def decrypt_message(encrypted_data, decryption_key):
"""Function parses an ASN.1 encrypted message and extracts/decrypts
the original message.
:param encrypted_data: A CMS ASN.1 byte string containing the encrypted
data.
:param decryption_key: The key to be used for decrypting the data.
:return: A byte string containing the decrypted original message.
"""
cms_content = cms.ContentInfo.load(encrypted_data)
cipher, decrypted_content = None, None
if cms_content['content_type'].native == 'enveloped_data':
recipient_info = cms_content['content']['recipient_infos'][0].parse()
key_enc_alg = recipient_info['key_encryption_algorithm'][
'algorithm'].native
encrypted_key = recipient_info['encrypted_key'].native
if key_enc_alg == 'rsa':
try:
key = asymmetric.rsa_pkcs1v15_decrypt(decryption_key[0],
encrypted_key)
except Exception:
raise DecryptionError(
'Failed to decrypt the payload: Could not extract decryption key.'
)
alg = cms_content['content']['encrypted_content_info'][
'content_encryption_algorithm']
encapsulated_data = cms_content['content'][
'encrypted_content_info']['encrypted_content'].native
try:
if alg['algorithm'].native == '1.2.840.113549.3.4': # This is RC4
decrypted_content = symmetric.rc4_decrypt(
key, encapsulated_data)
elif alg.encryption_cipher == 'tripledes':
cipher = 'tripledes_192_cbc'
decrypted_content = symmetric.tripledes_cbc_pkcs5_decrypt(
key, encapsulated_data, alg.encryption_iv)
elif alg.encryption_cipher == 'aes':
decrypted_content = symmetric.aes_cbc_pkcs7_decrypt(
key, encapsulated_data, alg.encryption_iv)
elif alg.encryption_cipher == 'rc2':
decrypted_content = symmetric.rc2_cbc_pkcs5_decrypt(
key, encapsulated_data, alg['parameters']['iv'].native)
else:
raise AS2Exception('Unsupported Encryption Algorithm')
except Exception as e:
raise DecryptionError(
'Failed to decrypt the payload: {}'.format(e))
else:
raise AS2Exception('Unsupported Encryption Algorithm')
else:
raise DecryptionError('Encrypted data not found in ASN.1 ')
return cipher, decrypted_content
def decrypt_message(encrypted_data, decryption_key):
"""Function parses an ASN.1 encrypted message and extracts/decrypts the original message.
:param encrypted_data: A CMS ASN.1 byte string containing the encrypted data.
:param decryption_key: The key to be used for decrypting the data.
:return: A byte string containing the decrypted original message.
"""
cms_content = cms.ContentInfo.load(encrypted_data)
cipher, decrypted_content = None, None
if cms_content["content_type"].native == "enveloped_data":
recipient_info = cms_content["content"]["recipient_infos"][0].parse()
key_enc_alg = recipient_info["key_encryption_algorithm"][
"algorithm"].native
encrypted_key = recipient_info["encrypted_key"].native
if cms.KeyEncryptionAlgorithmId(
key_enc_alg) == cms.KeyEncryptionAlgorithmId("rsa"):
try:
key = asymmetric.rsa_pkcs1v15_decrypt(decryption_key[0],
encrypted_key)
except Exception:
raise DecryptionError(
"Failed to decrypt the payload: Could not extract decryption key."
)
alg = cms_content["content"]["encrypted_content_info"][
"content_encryption_algorithm"]
encapsulated_data = cms_content["content"][
"encrypted_content_info"]["encrypted_content"].native
try:
if alg["algorithm"].native == "rc4":
decrypted_content = symmetric.rc4_decrypt(
key, encapsulated_data)
elif alg.encryption_cipher == "tripledes":
cipher = "tripledes_192_cbc"
decrypted_content = symmetric.tripledes_cbc_pkcs5_decrypt(
key, encapsulated_data, alg.encryption_iv)
elif alg.encryption_cipher == "aes":
decrypted_content = symmetric.aes_cbc_pkcs7_decrypt(
key, encapsulated_data, alg.encryption_iv)
elif alg.encryption_cipher == "rc2":
decrypted_content = symmetric.rc2_cbc_pkcs5_decrypt(
key, encapsulated_data, alg["parameters"]["iv"].native)
else:
raise AS2Exception("Unsupported Encryption Algorithm")
except Exception as e:
raise DecryptionError(
"Failed to decrypt the payload: {}".format(e))
else:
raise AS2Exception("Unsupported Encryption Algorithm")
else:
raise DecryptionError("Encrypted data not found in ASN.1 ")
return cipher, decrypted_content
def test_rc2_40_encrypt_decrypt(self):
key = util.rand_bytes(5)
data = b'This is data to encrypt'
iv, ciphertext = symmetric.rc2_cbc_pkcs5_encrypt(key, data, None)
self.assertNotEqual(data, ciphertext)
self.assertEqual(byte_cls, type(ciphertext))
plaintext = symmetric.rc2_cbc_pkcs5_decrypt(key, ciphertext, iv)
self.assertEqual(data, plaintext)
def test_rc2_40_encrypt_decrypt(self):
key = util.rand_bytes(5)
data = b'This is data to encrypt'
iv, ciphertext = symmetric.rc2_cbc_pkcs5_encrypt(key, data, None)
self.assertNotEqual(data, ciphertext)
self.assertEqual(byte_cls, type(ciphertext))
plaintext = symmetric.rc2_cbc_pkcs5_decrypt(key, ciphertext, iv)
self.assertEqual(data, plaintext)