示例#1
0
 def decrypt(self, data, ciphername='aes-256-cbc'):
     """
     Decrypt data with ECIES method using the local private key
     """
     blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
     iv = data[:blocksize]
     i = blocksize
     curve, pubkey_x, pubkey_y, i2 = ECC._decode_pubkey(data[i:])
     i += i2
     ciphertext = data[i:len(data) - 32]
     i += len(ciphertext)
     mac = data[i:]
     key = sha512(self.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     """
     pyelliptic was changed slightly so that the hmac covers the
     iv and pubkey. So let's have an upgrade period where we support
     both the old and the new hmac'ing algorithms.
     https://github.com/yann2192/pyelliptic/issues/17
     """
     if hmac_sha256(key_m, ciphertext) != mac:
         if hmac_sha256(key_m, data[:len(data) - 32]) != mac:
             raise RuntimeError("Fail to verify data")
     ctx = Cipher(key_e, iv, 0, ciphername)
     return ctx.ciphering(ciphertext)
示例#2
0
 def decrypt(self, data, ciphername="aes-256-cbc"):
     """
     Decrypt data with ECIES method using the local private key
     """
     blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
     iv = data[:blocksize]
     i = blocksize
     curve, pubkey_x, pubkey_y, i2 = ECC._decode_pubkey(data[i:])
     i += i2
     ciphertext = data[i : len(data) - 32]
     i += len(ciphertext)
     mac = data[i:]
     key = sha512(self.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     """
     pyelliptic was changed slightly so that the hmac covers the
     iv and pubkey. So let's have an upgrade period where we support
     both the old and the new hmac'ing algorithms.
     https://github.com/yann2192/pyelliptic/issues/17
     """
     if hmac_sha256(key_m, ciphertext) != mac:
         if hmac_sha256(key_m, data[: len(data) - 32]) != mac:
             raise RuntimeError("Fail to verify data")
     ctx = Cipher(key_e, iv, 0, ciphername)
     return ctx.ciphering(ciphertext)
示例#3
0
 def raw_encrypt(data,
                 pubkey_x,
                 pubkey_y,
                 curve='sect283r1',
                 ephemcurve=None,
                 ciphername='aes-256-cbc'):
     if ephemcurve is None:
         ephemcurve = curve
     ephem = ECC(curve=ephemcurve)
     key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     pubkey = ephem.get_pubkey()
     iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
     ctx = Cipher(key_e, iv, 1, ciphername)
     import time
     if int(time.time()) < 1416175200:  # Sun, 16 Nov 2014 22:00:00 GMT
         ciphertext = ctx.ciphering(data)
     else:
         ciphertext = iv + pubkey + ctx.ciphering(
             data
         )  # Everyone should be using this line after the Bitmessage protocol v3 upgrade period
     mac = hmac_sha256(key_m, ciphertext)
     if int(time.time()) < 1416175200:  # Sun, 16 Nov 2014 22:00:00 GMT
         return iv + pubkey + ciphertext + mac
     else:
         return ciphertext + mac  # Everyone should be using this line after the Bitmessage protocol v3 upgrade period
示例#4
0
 def raw_encrypt(data, pubkey_x, pubkey_y, curve='sect283r1',
                 ephemcurve=None, ciphername='aes-256-cbc'):
     if ephemcurve is None:
         ephemcurve = curve
     ephem = ECC(curve=ephemcurve)
     key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     pubkey = ephem.get_pubkey()
     iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
     ctx = Cipher(key_e, iv, 1, ciphername)
     ciphertext = ctx.ciphering(data)
     mac = hmac_sha256(key_m, ciphertext)
     return iv + pubkey + ciphertext + mac
示例#5
0
 def raw_encrypt(data, pubkey_x, pubkey_y, curve="sect283r1", ephemcurve=None, ciphername="aes-256-cbc"):
     if ephemcurve is None:
         ephemcurve = curve
     ephem = ECC(curve=ephemcurve)
     key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     pubkey = ephem.get_pubkey()
     iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
     ctx = Cipher(key_e, iv, 1, ciphername)
     ciphertext = ctx.ciphering(data)
