Python Cipher.set_padding方法代码示例

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
def decrypt(chunk, key):
    cipher = Cipher(alg=ALG, key=key, iv=IV, op=0, key_as_bytes=0, padding=PADDING) # 0 is decrypt
    cipher.set_padding(padding=m2.no_padding)
    v = cipher.update(chunk)
    v = v + cipher.final()
    del cipher #需要删除
    return v 

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
def encrypt_sn(sn):
    m=Cipher(alg = "aes_128_cbc", key = config['passout'], iv = '\x00' * 16, op = 1)
    m.set_padding(padding=7)
    v = m.update(sn)
    v = v + m.final()
    del m
    return v

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
def decryptPasswd(buf, passKey, iv = '\x00' * 16):
    cipher = Cipher(alg='aes_128_cbc', key=passKey, iv=iv, op=0) # 0 is decrypt  
    cipher.set_padding(padding=7)
    v = cipher.update(buf)
    v = v + cipher.final()
    del cipher
    return v

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
def encrypt(chunk, key):
    cipher = Cipher(alg=ALG, key=key, iv=IV, op=1, key_as_bytes=0,padding=PADDING) # 1 is encrypt
    # padding 有时设置为1
    cipher.set_padding(padding=m2.no_padding)
    v = cipher.update(chunk)
    v = v + cipher.final()
    del cipher #需要删除
    
    return v                  

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
class M2CryptoEngine:
    K_CIPHER = None

    @classmethod
    def init_key_cipher(cls, prikey):
        cls.K_CIPHER = RSA.load_key_string(prikey)

    def __init__(self, encrypted_header=None):
        if encrypted_header:
            self.__enc_data = encrypted_header

            header = self.K_CIPHER.private_decrypt(encrypted_header, RSA.pkcs1_padding)
            secret = header[:32]
            iv = header[32:]
            op = DEC
        else:
            secret = self._get_random(32)
            iv = self._get_random(16)
            self.__enc_data = self.K_CIPHER.public_encrypt(secret+iv, RSA.pkcs1_padding)
            op = ENC

        self.__cipher = Cipher(alg='aes_128_cbc', key=secret, iv=iv, op=op)
        self.__cipher.set_padding(1)

    def _get_random(self, cnt):
        while True:
            data = Rand.rand_bytes(cnt)
            if data[0] != '\x00':
                return data

    def encrypt(self, data, finalize=False):
        end_data = self.__cipher.update(data)
        if finalize:
            end_data += self.__cipher.final()
        return end_data

    def decrypt(self, data, finalize=False):
        end_data = self.__cipher.update(data)
        if finalize:
            end_data += self.__cipher.final()
        return end_data

    def get_encrypted_header(self):
       return self.__enc_data 

# 需要导入模块: from M2Crypto.EVP import Cipher [as 别名]
# 或者: from M2Crypto.EVP.Cipher import set_padding [as 别名]
	def fetchPrivateKey(self):
		"""Fetch the private key for the user and storage context
		provided to this object, and decrypt the private key
		by using my passphrase.  Store the private key in internal
		storage for later use."""
	
		# Retrieve encrypted private key from the server
		logging.debug("Fetching encrypted private key from server")
		privKeyObj = self.ctx.get_item("keys", "privkey")
		payload = json.loads(privKeyObj['payload'])
		self.privKeySalt = base64.decodestring(payload['salt'])
		self.privKeyIV = base64.decodestring(payload['iv'])
		self.pubKeyURI = payload['publicKeyUri']

		data64 = payload['keyData']
		encryptedKey = base64.decodestring(data64)
		
		# Now decrypt it by generating a key with the passphrase
		# and performing an AES-256-CBC decrypt.
		logging.debug("Decrypting encrypted private key")
		
		passKey = PBKDF2(self.passphrase, self.privKeySalt, iterations=4096).read(32)
		cipher = Cipher(alg='aes_256_cbc', key=passKey, iv=self.privKeyIV, op=0) # 0 is DEC
		cipher.set_padding(padding=1)
		v = cipher.update(encryptedKey)
		v = v + cipher.final()
		del cipher
		decryptedKey = v

		# Result is an NSS-wrapped key.
		# We have to do some manual ASN.1 parsing here, which is unfortunate.
		
		# 1. Make sure offset 22 is an OCTET tag; if this is not right, the decrypt
		# has gone off the rails.
		if ord(decryptedKey[22]) != 4:
			logging.debug("Binary layout of decrypted private key is incorrect; probably the passphrase was incorrect.")
			raise ValueError("Unable to decrypt key: wrong passphrase?")

		# 2. Get the length of the raw key, by interpreting the length bytes
		offset = 23
		rawKeyLength = ord(decryptedKey[offset])
		det = rawKeyLength & 0x80
		if det == 0: # 1-byte length
			offset += 1
			rawKeyLength = rawKeyLength & 0x7f
		else: # multi-byte length
			bytes = rawKeyLength & 0x7f
			offset += 1
			
			rawKeyLength = 0
			while bytes > 0:
				rawKeyLength *= 256
				rawKeyLength += ord(decryptedKey[offset])
				offset += 1
				bytes -= 1

		# 3. Sanity check
		if offset + rawKeyLength > len(decryptedKey):
			rawKeyLength = len(decryptedKey) - offset
		
		# 4. Extract actual key
		privateKey = decryptedKey[offset:offset+rawKeyLength]
		
		# And we're done.
		self.privateKey = privateKey
		logging.debug("Successfully decrypted private key")