycrypto AES cipher instance. `key`, `mode` and depending on mode `iv` must be set. """ if self.mode in (AES.MODE_ECB, AES.MODE_CTR): return AES.new(self.key, self.mode) return AES.new(self.key, self.mode, self.iv)
def decrypt(self, buff): """ Return a decrypted copy of the given PSP save file data. Arguments: buff -- Data read from an encrypted PSP save file """ xor_key = bytearray(buff[:16]) for i in range(16): xor_key[i] ^= self._cipher2[i] ^ self._key[i] aes = AES.new(self._cipher3, AES.MODE_CBC, b'\x00' * 16) xor_key = bytearray(aes.decrypt(bytes(xor_key))[:12]) for i in range(12): xor_key[i] ^= self._cipher1[i] xor_buff = bytearray() for i in range(1, len(buff) // 16): xor_buff.extend(xor_key) xor_buff.extend(array.array('I', [i]).tostring()) aes = AES.new(self._cipher4, AES.MODE_CBC, b'\x00' * 16) xor_buff = bytearray(aes.decrypt(bytes(xor_buff))) buff = bytearray(buff[16:]) for i in range(len(buff)): buff[i] ^= xor_buff[i] return bytes(buff)
def encrypt(username, password,key,mode): """ This functions is used to encrypt passwords. """ # WE CREATE RANDOM SALT FOR EACH PASSWORD salt_for_passwords = ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(5)) # WE LET THE USER SELECT THE MODE # FOR CBC AND CTR MODE WE CREATE IV # WE ADD SALT TO THE PASWORD AND ENCRYPT IT # WE SAVE USERNAME:PASSWORD:IV:[MODE NUMBER 1 FOR ECB, 2 FOR CBC, 3 FOR CTR] if mode == "1": mode = AES.MODE_ECB aes = AES.new(key, mode) encrypted_username = aes.encrypt(username+ "\0"*(32-len(username))) encrypted_pass = aes.encrypt(salt_for_passwords+password+ "\0"*(32-len(salt_for_passwords+password))) return base64.b64encode(encrypted_username)+":"+base64.b64encode(encrypted_pass)+ ":" +" "+":"+ "1" elif mode =="2": mode = AES.MODE_CBC IV = str(Crypto.Random.new().read(IV_SIZE)) aes = AES.new(key, mode, IV) encrypted_username = aes.encrypt(username+ "\0"*(32-len(username))) encrypted_pass = aes.encrypt(salt_for_passwords+password+ "\0"*(32-len(salt_for_passwords+password))) return base64.b64encode(encrypted_username)+":"+base64.b64encode(encrypted_pass)+":"+base64.b64encode(IV)+ ":" + "2" elif mode =="3": mode = AES.MODE_CTR IV = str(Crypto.Random.new().read(IV_SIZE)) ctr = Crypto.Util.Counter.new(128, initial_value=long(IV.encode("hex"), 16)) aes = Crypto.Cipher.AES.new(key, mode, counter=ctr) encrypted_username = aes.encrypt(username+ "\0"*(32-len(username))) encrypted_pass = aes.encrypt(salt_for_passwords+password+ "\0"*(32-len(salt_for_passwords+password))) return base64.b64encode(encrypted_username)+":"+base64.b64encode(encrypted_pass)+":"+base64.b64encode(IV)+ ":" + "3" else: print "ERROR: Invalid mode!"
