def encrypt(arguments):
"""Encrypt the compressed input file (minus the XZ header),
and write the result either to the output file,
or Ascii85-emcode to stdout
"""
if arguments.input_file:
source_data = arguments.input_file.read_bytes()
else:
source_data = sys.stdin.buffer.read()
#
compressed_data = lzma.compress(source_data)
if compressed_data[:8] != XZ_HEADER:
logging.error('LZMA compression failed')
return False
#
encryption_password = getpass.getpass(
'Enter encryption password: '******'utf-8')
# Encrypt using the password
temp_file = io.BytesIO()
scrypt_file = pyscrypt.ScryptFile(temp_file, encryption_password, 1024, 1,
1)
scrypt_file.write(compressed_data[8:])
scrypt_file.finalize()
if arguments.output_file:
arguments.output_file.write_bytes(temp_file.getvalue())
else:
sys.stdout.buffer.write(
base64.a85encode(temp_file.getvalue(), wrapcol=76))
sys.stdout.write('\n')
#
return True
def decrypt(arguments):
"""Decrypt the input file"""
if arguments.input_file:
source_data = arguments.input_file.read_bytes()
else:
source_data = sys.stdin.buffer.read()
#
try:
source_data = base64.a85decode(source_data)
except ValueError:
pass
#
decryption_password = getpass.getpass(
'Enter decryption password: '******'utf-8')
scrypt_file = pyscrypt.ScryptFile(io.BytesIO(source_data),
password=decryption_password)
try:
decrypted_data = scrypt_file.read()
except pyscrypt.file.InvalidScryptFileFormat as error:
logging.error('Error while decrypting input: %s', error)
return False
#
decompressed_data = lzma.decompress(XZ_HEADER + decrypted_data)
if arguments.output_file:
arguments.output_file.write_bytes(decompressed_data)
else:
sys.stdout.buffer.write(decompressed_data)
#
return True
def encrypt(arguments):
"""Encrypt the input file,
and write the result either to the output file,
or Ascii85-emcode to stdout
"""
if arguments.input_file:
source_data = arguments.input_file.read_bytes()
else:
source_data = sys.stdin.buffer.read()
#
encryption_password = getpass.getpass(
'Enter encryption password: '******'utf-8')
# Encrypt using the password
temp_file = io.BytesIO()
scrypt_file = pyscrypt.ScryptFile(temp_file, encryption_password, 1024, 1,
1)
scrypt_file.write(source_data)
scrypt_file.finalize()
if arguments.output_file:
arguments.output_file.write_bytes(temp_file.getvalue())
else:
sys.stdout.buffer.write(
base64.a85encode(temp_file.getvalue(), wrapcol=76))
sys.stdout.write('\n')
#
return True
def save():
if password == None:
print("Set up the password first!")
return
with pyscrypt.ScryptFile(filename, password, 1024, 1, 1) as f:
f.write(json.dumps(entries).encode())
def getData():
data = bytearray()
try:
with pyscrypt.ScryptFile(filename, password) as f:
data = f.read()
finally:
return data
def save_to_file(filename: str, key: bytes, contents: bytes,
N=1024, r=8, p=1):
"""Use scrypt to write and save an encrypted file.
Arguments:
filename: Name of the file to write to.
key: The key to use for encryption.
contents: The contents of the encrypted file.
N: From Scrypt, the general work factor.
r: From Scrypt, the memory cost.
p: From Scrypt, the computation cost.
Returns:
None.
"""
with pyscrypt.ScryptFile(filename, key, N, r, p) as file:
file.write(contents)
def save_keys(private_key, public_key, passphrase, priv_file, pub_file):
"""
Given private and public keys as bytes, a passphrase and paths to private
and public output files will save the keys in the appropriate file path
location. In the case of the private key, will use the scrypt module (see:
https://en.wikipedia.org/wiki/Scrypt) and the passphrase to encrypt it.
"""
with open(pub_file, 'wb') as fpub:
fpub.write(public_key)
# PyScrypt has problems using the 'with' keyword and saving content.
fp = open(priv_file, 'wb')
try:
fpriv = pyscrypt.ScryptFile(fp,
passphrase.encode('utf-8'),
N=1024,
r=1,
p=1)
fpriv.write(private_key)
finally:
fpriv.close()
def get_keys(passphrase, priv_file=None, pub_file=None):
"""
Will return a string representation of both the private and public
RSA keys found in the locations specified by priv_file and pub_file args.
Since the private key is password protected the passphrase argument is
used to decrypt it. If no file paths are given then sane default
location and names are used.
"""
if not pub_file:
pub_file = os.path.join(data_dir(), '{}.pub'.format(APPNAME))
if not priv_file:
priv_file = os.path.join(data_dir(), '{}.scrypt'.format(APPNAME))
pub = open(pub_file, 'rb').read()
try:
with pyscrypt.ScryptFile(priv_file, passphrase.encode('utf-8')) as f:
priv = f.read()
except InvalidScryptFileFormat:
# Make the exception a bit more human.
msg = 'Unable to read private key file. Check your passphrase!'
raise ValueError(msg)
return (priv, pub)
def read_from_file(filename: str, key: bytes) -> bytes:
"""Read the contents of a file when given a specific key."""
with pyscrypt.ScryptFile(filename, key) as file:
return file.read()
