def set_passwd(self, sign, xchg, password: bytes):
"""
Set or replace the password by encrypting the private keys and storing
the results.
:param sign: The signature key.
:param xchg: The encryption key.
:param password: The password for encrypting the keys.
"""
# Verify key if key has been set
if self.sign_priv:
try:
Ed25519PublicKey.from_public_bytes(self.sign).verify(
self.sign_sig, sign)
Ed25519PublicKey.from_public_bytes(self.sign).verify(
self.xchg_sig, xchg)
except cryptography.exceptions.InvalidSignature as e:
raise SignatureMismatch(self.xchg_sig) from e
# Do the actual encryption
session = _gen_login_key(password, self.identity)
self.sign_iv = urandom(16)
context = Cipher(algorithms.ChaCha20(session, self.sign_iv), None,
default_backend()).encryptor()
self.sign_priv = context.update(sign) + context.finalize()
self.xchg_iv = urandom(16)
context = Cipher(algorithms.ChaCha20(session, self.xchg_iv), None,
default_backend()).encryptor(
) # Nonce reuse is considered bad practice
self.xchg_priv = context.update(xchg) + context.finalize()
def get_stream(key: bytes, nonce: bytes) -> Iterator[int]: algorithm = algorithms.ChaCha20(key, nonce + b'\0' * 8) cipher = Cipher(algorithm, mode=None, backend=default_backend()) encryptor = cipher.encryptor() while True: yield from encryptor.update(_EMPTY_BLOCK)
def read(args, action):
# read the file
with contextlib.closing(FileDecryptor(args.archive,
None)) as fd: # no decryptor yet
# parse the header
header = HEADER.parse(fd.read_aad(HEADER.sizeof()))
# setup encryption
kdf_params = header['kdf_params']
kdf = Scrypt(salt=kdf_params['salt'],
length=32,
n=kdf_params['n'],
r=kdf_params['r'],
p=kdf_params['p'],
backend=BACKEND)
key = kdf.derive(get_password().encode('utf-8'))
logging.debug(f'[read()] key={key.hex()}')
cipher_params = header['cipher_params']
cipher = Cipher(algorithms.ChaCha20(key, cipher_params['nonce']),
modes.Poly1305(),
backend=BACKEND)
fd.init(cipher.decryptor())
# read the tag
fd.read_tag()
# read the archive
tar = tarfile.open(fileobj=fd, mode='r|*')
action(tar)
def encrypt(message: bytes, pk_receiver: EncryptionPublicKey) -> bytes:
"""
Encrypts a string message under a ec25519 public key by using a custom
dhaes-based scheme. See: https://eprint.iacr.org/1999/007
"""
assert \
len(message) == NOTE_LENGTH_BYTES, \
f"expected message length {NOTE_LENGTH_BYTES}, saw {len(message)}"
# Generate ephemeral keypair
eph_keypair = generate_encryption_keypair()
# Compute shared secret and eph key
shared_key = _exchange(eph_keypair.k_sk, pk_receiver)
pk_sender_bytes = encode_encryption_public_key(eph_keypair.k_pk)
# Generate key material
sym_key, mac_key = _kdf(pk_sender_bytes, shared_key)
# Generate symmetric ciphertext
# Chacha encryption
algorithm = algorithms.ChaCha20(sym_key, _SYM_NONCE_VALUE)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
sym_ciphertext = encryptor.update(message)
# Generate mac
mac = poly1305.Poly1305(mac_key)
mac.update(sym_ciphertext)
tag = mac.finalize()
# Arrange ciphertext
return pk_sender_bytes + sym_ciphertext + tag
def decryption(self, data,iv=None,tag=None,nonce=None):
backend = default_backend()
cipher = None
block_size = 0
if self.symmetric_cipher!='ChaCha20':
if self.cipher_mode == 'ECB':
mode = modes.ECB()
elif self.cipher_mode == 'GCM':
mode = modes.GCM(iv,tag)
elif self.cipher_mode == 'CBC':
if iv is not None:
mode = modes.CBC(iv)
if self.symmetric_cipher == 'AES':
block_size = algorithms.AES(self.symmetric_key).block_size
cipher = Cipher(algorithms.AES(self.symmetric_key), mode, backend=backend)
elif self.symmetric_cipher == '3DES':
block_size = algorithms.TripleDES(self.symmetric_key).block_size
cipher = Cipher(algorithms.TripleDES(self.symmetric_key), mode, backend=backend)
elif self.symmetric_cipher == 'ChaCha20':
algorithm = algorithms.ChaCha20(self.symmetric_key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
else:
raise Exception("Mode not found")
decryptor = cipher.decryptor()
ct = decryptor.update(data)+decryptor.finalize()
