def _get_decryption_info(key: bytes, iv: bytes,
sha256: SHA256.SHA256Hash) -> EncryptedFile:
return EncryptedFile(
version="v2",
iv=unpaddedbase64.encode_base64(iv + b"\x00" * 8),
hashes={"sha256": unpaddedbase64.encode_base64(sha256.digest())},
key=JSONWebKey(key_type="oct",
algorithm="A256CTR",
extractable=True,
key_ops=["encrypt", "decrypt"],
key=unpaddedbase64.encode_base64(key, urlsafe=True)))
def _get_decryption_info_dict(key: bytes, iv: bytes,
sha256: SHA256.SHA256Hash) -> Dict[str, Any]:
json_web_key = {
"kty": "oct",
"alg": "A256CTR",
"ext": True,
"k": unpaddedbase64.encode_base64(key, urlsafe=True),
"key_ops": ["encrypt", "decrypt"],
}
return {
"v": "v2",
"key": json_web_key,
# Send IV concatenated with counter
"iv": unpaddedbase64.encode_base64(iv + b"\x00" * 8),
"hashes": {
"sha256": unpaddedbase64.encode_base64(sha256.digest()),
},
}
def pkcs1_v1_5_encode(msg_hash: SHA256.SHA256Hash, emLen: int) -> bytes:
# this code is copied from EMSA_PKCS1_V1_5_ENCODE
# https://github.com/dlitz/pycrypto/blob/v2.7a1/lib/Crypto/Signature/PKCS1_v1_5.py#L173
digestAlgo = DerSequence([ DerObjectId(msg_hash.oid).encode() ])
#if with_hash_parameters:
if True:
digestAlgo.append(DerNull().encode())
digest = DerOctetString(msg_hash.digest())
digestInfo = DerSequence([
digestAlgo.encode(),
digest.encode()
]).encode()
# We need at least 11 bytes for the remaining data: 3 fixed bytes and
# at least 8 bytes of padding).
if emLen<len(digestInfo)+11:
raise TypeError("Selected hash algorith has a too long digest (%d bytes)." % len(digest))
PS = b'\xFF' * (emLen - len(digestInfo) - 3)
return b'\x00\x01' + PS + b'\x00' + digestInfo