def _get_session_key(self, data, descriptor_cookie, client_id): pos = 0 d = aes_ctr_decryptor(descriptor_cookie) while pos < len(data): if data[pos:pos + self.REND_BASIC_AUTH_CLIENT_ID_LEN] == client_id: start_key_pos = pos + self.REND_BASIC_AUTH_CLIENT_ID_LEN end_key_pos = start_key_pos + self.CIPHER_KEY_LEN enc_session_key = data[start_key_pos:end_key_pos] return aes_update(d, enc_session_key) pos += self.REND_BASIC_AUTH_CLIENT_ENTRY_LEN raise Exception('Session key for client {!r} not found'.format(client_id))
def hybrid_encrypt(data, rsa_key_der): """ Hybrid encryption scheme. Encrypt the entire contents of the byte array "data" with the given "TorPublicKey" according to the "hybrid encryption" scheme described in the main Tor specification (tor-spec.txt). """ rsa_key = rsa_load_der(rsa_key_der) if len(data) < PK_DATA_LEN: return rsa_encrypt(rsa_key, data) aes_key_bytes = os.urandom(KEY_LEN) # RSA(K | M1) --> C1 m1 = data[:PK_DATA_LEN_WITH_KEY] c1 = rsa_encrypt(rsa_key, aes_key_bytes + m1) # AES_CTR(M2) --> C2 m2 = data[PK_DATA_LEN_WITH_KEY:] aes_key = aes_ctr_encryptor(aes_key_bytes) c2 = aes_update(aes_key, m2) return c1 + c2
def _decrypting_func(self, payload): return aes_update(self._backward_cipher, payload)
def _encrypting_func(self, payload): return aes_update(self._forward_cipher, payload)