def MyRSAdecrypt(RSACipher, C, IV, ext, RSA_Privatekey_filepath):
key = private_key.decrypt( #uses private key to decrypt key used for message
RSACipher,
OAEP(mgf=uno(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
Decryptor(IV, key, ext) #decrypt the message using decrypted key
def wrap_key(self, key, algorithm='RSA'):
if algorithm == 'RSA':
return self.public_key.encrypt(
key,
OAEP(mgf=MGF1(algorithm=SHA1()), algorithm=SHA1(), label=None))
raise ValueError(_ERROR_UNKNOWN_KEY_WRAP_ALGORITHM)
def encrypt_bytes(data, keyfile):
"""
Encrypt data using envelope encryption.
"""
padder = padding.PKCS7(128).padder()
padded_data = padder.update(data)
padded_data += padder.finalize()
iv = os.urandom(16)
symkey = os.urandom(16)
pubkey = load_public_key(keyfile)
if not pubkey:
print("Public Key Not Found.")
return
cipher = Cipher(algorithms.AES(symkey),
modes.CBC(iv),
backend=default_backend())
encryptor = cipher.encryptor()
ciphertext = encryptor.update(padded_data)
encryptor.finalize()
cryptkey = pubkey.encrypt(
symkey,
OAEP(mgf=asym_padding.MGF1(algorithm=SHA256()),
algorithm=SHA256(),
label=None))
safecipher = base64.b64encode(ciphertext)
safekey = base64.b64encode(cryptkey)
safeiv = base64.b64encode(iv)
package = {
"key": safekey.decode('ascii'),
"iv": safeiv.decode('ascii'),
"cipher": safecipher.decode('ascii')
}
return package
def encrypt(self, raw):
return base64.b64encode(
self.public_key.encrypt(
raw,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None)))
def encrypt_request(self, serialized_request):
padder = self.session_key_padding.padder()
serialized_request_padded = padder.update(serialized_request) + padder.finalize()
encryptor = self.session_key_cipher.encryptor()
serialized_request_ciphertext = encryptor.update(serialized_request_padded) + encryptor.finalize()
hasher = Hash(self.digest_algorithm)
hasher.update(serialized_request)
serialized_request_digest = hasher.finalize()
session_key_ciphertext = self.c2_public_key.encrypt(
self.session_key,
OAEP(MGF1(self.digest_algorithm), self.digest_algorithm, None),
)
session_key_ciphertext_size = self.c2_public_key.key_size // 8
serialized_request_digest_size = self.digest_algorithm.digest_size
serialized_request_ciphertext_size = len(serialized_request_ciphertext)
encrypted_request = struct.pack(
'<%ds%ds%ds' % (
session_key_ciphertext_size,
serialized_request_digest_size,
serialized_request_ciphertext_size
),
session_key_ciphertext,
serialized_request_digest,
serialized_request_ciphertext,
)
return encrypted_request
def decrypt_bytes(package, keyfile):
"""
decrypt data using envelope encryption.
