def encrypt(self, message):
"""
ECIES
"""
# 1.Escolhe um número aleatório dB em {1,...,n − 1} e calcula Y = (x2,y2) = dB*G;
#secret key
nr_bytes = self.ec.fieldSize//8
dB = int.from_bytes(os.urandom(nr_bytes), byteorder = 'big', signed = False)
# Y=xP as public key.
Y = (self.G).multiplyPointByScalar(dB)
# 2.Calcula também K = (x3,y3) = dB*X – o segredo S entre os dois passa a ser x3;
K = (self.pkB).multiplyPointByScalar(dB)
# 3. Calcula k1 = H(X, x3) e cifra a mensagem com esta chave, i.e., c ← E(k1, m);
# Ideally, the salt value is a random (or pseudorandom) string of the length HashLen.
_hash = hashlib.sha256
_hash_len = _hash().digest_size
salt = os.urandom(_hash_len)
k1 = HKDF(salt = salt, input_key_material = format(K.x, 'x').encode(), hash=hashlib.sha256).expand(info = b'', length = 16)
k2 = HKDF(salt = salt, input_key_material = format(K.y, 'x').encode(), hash=hashlib.sha256).expand(info = b'', length = 16)
cipher = AES_Cipher()
iv, ciphertext = cipher.encrypt(message, key = k1 , pad='PKCS7')
# 4. Devolve(Y, iv, c).
# 5. Calcula o MAC(k2, c)
tag = hmac.new(k2, iv + ciphertext, _hash).digest()
# 6. Envia para o Bob (Y,iv,c,salt,tag)
return Y, iv, ciphertext, salt, tag
def test_vectors_cbc_padding():
for _key, _iv, _plaintext, _ciphertext in cbc_test_vectors_padding:
cipher = AES_Cipher()
iv, ciphertext = cipher.encrypt(_plaintext,
key=_key,
iv=_iv,
pad='PKCS7')
assert binascii.hexlify(ciphertext) == _ciphertext.encode()
def test_vectors_aes_ctr_decrypt():
for _key, _counter, _plaintext, _ciphertext in ctr_test_vectors:
cipher = AES_Cipher()
plaintext = cipher.decrypt(_ciphertext,
key=_key,
iv=_counter,
mode=6,
pad='none')
assert binascii.hexlify(plaintext) == _plaintext.encode()
def test_cbc_no_padd():
cipher = AES_Cipher()
iv, ciphertext = cipher.encrypt('Secret Message A',
key='abcdefghijklmnop',
iv='000102030405060708089a0b0c0d0e0f',
pad='none')
plaintext = cipher.decrypt(ciphertext,
key='abcdefghijklmnop',
iv='000102030405060708089a0b0c0d0e0f',
pad='none')
assert plaintext == 'Secret Message A'.encode()
def decrypt(self, Y, iv, ciphertext, salt, tag):
"""
"""
# O algoritmo de decifra D(sk,(Y,c,t)) atua da seguinte forma:
#1. Deriva o ponto comum K = (x3,y3) = Y * X – o segredo S entre os dois passa a ser x3;
try:
K = Y.multiplyPointByScalar(self.sk)
except AttributeError as err:
print('Excepting and integer.')
#2. Usa a função KDF para derivar duas chaves k1 e k2, uma para decifrar, outra para verificar o MAC;
k1 = HKDF(salt = salt, input_key_material = format(K.x, 'x').encode(), hash=hashlib.sha256).expand(info = b'', length = 16)
k2 = HKDF(salt = salt, input_key_material = format(K.y, 'x').encode(), hash=hashlib.sha256).expand(info = b'', length = 16)
#3. Verifica o MAC e debita falha se t' !=g MAC(k2, c);
tag1 = hmac.new(k2, iv + ciphertext, hashlib.sha256).digest()
if not hmac.compare_digest(tag,tag1):
raise MACError
#4. Decifra m a partir de c e usando k1, i.e., m = D(k1,c).
cipher = AES_Cipher()
plaintext = cipher.decrypt(ciphertext, key = k1, iv = iv, pad = 'PKCS7')
#5. Devolve m.
return plaintext
def test_vectors_cbc_decrypt():
for _key, _iv, _plaintext, _ciphertext in cbc_test_vectors:
cipher = AES_Cipher()
plaintext = cipher.decrypt(_ciphertext, key=_key, iv=_iv, pad='none')
assert binascii.hexlify(plaintext) == _plaintext.encode()