def __del__(self):
# pylint: disable=protected-access
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EVP_CIPHER_CTX_reset(self.ctx)
else:
OpenSSL.EVP_CIPHER_CTX_cleanup(self.ctx)
OpenSSL.EVP_CIPHER_CTX_free(self.ctx)
def destinguisher(key, iv, msg_list, enc_msg):
iv2 = increment_iv(iv)
encryptor = OpenSSL('cbc')
for i, m in enumerate(msg_list):
xored = xor_strings(xor_strings(iv, iv2), m)
enc_m = encryptor.encrypt(xored, key, iv2)
if enc_m == enc_msg:
return i, enc_m
def which_msg(enc_type, key, iv, msg_list, enc_msg):
iv2 = increment_iv(iv)
encryptor = OpenSSL(enc_type)
for i, m in enumerate(msg_list):
xored = xor_strings(xor_strings(iv, iv2), m)
enc_m = encryptor.encrypt_msg(xored, key, iv2)
if enc_m == enc_msg:
return i, enc_m
def final(self):
"""Returning the final value"""
i = OpenSSL.c_int(0)
buffer = OpenSSL.malloc(b"", self.cipher.get_blocksize())
if (OpenSSL.EVP_CipherFinal_ex(self.ctx, OpenSSL.byref(buffer),
OpenSSL.byref(i))) == 0:
raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
def __init__(self, key, iv, do, ciphername='aes-256-cbc'):
"""
do == 1 => Encrypt; do == 0 => Decrypt
"""
self.cipher = OpenSSL.get_cipher(ciphername)
self.ctx = OpenSSL.EVP_CIPHER_CTX_new()
if do == 1 or do == 0:
k = OpenSSL.malloc(key, len(key))
IV = OpenSSL.malloc(iv, len(iv))
OpenSSL.EVP_CipherInit_ex(self.ctx, self.cipher.get_pointer(), 0,
k, IV, do)
else:
raise Exception("RTFM ...")
def main():
filename = "fatture.xlsx"
if len(sys.argv) > 1:
filename = sys.argv[1]
if not check_file(filename):
return
excel = Excel(filename)
openssl = OpenSSL("data/SanitelCF.cer")
configurazione = excel.configurazione()
try:
while True:
try:
riga = excel.nuova_riga()
except ValueError as e:
print(e)
continue
if not riga:
break
if riga.get("protocollo"):
# riga con già il numero di protocollo
continue
mapped = mapping(configurazione, riga, openssl)
result = send_data(mapped)
print("%s - %s" % (mapped["numDocumento"], result[1]))
excel.protocollo(result[1])
finally:
excel.save()
def __init__(
self,
pubkey=None,
privkey=None,
pubkey_x=None,
pubkey_y=None,
raw_privkey=None,
curve='sect283r1',
): # pylint: disable=too-many-arguments
"""
For a normal and High level use, specifie pubkey,
privkey (if you need) and the curve
"""
if isinstance(curve, str):
self.curve = OpenSSL.get_curve(curve)
else:
self.curve = curve
if pubkey_x is not None and pubkey_y is not None:
self._set_keys(pubkey_x, pubkey_y, raw_privkey)
elif pubkey is not None:
curve, pubkey_x, pubkey_y, _ = ECC._decode_pubkey(pubkey)
if privkey is not None:
curve2, raw_privkey, _ = ECC._decode_privkey(privkey)
if curve != curve2:
raise Exception("Bad ECC keys ...")
