def create_file(file_path, user_pass, mode="CTR", k_len=256):
if os.path.isfile(file_path):
message.print_error("Destination file already exists", 0)
vaultInstance = vault.Vault(mode, k_len)
call([EDITOR, file_path])
pt = read_file_as_bytes(file_path)
ct = vaultInstance.encrypt(pt, user_pass)
write_file_as_bytes(file_path, ct, vault.VaultMetadata(mode, k_len))
message.print_success("File created and encryption successful")
def prompt_password(action_type):
user_pass = getpass(PROMPT_MSG.get(action_type)[0])
user_pass1 = getpass(PROMPT_MSG.get(action_type)[1])
if action_type != "rekey":
if user_pass != user_pass1:
message.print_error("Passwords do not match", 0)
else:
return user_pass, user_pass1
else:
return user_pass, user_pass1
def parse_metadata(data):
meta = data[0:LEN_PREFIX].decode('utf-8')
meta_pattern = re.compile(r"\$PYVAULT\;AES([A-Z]+)(\d+)\;")
meta_match = meta_pattern.match(str(meta))
mode = meta_match.group(1)
if mode not in vault.Vault.support_modes:
message.print_error("Encryption Mode not supported", 0)
k_len = meta_match.group(2)
if int(k_len) not in vault.Vault.support_k_lens:
message.print_error("Key length not supported", 0)
return vault.VaultMetadata(mode, k_len), data[LEN_PREFIX:]
def decrypt(ciphertext, e_key):
ct_hmac = ciphertext[-HMAC_SIZE:]
iv = ciphertext[-(IV_SIZE+HMAC_SIZE):-HMAC_SIZE]
ciphertext = ciphertext[:-(IV_SIZE+HMAC_SIZE)]
validate = HMACUtils.validate_hmac(e_key, ciphertext, ct_hmac)
if validate:
decryptor = Cipher(
algorithms.AES(e_key),
modes.CTR(iv),
backend=BACKEND
).decryptor()
pt = decryptor.update(ciphertext) + decryptor.finalize()
return pt
else:
message.print_error("File decryption failed", 1)