def encrypto(self, payload, key, iv):
aesKey = SecretKeySpec(base64.b64decode(key), "AES")
aesIV = IvParameterSpec(base64.b64decode(iv))
cipher = Cipher.getInstance("AES/CBC/PKCS7Padding")
cipher.init(Cipher.ENCRYPT_MODE, aesKey, aesIV)
encrypted = cipher.doFinal(payload)
return Base64.getEncoder().encode(encrypted)
def decryptJython(payload, key, iv):
decoded = Base64.getDecoder().decode(payload)
aesKey = SecretKeySpec(key, "AES")
aesIV = IvParameterSpec(iv)
cipher = Cipher.getInstance("AES/CFB/NOPADDING")
cipher.init(Cipher.DECRYPT_MODE, aesKey, aesIV)
return cipher.doFinal(decoded)
def encryptJython(payload, key, iv):
aesKey = SecretKeySpec(key, "AES")
aesIV = IvParameterSpec(iv)
cipher = Cipher.getInstance("AES/CFB/NOPADDING")
cipher.init(Cipher.ENCRYPT_MODE, aesKey, aesIV)
encrypted = cipher.doFinal(payload)
return Base64.getEncoder().encode(encrypted)
def AESCipherdecrypt(self, key, enc):
enc, iv = enc.split(':')
cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING")
cipher.init(Cipher.DECRYPT_MODE, SecretKeySpec(key.decode("hex"),
"AES"),
IvParameterSpec(iv.decode("hex")))
decrypted_password = cipher.doFinal(enc.decode("hex"))
return decrypted_password.tostring()
def decrypto(self, payload, key, iv):
decoded = base64.b64decode(payload)
aesKey = SecretKeySpec(base64.b64decode(key), "AES")
aesIV = IvParameterSpec(base64.b64decode(iv))
cipher = Cipher.getInstance("AES/CBC/PKCS7Padding","BC")
cipher.init(Cipher.DECRYPT_MODE, aesKey, aesIV)
return String(cipher.doFinal(decoded))
def encrypt(payload, key):
salt = bytearray([1,2,3,4,5,6,7,8])
k2, iv2 = derive_key_and_iv(key, salt, 32, 16)
aesKey = SecretKeySpec(k2, "AES")
aesIV = IvParameterSpec(iv2)
# print key, binascii.hexlify(salt), binascii.hexlify(k2), binascii.hexlify(iv2), payload, "TESTING - ENCRYPT"
cipher = Cipher.getInstance("AES/CBC/PKCS7Padding")
cipher.init(Cipher.ENCRYPT_MODE, aesKey, aesIV)
encrypted = cipher.doFinal(payload)
out = Base64.getEncoder().encode(b'Salted__' + salt + encrypted)
# print("DEBUG enc:", out.tostring(), binascii.hexlify(salt), binascii.hexlify(k2), binascii.hexlify(iv2), key)
return out
def drm_cipher_file(transform, opmode, key, iv, name_in, name_out):
fin = open(name_in, "rb")
fout = open(name_out, "wb")
cipher = Cipher.getInstance(transform)
cipher.init(opmode, SecretKeySpec(key, 'AES'), IvParameterSpec(iv))
cache_len = 64
while True:
buf = fin.read(cache_len)
if not buf:
fout.write(cipher.doFinal())
break
buf2 = cipher.update(buf)
fout.write(buf2)
fin.close()
fout.close()
def decryptAES(self, key, encryptedStr):
# make sure key length is 16 bytes (128 bits)
if ( len(key) != 16 ):
return None
# split the encrypted string into IV and ciphertext
iv, encrypted = encryptedStr[:16], encryptedStr[16:]
# configure IV and key specification
skeySpec = SecretKeySpec(key, "AES")
ivspec = IvParameterSpec(iv)
# setup cipher
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")
cipher.init(Cipher.DECRYPT_MODE, skeySpec, ivspec)
# decrypt the plaintext
encodedBytes = base64.b64decode( b'' + encrypted )
decodedBytes = cipher.doFinal( encodedBytes )
plaintext = ''.join(chr(i) for i in decodedBytes)
return plaintext
def encryptAES(self, key, toEncrypt):
# make sure key length is 16 bytes (128 bits)
if ( len(key) != 16 ):
return None
# generate a random IV
randomSource = string.ascii_letters + string.digits
iv = ''.join(random.SystemRandom().choice(randomSource) for i in range(16))
# configure IV and key specification
skeySpec = SecretKeySpec(key, "AES")
ivspec = IvParameterSpec(iv)
# setup cipher
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivspec)
# encrypt the plaintext
encryptedBytes = cipher.doFinal( toEncrypt.encode('utf-8') )
encryptedValue = base64.b64encode( encryptedBytes )
return iv.encode("ascii") + encryptedValue
