def __init__(self, key, nonce, mac_len=16): self._mac_len = mac_len self._omac = [cmac.CMAC(algo.AES(key), defb()) for i in range(3)] for i in range(3): self._omac[i].update( bytes(1) * (algo.AES.block_size // 8 - 1) + struct.pack("B", i) # noqa: W503 ) self._omac[0].update(nonce) self._auth = _AuthWrapper(self._omac[1]) # create a cache since cryptography allows us to calculate tag # only once... why... self._omac_cache = [] self._omac_cache.append(self._omac[0].finalize()) self._cipher = CrCipher( algo.AES(key), modes.CTR(self._omac_cache[0]), defb(), ) self.__ctx = None self._updated = False self.__tag = None
def _construct_hash(name, data=b"", digest_size=None): if name in VAR_DIGEST_SIZE: if digest_size is None and name in XOFS: # pragma: no cover raise ValueError("value of digest-size is required") hash_ = h.Hash(HASHES[name](digest_size), defb()) else: hash_ = h.Hash(HASHES[name](), defb()) hash_.update(data) return hash_
def load(cls, data: bytes) -> DHPublicKey: """Deserialize and load the public key. Args: data (bytes): The serialized public key as ``bytes-like`` object. Returns: DHPublicKey: A public key object. Raises: ValueError: If the key could not be deserialized. """ fmts = { b"-----": ser.load_pem_public_key, b"0": ser.load_der_public_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: raise ValueError("Invalid format.") from None try: key = loader(memoryview(data), defb()) return cls(key=key) except ValueError as e: raise ValueError( "Cannot deserialize key. Incorrect key format.", ) from e
def load(cls, data: bytes) -> DHParameters: """Load the :any:`DHParameters` from the encoded format. Args: data (bytes, bytearray): The parameters as an encoded bytes object. Returns: DHParameters: DH parameter object. """ fmts = { b"-----BEGIN DH PARAMETERS": ser.load_pem_parameters, b"0": ser.load_der_parameters, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: raise ValueError("Invalid format.") from None try: params = loader(data, defb()) if not isinstance(params, dh.DHParameters): raise ValueError("Invalid parameter format.") return cls(None, parameter=params) except ValueError as e: raise ValueError( "Cannot deserialize key. Either Key format is invalid or " "passphrase is missing or incorrect.") from e
def __getPolyKey(self, key): cipher = Cipher(algo.ChaCha20(key, self._nonceCounter), None, defb()) cipher = cipher.encryptor() key = cipher.update( b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" ) return key
def load(cls, data: bytes) -> RSAPublicKey: """Loads the public key as ``bytes`` object and returns the Key interface. Args: data (bytes): The key as bytes object. Returns: RSAPublicKey: The RSA public key. Raises: ValueError: if the key could not be deserialized. """ fmts = { b"ssh-rsa ": ser.load_ssh_public_key, b"-----": ser.load_pem_public_key, b"0": ser.load_der_public_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: raise ValueError("Invalid format.") from None try: return cls(loader(memoryview(data), defb())) except ValueError as e: raise ValueError( "Cannot deserialize key. The key format might be invalid." ) from e
def derive_poly1305_key(ckey: bytes, nonce: bytes) -> bytes: """Generate a poly1305 key. Args: ckey (bytes): The key used for the cipher nonce (bytes): The nonce used for the cipher. It must be 12 bytes. Returns: bytes: A Poly1305 key. Raises: ValueError: If the length of nonce is not equal to 8 or 12 bytes. """ if len(nonce) not in (8, 12): raise ValueError("Poly1305 key must be 16 bytes long.") if len(nonce) == 8: nonce = bytes(4) + nonce crp = Cipher( algo.ChaCha20(ckey, bytes(4) + nonce), None, defb(), ).encryptor() return crp.update(bytes(32))
def derive_hkdf_key( master_key: bytes, dklen: int, hashalgo: typing.Union[str, BaseHash], salt: bytes, cipher_ctx: bytes = b"enc-key", auth_ctx: bytes = b"auth-key", ) -> typing.Tuple[bytes, bytes]: """Derive key materials for HMAC from given master key. Args: master_key (bytes): The key used to derive the keys from. dklen (int): Desired lenth of the derived key. hashalgo (str, BaseHash): The name of the hash algorithm. salt (bytes): The salt to use. cipher_ctx (bytes): Context for cipher. auth_ctx (bytes): Context for HMAC. Returns: tuple[bytes, bytes]: A pair of *cipher key* and *MAC key*. """ if isinstance(hashalgo, str): hash_ = _hashes[hashalgo]() elif isinstance(hashalgo, BaseHash): hash_ = _get_hash_algorithm(hashalgo) else: raise TypeError( "hashalgo must be a str or an object implementing BaseHash.") key = HKDF( hash_, dklen, salt, cipher_ctx, defb(), ).derive(master_key) hkey = HKDF( hash_, hash_.digest_size, salt, auth_ctx, defb(), ).derive(master_key) return key, hkey
