def __init__(self, consumer, readkey, offset): self._consumer = consumer self._read_ev = None self._download_status = None # TODO: pycryptopp CTR-mode needs random-access operations: I want # either a=AES(readkey, offset) or better yet both of: # a=AES(readkey, offset=0) # a.process(ciphertext, offset=xyz) # For now, we fake it with the existing iv= argument. offset_big = offset // 16 offset_small = offset % 16 iv = binascii.unhexlify("%032x" % offset_big) self._decryptor = aes.create_decryptor(readkey, iv) # this is just to advance the counter aes.decrypt_data(self._decryptor, b"\x00" * offset_small)
def _decrypt_rwcapdata(self, encwrcap): salt = encwrcap[:16] crypttext = encwrcap[16:-32] key = hashutil.mutable_rwcap_key_hash(salt, self._node.get_writekey()) encryptor = aes.create_decryptor(key) plaintext = aes.decrypt_data(encryptor, crypttext) return plaintext
def write(self, ciphertext): started = now() plaintext = aes.decrypt_data(self._decryptor, ciphertext) if self._read_ev: elapsed = now() - started self._read_ev.update(0, elapsed, 0) if self._download_status: self._download_status.add_misc_event("AES", started, now()) self._consumer.write(plaintext)
def _decrypt_segment(self, segment_and_salt): """ I take a single segment and its salt, and decrypt it. I return the plaintext of the segment that is in my argument. """ segment, salt = segment_and_salt self._set_current_status("decrypting") self.log("decrypting segment %d" % self._current_segment) started = time.time() key = hashutil.ssk_readkey_data_hash(salt, self._node.get_readkey()) decryptor = aes.create_decryptor(key) plaintext = aes.decrypt_data(decryptor, segment) self._status.accumulate_decrypt_time(time.time() - started) return plaintext
def test_aes_with_iv_process_short_input(self): ''' The old code used the following patterns with AES ciphers. import os from pycryptopp.cipher.aes import AES key = = os.urandom(16) ciphertext = AES(key).process(plaintext) This test verifies that using the new AES wrapper generates the same output. ''' plaintext = b'test' expected_ciphertext = b'\x82\x0e\rt' k = aes.create_decryptor(self.AES_KEY, iv=self.IV) ciphertext = aes.decrypt_data(k, plaintext) self.assertEqual(ciphertext, expected_ciphertext)
def test_aes_with_iv_process_long_input(self): ''' The old code used the following patterns with AES ciphers. import os from pycryptopp.cipher.aes import AES key = = os.urandom(16) ciphertext = AES(key).process(plaintext) This test verifies that using the new AES wrapper generates the same output. ''' plaintext = b'hi' * 32 expected_ciphertext = ( b'\x9e\x02\x16i}WL\xbf\x83\xac\xb4K\xf7\xa0\xdf\xa3\xba!3\x15\xd3(L\xb7\xb3\x91\xbcb' b'\x97a\xdc\x100?\xf5L\x9f\xd9\xeeO\x98\xda\xf5g\x93\xa7q\xe1\xb1~\xf8\x1b\xe8[\\s' b'\x144$\x86\xeaC^f') k = aes.create_decryptor(self.AES_KEY, iv=self.IV) ciphertext = aes.decrypt_data(k, plaintext) self.assertEqual(ciphertext, expected_ciphertext)
def test_aes_no_iv_process_long_input(self): ''' The old code used the following patterns with AES ciphers. import os from pycryptopp.cipher.aes import AES key = = os.urandom(16) ciphertext = AES(key).process(plaintext) This test verifies that using the new AES wrapper generates the same output. ''' plaintext = b'hi' * 32 expected_ciphertext = ( b'cIPAY%o:\xce\xfex\x8e@^.\x90\xb1\x80a\xff\xd8^\xac\x8d\xa7/\x1d\xe6\x92\xa1\x04\x92' b'\x1f\xa1|\xd2$E\xb5\xe7\x9d\xae\xd1\x1f)\xe4\xc7\x83\xb8\xd5|dHhU\xc8\x9a\xb1\x10\xed' b'\xd1\xe7|\xd1') k = aes.create_decryptor(self.AES_KEY) ciphertext = aes.decrypt_data(k, plaintext) self.assertEqual(ciphertext, expected_ciphertext)
def test_old_start_up_test(self): """ This was the old startup test run at import time in `pycryptopp.cipher.aes`. """ enc0 = b"dc95c078a2408989ad48a21492842087530f8afbc74536b9a963b4f1c4cb738b" cryptor = aes.create_decryptor(key=b"\x00" * 32) ct = aes.decrypt_data(cryptor, b"\x00" * 32) self.assertEqual(enc0, b2a_hex(ct)) cryptor = aes.create_decryptor(key=b"\x00" * 32) ct1 = aes.decrypt_data(cryptor, b"\x00" * 15) ct2 = aes.decrypt_data(cryptor, b"\x00" * 17) self.assertEqual(enc0, b2a_hex(ct1 + ct2)) enc0 = b"66e94bd4ef8a2c3b884cfa59ca342b2e" cryptor = aes.create_decryptor(key=b"\x00" * 16) ct = aes.decrypt_data(cryptor, b"\x00" * 16) self.assertEqual(enc0, b2a_hex(ct)) cryptor = aes.create_decryptor(key=b"\x00" * 16) ct1 = aes.decrypt_data(cryptor, b"\x00" * 8) ct2 = aes.decrypt_data(cryptor, b"\x00" * 8) self.assertEqual(enc0, b2a_hex(ct1 + ct2)) def _test_from_Niels_AES(keysize, result): def fake_ecb_using_ctr(k, p): encryptor = aes.create_encryptor(key=k, iv=p) return aes.encrypt_data(encryptor, b'\x00' * 16) E = fake_ecb_using_ctr b = 16 k = keysize S = b'\x00' * (k + b) for i in range(1000): K = S[-k:] P = S[-k - b:-k] S += E(K, E(K, P)) self.assertEqual(S[-b:], a2b_hex(result)) _test_from_Niels_AES(16, b'bd883f01035e58f42f9d812f2dacbcd8') _test_from_Niels_AES(32, b'c84b0f3a2c76dd9871900b07f09bdd3e')
def _decrypt_privkey(self, enc_privkey): decryptor = aes.create_decryptor(self._writekey) privkey = aes.decrypt_data(decryptor, enc_privkey) return privkey