self.curve = curve
self._set_keys(pubkey_x, pubkey_y, raw_privkey)
else:
self.privkey, self.pubkey_x, self.pubkey_y = self._generate()
def raw_encrypt(
data,
pubkey_x,
pubkey_y,
curve='sect283r1',
ephemcurve=None,
ciphername='aes-256-cbc',
): # pylint: disable=too-many-arguments
"""ECHD encryption, keys supplied in binary data format"""
if ephemcurve is None:
ephemcurve = curve
ephem = ECC(curve=ephemcurve)
key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
key_e, key_m = key[:32], key[32:]
pubkey = ephem.get_pubkey()
iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
ctx = Cipher(key_e, iv, 1, ciphername)
ciphertext = iv + pubkey + ctx.ciphering(data)
mac = hmac_sha256(key_m, ciphertext)
return ciphertext + mac
def hmac_sha512(k, m):
"""
Compute the key and the message with HMAC SHA512
"""
key = OpenSSL.malloc(k, len(k))
d = OpenSSL.malloc(m, len(m))
md = OpenSSL.malloc(0, 64)
i = OpenSSL.pointer(OpenSSL.c_int(0))
OpenSSL.HMAC(OpenSSL.EVP_sha512(), key, len(k), d, len(m), md, i)
return md.raw
def update(self, input):
"""Update result with more data"""
i = OpenSSL.c_int(0)
buffer = OpenSSL.malloc(b"", len(input) + self.cipher.get_blocksize())
inp = OpenSSL.malloc(input, len(input))
if OpenSSL.EVP_CipherUpdate(self.ctx, OpenSSL.byref(buffer),
OpenSSL.byref(i), inp, len(input)) == 0:
raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
def pbkdf2(password, salt=None, i=10000, keylen=64):
"""Key derivation function using SHA256"""
if salt is None:
salt = OpenSSL.rand(8)
p_password = OpenSSL.malloc(password, len(password))
p_salt = OpenSSL.malloc(salt, len(salt))
output = OpenSSL.malloc(0, keylen)
OpenSSL.PKCS5_PBKDF2_HMAC(p_password, len(password), p_salt, len(p_salt),
i, OpenSSL.EVP_sha256(), keylen, output)
return salt, output.raw
def decrypt(self, data, ciphername='aes-256-cbc'):
"""
Decrypt data with ECIES method using the local private key
"""
blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
iv = data[:blocksize]
i = blocksize
_, pubkey_x, pubkey_y, i2 = ECC._decode_pubkey(data[i:])
i += i2
ciphertext = data[i:len(data) - 32]
i += len(ciphertext)
mac = data[i:]
key = sha512(self.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
key_e, key_m = key[:32], key[32:]
if not equals(hmac_sha256(key_m, data[:len(data) - 32]), mac):
raise RuntimeError("Fail to verify data")
ctx = Cipher(key_e, iv, 0, ciphername)
return ctx.ciphering(ciphertext)
def test_mode(file_to_encrypt, mode):
open_ssl = OpenSSL(mode)
encrypted_path = file_to_encrypt.replace('.py', '.enc')
open_ssl.encrypt_file(key, bytes(iv, 'utf-8'), file_to_encrypt,
encrypted_path)
decrypted_path = file_to_encrypt.replace('.py', '.dec')
open_ssl.decrypt_file(key, bytes(iv, 'utf-8'), encrypted_path,
decrypted_path)
with open(file_to_encrypt, 'rb') as original:
with open(decrypted_path, 'rb') as decrypted:
assert original.read() == decrypted.read()
os.remove(decrypted_path)
os.remove(encrypted_path)
print('Test for {} passed'.format(mode))
def action(name, version, defaults):
print("action: %s %s " % (name, version))
if name == "boost":
handler = Boost(name, version, defaults)
elif name == "openssl":
handler = OpenSSL(name, version, defaults)
elif name == "simple_buffer":
handler = SimpleBuffer(name, version, defaults)
elif name == "rb_logger":
handler = RBLogger(name, version, defaults)
elif name == "http_parser":
handler = HttpParser(name, version, defaults)
elif name == "uri-parser":
handler = UriParser(name, version, defaults)
elif name == "cxxurl":
handler = CxxUrl(name, version, defaults)
elif name == "catch2":
handler = Catch2(name, version, defaults)
else:
return
handler.get_package()
handler.stage_package()
handler.install_package()
def _generate(self):
try:
pub_key_x = OpenSSL.BN_new()
pub_key_y = OpenSSL.BN_new()
key = OpenSSL.EC_KEY_new_by_curve_name(self.curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
if (OpenSSL.EC_KEY_generate_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_generate_key FAIL ...")
