def encrypt_with_cbc_mode(plain_text: bytes,
public_key: bytes) -> (bytes, bytes, bytes):
if not isinstance(public_key, bytes):
raise AlbumException(AlbumError.invalid_public_key)
if len(public_key) != 64:
raise AlbumException(AlbumError.invalid_public_key)
r = randint(1, SECP256k1.order)
g_tilde = r * SECP256k1.generator
h_tilde = r * VerifyingKey.from_string(string=public_key,
curve=SECP256k1).pubkey.point
str_g_tilde_x = number_to_string(g_tilde.x(), SECP256k1.order)
str_g_tilde_y = number_to_string(g_tilde.y(), SECP256k1.order)
encode_g_tilde = b''.join([b'\x04', str_g_tilde_x, str_g_tilde_y])
str_h_tilde_x = number_to_string(h_tilde.x(), SECP256k1.order)
seed = b''.join([encode_g_tilde, str_h_tilde_x])
aes_key = pbkdf2(seed, 32)
aes_iv, cipher_text = AESHandler.aes_cbc_encrypt(plain_text, aes_key)
return aes_iv, encode_g_tilde, cipher_text
def decrypt_with_cbc_mode(cipher_text: bytes, private_key: bytes,
iv: bytes, encode_g_tilde: bytes):
if not isinstance(private_key, bytes):
raise AlbumException(AlbumError.invalid_private_key)
if len(private_key) != 32:
raise AlbumException(AlbumError.invalid_private_key)
str_g_tilde_x = encode_g_tilde[1:33]
str_g_tilde_y = encode_g_tilde[33:65]
g_tilde_x = string_to_number(str_g_tilde_x)
g_tilde_y = string_to_number(str_g_tilde_y)
g_tilde = Point(SECP256k1.curve, g_tilde_x, g_tilde_y, SECP256k1.order)
h_tilde = g_tilde * SigningKey.from_string(
string=private_key, curve=SECP256k1).privkey.secret_multiplier
seed = b''.join(
[encode_g_tilde,
number_to_string(h_tilde.x(), SECP256k1.order)])
aes_key = pbkdf2(seed, 32)
plain_text = AESHandler.aes_cbc_decrypt(cipher_text, iv, aes_key)
return plain_text