"""
#unpack the dictionary
safekey = package["key"].encode('ascii')
safeiv = package["iv"].encode('ascii')
safecipher = package["cipher"].encode('ascii')
#decode the base64 encoded values
ciphertext = base64.b64decode(safecipher)
cryptkey = base64.b64decode(safekey)
iv = base64.b64decode(safeiv)
privkey = load_private_key(keyfile)
if not privkey:
print("Private Key Not Found")
return
symkey = privkey.decrypt(
cryptkey,
OAEP(mgf=asym_padding.MGF1(algorithm=SHA256()),
algorithm=SHA256(),
label=None))
cipher = Cipher(algorithms.AES(symkey),
modes.CBC(iv),
backend=default_backend())
decryptor = cipher.decryptor()
padded_data = decryptor.update(ciphertext)
decryptor.finalize()
unpadder = padding.PKCS7(128).unpadder()
data = unpadder.update(padded_data)
data += unpadder.finalize()
return data
def rsa_decrypt(ciphertext, private_key):
data = private_key.decrypt(ciphertext=b64decode(ciphertext),
padding=OAEP(mgf=MGF1(algorithm=SHA1()),
algorithm=SHA1(),
label=None))
result = data.decode('UTF-8')
return result
def tap_handshake(payload, onion_key):
pk_enc = payload[:PK_ENC_LEN]
sym_enc = payload[PK_ENC_LEN:TAP_C_HANDSHAKE_LEN]
decrypted = onion_key.decrypt(pk_enc, OAEP(MGF1(SHA1()), SHA1(), None))
sym_key = decrypted[:KEY_LEN]
dh_first_part = decrypted[KEY_LEN:PK_ENC_LEN]
initial_counter = "\x00" * 16
dh_second_part = Cipher(
AES(sym_key), modes.CTR(initial_counter),
backend=_default_backend).decryptor().update(sym_enc)
y = dh_first_part + dh_second_part
privkey = DH_PARAM.generate_private_key()
shared_key = privkey.exchange(
DHPublicNumbers(bytes_to_long(y),
DH_PARAM_NUMBERS).public_key(backend=_default_backend))
encoded_privkey = EncodedDHPublicKey(privkey)
return (encoded_privkey, kdf_tor(shared_key))
def unwrap_key(self, key, algorithm):
if algorithm == 'RSA':
return self.private_key.decrypt(
key,
OAEP(mgf=MGF1(algorithm=SHA1()), algorithm=SHA1(), label=None))
else:
raise ValueError(_ERROR_UNKNOWN_KEY_WRAP_ALGORITHM)
class PassportKey:
_padding: Final[OAEP] = OAEP(mgf=MGF1(algorithm=SHA1()),
algorithm=SHA1(),
label=None)
def __init__(self, private_key: RSAPrivateKey) -> None:
if not isinstance(private_key, RSAPrivateKey):
raise RuntimeError('Key is not RSA private key')
self._private_key: Final[RSAPrivateKey] = private_key
public_key = self._private_key.public_key()
public_bytes = public_key.public_bytes(
serialization.Encoding.PEM,
serialization.PublicFormat.SubjectPublicKeyInfo)
self._public_key_pem: Final[str] = public_bytes.decode()
@staticmethod
def load_der(private_bytes: bytes) -> 'PassportKey':
private_key = serialization.load_der_private_key(private_bytes,
password=None)
return PassportKey(cast(RSAPrivateKey, private_key))
@staticmethod
def load_pem(private_text: str) -> 'PassportKey':
private_key = serialization.load_pem_private_key(private_text.encode(),
password=None)
return PassportKey(cast(RSAPrivateKey, private_key))
def decrypt(self, ciphertext: bytes) -> bytes:
return self._private_key.decrypt(ciphertext, self._padding)
@property
def public_key_pem(self) -> str:
return self._public_key_pem
def decrypted_secret(self):
"""
:obj:`str`: Lazily decrypt and return secret.
Raises:
telegram.TelegramDecryptionError: Decryption failed. Usually due to bad
private/public key but can also suggest malformed/tampered data.
"""
if self._decrypted_secret is None:
# Try decrypting according to step 1 at
# https://core.telegram.org/passport#decrypting-data
# We make sure to base64 decode the secret first.
# Telegram says to use OAEP padding so we do that. The Mask Generation Function
# is the default for OAEP, the algorithm is the default for PHP which is what
# Telegram's backend servers run.
try:
self._decrypted_secret = self.bot.private_key.decrypt(
b64decode(self.secret),
OAEP(mgf=MGF1(algorithm=SHA1()),
algorithm=SHA1(),
label=None))
except ValueError as e:
# If decryption fails raise exception
raise TelegramDecryptionError(e)
return self._decrypted_secret
def decrypted_secret(self) -> str:
"""
:obj:`str`: Lazily decrypt and return secret.
Raises:
telegram.error.PassportDecryptionError: Decryption failed. Usually due to bad
private/public key but can also suggest malformed/tampered data.
"""
if self._decrypted_secret is None:
if not CRYPTO_INSTALLED:
raise RuntimeError(
"To use Telegram Passports, PTB must be installed via `pip install "
"python-telegram-bot[passport]`."