if (OpenSSL.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
priv_key = OpenSSL.EC_KEY_get0_private_key(key)
group = OpenSSL.EC_KEY_get0_group(key)
pub_key = OpenSSL.EC_KEY_get0_public_key(key)
if OpenSSL.EC_POINT_get_affine_coordinates_GFp(
group, pub_key, pub_key_x, pub_key_y, 0) == 0:
raise Exception(
"[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...")
privkey = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(priv_key))
pubkeyx = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_x))
pubkeyy = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_y))
OpenSSL.BN_bn2bin(priv_key, privkey)
privkey = privkey.raw
OpenSSL.BN_bn2bin(pub_key_x, pubkeyx)
pubkeyx = pubkeyx.raw
OpenSSL.BN_bn2bin(pub_key_y, pubkeyy)
pubkeyy = pubkeyy.raw
self.raw_check_key(privkey, pubkeyx, pubkeyy)
return privkey, pubkeyx, pubkeyy
finally:
OpenSSL.EC_KEY_free(key)
OpenSSL.BN_free(pub_key_x)
OpenSSL.BN_free(pub_key_y)
def raw_check_key(self, privkey, pubkey_x, pubkey_y, curve=None):
"""Check key validity, key is supplied as binary data"""
if curve is None:
curve = self.curve
elif isinstance(curve, str):
curve = OpenSSL.get_curve(curve)
else:
curve = curve
try:
key = OpenSSL.EC_KEY_new_by_curve_name(curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
if privkey is not None:
priv_key = OpenSSL.BN_bin2bn(privkey, len(privkey), 0)
pub_key_x = OpenSSL.BN_bin2bn(pubkey_x, len(pubkey_x), 0)
pub_key_y = OpenSSL.BN_bin2bn(pubkey_y, len(pubkey_y), 0)
if privkey is not None:
if (OpenSSL.EC_KEY_set_private_key(key, priv_key)) == 0:
raise Exception(
"[OpenSSL] EC_KEY_set_private_key FAIL ...")
group = OpenSSL.EC_KEY_get0_group(key)
pub_key = OpenSSL.EC_POINT_new(group)
if (OpenSSL.EC_POINT_set_affine_coordinates_GFp(
group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
raise Exception(
"[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (OpenSSL.EC_KEY_set_public_key(key, pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (OpenSSL.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
return 0
finally:
OpenSSL.EC_KEY_free(key)
OpenSSL.BN_free(pub_key_x)
OpenSSL.BN_free(pub_key_y)
OpenSSL.EC_POINT_free(pub_key)
if privkey is not None:
OpenSSL.BN_free(priv_key)
decrypted_path)
with open(file_to_encrypt, 'rb') as original:
with open(decrypted_path, 'rb') as decrypted:
assert original.read() == decrypted.read()
os.remove(decrypted_path)
os.remove(encrypted_path)
print('Test for {} passed'.format(mode))
if __name__ == '__main__':
command_line_parser = CommandLineParser()
parsed_args = command_line_parser.parse_arguments(sys.argv[1:])
enc_type = 'cbc'
openssl = OpenSSL(enc_type)
iv = '0' * 16
iv2 = increment_iv(iv)
ks = jks.KeyStore.load(parsed_args['keystore_path'],
parsed_args['password'])
key = ks.private_keys['self signed cert'].pkey[:32]
msg_list = ['lubie placki bar', 'pala lufa jedyna']
msg_list = [x[:16] for x in msg_list]
rand = randint(0, 1)
random_msg = msg_list[rand]
enc_m1 = openssl.encrypt_msg(random_msg, key, iv)
print('Encrypting "{}" to {}'.format(random_msg, enc_m1))
ind, cipher = which_msg(enc_type, key, iv, msg_list, enc_m1)
def sign(self, inputb, digest_alg=OpenSSL.digest_ecdsa_sha1):
"""
Sign the input with ECDSA method and returns the signature
"""
try:
size = len(inputb)
buff = OpenSSL.malloc(inputb, size)