def __init__(self, encrypting, key, mode, iv_or_nonce): cipher = Cipher( algo.Camellia(key), SUPPORTED[mode](iv_or_nonce), defb(), ) self._ctx = cipher.encryptor() if encrypting else cipher.decryptor() self._encrypting = encrypting
def _aes_cipher(key, mode, nonce_or_iv): if mode == _m.MODE_EAX: return _EAX(key, nonce_or_iv) if mode in modes_.special: if mode == _m.MODE_CCM: if not 7 <= len(nonce_or_iv) <= 13: raise ValueError( "Length of nonce must be between 7 and 13 bytes.") return SUPPORTED[mode](key) return CrCipher(algo.AES(key), SUPPORTED[mode](nonce_or_iv), defb())
def __init__(self, curve: str, **kwargs): if kwargs: self._key = kwargs.pop("key") return try: if curve not in SPECIAL_CURVES: self._key = ec.generate_private_key(CURVES[curve], defb()) return self._key = SPECIAL_CURVES[curve].generate() except KeyError as e: raise ValueError(f"Invalid curve: {curve}") from e
def __init__(self, n: int, e: int = 65537, **kwargs): if kwargs: self._key = kwargs.pop("key") else: self._key = rsa.generate_private_key(e, n, defb()) # numbers nos = self._key.private_numbers() self._p = nos.p self._q = nos.q self._d = nos.d
def __init__(self, key_size: int, generator: int = 2, **kwargs): if kwargs: params = kwargs.pop("parameter") if not isinstance(params, dh.DHParameters): raise ValueError("The parameter is not a DH parameter object.") self._params = params else: self._params = dh.generate_parameters( generator, key_size, defb(), )
def load( cls, data: bytes, passphrase: typing.Optional[bytes] = None, ) -> RSAPrivateKey: """Loads the private key as ``bytes`` object and returns the Key interface. Args: data (bytes, bytearray): The key as bytes object. passphrase (bytes, bytearray): The passphrase that deserializes the private key. ``passphrase`` must be a ``bytes-like`` object if the key was encrypted while serialization, otherwise ``None``. Returns: RSAPrivateKey: RSA private key. Raises: ValueError: if the key could not be deserialized. """ fmts = { b"-----BEGIN OPENSSH PRIVATE KEY": ser.load_ssh_private_key, b"-----": ser.load_pem_private_key, b"0": ser.load_der_private_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: raise ValueError("Invalid format.") from None # type check if passphrase is not None: passphrase = memoryview(passphrase) try: key = loader(memoryview(data), passphrase, defb()) if not isinstance(key, rsa.RSAPrivateKey): raise ValueError("The key is not an RSA private key.") return cls(None, key=key) except ValueError as e: raise ValueError( "Cannot deserialize key. Either Key format is invalid or " "passphrase is incorrect.") from e except TypeError as e: raise ValueError( "The key is encrypted but the passphrase is not given or the" " key is not encrypted but the passphrase is given." " Cannot deserialize the key.") from e
def load( cls, data: bytes, passphrase: typing.Optional[bytes] = None, ) -> DHPrivateKey: """Deserialize and load the the private key. Args: data (bytes): The serialized private key as ``bytes-like`` object. passphrase (bytes, bytearray): The passphrase that was used to protect the private key. If key is not protected, passphrase is ``None``. Returns: DHPrivateKey: A private key. Raises: ValueError: If the key could not be deserialized. TypeError: If passphrase is not a bytes-like object. """ fmts = { b"-----": ser.load_pem_private_key, b"0": ser.load_der_private_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: raise ValueError("Invalid format.") from None # type check if passphrase is not None: if not isinstance(passphrase, (bytes, bytearray, memoryview)): raise TypeError("passphrase must be a bytes-like object.") try: key = loader( memoryview(data), passphrase, defb(), ) return cls(key) except ValueError as e: raise ValueError( "Cannot deserialize key. Either Key format is invalid or " "passphrase is incorrect.") from e except TypeError as e: raise ValueError( "The key is encrypted but the passphrase is not given or the" " key is not encrypted but the passphrase is given." " Cannot deserialize the key.") from e
def __init__(self, encrypt, key, nonce): self._encrypt = encrypt self._dataLength = 0 self._aadLength = 0 self._nonceCounter = (0).to_bytes(4, byteorder='little') + nonce self._nonceEncrypt = (1).to_bytes(4, byteorder='little') + nonce cipher = Cipher(algo.ChaCha20(key, self._nonceEncrypt), None, defb()) if encrypt: self._cipher = cipher.encryptor() else: self._cipher = cipher.decryptor() polyKey = self.__getPolyKey(key) self._auth = Poly1305(polyKey)
