def New():
"""
Constructs and returns a new _Session instance, containing a newly-generated
AES key and random nonce.
"""
return _Session.__Create(keys.AesKey.Generate(),
util.RandBytes(SESSION_NONCE_SIZE))
def Generate(size=keyinfo.HMAC_SHA1.default_size):
"""
Return a newly generated HMAC-SHA1 key.
@param size: length of key in bits to generate
@type size: integer
@return: an HMAC-SHA1 key
@rtype: L{HmacKey}
"""
key_bytes = util.RandBytes(size / 8)
key_string = util.Base64WSEncode(key_bytes)
return HmacKey(key_string, size)
def Generate(size=keyinfo.AES.default_size):
"""
Return a newly generated AES key.
@param size: length of key in bits to generate
@type size: integer
@return: an AES key
@rtype: L{AesKey}
"""
key_bytes = util.RandBytes(size / 8)
key_string = util.Base64WSEncode(key_bytes)
hmac_key = HmacKey.Generate() # use default HMAC-SHA1 key size
return AesKey(key_string, hmac_key, size)
def Encrypt(self, data):
"""
Return ciphertext byte string containing Header|IV|Ciph|Sig.
@param data: plaintext to be encrypted.
@type data: string
@return: raw byte string ciphertext formatted to have Header|IV|Ciph|Sig.
@rtype: string
"""
data = self.__Pad(data)
iv_bytes = util.RandBytes(self.block_size)
ciph_bytes = AES.new(self.key_bytes, AES.MODE_CBC, iv_bytes).encrypt(data)
msg_bytes = self.Header() + iv_bytes + ciph_bytes
sig_bytes = self.hmac_key.Sign(msg_bytes) # Sign bytes
return msg_bytes + sig_bytes
def __init__(self, key, output_stream):
"""
Constructor
@param key: Keyczar Key to perform the padding, verification, cipher
creation needed by this stream
@type key: Key
@param output_stream: stream for encrypted output
@type output_stream: 'file-like' object
"""
self.__key = key
self.__output_stream = output_stream
self.__data = ''
self.__closed = False
self.__hmac_stream = key.hmac_key.CreateStreamable()
iv_bytes = util.RandBytes(key.block_size)
self.__cipher = AES.new(key.key_bytes, AES.MODE_CBC, iv_bytes)
hdr = key.Header()
self.__hmac_stream.Update(hdr + iv_bytes)
self.__output_stream.write(hdr + iv_bytes)
def __Encode(self, msg, label=""):
if len(label) >= 2**61: # the input limit for SHA-1
raise errors.KeyczarError("OAEP parameter string too long.")
k = int(math.floor(math.log(self.key.n, 256)) + 1) # num bytes in n
if len(msg) > k - 2 * util.HLEN - 2:
raise errors.KeyczarError("Message too long to OAEP encode.")
label_hash = util.Hash(label)
pad_octets = (k - len(msg) - 2 * util.HLEN - 2) # Number of zeros to pad
if pad_octets < 0:
raise errors.KeyczarError("Message is too long: %d" % len(msg))
datablock = label_hash + ('\x00' * pad_octets) + '\x01' + msg
seed = util.RandBytes(util.HLEN)
# Steps 2e, f
datablock_mask = util.MGF(seed, k - util.HLEN - 1)
masked_datablock = util.Xor(datablock, datablock_mask)
# Steps 2g, h
seed_mask = util.MGF(masked_datablock, util.HLEN)
masked_seed = util.Xor(seed, seed_mask)
# Step 2i: Construct the encoded message
return '\x00' + masked_seed + masked_datablock