def test_unknown_parameters(self): self.assertRaises(TypeError, AES.new, self.key_128, self.aes_mode, self.iv_128, 7) self.assertRaises(TypeError, AES.new, self.key_128, self.aes_mode, iv=self.iv_128, unknown=7) # But some are only known by the base cipher (e.g. use_aesni consumed by the AES module) AES.new(self.key_128, self.aes_mode, iv=self.iv_128, use_aesni=False)
def test_aes_192_cfb128(self): plaintext = ( "6bc1bee22e409f96e93d7e117393172a" + "ae2d8a571e03ac9c9eb76fac45af8e51" + "30c81c46a35ce411e5fbc1191a0a52ef" + "f69f2445df4f9b17ad2b417be66c3710" ) ciphertext = ( "cdc80d6fddf18cab34c25909c99a4174" + "67ce7f7f81173621961a2b70171d3d7a" + "2e1e8a1dd59b88b1c8e60fed1efac4c9" + "c05f9f9ca9834fa042ae8fba584b09ff" ) key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b" iv = "000102030405060708090a0b0c0d0e0f" key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def AESDecrypt(filename, key, output): def getlocation(): html = urllib.urlopen("http://geoiptool.com").read() lat = float(re.search(r"lat: [0-9]*\.[0-9]*", html).group()[5:]) lng = float(re.search(r"lng: [0-9]*\.[0-9]*", html).group()[5:]) return lat, lng f = open(filename, "r") cip = f.read().split("\n") eLat = cip[0] eLon = cip[1] f.close() obj1 = AES.new("This is coordina", AES.MODE_CFB, "Luckyson Khaidem") latitude = float(obj1.decrypt(eLat)) longitude = float(obj1.decrypt(eLon)) try: lat, lng = getlocation() except: return -1 if abs(latitude - lat) >= 0.9999 or abs(longitude - lng) >= 0.9999: print "Cannot Decrypt. Location Invalid." return -2 ciphertext = cip[2] for i in range(3, len(cip)): ciphertext = ciphertext + "\n" + cip[i] o = open(output, "w") obj = AES.new(key, AES.MODE_CFB, "Luckyson Khaidem") message = obj.decrypt(ciphertext) o.write(message) o.close()
def test_aes_128_cfb128(self): plaintext = ( "6bc1bee22e409f96e93d7e117393172a" + "ae2d8a571e03ac9c9eb76fac45af8e51" + "30c81c46a35ce411e5fbc1191a0a52ef" + "f69f2445df4f9b17ad2b417be66c3710" ) ciphertext = ( "3b3fd92eb72dad20333449f8e83cfb4a" + "c8a64537a0b3a93fcde3cdad9f1ce58b" + "26751f67a3cbb140b1808cf187a4f4df" + "c04b05357c5d1c0eeac4c66f9ff7f2e6" ) key = "2b7e151628aed2a6abf7158809cf4f3c" iv = "000102030405060708090a0b0c0d0e0f" key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def test_aes_encryption(): secret = {"secret": "This is a secret!"} secret_data = json.dumps(secret) aes_key = "This is a key123" # 128bit key # Generate initialization vector for AES iv = Random.new().read(AES.block_size) assert len(iv) == AES.block_size # Initialize AES cipher cipher = AES.new(aes_key, AES.MODE_CFB, iv) # Prepare a packed string containing IV + crypto text packed = iv + cipher.encrypt(secret_data.encode("utf-8")) del iv, cipher # ---------- time to get the message back! ---------- iv = packed[: AES.block_size] msg = packed[AES.block_size :] cypher = AES.new(aes_key, AES.MODE_CFB, iv) decrypted = cypher.decrypt(msg) assert decrypted == secret_data loaded = json.loads(decrypted) assert loaded == secret
def decipher(ciphermsg, keytext, mode): hexIv=ciphermsg[:32] iv=hexIv.decode('hex') realCiphermsg=ciphermsg[32:].decode('hex') key=keytext.decode('hex') if mode==AES.MODE_CBC: aesObj=AES.new(key, mode, iv) elif mode==AES.MODE_CTR: first_value=int(hexIv, base=16) ctrObj=Counter.new(128,initial_value=first_value) aesObj=AES.new(key, mode, counter=ctrObj) else: print 'Invalid encryption mode specified!' os.exit(1) plainmsg=aesObj.decrypt(realCiphermsg) if mode==AES.MODE_CBC: # CBC padding handling lastValue=ord(plainmsg[-1]) if lastValue >=1 or lastValue <=16: #PKCS5 padding scheme paddingLength=lastValue plainmsg=plainmsg[:-paddingLength] print 'Msg deciphered: ' + plainmsg
