def __init__(self, password, method):
self._password = password
self._first_package = True
self._iv, self._iv_len = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 12
if method == 'encrypt':
self._salt = os.urandom(32)
self._key = hkdf.Hkdf(self._salt,
self._password).expand(b'ss-subkey')
elif method == 'decrypt':
self._salt = None
self._key = None
def decrypt(self, ciphertext, tag):
if self._first_package:
self._first_package = False
self._salt, ciphertext = ciphertext[:4], ciphertext[4:]
self._key = hkdf.Hkdf(self._salt,
self._password).expand(b'ss-subkey')
c1, t1, c2, t2 = ciphertext[:2], ciphertext[2:6], ciphertext[
6:-4], ciphertext[-4:]
length = self._decrypt_impl(c1, t1)
self._iv = nonce_increase(self._iv, self._iv_len)
payload = self._decrypt_impl(c2, t2)
self._iv = nonce_increase(self._iv, self._iv_len)
def __init__(self, cipher_name, key, iv, op):
self._op = int(op)
self._salt = iv
self._nlen = CIPHER_NONCE_LEN[cipher_name]
self._nonce = create_string_buffer(self._nlen)
self._tlen = CIPHER_TAG_LEN[cipher_name]
crypto_hkdf = hkdf.Hkdf(iv, key, algorithm=hashlib.sha1)
self._skey = crypto_hkdf.expand(info=SUBKEY_INFO, length=len(key))
# _chunk['mlen']:
# -1, waiting data len header
# n, n > 0, waiting data
self._chunk = {'mlen': AEAD_MSG_LEN_UNKNOWN, 'data': b''}
def __init__(self, cipher_name, key, iv, op, crypto_path=None):
self._nlen = CIPHER_NONCE_LEN[cipher_name]
self._nonce = create_string_buffer(self._nlen)
self._tlen = CIPHER_TAG_LEN[cipher_name]
crypto_hkdf = hkdf.Hkdf(iv, key, algorithm=hashlib.sha1)
self._skey = crypto_hkdf.expand(info=SUBKEY_INFO, length=len(key))
# _chunk['mlen']:
# -1, waiting data len header
# n, n > 0, waiting data
self._chunk = {'mlen': AEAD_MSG_LEN_UNKNOWN, 'data': b''}
# load libsodium for nonce increment
if not sodium_loaded:
crypto_path = dict(crypto_path) if crypto_path else dict()
path = crypto_path.get('sodium', None)
load_sodium(path)