def _encrypt(self): """ Rebuild the master key from header settings and key-hash list. Encrypt the stream start bytes and the out-buffer formatted as hashed block stream with padding added as needed. """ # rebuild master key from (possibly) updated header self._make_master_key() # make hashed block stream block_buffer = HashedBlockIO() block_buffer.write(self.out_buffer.read()) # data is buffered in hashed block io, start a new one self.out_buffer = io.BytesIO() # write start bytes (for successful decrypt check) self.out_buffer.write(self.header.StreamStartBytes) # append blocked data to out-buffer block_buffer.write_block_stream(self.out_buffer) block_buffer.close() self.out_buffer.seek(0) # encrypt the whole thing with header settings and master key data = pad(self.out_buffer.read()) self.out_buffer = aes_cbc_encrypt(data, self.master_key, self.header.EncryptionIV)
def _encrypt(self): """ Rebuild the master key from header settings and key-hash list. Encrypt the stream start bytes and the out-buffer formatted as hashed block stream with padding added as needed. """ # rebuild master key from (possibly) updated header self._make_master_key() # make hashed block stream block_buffer = HashedBlockIO() block_buffer.write(self.out_buffer.read()) # data is buffered in hashed block io, start a new one self.out_buffer = io.BytesIO() # write start bytes (for successful decrypt check) self.out_buffer.write(self.header.StreamStartBytes) # append blocked data to out-buffer block_buffer.write_block_stream(self.out_buffer) block_buffer.close() self.out_buffer.seek(0) # encrypt the whole thing with header settings and master key ciphername = self.header.ciphers.get(self.header.CipherID, self.header.CipherID) if ciphername == 'AES': data = pad(self.out_buffer.read()) self.out_buffer = aes_cbc_encrypt(data, self.master_key, self.header.EncryptionIV) elif ciphername == 'Twofish': data = pad(self.out_buffer.read()) self.out_buffer = twofish_cbc_encrypt(data, self.master_key, self.header.EncryptionIV) else: raise IOError('Unsupported encryption type: %s' % codecs.encode(ciphername, 'hex'))
def _decrypt(self, stream): """ Build the master key from header settings and key-hash list. Start reading from `stream` after the header and decrypt all the data. Remove padding as needed and feed into hashed block reader, set as in-buffer. """ super(KDB4File, self)._decrypt(stream) ciphername = self.header.ciphers.get(self.header.CipherID, self.header.CipherID) if ciphername == 'AES': data = aes_cbc_decrypt(stream.read(), self.master_key, self.header.EncryptionIV) data = unpad(data) elif ciphername == 'Twofish': data = twofish_cbc_decrypt(stream.read(), self.master_key, self.header.EncryptionIV) data = unpad(data) else: raise IOError('Unsupported decryption type: %s' % codecs.encode(ciphername, 'hex')) length = len(self.header.StreamStartBytes) if self.header.StreamStartBytes == data[:length]: # skip startbytes and wrap data in a hashed block io self.in_buffer = HashedBlockIO(initial_bytes=data[length:]) # set successful decryption flag self.opened = True else: raise IOError('Master key invalid.')
def _decrypt(self, stream): """ Build the master key from header settings and key-hash list. Start reading from `stream` after the header and decrypt all the data. Remove padding as needed and feed into hashed block reader, set as in-buffer. """ super(KDB4File, self)._decrypt(stream) data = aes_cbc_decrypt(stream.read(), self.master_key, self.header.EncryptionIV) data = unpad(data) length = len(self.header.StreamStartBytes) if self.header.StreamStartBytes == data[:length]: # skip startbytes and wrap data in a hashed block io self.in_buffer = HashedBlockIO(initial_bytes=data[length:]) # set successful decryption flag self.opened = True else: raise IOError('Master key invalid.')