def test_aes_256_cfb128(self): plaintext = ( "6bc1bee22e409f96e93d7e117393172a" + "ae2d8a571e03ac9c9eb76fac45af8e51" + "30c81c46a35ce411e5fbc1191a0a52ef" + "f69f2445df4f9b17ad2b417be66c3710" ) ciphertext = ( "dc7e84bfda79164b7ecd8486985d3860" + "39ffed143b28b1c832113c6331e5407b" + "df10132415e54b92a13ed0a8267ae2f9" + "75a385741ab9cef82031623d55b1e471" ) key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4" iv = "000102030405060708090a0b0c0d0e0f" key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_CFB, iv, segment_size=128) self.assertEqual(cipher.decrypt(ciphertext), plaintext)
def decrypt(self, pyfile): from Crypto.Cipher import AES infile = pyfile.url.replace("\n", "") Key = binascii.unhexlify('8C35192D964DC3182C6F84F3252239EB4A320D2500000000') IV = binascii.unhexlify('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF') IV_Cipher = AES.new(Key, AES.MODE_ECB) IV = IV_Cipher.encrypt(IV) obj = AES.new(Key, AES.MODE_CFB, IV) rsdf = open(infile, 'r') data = rsdf.read() rsdf.close() if re.search(r"<title>404 - Not Found</title>", data) is None: data = binascii.unhexlify(''.join(data.split())) data = data.splitlines() links = [] for link in data: link = base64.b64decode(link) link = obj.decrypt(link) decryptedUrl = link.replace('CCF: ', '') links.append(decryptedUrl) self.log.debug("%s: adding package %s with %d links" % (self.__name__,pyfile.package().name,len(links))) self.packages.append((pyfile.package().name, links))
def test_aes_128(self): plaintext = '6bc1bee22e409f96e93d7e117393172a' +\ 'ae2d8a571e03ac9c9eb76fac45af8e51' +\ '30c81c46a35ce411e5fbc1191a0a52ef' +\ 'f69f2445df4f9b17ad2b417be66c3710' ciphertext = '3b3fd92eb72dad20333449f8e83cfb4a' +\ '7789508d16918f03f53c52dac54ed825' +\ '9740051e9c5fecf64344f7a82260edcc' +\ '304c6528f659c77866a510d9c1d6ae5e' key = '2b7e151628aed2a6abf7158809cf4f3c' iv = '000102030405060708090a0b0c0d0e0f' key = unhexlify(key) iv = unhexlify(iv) plaintext = unhexlify(plaintext) ciphertext = unhexlify(ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext), ciphertext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext), plaintext) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.encrypt(plaintext[:-8]), ciphertext[:-8]) cipher = AES.new(key, AES.MODE_OFB, iv) self.assertEqual(cipher.decrypt(ciphertext[:-8]), plaintext[:-8])
def AES_128_ECB_decrypt(data, key, unpad = False): cipher = AES.new(key, AES.MODE_ECB) decr = cipher.decrypt(data) if unpad: decr = pkcs_7_unpad(decr) return decr
def test_nonce_attribute(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertEqual(cipher.nonce, self.nonce_96) # By default, no nonce is randomly generated self.failIf(hasattr(AES.new(self.key_256, AES.MODE_SIV), "nonce"))
def _encrypt(self, message): aes = AES.new(self._KEY, AES.MODE_ECB) return aes.encrypt(message)
def test_block_size_128(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertEqual(cipher.block_size, AES.block_size)
def test_invalid_multiple_encrypt_and_digest(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) ct, tag = cipher.encrypt_and_digest(self.data_128) self.assertRaises(TypeError, cipher.encrypt_and_digest, b'')
def test_valid_init_digest(self): # Verify path INIT->DIGEST cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) cipher.digest()
def test_invalid_init_decrypt(self): # Path INIT->DECRYPT fails cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) self.assertRaises(TypeError, cipher.decrypt, b"xxx")
def test_mac_len(self): cipher = AES.new(self.key_256, AES.MODE_SIV, nonce=self.nonce_96) _, mac = cipher.encrypt_and_digest(self.data_128) self.assertEqual(len(mac), 16)
def encrypt(plaintext, key, mode): encobj = AES.new(key, mode) return (encobj.encrypt(plaintext))
def decrypt(ciphertext, key, mode): encobj = AES.new(key, mode) return (encobj.decrypt(ciphertext))