def test_jce():
if 1:
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")
cipher.init(Cipher.ENCRYPT_MODE, SecretKeySpec(key, 'AES'),
IvParameterSpec(iv))
else:
cipher = Cipher.getInstance("AES/ECB/PKCS5Padding")
cipher.init(Cipher.ENCRYPT_MODE, SecretKeySpec(key, 'AES'))
p1 = "this is a test of part one"
p2 = "now part two"
p3 = "last, part three aaaaaaa"
#s1 = cipher.update(p1)
#s2 = cipher.update(p2)
#s3 = cipher.update(p3)
#secret = cipher.doFinal()
secret = cipher.doFinal(plaintext)
print binascii.b2a_hex(secret.tostring())
def decrypt(payload, key):
decoded = Base64.getDecoder().decode(payload)
# print("Lol - decoded: ", decoded)
if decoded.tostring()[:8] != "Salted__":
print decoded.tostring()[:8]
return False
decoded = decoded[8:]
salt = decoded[:8]
k2, iv2 = derive_key_and_iv(key, salt, 32, 16)
# print key, binascii.hexlify(salt), binascii.hexlify(k2), binascii.hexlify(iv2), payload, "TESTING - DECRYPT"
aesKey = SecretKeySpec(k2, "AES")
aesIV = IvParameterSpec(iv2)
cipher = Cipher.getInstance("AES/CBC/PKCS7Padding")
cipher.init(Cipher.DECRYPT_MODE, aesKey, aesIV)
return cipher.doFinal(decoded[8:])
def __init__(self, alg, mode, key, iv=None):
modestr = _modes.get(mode, "/ECB/NoPadding")
keyspec = SecretKeySpec(key, alg)
self.__keysize = len(key)
self.IV = iv
if iv is None or mode == blockalgo.MODE_ECB:
if mode != blockalgo.MODE_ECB:
raise ValueError('mode requires an IV')
self.__cryptor = JCECipher.getInstance(alg + modestr)
self.__cryptor.init(JCECipher.ENCRYPT_MODE, keyspec)
self.__decryptor = JCECipher.getInstance(alg + modestr)
self.__decryptor.init(JCECipher.DECRYPT_MODE, keyspec)
else:
ivspec = IvParameterSpec(iv)
self.__cryptor = JCECipher.getInstance(alg + modestr)
self.__cryptor.init(JCECipher.ENCRYPT_MODE, keyspec, ivspec)
self.__decryptor = JCECipher.getInstance(alg + modestr)
self.__decryptor.init(JCECipher.DECRYPT_MODE, keyspec, ivspec)
"""
Encryption module that uses the Java Cryptography Extensions (JCE).
Note that in default installations of the Java Runtime Environment, the
maximum key length is limited to 128 bits due to US export
restrictions. This makes the generated keys incompatible with the ones
generated by pycryptopp, which has no such restrictions. To fix this,
download the "Unlimited Strength Jurisdiction Policy Files" from Sun,
which will allow encryption using 256 bit AES keys.
"""
from javax.crypto import Cipher
from javax.crypto.spec import SecretKeySpec, IvParameterSpec
import jarray
# Initialization vector filled with zeros
_iv = IvParameterSpec(jarray.zeros(16, 'b'))
def aesEncrypt(data, key):
cipher = Cipher.getInstance('AES/CTR/NoPadding')
skeySpec = SecretKeySpec(key, 'AES')
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, _iv)
return cipher.doFinal(data).tostring()
# magic.
aesDecrypt = aesEncrypt
def getKeyLength():
maxlen = Cipher.getMaxAllowedKeyLength('AES/CTR/NoPadding')
return min(maxlen, 256) / 8
Note that in default installations of the Java Runtime Environment, the
maximum key length is limited to 128 bits due to US export
restrictions. This makes the generated keys incompatible with the ones
generated by pycryptopp, which has no such restrictions. To fix this,
download the "Unlimited Strength Jurisdiction Policy Files" from Sun,
which will allow encryption using 256 bit AES keys.
"""
from warnings import warn
from javax.crypto import Cipher
from javax.crypto.spec import SecretKeySpec, IvParameterSpec
import jarray
# Initialization vector filled with zeros
_iv = IvParameterSpec(jarray.zeros(16, "b"))
def aesEncrypt(data, key):
cipher = Cipher.getInstance("AES/CTR/NoPadding")
skeySpec = SecretKeySpec(key, "AES")
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, _iv)
return cipher.doFinal(data).tostring()
# magic.
aesDecrypt = aesEncrypt
has_aes = True