def decrypt(self, enc): """ Decryption algorithm. Decrypt raw message only if length > 2. Padding is not working for lenght less than 2. """ decrypted = "{}" print("Decrypting", enc) try: if enc and len(enc) > 2: enc = base64.b64decode(enc) print("Encrypted string: ", enc) if len(enc) % BS != 0: enc = self._pad(enc) cipher = Decrypter(AESModeOfOperationECB(self._key), padding=PADDING_NONE) decrypted = cipher.feed(enc) + cipher.feed() return decrypted.decode("utf8").rstrip(chr(0)) return decrypted except UnicodeDecodeError as err: _LOGGER.error(f"Unable to decrypt: {decrypted} with error: {err}") print("CAN'T DECRYPT") except Exception as err: print("ERROR ENCRYPTION")
def decrypt(self, enc): # trying to decrypt empty data fails if not enc: return "" enc = base64.b64decode(enc) cipher = Decrypter(AESModeOfOperationECB(self.key), padding=PADDING_NONE) decrypted = cipher.feed(enc) + cipher.feed() return decrypted.decode("utf8").rstrip(chr(0))
def _set_session_key(self): kex = KeyExchange() resp = self._api_put('security', {'diffie': kex.get_public_key()}, False) tmp_key = kex.get_exchanged_key(resp['hellman']) dec = Decrypter(AESModeOfOperationCBC(tmp_key)) self.session_key += dec.feed(bytes.fromhex(resp['key'])) self.session_key += dec.feed()
def aes_decrypt_with_iv(key, iv, data): if AES: cipher = AES.new(key, AES.MODE_CBC, iv) data = cipher.decrypt(data) else: aes_cbc = AESModeOfOperationCBC(key, iv=iv) aes = Decrypter(aes_cbc, PADDING_NONE) data = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer return _strip_PKCS7_padding(data)
def decrypt(self, edata: bytes) -> bytes: if not self._password_hash: raise Exception('You need to call .init() for first') elif not isinstance(edata, bytes): raise Exception('edata must be bytes') else: aes_cbc = Decrypter( AESModeOfOperationCBC(self._password_hash, self.__iv)) decrypted = aes_cbc.feed(edata) decrypted += aes_cbc.feed() return strip_PKCS7_padding(decrypted)
def decrypt(self, enc): # trying to decrypt empty data fails if not enc: return "" enc = base64.b64decode(enc) cipher = Decrypter(AESModeOfOperationECB(self.key), padding=PADDING_NONE) decrypted = cipher.feed(enc) + cipher.feed() try: r = decrypted.decode("utf8").rstrip(chr(0)) except UnicodeDecodeError as e: raise SystemError("Decryption error (%s). Wrong password?", e) return r
def decrypt(self, edata: bytes) -> bytes: if not self._scrypt_key: raise Exception('You need to call .init() for first') elif not isinstance(edata, bytes): raise Exception('edata must be bytes') else: iv = edata[-16:] edata = edata[:-16] # LAST 16 BYTES OF ENCRYPTED DATA IS IV ! aes_cbc = Decrypter(AESModeOfOperationCBC(self._scrypt_key, iv)) decrypted = aes_cbc.feed(edata) decrypted += aes_cbc.feed() try: return strip_PKCS7_padding(decrypted) except ValueError: return decrypted # no padding
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes, padding: str = "default") -> bytes: """Decrypts data encrypted in cipher block chaining mode of operation. Args: key: The AES key used at encryption. iv: The initialization vector used at encryption. encrypted_data: The encrypted data to decrypt. padding: Can be ``default`` or ``none`` (Default: default) Returns: The decrypted data. """ decrypter = Decrypter(AESModeOfOperationCBC(key, iv), padding=padding) decrypted = decrypter.feed(encrypted_data) + decrypter.feed() return decrypted
def decrypt(self, enc): """ Decryption algorithm. Decrypt raw message only if length > 2. Padding is not working for lenght less than 2. """ try: if enc and len(enc) > 2: enc = base64.b64decode(enc) if len(enc) % self._bs != 0: enc = self._pad(enc) cipher = Decrypter(AESModeOfOperationECB(self._key), padding=PADDING_NONE) decrypted = cipher.feed(enc) + cipher.feed() return decrypted.decode("utf8").rstrip(chr(0)) return "{}" except Exception as err: raise EncryptionException(f"Unable to decrypt: {err}")
