Python Crypto.Cipher.PKCS1_OAEP.new() Examples
The following are 30
code examples of Crypto.Cipher.PKCS1_OAEP.new().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
Crypto.Cipher.PKCS1_OAEP
, or try the search function
.
Example #1
Source File: utils.py From snapy with MIT License | 6 votes |
def encryptPassword(email, password): gdpk = "AAAAgMom/1a/v0lblO2Ubrt60J2gcuXSljGFQXgcyZWveWLEwo6prwgi3iJIZdodyhKZQrNWp5nKJ3srRXcUW+F1BD3baEVGcmEgqaLZUNBjm057pKRI16kB0YppeGx5qIQ5QjKzsR8ETQbKLNWgRY0QRNVz34kMJR3P/LgHax/6rmf5AAAAAwEAAQ==" binaryKey = b64decode(gdpk).encode('hex') half = binaryKey[8:264] modulus = long(half, 16) half = binaryKey[272:278] exponent = long(half, 16) sha1hash = sha1(b64decode(gdpk)).digest() signature = "00" + sha1hash[:4].encode('hex') key = RSA.construct((modulus, exponent)) cipher = PKCS1_OAEP.new(key) plain = email + "\x00" + password encrypted = cipher.encrypt(plain).encode('hex') ste = signature + encrypted output = unhexlify(ste) encryptedPassword = b64encode(output).encode('ascii').replace("+","-").replace("/","_") return encryptedPassword
Example #2
Source File: test_crypto.py From pyaff4 with Apache License 2.0 | 6 votes |
def testDecrypt(self): g = rdflib.Graph() g.parse(data=keybagturtle, format="turtle") kb = keybag.PasswordWrappedKeyBag.load(g) key = "password" kek = digest.pbkdf2_hmac("sha256", key, kb.salt, kb.iterations, kb.keySizeBytes); vek = aes_unwrap_key(kek, kb.wrappedKey) key1 = vek[0:16] key2 = vek[16:] tweak = codecs.decode('00', 'hex') cipher = python_AES.new((key1, key2), python_AES.MODE_XTS) text = cipher.decrypt(target_ciphertext, tweak) self.assertEqual(src[0:len(src)], text[0:len(src)])
Example #3
Source File: crypto.py From aliyun-oss-python-sdk with MIT License | 6 votes |
def __init__(self, key_pair, passphrase=None, cipher=utils.AESCTRCipher(), mat_desc=None): super(RsaProvider, self).__init__(cipher=cipher, mat_desc=mat_desc) self.wrap_alg = headers.RSA_NONE_PKCS1Padding_WRAP_ALGORITHM if key_pair and not isinstance(key_pair, dict): raise ClientError('Invalid type, the type of key_pair must be dict!') try: if 'public_key' in key_pair: self.__encrypt_obj = PKCS1_v1_5.new(RSA.importKey(key_pair['public_key'], passphrase=passphrase)) if 'private_key' in key_pair: self.__decrypt_obj = PKCS1_v1_5.new(RSA.importKey(key_pair['private_key'], passphrase=passphrase)) except (ValueError, TypeError) as e: raise ClientError(str(e))
Example #4
Source File: keybag.py From pyaff4 with Apache License 2.0 | 6 votes |
def create(vek, keySizeBytes, certificatePath): #print("VEK: " + str(binascii.hexlify(vek))) publicKeyPem = open(certificatePath).read() publicKey = RSA.importKey(publicKeyPem) # Convert from PEM to DER lines = publicKeyPem.replace(" ", '').split() publicKeyDer = binascii.a2b_base64(''.join(lines[1:-1])) cert = x509.load_pem_x509_certificate(SmartStr(publicKeyPem), default_backend()) subjectName = cert.subject.rfc4514_string() serial = cert.serial_number cipher = PKCS1_OAEP.new(key=publicKey, hashAlgo=SHA256, mgfunc=lambda x, y: pss.MGF1(x, y, SHA1)) wrapped_key = cipher.encrypt(vek) #print("WrappedKey: " + str(binascii.hexlify(wrapped_key))) return CertEncryptedKeyBag(subjectName, serial, keySizeBytes, wrapped_key)
Example #5
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 6 votes |
def test_encrypt(self, sign_message, encrypt_message, encrypt_key, get_key, get_iv): message = Random.new().read(2000) encryption = Encryption(self.sender_key, self.recipient_key) sender_key_bytes = int(self.sender_key.publickey().n.bit_length() / 8) encrypt_message.return_value = Random.new().read(len(message)) encrypt_key.return_value = Random.new().read(sender_key_bytes) get_iv.return_value = Random.new().read(16) encrypted_message = encryption.encrypt(message) data = base64.b64decode(encrypted_message) iv = data[0:16] encrypted_key = data[16:(16 + sender_key_bytes)] encrypted_message = data[(16 + sender_key_bytes):] self.assertEqual(encrypt_message.return_value, encrypted_message) self.assertEqual(encrypt_key.return_value, encrypted_key) self.assertEqual(get_iv.return_value, iv) encrypt_key.assert_called_once_with(get_key.return_value) encrypt_message.assert_called_once_with( sign_message.return_value, message, get_key.return_value, get_iv.return_value ) sign_message.assert_called_once_with(message)