if self.cipher_mode=='GCM' or self.symmetric_cipher=='ChaCha20':
return ct
return ct[:-ct[-1]]
def decrypt_ChaCha20(key, nonce, data_encrypted):
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None)
decryptor = cipher.decryptor()
info = decryptor.update(data_encrypted)
return info
def decryption_file(self, block, nonce, key):
cipher = Cipher(algorithms.ChaCha20(key, nonce),
mode=None,
backend=default_backend())
decryptor = cipher.decryptor()
data = decryptor.update(block) + decryptor.finalize()
return data
def sym_decrypt_ChaCha(key, data):
nonce = b'1111111111111111'
algo = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algo, mode=None, backend=default_backend())
decryptor = cipher.decryptor()
pt = decryptor.update(data)
return pt
def encrypt_message(self, text, key):
"""Encrypts message with a symmetric key"""
iv = os.urandom(16)
cipher = None
algorithm, iv = None, None
mode = None
enc_shared_key = key[len(key) // 2:]
if self.cipher == 'AES':
algorithm = algorithms.AES(enc_shared_key)
elif self.cipher == '3DES':
algorithm = algorithms.TripleDES(enc_shared_key)
else:
iv = os.urandom(16)
algorithm = algorithms.ChaCha20(enc_shared_key, iv)
logger.error('Algorithm not suported')
if self.cipher != 'ChaCha20':
# with ChaCha20 we do not pad the data
iv = os.urandom(algorithm.block_size // 8)
if self.ciphermode == 'CBC':
mode = modes.CBC(iv)
elif self.ciphermode == 'CTR':
mode = modes.CTR(iv)
padder = padding.PKCS7(algorithm.block_size).padder()
padded_data = padder.update(text)
padded_data += padder.finalize()
text = padded_data
cipher = Cipher(algorithm, mode=mode)
encryptor = cipher.encryptor()
cryptogram = encryptor.update(text) + encryptor.finalize()
return cryptogram, iv
def encryptWithDH(data, key):
nonce = os.urandom(16)
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
ct = encryptor.update(data)
return ct, nonce
def encrypt(self) -> None:
to_encrypt = open(self.file_name, 'rb').read()
if "CHACHA20" in self.cipher:
self.iv = os.urandom(16)
algorithm = algorithms.ChaCha20(self.key, self.iv)
c = Cipher(algorithm, mode=None, backend=default_backend())
text = self.chacha_encrypt(to_encrypt, c)
elif "AES" in self.cipher and self.mode == 'GCM':
self.iv = os.urandom(12)
c = Cipher(algorithms.AES(self.key),
modes.GCM(self.iv),
backend=default_backend())
text = self.aes_encrypt(to_encrypt, c)
elif "AES" in self.cipher and self.mode == 'CBC':
self.iv = os.urandom(16)
c = Cipher(algorithms.AES(self.key),
modes.CBC(self.iv),
backend=default_backend())
text = self.aes_encrypt(to_encrypt, c)
mac = self.generate_mac(text)
message = {
'type': 'IV & MAC',
'data': base64.b64encode(self.iv + mac).decode()
}
self._send(message)
def __getPolyKey(self, key):
cipher = Cipher(algo.ChaCha20(key, self._nonceCounter), None, defb())
cipher = cipher.encryptor()
key = cipher.update(
b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
)
return key
def decrypt_message(self, cryptogram, iv, key):
"""Decrypts messages with a symmetric key"""
cipher = None
algorithm = None
mode = None
enc_shared_key = key[len(key) // 2:]
if self.cipher == 'AES':
algorithm = algorithms.AES(enc_shared_key)
elif self.cipher == '3DES':
algorithm = algorithms.TripleDES(enc_shared_key)
elif self.cipher == 'ChaCha20':
# in this case the nonce is the iv
if iv != None:
algorithm = algorithms.ChaCha20(enc_shared_key, iv)
else:
logger.debug('Algorithm not suported')
# with ChaCha20 we do not pad the data
if self.ciphermode == 'CBC':
mode = modes.CBC(iv)
elif self.ciphermode == 'CTR':
mode = modes.CTR(iv)
cipher = Cipher(algorithm, mode=mode)
decryptor = cipher.decryptor()
if self.cipher == 'ChaCha20':
return decryptor.update(cryptogram) + decryptor.finalize()
else:
padded_data = decryptor.update(cryptogram) + decryptor.finalize()
unpadder = padding.PKCS7(algorithm.block_size).unpadder()
text = unpadder.update(padded_data)
text += unpadder.finalize()
return text
def derive_poly1305_key(ckey: bytes, nonce: bytes) -> bytes:
"""Generate a poly1305 key.