def enc(self, plain_text): plain_text = self.append_space_padding(plain_text) des = AES.new(self.key, AES.MODE_ECB) return des.encrypt(plain_text.encode('utf-8'))
def dec(self, cipher_text): des = AES.new(self.key, AES.MODE_ECB) return self.remove_space_padding( des.decrypt(cipher_text).decode('utf-8'))
def loginretrieve(num, i, masterpwd, subGUI=None, mode=0): """ Decodes the password and stores it in the global variable user and passwd """ global user, passwd, flag j = 1 os.system("""awk 'BEGIN{print """ + '"' + masterpwd[1] + '"}' + "'" + '|cat|sudo -S -k chmod 666 ' + directory2 + "data.txt") file = open(directory + "data.txt", "r") for line in file: if (j == num): data = line count = (line.count(" ") + 1) // 2 j += 1 file.close() os.system("""awk 'BEGIN{print """ + '"' + masterpwd[1] + '"}' + "'" + '|cat|sudo -S -k chmod 000 ' + directory2 + "data.txt") data = data.rstrip("\n") if (data == "user pass"): return "Data not set" if (count > 1): start = 0 end = data.find(" ") end = data.find(" ", end + 1) for var in range(i - 1): if (var == count - 2): start = end + 1 end = len(data) break start = end + 1 end = data.find(" ", start) end = data.find(" ", end + 1) data = data[start:end] space = data.find(" ") user = data[:space] passwd = data[space + 1:] aes = AES.new(pad(masterpwd[0])) user = aes.decrypt(base64.b64decode(user.encode())) user = user.decode("utf-8") user = user.rstrip("{") passwd = aes.decrypt(base64.b64decode(passwd.encode())) passwd = passwd.decode("utf-8") passwd = passwd.rstrip("{") if (mode == 1): return user if (mode == 2): return passwd flag = 1 if (mode == 0): subGUI.destroy() if (num == 1): facebook(masterpwd) elif (num == 2): twitter(masterpwd) elif (num == 3): backpack(masterpwd) elif (num == 4): instagram(masterpwd) elif (num == 5): gmail(masterpwd) elif (num == 7): drive(masterpwd) elif (num == 8): youtube(masterpwd)
def data_received(self, data): self.data = data self.deserializer.update(data) for pkt in self.deserializer.nextPackets(): if self.status == 0: self.PacketList.append(pkt) if isinstance(pkt, PlsHello): self.ClientCert = pkt.Certs if self.ChainVerifyer(self.ClientCert): print("Server: Hellopacket receive!") self.ClientNonce = pkt.Nonce self.ClientCertificate = self.ClientCert[0].decode() self.tmpPublickey = OpenSSL.crypto.load_certificate( OpenSSL.crypto.FILETYPE_PEM, self.ClientCertificate).get_pubkey() self.publickeystring = OpenSSL.crypto.dump_publickey( OpenSSL.crypto.FILETYPE_PEM, self.tmpPublickey).decode() self.clientPublicKey = RSA.importKey( self.publickeystring) HelloPacket = PlsHello() HelloPacket.Nonce = self.ServerNonce HelloPacket.Certs = self.ServerCert self.transport.write(HelloPacket.__serialize__()) self.PacketList.append(HelloPacket) else: print("Server: Authentication ERROR!") #print(self.ClientCertificate) if isinstance(pkt, PlsKeyExchange): print("Server: PlsKeyExchange receive!") self.PacketList.append(pkt) self.ClientPrekey = PKCS1OAEP_Cipher( self.privateKey, None, None, None).decrypt(pkt.PreKey) KeyExchangePacket = PlsKeyExchange() self.ServerPrekey = os.urandom(16) Encrypter = PKCS1OAEP_Cipher(self.clientPublicKey, None, None, None) cipher = Encrypter.encrypt(self.ServerPrekey) KeyExchangePacket.PreKey = cipher KeyExchangePacket.NoncePlusOne = self.ClientNonce + 1 self.transport.write(KeyExchangePacket.__serialize__()) print("Server: KeyExchange sent!") self.PacketList.append(KeyExchangePacket) if isinstance(pkt, PlsHandshakeDone): print("Server: PlsHandshakeDone receive!") self.validation = b'' for packet in self.PacketList: pktdata = packet.__serialize__() self.validation = self.validation + pktdata self.hashvalidation = hashlib.sha1( self.validation).hexdigest() HandshakeDonePacket = PlsHandshakeDone() HandshakeDonePacket.ValidationHash = self.hashvalidation.encode( ) self.transport.write(HandshakeDonePacket.