digest = OpenSSL.malloc(0, 64)
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
md_ctx = OpenSSL.EVP_MD_CTX_new()
else:
md_ctx = OpenSSL.EVP_MD_CTX_create()
dgst_len = OpenSSL.pointer(OpenSSL.c_int(0))
siglen = OpenSSL.pointer(OpenSSL.c_int(0))
sig = OpenSSL.malloc(0, 151)
key = OpenSSL.EC_KEY_new_by_curve_name(self.curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
priv_key = OpenSSL.BN_bin2bn(self.privkey, len(self.privkey), 0)
pub_key_x = OpenSSL.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
pub_key_y = OpenSSL.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)
if (OpenSSL.EC_KEY_set_private_key(key, priv_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...")
group = OpenSSL.EC_KEY_get0_group(key)
pub_key = OpenSSL.EC_POINT_new(group)
if (OpenSSL.EC_POINT_set_affine_coordinates_GFp(
group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
raise Exception(
"[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (OpenSSL.EC_KEY_set_public_key(key, pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (OpenSSL.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EVP_MD_CTX_new(md_ctx)
else:
OpenSSL.EVP_MD_CTX_init(md_ctx)
OpenSSL.EVP_DigestInit_ex(md_ctx, digest_alg(), None)
if (OpenSSL.EVP_DigestUpdate(md_ctx, buff, size)) == 0:
raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")
OpenSSL.EVP_DigestFinal_ex(md_ctx, digest, dgst_len)
OpenSSL.ECDSA_sign(0, digest, dgst_len.contents, sig, siglen, key)
if (OpenSSL.ECDSA_verify(0, digest, dgst_len.contents, sig,
siglen.contents, key)) != 1:
raise Exception("[OpenSSL] ECDSA_verify FAIL ...")
return sig.raw[:siglen.contents.value]
finally:
OpenSSL.EC_KEY_free(key)
OpenSSL.BN_free(pub_key_x)
OpenSSL.BN_free(pub_key_y)
OpenSSL.BN_free(priv_key)
OpenSSL.EC_POINT_free(pub_key)
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EVP_MD_CTX_free(md_ctx)
else:
OpenSSL.EVP_MD_CTX_destroy(md_ctx)
def verify(self, sig, inputb, digest_alg=OpenSSL.digest_ecdsa_sha1):
"""
Verify the signature with the input and the local public key.
Returns a boolean
"""
try:
bsig = OpenSSL.malloc(sig, len(sig))
binputb = OpenSSL.malloc(inputb, len(inputb))
digest = OpenSSL.malloc(0, 64)
dgst_len = OpenSSL.pointer(OpenSSL.c_int(0))
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
md_ctx = OpenSSL.EVP_MD_CTX_new()
else:
md_ctx = OpenSSL.EVP_MD_CTX_create()
key = OpenSSL.EC_KEY_new_by_curve_name(self.curve)
if key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
pub_key_x = OpenSSL.BN_bin2bn(self.pubkey_x, len(self.pubkey_x), 0)
pub_key_y = OpenSSL.BN_bin2bn(self.pubkey_y, len(self.pubkey_y), 0)
group = OpenSSL.EC_KEY_get0_group(key)
pub_key = OpenSSL.EC_POINT_new(group)
if (OpenSSL.EC_POINT_set_affine_coordinates_GFp(
group, pub_key, pub_key_x, pub_key_y, 0)) == 0:
raise Exception(
"[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (OpenSSL.EC_KEY_set_public_key(key, pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (OpenSSL.EC_KEY_check_key(key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EVP_MD_CTX_new(md_ctx)
else:
OpenSSL.EVP_MD_CTX_init(md_ctx)
OpenSSL.EVP_DigestInit_ex(md_ctx, digest_alg(), None)
if (OpenSSL.EVP_DigestUpdate(md_ctx, binputb, len(inputb))) == 0:
raise Exception("[OpenSSL] EVP_DigestUpdate FAIL ...")