)
# Try decrypting according to step 1 at
# https://core.telegram.org/passport#decrypting-data
# We make sure to base64 decode the secret first.
# Telegram says to use OAEP padding so we do that. The Mask Generation Function
# is the default for OAEP, the algorithm is the default for PHP which is what
# Telegram's backend servers run.
try:
self._decrypted_secret = self.get_bot().private_key.decrypt( # type: ignore
b64decode(self.secret),
OAEP(mgf=MGF1(algorithm=SHA1()), algorithm=SHA1(), label=None), # skipcq
)
except ValueError as exception:
# If decryption fails raise exception
raise PassportDecryptionError(exception) from exception
return self._decrypted_secret
def rsa_encrypt(text, certificate):
data = text.encode('UTF-8')
public_key = certificate.public_key()
cipherbyte = public_key.encrypt(plaintext=data,
padding=OAEP(mgf=MGF1(algorithm=SHA1()),
algorithm=SHA1(),
label=None))
return b64encode(cipherbyte).decode('UTF-8')
def decrypt_session_key(self, encrypted_session_key):
private_key = self.get_my_private_key_object()
decrypted_session_key = private_key.decrypt(
encrypted_session_key,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return decrypted_session_key
def encrypt(self, data, hash_alg):
"""Encrypt a block of data"""
try:
hash_alg = hashes[hash_alg]()
pub_key = self.pyca_key
return pub_key.encrypt(data, OAEP(MGF1(hash_alg), hash_alg, None))
except ValueError:
return None
def encrypt(self, data, algorithm):
"""Encrypt a block of data"""
try:
hash_alg = self.get_hash(algorithm)
pub_key = self.pyca_key
return pub_key.encrypt(data, OAEP(MGF1(hash_alg), hash_alg, None))
except ValueError:
return None
def unwrap_key(self, key, algorithm):
if algorithm == 'RSA':
return self.private_key.decrypt(
key,
OAEP(
mgf=MGF1(algorithm=SHA1()), # nosec
algorithm=SHA1(), # nosec
label=None))
raise ValueError('Unknown key wrap algorithm.')
def wrap_key(self, key, algorithm='RSA'):
if algorithm == 'RSA':
return self.public_key.encrypt(
key,
OAEP(
mgf=MGF1(algorithm=SHA1()), # nosec
algorithm=SHA1(), # nosec
label=None))
raise ValueError('Unknown key wrap algorithm.')
def MyRSAdecrypt(RSACipher, C, IV, ext, RSA_Privatekey_filepath, tag):
key = private_key.decrypt( #uses private key to decrypt key used for message
RSACipher,
OAEP(mgf=uno(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
EncKey = key[0:32]
HMACKey = key[len(EncKey):]
Decryptor(IV, EncKey, ext, HMACKey,
tag) #decrypt the message using decrypted key
def cipher_repo_public(data):
f = open('repositoryCertificate.pem', 'rb')
cert = x509.load_pem_x509_certificate(f.read(), default_backend())
pub_k = cert.public_key()
ciphered_data = pub_k.encrypt(
data,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return ciphered_data
def MyRSAencrypt(filepath, RSA_Publickey_filepath):
backend = default_backend()
C, IV, key, ext = MyfileEncrypt(filepath) #encrypts message
RSACipher = public_key.encrypt( #use RSA encrypt to encrypt the public key
key,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return RSACipher, C, IV, ext
def encrypt_session_key(self, public_key_bytes, session_key):
public_key = serialization.load_pem_public_key(
public_key_bytes, backend=backends.default_backend())
encrypted_session_key = public_key.encrypt(
session_key,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return encrypted_session_key
def generate_session_key(hmac_secret=b''):
"""
:param hmac_secret: optional HMAC
:type hmac_secret: :class:`bytes`
:return: (session_key, encrypted_session_key) tuple