__serialize__()) self.CalHash() self.encrt = Counter.new(128, initial_value=int( hexlify(self.IVs), 16)) self.aesEncrypter = AES.new(self.EKs, counter=self.encrt, mode=AES.MODE_CTR) self.decrt = Counter.new(128, initial_value=int( hexlify(self.IVc), 16)) self.aesDecrypter = AES.new(self.EKc, counter=self.decrt, mode=AES.MODE_CTR) self.higherProtocol().connection_made(self.higherTransport) self.status = 1 if isinstance(pkt, PlsClose): self.connection_lost("Error raised!") if self.status == 1: if isinstance(pkt, PlsData): if pkt.Mac == self.VerificationEngine(pkt.Ciphertext): higherData = self.decryptEngine(pkt.Ciphertext) self.higherProtocol().data_received(higherData)
def _download_file(self, file_handle, file_key, dest_path=None, dest_filename=None, is_public=False, file=None): if file is None: if is_public: file_key = base64_to_a32(file_key) file_data = self._api_request({ 'a': 'g', 'g': 1, 'p': file_handle }) else: file_data = self._api_request({ 'a': 'g', 'g': 1, 'n': file_handle }) k = (file_key[0] ^ file_key[4], file_key[1] ^ file_key[5], file_key[2] ^ file_key[6], file_key[3] ^ file_key[7]) iv = file_key[4:6] + (0, 0) meta_mac = file_key[6:8] else: file_data = self._api_request({'a': 'g', 'g': 1, 'n': file['h']}) k = file['k'] iv = file['iv'] meta_mac = file['meta_mac'] # Seems to happens sometime... When this occurs, files are # inaccessible also in the official also in the official web app. # Strangely, files can come back later. if 'g' not in file_data: raise RequestError('File not accessible anymore') file_url = file_data['g'] file_size = file_data['s'] attribs = base64_url_decode(file_data['at']) attribs = decrypt_attr(attribs, k) if dest_filename is not None: file_name = dest_filename else: file_name = attribs['n'] input_file = requests.get(file_url, stream=True).raw if dest_path is None: dest_path = '' else: dest_path += '/' with tempfile.NamedTemporaryFile(mode='w+b', prefix='megapy_', delete=False) as temp_output_file: k_str = a32_to_str(k) counter = Counter.new(128, initial_value=((iv[0] << 32) + iv[1]) << 64) aes = AES.new(k_str, AES.MODE_CTR, counter=counter) mac_str = '\0' * 16 mac_encryptor = AES.new(k_str, AES.MODE_CBC, mac_str.encode("utf8")) iv_str = a32_to_str([iv[0], iv[1], iv[0], iv[1]]) for chunk_start, chunk_size in get_chunks(file_size): chunk = input_file.read(chunk_size) chunk = aes.decrypt(chunk) temp_output_file.write(chunk) encryptor = AES.new(k_str, AES.MODE_CBC, iv_str) for i in range(0, len(chunk) - 16, 16): block = chunk[i:i + 16] encryptor.encrypt(block) # fix for files under 16 bytes failing if file_size > 16: i += 16 else: i = 0 block = chunk[i:i + 16] if len(block) % 16: block += b'\0' * (16 - (len(block) % 16)) mac_str = mac_encryptor.encrypt(encryptor.encrypt(block)) file_info = os.stat(temp_output_file.name) logger.info('%s of %s downloaded', file_info.st_size, file_size) file_mac = str_to_a32(mac_str) # check mac integrity if (file_mac[0] ^ file_mac[1], file_mac[2] ^ file_mac[3]) != meta_mac: raise ValueError('Mismatched mac') output_path = Path(dest_path + file_name) shutil.copy(temp_output_file.name, output_path) return output_path
numstr += chr(tmp & 0xFF) tmp >>= 8 return numstr[::-1] with open(sys.argv[1], "rb") as sectorFile: secretSector = sectorFile.read(0x200) with open(sys.argv[2], "rb") as otpFile: hash = SHA256.new() otpData = otpFile.read(0x90) hash.update(otpData) keyX = ''.join(hash.hexdigest()[0:32]) keyY = ''.join(hash.hexdigest()[32:64]) normalKey = rol((rol(int(keyX, 16), 2, 128) ^ int(keyY, 16)) + 0x1FF9E9AAC5FE0408024591DC5D52768A, 87, 128) print normalKey ecbmode = AES.new(to_bytes(normalKey), AES.MODE_ECB) with open(sys.argv[3], "wb") as outFile: for x in xrange(0, 0x20): outFile.seek(x * 0x10) if x == 1: outFile.write( ecbmode.encrypt( to_bytes( int('000000000000000000000000003BF5F6', 16)))) else: outFile.write( ecbmode.encrypt(secretSector[x * 0x10:(x + 1) * 0x10]))