def __init__(self, encrypting, key, nonce): if not len(nonce) in (8, 12): raise ValueError("A 8 or 12 byte nonce is required") if len(nonce) == 8: nonce = bytes(4) + nonce cipher = Cipher( algo.ChaCha20( key, bytes(4) + nonce, ), None, defb(), ) self._ctx = cipher.encryptor() if encrypting else cipher.decryptor() self._encrypting = encrypting
def load_from_parameters( cls, p: int, g: int = 2, q: typing.Optional[int] = None, ) -> DHParameters: """Generates a DH parameter group from the parameters. Args: p (int): The prime modulus value. g (int): The generator value. Must be 2 or 5. Default is 2. q (int): p subgroup order value. Defaults to ``None``. Returns: DHParameters: DHParameters object. """ param_nos = dh.DHParameterNumbers(p, g, q) return cls(None, parameter=param_nos.parameters(defb()))
def load(cls, data: bytes, *, edwards: bool = True) -> ECCPublicKey: """Loads the public key as ``bytes`` object and returns the Key interface. Args: data (bytes, bytearray): The key as bytes object. Keyword Arguments: edwards (bool): Whether the ``Raw`` encoded key of length 32 bytes must be imported as an ``Ed25519`` key or ``X25519`` key. If ``True``, the key will be imported as an ``Ed25519`` key, otherwise an ``X25519`` key. This argument is ignored for all other serialized key types. Returns: ECCPublicKey: The ECC public key. Raises: ValueError: if the key could not be deserialized. """ fmts = { b"ecdsa-": ser.load_ssh_public_key, b"-----": ser.load_pem_public_key, b"0": ser.load_der_public_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: loader = cls._get_raw_ecc_loader(data, edwards) try: key = loader(memoryview(data), defb()) return cls(key=key) except ValueError as e: raise ValueError( "Cannot deserialize key. Incorrect key format.", ) from e
def __init__(self, encrypting, key, nonce): if not len(nonce) in (8, 12): raise ValueError("A 8 or 12 byte nonce is required") if len(nonce) == 8: nonce = bytes(4) + nonce cipher = Cipher( algo.ChaCha20( key, (1).to_bytes(4, "little") + nonce, ), None, defb(), ) ctx = cipher.encryptor() if encrypting else cipher.decryptor() self._encrypting = encrypting self._auth = Poly1305(derive_poly1305_key(key, nonce)) self._ctx = self._get_auth_ctx(encrypting, ctx, self._auth) self._len_aad, self._len_ct = 0, 0 self._updated = False self._tag = None
def load( cls, data: bytes, passphrase: typing.Optional[bytes] = None, *, edwards: bool = True, ) -> ECCPrivateKey: """Loads the private key as `bytes` object and returns a key object. Args: data (bytes, bytearray): The key as a ``bytes-like`` object. passphrase (bytes, bytearray, memoryview, None): The passphrase that deserializes the private key. ``passphrase`` must be a ``bytes-like`` object if the key was encrypted while serialization, otherwise ``None``. Keyword Arguments: edwards (bool): Whether the ``Raw`` encoded key of length 32 bytes must be imported as an ``Ed25519`` key or ``X25519`` key. If ``True``, the key will be imported as an ``Ed25519`` key, otherwise an ``X25519`` key. This argument is ignored for all other serialized key types. Returns: ECCPrivateKey: A private key. Raises: ValueError: if the key could not be deserialized. TypeError: if passphrase is not a bytes object. """ # type check if passphrase is not None: if not isinstance(passphrase, (bytes, bytearray, memoryview)): raise TypeError("passphrase must be a bytes object.") fmts = { b"-----BEGIN OPENSSH PRIVATE KEY": ser.load_ssh_private_key, b"-----": ser.load_pem_private_key, b"0": ser.load_der_private_key, } try: loader = fmts[[*filter(data.startswith, fmts)][0]] except IndexError: loader = cls._get_raw_ecc_loader(data, edwards) # type check if passphrase is not None: if not isinstance(passphrase, (bytes, bytearray, memoryview)): raise TypeError("passphrase must be a bytes-like object.") try: key = loader(memoryview(data), passphrase, defb()) if not isinstance( key, (ec.EllipticCurvePrivateKey, *SPECIAL_CURVES.values())): raise ValueError("The key is not an EC private key.") return cls(None, key=key) except ValueError as e: raise ValueError( "Cannot deserialize key. Either Key format is invalid or " "passphrase is incorrect.") from e except TypeError as e: raise ValueError( "The key is encrypted but the passphrase is not given or the" " key is not encrypted but the passphrase is given." " Cannot deserialize the key.") from e