OpenSSL.EVP_DigestFinal_ex(md_ctx, digest, dgst_len)
ret = OpenSSL.ECDSA_verify(0, digest, dgst_len.contents, bsig,
len(sig), key)
if ret == -1:
# Fail to Check
return False
if ret == 0:
# Bad signature !
return False
# Good
return True
finally:
OpenSSL.EC_KEY_free(key)
OpenSSL.BN_free(pub_key_x)
OpenSSL.BN_free(pub_key_y)
OpenSSL.EC_POINT_free(pub_key)
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EVP_MD_CTX_free(md_ctx)
else:
OpenSSL.EVP_MD_CTX_destroy(md_ctx)
def get_curve(self):
"""Encryption object from curve name"""
return OpenSSL.get_curve_by_id(self.curve)
def get(self):
openssl = OpenSSL()
version = openssl.version()
self.write(version)
s = 16 # len(secret)
n = 24 # len(msg)
# N = pow(2, n) # len(secrets)
N = 1000
# Placeholder
msgs = []
keys = []
secrets = []
start = time.time()
# ALICE (Encryption)
for i in range(0, N):
secret = str(randint(1000000000000000000000000, 9999999999999999999999999))
key = str(randint(1000, 9999))
enc_suite = OpenSSL('cbc')
msg = enc_suite.encrypt('0' * (n - s) + secret, key * 4, key * 4)
msgs.append(msg)
keys.append(key)
secrets.append(secret)
# ALICE sends "msgs" Block to BOB
# BOB (Brute force Decryption)
decrypted_msg = ''
rand_msg_solve = randint(0, N - 1)
print("Start decrypting at {}".format(time.time() - start))
keys = [str(x) for x in range(1000, 9999)]
while not decrypted_msg[:(n - s)] == '0' * (n - s):
from openssl import OpenSSL
command_line_parser = CommandLineParser()
parsed_args = command_line_parser.parse_arguments(sys.argv[1:])
key_store = jks.KeyStore.load(parsed_args['keystore_path'],
parsed_args['password'])
key = key_store.private_keys['alias_name'].pkey[:32]
num_of_success = 0
msg_to_enc = 'x'
types_of_enc = ['ofb', 'cbc', 'ctr']
if True:
for enc_type in types_of_enc:
print('Sprawdzam szyfrowanie i deszyfrowanie dla ', enc_type.upper())
openssl = OpenSSL(enc_type)
iv = '0' * 16
enc_m = openssl.encrypt(msg_to_enc, key, iv)
dec_m = openssl.decrypt(enc_m, key, iv).rstrip(b'\x00')
try:
dec_m = dec_m.decode()
if_success = msg_to_enc == dec_m
except UnicodeDecodeError as e:
print("Wystąpił błąd!", e)
if_success = 0
num_of_success += if_success
print('Sprawdzam czy {a} == {b}. Rezultat to {c}\n'.format(
a=msg_to_enc, b=dec_m, c=if_success))
print('Stosunek sukcesów do prób to {a}/{b}'.format(a=num_of_success,
b=len(types_of_enc)))
def randomBytes(n):
"""Method randomBytes."""