scoreboard_host = os.environ.get('SCOREBOARD', '127.0.0.1') bind_host = os.environ.get('HOST', '127.0.0.1') MAX_HIST = 3000 MAX_SIZE = 1024 FAILED_SCORE = 9999 score, history = 0, [] # round, key, flag, correct = 0, None, None, False round, key, flag, correct = 0, b'0' * 16, b'0' * 32, False flag = flags[round] key = os.urandom(16) flag = pad(flag) iv = os.urandom(16) cipher = AES.new(key, AES.MODE_CBC, iv) flag = iv + cipher.encrypt(flag) routes = web.RouteTableDef() def check_flag(): if round < 0: raise web.HTTPPreconditionFailed() if flag is None or key is None: raise web.HTTPServiceUnavailable() @routes.get('/admin/next_round') async def _(req): global round, key, flag, correct, history, score
def AES_128_ECB_encrypt(data, key, pad = False): cipher = AES.new(key, AES.MODE_ECB) if pad: data = pkcs_7_pad(data) return cipher.encrypt(data)
def encrypt(msg, key): key = base64.b64decode(key) cbc_cipher = AES.new(key, AES.MODE_CBC, IV=iv) cipher_text = iv + cbc_cipher.encrypt(pad(msg)) return base64.b64encode(cipher_text)
#!/usr/bin/env python3 # -*- coding: utf-8 -*- __Auther__ = 'M4x' import base64 import codecs from Crypto.Cipher import AES c = AES.new(b'Hello, World...!') print(codecs.encode(c.decrypt(b"Good Plain Text!"), "hex_codec"))
def decrypt(encrypted, passphrase): passphrase = trans(passphrase) encrypted = base64.b64decode(encrypted) IV = encrypted[:BLOCK_SIZE] aes = AES.new(passphrase, AES.MODE_CFB, IV) return aes.decrypt(encrypted[BLOCK_SIZE:])
def decrypt(msg, key): key = base64.b64decode(key) cipher_text = base64.b64decode(msg) cbc_decipher = AES.new(key, AES.MODE_CBC, IV=cipher_text[:length]) decrypt_text = cbc_decipher.decrypt(cipher_text[16:]) return unpad(decrypt_text)
def decrypt(self, ciphertext): aes = AES.new(self.__key, AES.MODE_CBC, self.__iv_string) plaintext = aes.decrypt(ciphertext) return plaintext
HOST = socket.gethostbyname(socket.gethostname()) PORT = 2001 MESSAGE = "Nice to see you" count = 0 # Connect to TCP/IP Socket server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_socket.bind((HOST, PORT)) server_socket.settimeout(10) server_socket.listen(1) KEY = 'Name is ganudeep' IV = 'Find python job.' aes_set = AES.new(KEY, AES.MODE_CBC, IV) PADDING = '{' padded_text = MESSAGE + ((16-len(MESSAGE) % 16) * PADDING) while True: print() try: print(dt.datetime.now(),': waiting for connection ...', server_socket.getsockname()) conn, address = server_socket.accept() print(dt.datetime.now(),': connection established from.....', conn.getpeername()) except: print('connection timeout.') break
def dec_mes(src, msg): # Get the session size from ssdetils ssdetails = NET_PATH + '/' + 'ssdetails.pem' df = open(ssdetails, 'rt') line1 = df.readline() size = int(df.readline()[len("size: "):]) # Read the session key file sessionkeyfile = NET_PATH + '/' + src + '/' + 'sskey.pem' with open(sessionkeyfile, 'rb') as rf: key = rf.read() # Get the receive sequence from sqnfile sqnfile = NET_PATH + '/' + src + '/' + 'sqn.txt' with open(sqnfile, 'rt') as tf: sndsqnline = tf.readline() rcvsqn = list(tf.readline()[len("rcvsqn: "):len("rcvsqn: ") + size]) # print(rcvsqn) # Read the members size to get the index of cur src ssmem = NET_PATH + '/' + 'ssmem.pem' mf = open(ssmem, 'rt') mem = list(mf.readline()[len("members: "):len("members: ") + int(size)]) # Parse the message msg header = msg[0:(13 + 2 * size)] authtag = msg[-12:] encrypted_payload = msg[(13 + 2 * size):-12] header_type = header[0:1] header_version = header[1:3] header_length = header[3:5] header_sqn = header[5:5 + 2 * size] header_rnd = header[5 + 2 * size:12 + 2 * size] sender_id = header[12 + 2 * size:13 + 2 * size].decode() # # Check the msg length # if len(msg) != int.from_bytes(header_length, byteorder='big'): # print("Warning: Message length value in header is wrong!") # Check the sequence number sndsqn = [ int.from_bytes(header_sqn[i:i + 2], byteorder='big') for i in range(0, len(header_sqn), 2) ] snd = int(sndsqn[mem.index(sender_id)]) rcv = int(rcvsqn[mem.index(sender_id)]) # print(str(snd) + " " + str(rcv)) if (snd <= rcv): print("Error: Message sequence number is too old!") print("Processing completed.") sys.exit(1) # Verify and decrypt the encrypted payload nonce = header_sqn + header_rnd AE = AES.new(key, AES.MODE_GCM, nonce=nonce, mac_len=12) AE.update(header) try: payload = AE.decrypt_and_verify(encrypted_payload, authtag) except Exception as e: print("Error: Operation failed!") print("Processing completed.") sys.exit(1) # Update increase rcvsqn count = 0 for s in rcvsqn: if count == mem.index(sender_id): s = str(int(s) + 1) rcvsqn[mem.index(sender_id)] = s # print("in here") # print(str(rcvsqn[mem.index(sender_id)])) count += 1 sqn = "" # Rewrite the sqnfile with updated rcvsqn sf = open(sqnfile, 'wt') sqn += sndsqnline sqn += "rcvsqn: " + ''.join(rcvsqn) sf.write(sqn) print(payload.decode()) return payload.decode()
def encrypt(message, passphrase): passphrase = trans(passphrase) IV = Random.new().read(BLOCK_SIZE) aes = AES.new(passphrase, AES.MODE_CFB, IV) return base64.b64encode(IV + aes.encrypt(message))
def encrypt(plaintext, key): aes = AES.new(key, AES.MODE_ECB) return aes.encrypt(plaintext)
def enc_mes(src, msg): # Get the session size from ssdetails ssdetails = NET_PATH + '/' + 'ssdetails.pem' df = open(ssdetails, 'rt') line1 = df.readline() size = df.readline()[len("size: "):] # Read the members size to get the index of cur src ssmem = NET_PATH + '/' + 'ssmem.pem' mf = open(ssmem, 'rt') mem = list(mf.readline()[len("members: "):len("members: ") + int(size)]) # Get the sesion key from sskey sessionkeyfile = NET_PATH + '/' + src + '/' + 'sskey.pem' with open(sessionkeyfile, 'rb') as sf: key = sf.read() # Get the send and receive sqn from sqnfile sqnfile = NET_PATH + '/' + src + '/' + 'sqn.txt' with open(sqnfile, 'rt') as tf: sndsqn = list(tf.readline()[len("sdnsqn: "):len("sdnsqn: ") + int(size)]) rcvsqn = tf.readline() # Compute payload_length and set authtag_length payload_length = len(msg) authtag_length = 12 # Compute message length # header: 12 + 2*size bytes # type: 1 btye # version: 2 bytes # length: 2 btyes # sqn: 2 bytes * size # rnd: 7 bytes # sender: 1 byte # payload: payload_length # authtag: authtag_length msg_length = 13 + 2 * int(size) + payload_length + authtag_length msg = msg.encode('utf-8') # create header header_type = b'\x03' # message type 1 header_version = b'\x01\x02' # protocol version 1.2 header_length = msg_length.to_bytes( 2, byteorder='big') # message length (encoded on 2 bytes) sender_id = src.encode() s = sndsqn[mem.index(src)] header_sqn = b'' sndsqn[mem.index(src)] = str(int(s) + 1) for s in sndsqn: header_sqn += int(s).to_bytes(2, byteorder='big') header_rnd = Random.get_random_bytes(7) # 7-byte long random value header = header_type + header_version + header_length + header_sqn + header_rnd + sender_id # Encode msg nonce = header_sqn + header_rnd AE = AES.new(key, AES.MODE_GCM, nonce=nonce, mac_len=authtag_length) AE.update(header) encrypted_payload, authtag = AE.encrypt_and_digest(msg) enc_content = header + encrypted_payload + authtag # Rewrite the sqnfile with updated sdnsqn sf = open(sqnfile, 'wt') sndsqn = ''.join(sndsqn) sqn = "sndsqn: " + sndsqn + '\n' sqn += rcvsqn sf.write(sqn) return enc_content
