本文整理汇总了Python中Crypto.Cipher.AES.MODE_GCM属性的典型用法代码示例。如果您正苦于以下问题:Python AES.MODE_GCM属性的具体用法?Python AES.MODE_GCM怎么用?Python AES.MODE_GCM使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类Crypto.Cipher.AES的用法示例。
在下文中一共展示了AES.MODE_GCM属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_2
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def test_2(self):
key = unhexlify("843ffcf5d2b72694d19ed01d01249412")
iv = unhexlify("dbcca32ebf9b804617c3aa9e")
aad = unhexlify("00000000000000000000000000000000" +
"101112131415161718191a1b1c1d1e1f")
pt = unhexlify("000102030405060708090a0b0c0d0e0f" +
"101112131415161718191a1b1c1d1e1f" +
"202122232425262728292a2b2c2d2e2f" +
"303132333435363738393a3b3c3d3e3f" +
"404142434445464748494a4b4c4d4e4f")
ct = unhexlify("6268c6fa2a80b2d137467f092f657ac0" +
"4d89be2beaa623d61b5a868c8f03ff95" +
"d3dcee23ad2f1ab3a6c80eaf4b140eb0" +
"5de3457f0fbc111a6b43d0763aa422a3" +
"013cf1dc37fe417d1fbfc449b75d4cc5")
digest = unhexlify("3b629ccfbc1119b7319e1dce2cd6fd6d")
cipher = AES.new(key, AES.MODE_GCM, iv).update(aad)
ct2, digest2 = cipher.encrypt_and_digest(pt)
self.assertEqual(ct, ct2)
self.assertEqual(digest, digest2) 示例2: decrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def decrypt(self, data):
key = self.session.get_session_key()
method = self.settings.get("pia.encryption_method")
if method == EncryptionMethod.AES_ECB:
aes = AES.new(key, AES.MODE_ECB)
return aes.decrypt(data)
else:
nonce = self.session.generate_nonce(self)
aes = AES.new(key, AES.MODE_GCM, nonce=nonce)
try:
data = aes.decrypt_and_verify(data, self.signature)
except ValueError:
logger.warning("Received incorrect AES-GCM tag")
return None
return data 示例3: gcm_decrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def gcm_decrypt(k, iv, encrypted, auth_data, tag):
aes = AES.new(k, AES.MODE_GCM)
h = aes.encrypt(chr(0) * aes.block_size)
if len(iv) == 12:
y0 = iv + "\x00\x00\x00\x01"
else:
y0 = ghash(h, '', iv)
decrypted = gctr(k, y0, encrypted)
s = ghash(h, auth_data, encrypted)
t = aes.encrypt(y0)
T = strxor.strxor(s, t)
if T != tag:
return '' # decrypted data is invalid
else:
return decrypted 示例4: decrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def decrypt(self, ciphertext: bytes) -> bytes:
"""Return plaintext for given ciphertext."""
# Split out the nonce, tag, and encrypted data.
nonce = ciphertext[:12]
if len(nonce) != 12:
raise DataIntegrityError("Cipher text is damaged: invalid nonce length")
tag = ciphertext[12:28]
if len(tag) != 16:
raise DataIntegrityError("Cipher text is damaged: invalid tag length")
encrypted = ciphertext[28:]
# Construct AES cipher, with old nonce.
cipher = AES.new(self.cipher_key, AES.MODE_GCM, nonce)
# Decrypt and verify.
try:
plaintext = cipher.decrypt_and_verify(encrypted, tag) # type: ignore
except ValueError as e:
raise DataIntegrityError("Cipher text is damaged: {}".format(e))
return plaintext 示例5: decrypt_secret_data
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def decrypt_secret_data(self, class_key):
key = AESUnwrap(class_key, self.encrypted_secret_data_wrapped_key)
if not key:
raise ValueError("Failed to unwrap key. Bad class key?")
