本文整理汇总了Python中Cryptodome.Cipher.PKCS1_OAEP.new方法的典型用法代码示例。如果您正苦于以下问题:Python PKCS1_OAEP.new方法的具体用法?Python PKCS1_OAEP.new怎么用?Python PKCS1_OAEP.new使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Cryptodome.Cipher.PKCS1_OAEP
的用法示例。
在下文中一共展示了PKCS1_OAEP.new方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: encrypt
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def encrypt(self, plaintext, esn):
"""
Encrypt the given Plaintext with the encryption key
:param plaintext:
:return: Serialized JSON String of the encryption Envelope
"""
init_vector = get_random_bytes(16)
cipher = AES.new(self.encryption_key, AES.MODE_CBC, init_vector)
ciphertext = base64.standard_b64encode(
cipher.encrypt(Padding.pad(plaintext.encode('utf-8'), 16))).decode('utf-8')
encryption_envelope = {
'ciphertext': ciphertext,
'keyid': '_'.join((esn, str(self.sequence_number))),
'sha256': 'AA==',
'iv': base64.standard_b64encode(init_vector).decode('utf-8')
}
return json.dumps(encryption_envelope)
示例2: decrypt_password
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def decrypt_password(user_conf):
cipher_text = user_conf["password"]
encrypted_aes_session_key = user_conf["aes_session_key"]
cipher_aes_nonce = user_conf["cipher_aes_nonce"]
tag = user_conf["tag"]
# Read private key
with open(os.path.join(os.environ["AZTK_WORKING_DIR"], "id_rsa"), encoding="UTF-8") as f:
private_key = RSA.import_key(f.read())
# Decrypt the session key with the public RSA key
cipher_rsa = PKCS1_OAEP.new(private_key)
session_key = cipher_rsa.decrypt(encrypted_aes_session_key)
# Decrypt the data with the AES session key
cipher_aes = AES.new(session_key, AES.MODE_EAX, cipher_aes_nonce)
password = cipher_aes.decrypt_and_verify(cipher_text, tag)
return password.decode("utf-8")
示例3: parse_SHAR
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def parse_SHAR(chunk, encryption_key, rsa_key):
# TODO: Fake some data and make a test
io = BytesIO(chunk.payload)
id = read_item(io)
encrypted_key = decode_hex(read_item(io))
encrypted_name = read_item(io)
skip_item(io, 2)
key = read_item(io)
# Shared folder encryption key might come already in pre-decrypted form,
# where it's only AES encrypted with the regular encryption key.
# When the key is blank, then there's a RSA encrypted key, which has to
# be decrypted first before use.
if not key:
key = decode_hex(PKCS1_OAEP.new(rsa_key).decrypt(encrypted_key))
else:
key = decode_hex(decode_aes256_plain_auto(key, encryption_key))
name = decode_aes256_base64_auto(encrypted_name, key)
# TODO: Return an object, not a dict
return {'id': id, 'name': name, 'encryption_key': key}
示例4: decode_aes256
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def decode_aes256(cipher, iv, data, encryption_key):
"""
Decrypt AES-256 bytes.
Allowed ciphers are: :ecb, :cbc.
If for :ecb iv is not used and should be set to "".
"""
if cipher == 'cbc':
aes = AES.new(encryption_key, AES.MODE_CBC, iv)
elif cipher == 'ecb':
aes = AES.new(encryption_key, AES.MODE_ECB)
else:
raise ValueError('Unknown AES mode')
d = aes.decrypt(data)
# http://passingcuriosity.com/2009/aes-encryption-in-python-with-m2crypto/
unpad = lambda s: s[0:-ord(d[-1:])]
return unpad(d)
示例5: encrypt_file
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def encrypt_file(public_key, src_file, dest_file):
try:
with open(src_file) as f:
rsa_key = RSA.import_key(open(public_key).read())
session_key = get_random_bytes(16)
# Encrypt session key
cipher_rsa = PKCS1_OAEP.new(rsa_key)
encrypted_session_key = cipher_rsa.encrypt(session_key)
# Encrypt data
cipher_aes = AES.new(session_key, AES.MODE_EAX)
ciphertext, tag = cipher_aes.encrypt_and_digest(f.read().encode("utf-8"))
except Exception as e:
print("Unable to encrypt file: {}".format(src_file))
raise e
try:
with open(dest_file, "wb") as f:
for x in (encrypted_session_key, cipher_aes.nonce, tag, ciphertext):
f.write(x)
except Exception as e:
print("Unable to write output file {}".format(dest_file))
raise e
示例6: testEncrypt1
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def testEncrypt1(self):
# Verify encryption using all test vectors
for test in self._testData:
# Build the key
comps = [ int(rws(test[0][x]),16) for x in ('n','e') ]
key = RSA.construct(comps)
# RNG that takes its random numbers from a pool given
# at initialization
class randGen:
def __init__(self, data):
self.data = data
self.idx = 0
def __call__(self, N):
r = self.data[self.idx:N]
self.idx += N
return r
# The real test
cipher = PKCS.new(key, test[4], randfunc=randGen(t2b(test[3])))
ct = cipher.encrypt(t2b(test[1]))
self.assertEqual(ct, t2b(test[2]))
示例7: testEncryptDecrypt2
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def testEncryptDecrypt2(self):
# Helper function to monitor what's requested from RNG
global asked