try:
return os.urandom(n)
except NotImplementedError:
return OpenSSL.rand(n)
def destinguisher(key, iv, msg_list, enc_msg):
iv2 = increment_iv(iv)
encryptor = OpenSSL('cbc')
for i, m in enumerate(msg_list):
xored = xor_strings(xor_strings(iv, iv2), m)
enc_m = encryptor.encrypt(xored, key, iv2)
if enc_m == enc_msg:
return i, enc_m
command_line_parser = CommandLineParser()
parsed_args = command_line_parser.parse_arguments(sys.argv[1:])
enc_type = 'cbc'
openssl = OpenSSL(enc_type)
iv = '0' * 16
key_store = jks.KeyStore.load(parsed_args['keystore_path'],
parsed_args['password'])
key = key_store.private_keys['alias_name'].pkey[:32]
f = open(parsed_args['input_path'], 'r')
input_ms = [x for x in f]
f = open(r'C:\Users\Latitude\Desktop\output.txt', 'w')
if len(input_ms) == 0:
raise IOError('Za mało danych wejściowych')
elif len(input_ms) == 2:
msg_list = [x[:16] for x in input_ms]
random_msg = msg_list[randint(0, 1)]
def get_blocksize(ciphername):
"""This Method returns cipher blocksize"""
cipher = OpenSSL.get_cipher(ciphername)
return cipher.get_blocksize()
def raw_get_ecdh_key(self, pubkey_x, pubkey_y):
"""ECDH key as binary data"""
try:
ecdh_keybuffer = OpenSSL.malloc(0, 32)
other_key = OpenSSL.EC_KEY_new_by_curve_name(self.curve)
if other_key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
other_pub_key_x = OpenSSL.BN_bin2bn(pubkey_x, len(pubkey_x), 0)
other_pub_key_y = OpenSSL.BN_bin2bn(pubkey_y, len(pubkey_y), 0)
other_group = OpenSSL.EC_KEY_get0_group(other_key)
other_pub_key = OpenSSL.EC_POINT_new(other_group)
if (OpenSSL.EC_POINT_set_affine_coordinates_GFp(
other_group, other_pub_key, other_pub_key_x,
other_pub_key_y, 0)) == 0:
raise Exception(
"[OpenSSL] EC_POINT_set_affine_coordinates_GFp FAIL ...")
if (OpenSSL.EC_KEY_set_public_key(other_key, other_pub_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_public_key FAIL ...")
if (OpenSSL.EC_KEY_check_key(other_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_check_key FAIL ...")
own_key = OpenSSL.EC_KEY_new_by_curve_name(self.curve)
if own_key == 0:
raise Exception("[OpenSSL] EC_KEY_new_by_curve_name FAIL ...")
own_priv_key = OpenSSL.BN_bin2bn(self.privkey, len(self.privkey),
0)
if (OpenSSL.EC_KEY_set_private_key(own_key, own_priv_key)) == 0:
raise Exception("[OpenSSL] EC_KEY_set_private_key FAIL ...")
if OpenSSL._hexversion > 0x10100000 and not OpenSSL._libreSSL:
OpenSSL.EC_KEY_set_method(own_key, OpenSSL.EC_KEY_OpenSSL())
else:
OpenSSL.ECDH_set_method(own_key, OpenSSL.ECDH_OpenSSL())
ecdh_keylen = OpenSSL.ECDH_compute_key(ecdh_keybuffer, 32,
other_pub_key, own_key, 0)
if ecdh_keylen != 32:
raise Exception("[OpenSSL] ECDH keylen FAIL ...")
return ecdh_keybuffer.raw
finally:
OpenSSL.EC_KEY_free(other_key)
OpenSSL.BN_free(other_pub_key_x)
OpenSSL.BN_free(other_pub_key_y)
OpenSSL.EC_POINT_free(other_pub_key)
OpenSSL.EC_KEY_free(own_key)
OpenSSL.BN_free(own_priv_key)
def gen_IV(ciphername):
"""Generate random initialization vector"""
cipher = OpenSSL.get_cipher(ciphername)
return OpenSSL.rand(cipher.get_blocksize())