:rtype: :class:`tuple`
"""
session_key = random_bytes(32)
encrypted_session_key = UniverseKey.Public.encrypt(session_key + hmac_secret,
OAEP(MGF1(SHA1()), SHA1(), None)
)
return (session_key, encrypted_session_key)
def asymmetric_decrypt(ciphertext, private_key):
"""Asymmetrically decrypt a message"""
size = DECRYPTION_BLOCK_SIZE
blocks = [ciphertext[i:i + size] for i in range(0, len(ciphertext), size)]
plaintext = []
for block in blocks:
plaintext.append(
private_key.decrypt(
block,
OAEP(mgf=MGF1(algorithm=SHA1()), algorithm=SHA1(),
label=None)))
return b''.join(plaintext)
def asymmetric_encrypt(msg, public_key):
"""Asymmmetrically encrypts a message"""
size = ENCRYPTION_BLOCK_SIZE
blocks = [msg[i:i + size] for i in range(0, len(msg), size)]
ciphertext = []
for block in blocks:
ciphertext.append(
public_key.encrypt(
block,
OAEP(mgf=MGF1(algorithm=SHA1()), algorithm=SHA1(),
label=None)))
return b''.join(ciphertext)
def handshake(self):
self.client_A = os.urandom(16)
self.client_B = os.urandom(16)
encrypted = self.pub_key.encrypt(
self.client_A + self.client_B,
OAEP(mgf=MGF1(algorithm=hashes.SHA1()),
algorithm=hashes.SHA1(),
label=None))
req = geocacher_pb2.AuthRequest()
req.message_type = 15
req.data = encrypted
return self.wrap_packet(req)
def rsa_decrypt(data, rsa_priv_key_bytes):
"""
When given some `data` and an RSA private key, decrypt the data
"""
if isinstance(data, text_type):
data = data.encode('utf-8')
if isinstance(rsa_priv_key_bytes, text_type):
rsa_priv_key_bytes = rsa_priv_key_bytes.encode('utf-8')
if rsa_priv_key_bytes.startswith(b'-----'):
key = serialization.load_pem_private_key(rsa_priv_key_bytes, password=None, backend=default_backend())
else:
key = serialization.load_der_private_key(rsa_priv_key_bytes, password=None, backend=default_backend())
return key.decrypt(data, OAEP(MGF1(SHA1()), SHA1(), label=None))
def rsa_encrypt(data, rsa_pub_key_bytes):
"""
`rsa_pub_key_bytes` is a byte sequence with the public key
"""
if isinstance(data, text_type):
data = data.encode('utf-8')
if isinstance(rsa_pub_key_bytes, text_type):
rsa_pub_key_bytes = rsa_pub_key_bytes.encode('utf-8')
if rsa_pub_key_bytes.startswith(b'-----'):
key = serialization.load_pem_public_key(rsa_pub_key_bytes, backend=default_backend())
elif rsa_pub_key_bytes.startswith(b'ssh-rsa '):
key = serialization.load_ssh_public_key(rsa_pub_key_bytes, backend=default_backend())
else:
key = serialization.load_der_public_key(rsa_pub_key_bytes, backend=default_backend())
return key.encrypt(data, OAEP(MGF1(SHA1()), SHA1(), label=None))
def rsa_decrypt(priv_key, data: bytes) -> bytes:
"""decrypts rsa encrypted data (from rsa_encrypt)
:param priv_key: bytes or a cryptography RSA private key
:return: plaintext
"""
if isinstance(priv_key, bytes):
priv_key = serialization.load_pem_private_key(
priv_key, password=None, backend=default_backend())
plaintext = priv_key.decrypt(
data,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return plaintext
def MyRSAencrypt(filepath, RSA_Publickey_filepath):
backend = default_backend()
C, IV, EncKey, ext, HMACKey, tag = MyfileEncryptMAC(
filepath) #encrypts message
with open(RSA_Publickey_filepath,
"rb") as key_file: #load public key from file
public_key = serialization.load_pem_public_key(
key_file.read(), backend=default_backend())
RSACipher = public_key.encrypt( #use RSA encrypt to encrypt the public key
EncKey + HMACKey,
OAEP(mgf=MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return RSACipher, C, IV, ext, tag