     # ciphertext = iv + pubkey + ctx.ciphering(data) # We will switch to this line after an upgrade period
     mac = hmac_sha256(key_m, ciphertext)
     return iv + pubkey + ciphertext + mac
示例#6
0
 def raw_encrypt(data,
                 pubkey_x,
                 pubkey_y,
                 curve='sect283r1',
                 ephemcurve=None,
                 ciphername='aes-256-cbc'):
     if ephemcurve is None:
         ephemcurve = curve
     ephem = ECC(curve=ephemcurve)
     key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     pubkey = ephem.get_pubkey()
     iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
     ctx = Cipher(key_e, iv, 1, ciphername)
     ciphertext = iv + pubkey + ctx.ciphering(data)
     mac = hmac_sha256(key_m, ciphertext)
     return ciphertext + mac
示例#7
0
 def decrypt(self, data, ciphername='aes-256-cbc'):
     """
     Decrypt data with ECIES method using the local private key
     """
     blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
     iv = data[:blocksize]
     i = blocksize
     curve, pubkey_x, pubkey_y, i2 = ECC._decode_pubkey(data[i:])
     i += i2
     ciphertext = data[i:len(data) - 32]
     i += len(ciphertext)
     mac = data[i:]
     key = sha512(self.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     if not equals(hmac_sha256(key_m, data[:len(data) - 32]), mac):
         raise RuntimeError("Fail to verify data")
     ctx = Cipher(key_e, iv, 0, ciphername)
     return ctx.ciphering(ciphertext)
示例#8
0
 def decrypt(self, data, ciphername='aes-256-cbc'):
     """
     Decrypt data with ECIES method using the local private key
     """
     blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
     iv = data[:blocksize]
     i = blocksize
     curve, pubkey_x, pubkey_y, i2 = ECC._decode_pubkey(data[i:])
     i += i2
     ciphertext = data[i:len(data)-32]
     i += len(ciphertext)
     mac = data[i:]
     key = sha512(self.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
     key_e, key_m = key[:32], key[32:]
     if hmac_sha256(key_m, ciphertext) != mac:
         raise RuntimeError("Fail to verify data")
     ctx = Cipher(key_e, iv, 0, ciphername)
     return ctx.ciphering(ciphertext)
示例#9
0
    def raw_encrypt(
        data,
        pubkey_x,
        pubkey_y,
        curve='sect283r1',
        ephemcurve=None,
        ciphername='aes-256-cbc',
    ):  # pylint: disable=too-many-arguments
        """ECHD encryption, keys supplied in binary data format"""

        if ephemcurve is None:
            ephemcurve = curve
        ephem = ECC(curve=ephemcurve)
        key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
        key_e, key_m = key[:32], key[32:]
        pubkey = ephem.get_pubkey()
        iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
        ctx = Cipher(key_e, iv, 1, ciphername)
        ciphertext = iv + pubkey + ctx.ciphering(data)
        mac = hmac_sha256(key_m, ciphertext)
        return ciphertext + mac
示例#10
0
    def raw_encrypt(data, pubkey_x, pubkey_y, curve="sect283r1", ephemcurve=None, ciphername="aes-256-cbc"):
        if ephemcurve is None:
            ephemcurve = curve
        ephem = ECC(curve=ephemcurve)
        key = sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
        key_e, key_m = key[:32], key[32:]
        pubkey = ephem.get_pubkey()
        iv = OpenSSL.rand(OpenSSL.get_cipher(ciphername).get_blocksize())
        ctx = Cipher(key_e, iv, 1, ciphername)
        import time

        if int(time.time()) < 1416175200:  # Sun, 16 Nov 2014 22:00:00 GMT
            ciphertext = ctx.ciphering(data)
        else:
            ciphertext = (
                iv + pubkey + ctx.ciphering(data)
            )  # Everyone should be using this line after the Bitmessage protocol v3 upgrade period
        mac = hmac_sha256(key_m, ciphertext)
        if int(time.time()) < 1416175200:  # Sun, 16 Nov 2014 22:00:00 GMT
            return iv + pubkey + ciphertext + mac
        else:
            return (
                ciphertext + mac
            )  # Everyone should be using this line after the Bitmessage protocol v3 upgrade period