def decrypt(self, token, ttl=None): if not isinstance(token, bytes): raise TypeError("token must be bytes.") current_time = int(time.time()) try: data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken # Doing data[0] results in a int bring returned, so we use data[0:1] if not data or data[0:1] != b'\x80': raise InvalidToken try: timestamp, = struct.unpack(">Q", data[1:9]) except struct.error: raise InvalidToken if ttl is not None: if timestamp + ttl < current_time: raise InvalidToken if current_time + _MAX_CLOCK_SKEW < timestamp: raise InvalidToken hmactext = hmac.new(self._signing_key, b'', hashlib.sha256) hmactext.update(data[:-32]) # if not hmac.compare_digest(hmactext.digest(), data[-32:]): # raise InvalidToken iv = data[9:25] ciphertext = data[25:-32] decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv)) try: plaintext = decryptor.feed(ciphertext) plaintext += decryptor.feed() except ValueError: raise InvalidToken return plaintext
def decrypt(self, token, ttl=None): if not isinstance(token, bytes): raise TypeError("token must be bytes.") current_time = int(time.time()) try: data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken if not data or data[0] != 0x80: raise InvalidToken try: timestamp, = struct.unpack(">Q", data[1:9]) except struct.error: raise InvalidToken if ttl is not None: if timestamp + ttl < current_time: raise InvalidToken if current_time + _MAX_CLOCK_SKEW < timestamp: raise InvalidToken hmactext = hmac.new(self._signing_key, digestmod='sha256') hmactext.update(data[:-32]) if not hmac.compare_digest(hmactext.digest(), data[-32:]): raise InvalidToken iv = data[9:25] ciphertext = data[25:-32] decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv)) try: plaintext = decryptor.feed(ciphertext) plaintext += decryptor.feed() except ValueError: raise InvalidToken return plaintext
def decrypt(self, token, ttl=None): if not isinstance(token, bytes): raise TypeError("token must be bytes.") current_time = int(time.time()) try: data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken if not data or data[0] != 0x80: raise InvalidToken try: timestamp, = struct.unpack(">Q", data[1:9]) except struct.error: raise InvalidToken if ttl is not None: if timestamp + ttl < current_time: raise InvalidToken if current_time + _MAX_CLOCK_SKEW < timestamp: raise InvalidToken h = HMAC.new(self._signing_key, digestmod='sha256') h.update(data[:-32]) if not HMAC.compare_digest(h.digest(), data[-32:]): raise InvalidToken iv = data[9:25] ciphertext = data[25:-32] decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv)) try: plaintext = decryptor.feed(ciphertext) plaintext += decryptor.feed() except ValueError: raise InvalidToken return plaintext
def decrypt(self, enc): """ Decryption algorithm. Decrypt raw message only if length > 2. Padding is not working for lenght less than 2. """ try: if enc and len(enc) > 2: enc = base64.b64decode(enc) if len(enc) % self._bs != 0: enc = self._pad(enc) print("added padding by ourselves") else: print("padding already", len(enc) % self._bs) print(enc) cipher = Decrypter(AESModeOfOperationECB(self._key), padding=PADDING_NONE) decrypted = cipher.feed(enc) + cipher.feed() print(decrypted) return decrypted.decode("utf8").rstrip(chr(0)) return "{}" except Exception as err: pass
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes) -> str: decrypter = Decrypter(AESModeOfOperationCBC(key, iv)) decrypted = decrypter.feed(encrypted_data) + decrypter.feed() return decrypted.decode("utf-8")
def decrypt_data(key, data): decrypter = Decrypter(AESModeOfOperationCBC(key, iv=data[:16])) plain = decrypter.feed(data[16:]) plain += decrypter.feed() return plain
def _decrypt(self, encrypted_message): dec = Decrypter(AESModeOfOperationCBC(self.session_key)) message = dec.feed(b64decode(encrypted_message)) message += dec.feed() return json.loads(message[2:].decode())