plist = readPlistFromString(self.protobuf_item.encryptedSecretData.ciphertext)
authenticated = ns_keyed_unarchiver(plist)
#decrypted = gcm_decrypt(key,
# authenticated['SFInitializationVector'],
# authenticated['SFCiphertext'], '',
# authenticated['SFAuthenticationCode'])
gcm = AES.new(key, AES.MODE_GCM, authenticated['SFInitializationVector'])
decrypted = gcm.decrypt_and_verify(authenticated['SFCiphertext'], authenticated['SFAuthenticationCode'])
if not decrypted:
raise ValueError("Failed to decrypt")
return decrypted 示例6: decode
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def decode(key, data, debug=False):
"""Decode function used for both the old and new style encryption"""
# Raw data structure is IV[:12] + crypttext[12:-16] + auth_tag[-16:]
iv = data[:12]
crypttext = data[12:-16]
tag = data[-16:]
if debug:
print("Input bytes: %", bytes2Hex(data))
print("IV: %s" % bytes2Hex(iv))
print("Crypttext: %s" % bytes2Hex(crypttext))
print("Auth tag: %s" % bytes2Hex(tag))
aes = AES.new(key, AES.MODE_GCM, nonce=iv)
try:
dec = aes.decrypt_and_verify(crypttext, tag)
if debug:
print("Decrypted data: %s" % bytes2Hex(dec))
return dec.decode('UTF-8')
except ValueError as e:
print(e)
print("The passphrase was probably wrong")
return None 示例7: __decrypt_bkey_v4
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def __decrypt_bkey_v4(self):
key_salt = self._pwkey_salt[:16]
logging.debug('KEY_SALT[%s] = %s', len(key_salt),
binascii.hexlify(key_salt))
key = PBKDF2(self._upwd, key_salt, Decryptor.dklen, Decryptor.count,
Decryptor.prf)
logging.debug('KEY[%s] = %s', len(key), binascii.hexlify(key))
nonce = self._pwkey_salt[16:]
logging.debug('KEY NONCE[%s] = %s', len(nonce),
binascii.hexlify(nonce))
cipher = AES.new(key, mode=AES.MODE_GCM, nonce=nonce)
self._bkey = cipher.decrypt(self._e_perbackupkey)[:32]
logging.debug('BKEY[%s] = %s',
len(self._bkey), binascii.hexlify(self._bkey)) 示例8: test_mac_len
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def test_mac_len(self):
# Invalid MAC length
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_GCM,
nonce=self.nonce_96, mac_len=3)
self.assertRaises(ValueError, AES.new, self.key_128, AES.MODE_GCM,
nonce=self.nonce_96, mac_len=16+1)
# Valid MAC length
for mac_len in range(5, 16 + 1):
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96,
mac_len=mac_len)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), mac_len)
# Default MAC length
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
_, mac = cipher.encrypt_and_digest(self.data_128)
self.assertEqual(len(mac), 16) 示例9: test_output_param_neg
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def test_output_param_neg(self):
pt = b'5' * 16
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
ct = cipher.encrypt(pt)
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16)
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16)
shorter_output = bytearray(15)
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output)
cipher = AES.new(self.key_128, AES.MODE_GCM, nonce=self.nonce_96)
self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output) 示例10: test_valid_multiple_encrypt_or_decrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def test_valid_multiple_encrypt_or_decrypt(self):
for method_name in "encrypt", "decrypt":
for auth_data in (None, b"333", self.data_128,
self.data_128 + b"3"):
if auth_data is None:
assoc_len = None
else:
assoc_len = len(auth_data)
cipher = AES.new(self.key_128, AES.MODE_GCM,
nonce=self.nonce_96)
if auth_data is not None:
cipher.update(auth_data)
