-
Notifications
You must be signed in to change notification settings - Fork 1
/
cryptomodule.py
executable file
·173 lines (147 loc) · 4.86 KB
/
cryptomodule.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!/usr/bin/python3
import base64
import pickle
import bz2
from Crypto.Hash import SHA512
from Crypto.Cipher import AES
from Crypto.Cipher import PKCS1_OAEP
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA
from Crypto import Random
from Crypto.IO import PEM
from Crypto.Util.Padding import pad, unpad
class RSA_key():
def __init__(self):
self.hasprivate = None
self.size = None
def gen_key(self, size):
import time
self.size = size
t = time.time()
print('Generating', size, 'bit key')
rand = Random.new().read
self.private_key = RSA.generate(size, rand)
self.public_key = self.private_key.publickey()
self.hasprivate = True
t2=time.time()
print('Generation Time', t2-t)
def export_private_key(self, passphrase=None):
if not passphrase:
print('Warning: exporting private key unencrypted')
data = self.private_key.exportKey().decode("utf-8")
else:
data = self.private_key.exportKey(passphrase=passphrase).decode("utf-8")
return str(data)
def export_public_key(self):
data = self.public_key.exportKey().decode("utf-8")
return str(data)
def _import(self,key):
if key.has_private:
self.private_key = key
self.public_key = key.publickey()
self.hasprivate = True
else:
self.public_key = key
self.private_key = None
self.hasprivate = False
self.size = key.size
def import_key_file(self,filename,passphrase=None):
with open(filename, "r",encoding='utf-8') as file:
content = file.read()
key = RSA.importKey(content, passphrase=passphrase)
self._import(key)
def import_key(self,data):
key = RSA.importKey(data)
self._import(key)
def sign_hash(self,data):
if self.private_key.can_sign():
signer = PKCS1_v1_5.new(self.private_key)
signature = signer.sign(data)
else:
raise Exception
return signature
def verify_hash(self, data, signature):
verifier = PKCS1_v1_5.new(self.public_key)
verify = verifier.verify(data, signature)
return verify
def encrypt(self, data):
if self.public_key.can_encrypt():
cipher = PKCS1_OAEP.new(self.public_key, hashAlgo= SHA512)
encdata = cipher.encrypt(data)
del cipher
else:
raise Exception
return encdata
def decrypt(self, data):
cipher = PKCS1_OAEP.new(self.private_key, hashAlgo= SHA512)
decdata = cipher.decrypt(data)
del cipher
return decdata
def AESencrypt(data, key, iv, binary=False):
cipher = AES.new(key, AES.MODE_CBC, iv)
if binary:
bytedata = data
else:
try:
bytedata = bytes(data.decode(),'utf-8')
except:
bytedata = bytes(data,'utf-8')
padded = pad(bytedata,16)
encrypted = cipher.encrypt(padded)
del cipher
return encrypted
def AESdecrypt(data, key, iv, binary=False):
cipher = AES.new(key, AES.MODE_CBC, iv)
dec = cipher.decrypt(data)
unpadded = unpad(dec,16)
decrypted = unpadded
del cipher
if binary:
return decrypted
else:
return str(decrypted,'utf-8')
def rsaaes_encrypt(my_key, destination_key, message, isfile=False):
aeskey = Random.new().read(32)
iv = Random.new().read(AES.block_size)
hash = SHA512.new()
if isfile:
hash.update(message)
msg = message
else:
hash.update(bytes(message,'utf-8'))
msg = bytes(message,'utf-8')
signer = PKCS1_v1_5.new(my_key.private_key)
signature = signer.sign(hash)
data = {"iv": iv,
'hash': hash.hexdigest(),
'sign': signature,
'key': destination_key.encrypt(aeskey),
'msg': AESencrypt(msg, aeskey, iv, isfile)
}
del aeskey
del iv
del signer
if isfile:
return pickle.dumps(data)
else:
return base64.b64encode(pickle.dumps(data))
def rsaaes_decrypt(my_key, sender_key, encdata, isfile=False):
if isfile:
data = pickle.loads(encdata)
else:
data = pickle.loads(base64.b64decode(encdata))
iv = data['iv']
aeskey = my_key.decrypt(data['key'])
decmsg = AESdecrypt(data['msg'], aeskey, iv, isfile)
hash = SHA512.new()
if isfile:
hash.update(decmsg)
else:
hash.update(bytes(decmsg,'utf-8'))
verify = sender_key.verify_hash(hash, data['sign'])
returnme = {
'msg':decmsg,
'verify':verify,
'hash':hash.hexdigest()
}
return returnme