Args:
ckey (bytes): The key used for the cipher
nonce (bytes): The nonce used for the cipher. It must be 12 bytes.
Returns:
bytes: A Poly1305 key.
Raises:
ValueError: If the length of nonce is not equal to 8 or 12 bytes.
"""
if len(nonce) not in (8, 12):
raise ValueError("Poly1305 key must be 16 bytes long.")
if len(nonce) == 8:
nonce = bytes(4) + nonce
crp = Cipher(
algo.ChaCha20(ckey,
bytes(4) + nonce),
None,
defb(),
).encryptor()
return crp.update(bytes(32))
def reset(self):
cipher = Cipher(
algorithms.ChaCha20(self._key, self._nonce),
mode=None,
backend=default_backend(),
)
self._encryptor = cipher.encryptor()
self._decryptor = cipher.decryptor()
def chacha20Encrypt(self, text, key, nonce):
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
encryptedText = encryptor.update(text)
return encryptedText
def decrypt(text, key, nonce):
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
decryptor = cipher.decryptor()
decryptedText = decryptor.update(text)
return decryptedText
def sym_encrypt_ChaCha(key, data):
nonce = b'1111111111111111'
data = bytes(data, "utf-8")
algo = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algo, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
ct = encryptor.update(data)
return ct
def encrypt_ChaCha20(key, info):
nonce = os.urandom(16)
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None)
encryptor = cipher.encryptor()
data_encrypted = encryptor.update(info)
return data_encrypted, nonce
def cryptography_chacha20(keysize=32, data_size=1024):
plaintext = get_random_bytes(data_size * 1024)
key = get_random_bytes(keysize)
nonce = get_random_bytes(16)
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
_ = encryptor.update(plaintext)
def enc(d, e): #d=k e=mensagem
nonce = b"0" * 16 #os.urandom(16)
algorithm = algorithms.ChaCha20(d, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
encryptor = cipher.encryptor()
data = e.encode() #Mensagem é string. Passamos para byte
ct = encryptor.update(data) #este é o criptograma
return ct
def text_decryptor(main_key, secret_text, nonce):
text_hash = generate_hash(main_key)
# print(text_hash)
algorithm = algorithms.ChaCha20(text_hash.encode(), nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
decryptor = cipher.decryptor()
return decryptor.update(secret_text)
def Enc(self, key, plaintext):
algoritmo = algorithms.ChaCha20(key[0:32], os.urandom(16))
chacha20 = Cipher(algoritmo, mode=None, backend=self.backend)
c = chacha20.encryptor()
c1 = c.update(plaintext)
h = hmac.HMAC(key[32:64], hashes.SHA256(), backend=default_backend())
h.update(plaintext)
c2 = h.finalize()
return (c2 + c1)
def test_vectors(self, vector, backend):
key = binascii.unhexlify(vector["key"])
nonce = binascii.unhexlify(vector["nonce"])
ibc = struct.pack("<i", int(vector["initial_block_counter"]))
pt = binascii.unhexlify(vector["plaintext"])
encryptor = Cipher(algorithms.ChaCha20(key, ibc + nonce), None,
backend).encryptor()
computed_ct = encryptor.update(pt) + encryptor.finalize()
assert binascii.hexlify(computed_ct) == vector["ciphertext"]
def test_buffer_protocol(self, backend):
key = bytearray(os.urandom(32))
nonce = bytearray(os.urandom(16))
cipher = Cipher(algorithms.ChaCha20(key, nonce), None, backend)