method = getattr(cipher, method_name)
method(self.data_128)
method(self.data_128)
method(self.data_128)
method(self.data_128) 示例11: test_encrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def test_encrypt(self, tv):
self._id = "Wycheproof Encrypt GCM Test #" + str(tv.id)
try:
cipher = AES.new(tv.key, AES.MODE_GCM, tv.iv, mac_len=tv.tag_size,
**self._extra_params)
except ValueError as e:
if len(tv.iv) == 0 and "Nonce cannot be empty" in str(e):
return
raise e
cipher.update(tv.aad)
ct, tag = cipher.encrypt_and_digest(tv.msg)
if tv.valid:
self.assertEqual(ct, tv.ct)
self.assertEqual(tag, tv.tag)
self.warn(tv) 示例12: encrypt_AES_GCM
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def encrypt_AES_GCM(msg, password, kdf_salt=None, nonce=None):
"""Used for encryption of msg"""
kdf_salt = kdf_salt or os.urandom(16)
nonce = nonce or os.urandom(16)
# Encoding of message
msg = msg.encode()
secret_key = Crypto.generate_key(kdf_salt, password)
aes_cipher = AES.new(secret_key, AES.MODE_GCM, nonce=nonce)
ciphertext, auth_tag = aes_cipher.encrypt_and_digest(msg)
return (kdf_salt, ciphertext, nonce, auth_tag) 示例13: decrypt_AES_GCM
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def decrypt_AES_GCM(encryptedMsg, password, kdf_salt=None, nonce=None):
"""Used for decryption of msg"""
(stored_kdf_salt, ciphertext, stored_nonce, auth_tag) = encryptedMsg
kdf_salt = kdf_salt or stored_kdf_salt
nonce = nonce or stored_nonce
secret_key = Crypto.generate_key(kdf_salt, password)
aes_cipher = AES.new(secret_key, AES.MODE_GCM, nonce=nonce)
plaintext = aes_cipher.decrypt_and_verify(ciphertext, auth_tag)
# decoding byte data to normal string data
plaintext = plaintext.decode("utf8")
return plaintext 示例14: encrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def encrypt(self, plaintext: bytes) -> bytes:
"""Return ciphertext for given plaintext."""
# Construct AES-GCM cipher, with 96-bit nonce.
cipher = AES.new(self.cipher_key, AES.MODE_GCM, nonce=random_bytes(12))
# Encrypt and digest.
encrypted, tag = cipher.encrypt_and_digest(plaintext) # type: ignore
# Combine with nonce.
ciphertext = cipher.nonce + tag + encrypted # type: ignore
# Return ciphertext.
return ciphertext 示例15: _decrypt
# 需要导入模块: from Crypto.Cipher import AES [as 别名]
# 或者: from Crypto.Cipher.AES import MODE_GCM [as 别名]
def _decrypt(self, value, encrypted_value):
"""Decrypt encoded cookies
"""
if sys.platform == 'win32':
try:
return self._decrypt_windows_chrome(value, encrypted_value)
# Fix for change in Chrome 80
except RuntimeError: # Failed to decrypt the cipher text with DPAPI
if not self.key:
raise RuntimeError(
'Failed to decrypt the cipher text with DPAPI and no AES key.')
# Encrypted cookies should be prefixed with 'v10' according to the
# Chromium code. Strip it off.
encrypted_value = encrypted_value[3:]
nonce, tag = encrypted_value[:12], encrypted_value[-16:]
aes = AES.new(self.key, AES.MODE_GCM, nonce=nonce)
data = aes.decrypt_and_verify(encrypted_value[12:-16], tag)
return data.decode()
if value or (encrypted_value[:3] not in [b'v11', b'v10']):
return value
# Encrypted cookies should be prefixed with 'v10' according to the
# Chromium code. Strip it off.
encrypted_value = encrypted_value[3:]
encrypted_value_half_len = int(len(encrypted_value) / 2)
cipher = pyaes.Decrypter(
pyaes.AESModeOfOperationCBC(self.key, self.iv))
decrypted = cipher.feed(encrypted_value[:encrypted_value_half_len])
decrypted += cipher.feed(encrypted_value[encrypted_value_half_len:])
decrypted += cipher.feed()
return decrypted.decode("utf-8")