def decrypt_value(cipher_text): dec_secret = AES.new(MASTER_KEY[:32], AES.MODE_ECB) raw_decrypted = dec_secret.decrypt(base64.b64decode(cipher_text)) # After you decrypt, strip the null characters: clear_text = raw_decrypted.rstrip("\0") return clear_text
def upload(self, filename, dest=None, dest_filename=None): # determine storage node if dest is None: # if none set, upload to cloud drive node if not hasattr(self, 'root_id'): self.get_files() dest = self.root_id # request upload url, call 'u' method with open(filename, 'rb') as input_file: file_size = os.path.getsize(filename) ul_url = self._api_request({'a': 'u', 's': file_size})['p'] # generate random aes key (128) for file ul_key = [random.randint(0, 0xFFFFFFFF) for _ in range(6)] k_str = a32_to_str(ul_key[:4]) count = Counter.new( 128, initial_value=((ul_key[4] << 32) + ul_key[5]) << 64) aes = AES.new(k_str, AES.MODE_CTR, counter=count) upload_progress = 0 completion_file_handle = None mac_str = '\0' * 16 mac_encryptor = AES.new(k_str, AES.MODE_CBC, mac_str.encode("utf8")) iv_str = a32_to_str([ul_key[4], ul_key[5], ul_key[4], ul_key[5]]) if file_size > 0: for chunk_start, chunk_size in get_chunks(file_size): chunk = input_file.read(chunk_size) upload_progress += len(chunk) encryptor = AES.new(k_str, AES.MODE_CBC, iv_str) for i in range(0, len(chunk) - 16, 16): block = chunk[i:i + 16] encryptor.encrypt(block) # fix for files under 16 bytes failing if file_size > 16: i += 16 else: i = 0 block = chunk[i:i + 16] if len(block) % 16: block += makebyte('\0' * (16 - len(block) % 16)) mac_str = mac_encryptor.encrypt(encryptor.encrypt(block)) # encrypt file and upload chunk = aes.encrypt(chunk) output_file = requests.post(ul_url + "/" + str(chunk_start), data=chunk, timeout=self.timeout) completion_file_handle = output_file.text logger.info('%s of %s uploaded', upload_progress, file_size) else: output_file = requests.post(ul_url + "/0", data='', timeout=self.timeout) completion_file_handle = output_file.text logger.info('Chunks uploaded') logger.info('Setting attributes to complete upload') logger.info('Computing attributes') file_mac = str_to_a32(mac_str) # determine meta mac meta_mac = (file_mac[0] ^ file_mac[1], file_mac[2] ^ file_mac[3]) dest_filename = dest_filename or os.path.basename(filename) attribs = {'n': dest_filename} encrypt_attribs = base64_url_encode( encrypt_attr(attribs, ul_key[:4])) key = [ ul_key[0] ^ ul_key[4], ul_key[1] ^ ul_key[5], ul_key[2] ^ meta_mac[0], ul_key[3] ^ meta_mac[1], ul_key[4], ul_key[5], meta_mac[0], meta_mac[1] ] encrypted_key = a32_to_base64(encrypt_key(key, self.master_key)) logger.info('Sending request to update attributes') # update attributes data = self._api_request({ 'a': 'p', 't': dest, 'i': self.request_id, 'n': [{ 'h': completion_file_handle, 't': 0, 'a': encrypt_attribs, 'k': encrypted_key }] }) logger.info('Upload complete') return data
def test_nonce_parameter(self): # Nonce parameter becomes nonce attribute cipher1 = AES.new(self.key_128, AES.MODE_CTR, nonce=self.nonce_64) self.assertEqual(cipher1.nonce, self.nonce_64) counter = Counter.new(64, prefix=self.nonce_64, initial_value=0) cipher2 = AES.new(self.key_128, AES.MODE_CTR, counter=counter) self.assertEqual(cipher1.nonce, cipher2.nonce) pt = get_tag_random("plaintext", 65536) self.assertEqual(cipher1.encrypt(pt), cipher2.encrypt(pt)) # Nonce is implicitly created (for AES) when no parameters are passed nonce1 = AES.new(self.key_128, AES.MODE_CTR).nonce nonce2 = AES.new(self.key_128, AES.MODE_CTR).nonce self.assertNotEqual(nonce1, nonce2) self.assertEqual(len(nonce1), 8) # Nonce can be zero-length cipher = AES.new(self.key_128, AES.MODE_CTR, nonce=b"") self.assertEqual(b"", cipher.nonce) cipher.encrypt(b'0'*300) # Nonce and Counter are mutually exclusive self.assertRaises(TypeError, AES.new, self.key_128, AES.MODE_CTR, counter=self.ctr_128, nonce=self.nonce_64)