enc = cipher.encryptor()
ct = enc.update(bytearray(b"hello")) + enc.finalize()
dec = cipher.decryptor()
pt = dec.update(ct) + dec.finalize()
assert pt == b"hello"
def __init__(self, human2alien, key, nonce):
self.m2e_dic = human2alien
self.e2m_dic = {}
for m in self.m2e_dic.keys():
self.e2m_dic[self.m2e_dic[m]] = m
algorithm = algorithms.ChaCha20(key, nonce)
self.cipher = Cipher(algorithm, mode=None, backend=default_backend())
def dechachacry(data, salt, nonce):
keyraw = salt + bytes(getpass(), "UTF-8")
key = hashes.Hash(hashes.BLAKE2s(32), backend=default_backend())
key.update(keyraw)
key = key.finalize()
algorithm = algorithms.ChaCha20(key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
decrypt = cipher.decryptor()
return decrypt.update(data)
def file_encryption(self, data):
backend = default_backend()
cipher = None
block_size = 0
mode = None
if self.symmetric_cipher != 'ChaCha20':
if self.cipher_mode == 'ECB':
mode = modes.ECB()
elif self.cipher_mode == 'GCM':
self.iv = os.urandom(16)
mode = modes.GCM(self.iv)
elif self.cipher_mode == 'CBC':
if self.symmetric_cipher == '3DES':
self.iv = os.urandom(8)
elif self.symmetric_cipher == 'AES':
self.iv = os.urandom(16)
mode = modes.CBC(self.iv)
if self.symmetric_cipher == 'AES':
block_size = algorithms.AES(self.symmetric_key).block_size
cipher = Cipher(algorithms.AES(self.symmetric_key),
mode,
backend=backend)
elif self.symmetric_cipher == '3DES':
block_size = algorithms.TripleDES(self.symmetric_key).block_size
cipher = Cipher(algorithms.TripleDES(self.symmetric_key),
mode,
backend=backend)
elif self.symmetric_cipher == 'ChaCha20':
nonce = os.urandom(16)
algorithm = algorithms.ChaCha20(self.symmetric_key, nonce)
cipher = Cipher(algorithm, mode=None, backend=default_backend())
else:
raise Exception("Symmetric cipher not found")
encryptor = cipher.encryptor()
if self.cipher_mode != 'GCM' and self.symmetric_cipher != 'ChaCha20':
padding = block_size - len(data) % block_size
padding = 16 if padding and self.symmetric_cipher == 'AES' == 0 else padding
padding = 8 if padding and self.symmetric_cipher == '3DES' == 0 else padding
data += bytes([padding] * padding)
criptogram = encryptor.update(data)
elif self.symmetric_cipher == 'ChaCha20':
criptogram = encryptor.update(data)
self.nonce = nonce
else:
criptogram = encryptor.update(data) + encryptor.finalize()
self.gcm_tag = encryptor.tag
return criptogram
def init_chacha20(self, random_seed=None):
if random_seed:
self.__random_seed = random_seed
else:
self.generate_random_seed()
algorithm = algorithms.ChaCha20(self.__random_seed[0:32],
self.__random_seed[32:])
self.__cipher = Cipher(algorithm, mode=None, backend=default_backend())
self.__encryptor = self.__cipher.encryptor()
self.__decryptor = self.__cipher.decryptor()
def chacha20_encrypt(key, nonce, message):
counter = bytes([1, 0, 0, 0])
#Annoyingly, PyCA only accepts sixteen-byte nonces.
#Internally, the first four bytes of the nonce are
#treated as the 32-bit (little-endian) counter input to the block function;
#concatenating them this way seems to work (per RFC 7539 test vectors)
cha = algorithms.ChaCha20(key, counter + nonce)
enc = Cipher(cha, mode=None, backend=default_backend()).encryptor()
ct = enc.update(message)
return ct