def localRng(N):
global asked
asked += N
return self.rng(N)
# Verify that OAEP is friendly to all hashes
for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD160):
# Verify that encrypt() asks for as many random bytes
# as the hash output size
asked = 0
pt = self.rng(40)
cipher = PKCS.new(self.key1024, hashmod, randfunc=localRng)
ct = cipher.encrypt(pt)
self.assertEqual(cipher.decrypt(ct), pt)
self.assertEqual(asked, hashmod.digest_size)
示例8: testEncrypt1
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def testEncrypt1(self):
# Verify encryption using all test vectors
for test in self._testData:
# Build the key
comps = [ long(rws(test[0][x]),16) for x in ('n','e') ]
key = RSA.construct(comps)
# RNG that takes its random numbers from a pool given
# at initialization
class randGen:
def __init__(self, data):
self.data = data
self.idx = 0
def __call__(self, N):
r = self.data[self.idx:N]
self.idx += N
return r
# The real test
cipher = PKCS.new(key, test[4], randfunc=randGen(t2b(test[3])))
ct = cipher.encrypt(t2b(test[1]))
self.assertEqual(ct, t2b(test[2]))
示例9: parse_key_response
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def parse_key_response(self, headerdata):
# Init Decryption
enc_key = headerdata['keyresponsedata']['keydata']['encryptionkey']
hmac_key = headerdata['keyresponsedata']['keydata']['hmackey']
encrypted_encryption_key = base64.standard_b64decode(enc_key)
encrypted_sign_key = base64.standard_b64decode(hmac_key)
cipher_rsa = PKCS1_OAEP.new(self.rsa_key)
# Decrypt encryption key
cipher_raw = cipher_rsa.decrypt(encrypted_encryption_key)
encryption_key_data = json.JSONDecoder().decode(cipher_raw.decode())
self.encryption_key = self.__base64key_decode(encryption_key_data['k'])
# Decrypt sign key
sign_key_raw = cipher_rsa.decrypt(encrypted_sign_key)
sign_key_data = json.JSONDecoder().decode(sign_key_raw.decode())
self.sign_key = self.__base64key_decode(sign_key_data['k'])
示例10: encrypt
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def encrypt(self, data, esn, sequence_number):
"""
Encrypt the given Plaintext with the encryption key
:param plaintext:
:return: Serialized JSON String of the encryption Envelope
"""
iv = get_random_bytes(16)
encryption_envelope = {
'ciphertext': '',
'keyid': esn + '_' + str(sequence_number),
'sha256': 'AA==',
'iv': base64.standard_b64encode(iv).decode('ascii')
}
# Padd the plaintext
plaintext = Padding.pad(data.encode('utf-8'), 16)
# Encrypt the text
cipher = AES.new(self.encryption_key, AES.MODE_CBC, iv)
citext = cipher.encrypt(plaintext)
encryption_envelope['ciphertext'] = base64.standard_b64encode(citext).decode('ascii')
return encryption_envelope;
示例11: load_crypto_session
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def load_crypto_session(self, msl_data=None):
try:
self.encryption_key = base64.standard_b64decode(
msl_data['encryption_key'])
self.sign_key = base64.standard_b64decode(
msl_data['sign_key'])
if not self.encryption_key or not self.sign_key:
raise MSLError('Missing encryption_key or sign_key')
self.rsa_key = RSA.importKey(
base64.standard_b64decode(msl_data['rsa_key']))
except Exception: # pylint: disable=broad-except
common.debug('Generating new RSA keys')
self.rsa_key = RSA.generate(2048)
self.encryption_key = None
self.sign_key = None
示例12: decrypt
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def decrypt(self, init_vector, ciphertext):
"""Decrypt a ciphertext"""
cipher = AES.new(self.encryption_key, AES.MODE_CBC, init_vector)
return Padding.unpad(cipher.decrypt(ciphertext), 16)
示例13: sign
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def sign(self, message):
"""Sign a message"""
return base64.standard_b64encode(
HMAC.new(self.sign_key, message.encode('utf-8'), SHA256).digest()).decode('utf-8')
示例14: _init_keys
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def _init_keys(self, key_response_data):
cipher = PKCS1_OAEP.new(self.rsa_key)
encrypted_encryption_key = base64.standard_b64decode(
key_response_data['keydata']['encryptionkey'])
encrypted_sign_key = base64.standard_b64decode(
key_response_data['keydata']['hmackey'])
self.encryption_key = _decrypt_key(encrypted_encryption_key, cipher)
self.sign_key = _decrypt_key(encrypted_sign_key, cipher)
示例15: generate_session_key
# 需要导入模块: from Cryptodome.Cipher import PKCS1_OAEP [as 别名]
# 或者: from Cryptodome.Cipher.PKCS1_OAEP import new [as 别名]
def generate_session_key(hmac_secret=b''):
"""
:param hmac_secret: optional HMAC
:type hmac_secret: :class:`bytes`
:return: (session_key, encrypted_session_key) tuple
:rtype: :class:`tuple`
"""
session_key = random_bytes(32)
encrypted_session_key = PKCS1_OAEP.new(UniverseKey.Public, SHA1)\
.encrypt(session_key + hmac_secret)
return (session_key, encrypted_session_key)