Example #6
Source File: test_pkcs1_oaep.py From earthengine with MIT License | 6 votes |
def testEncrypt1(self): # Verify encryption using all test vectors for test in self._testData: # Build the key comps = [ long(rws(test[0][x]),16) for x in ('n','e') ] key = RSA.construct(comps) # RNG that takes its random numbers from a pool given # at initialization class randGen: def __init__(self, data): self.data = data self.idx = 0 def __call__(self, N): r = self.data[self.idx:N] self.idx += N return r # The real test key._randfunc = randGen(t2b(test[3])) cipher = PKCS.new(key, test[4]) ct = cipher.encrypt(t2b(test[1])) self.assertEqual(ct, t2b(test[2]))
Example #7
Source File: main.py From cryptovenom with GNU General Public License v3.0 | 6 votes |
def signRSA(message, privatekey, hashAlg): global hash1 hash1 = hashAlg signer = PKCS1_v1_5.new(privatekey) if (hash1 == "SHA-512"): digest = SHA512.new() elif (hash1 == "SHA-384"): digest = SHA384.new() elif (hash1 == "SHA-256"): digest = SHA256.new() elif (hash1 == "SHA-1"): digest = SHA.new() else: digest = MD5.new() digest.update(message) return signer.sign(digest)
Example #8
Source File: test_pkcs1_oaep.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
def testEncrypt1(self): # Verify encryption using all test vectors for test in self._testData: # Build the key comps = [ long(rws(test[0][x]),16) for x in ('n','e') ] key = RSA.construct(comps) # RNG that takes its random numbers from a pool given # at initialization class randGen: def __init__(self, data): self.data = data self.idx = 0 def __call__(self, N): r = self.data[self.idx:N] self.idx += N return r # The real test key._randfunc = randGen(t2b(test[3])) cipher = PKCS.new(key, test[4]) ct = cipher.encrypt(t2b(test[1])) self.assertEqual(ct, t2b(test[2]))
Example #9
Source File: test_pkcs1_oaep.py From earthengine with MIT License | 6 votes |
def testEncryptDecrypt1(self): # Helper function to monitor what's requested from RNG global asked def localRng(N): global asked asked += N return self.rng(N) # Verify that OAEP is friendly to all hashes for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD): # Verify that encrypt() asks for as many random bytes # as the hash output size asked = 0 pt = self.rng(40) self.key1024._randfunc = localRng cipher = PKCS.new(self.key1024, hashmod) ct = cipher.encrypt(pt) self.assertEqual(cipher.decrypt(ct), pt) self.failUnless(asked > hashmod.digest_size)
Example #10
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 6 votes |
def test_decrypt(self, verify, get_message, get_signature, get_decrypted_message, get_key, get_iv, hexlify): decryption = Decryption(self.recipient_key, self.sender_key) raw = Random.new().read(2000) encrypted = base64.b64encode(raw) message = get_message.return_value signature = get_signature.return_value hexlify_signature = hexlify.return_value decrypted_message = get_decrypted_message.return_value iv = get_iv.return_value key = get_key.return_value verify.return_value = True returned_message, returned_signature = decryption.decrypt(encrypted) self.assertEqual(message, returned_message) self.assertEqual(hexlify_signature, returned_signature) get_message.assert_called_once_with(decrypted_message) get_decrypted_message.assert_called_once_with(iv, key, raw) get_iv.assert_called_once_with(raw) get_key.assert_called_once_with(raw) get_signature.assert_called_once_with(decrypted_message) verify.assert_called_once_with(signature, message) hexlify.assert_called_once_with(signature)
Example #11
Source File: test_pkcs1_oaep.py From Safejumper-for-Desktop with GNU General Public License v2.0 | 6 votes |
def testEncryptDecrypt1(self): # Helper function to monitor what's requested from RNG global asked def localRng(N): global asked asked += N return self.rng(N) # Verify that OAEP is friendly to all hashes for hashmod in (MD2,MD5,SHA1,SHA256,RIPEMD): # Verify that encrypt() asks for as many random bytes # as the hash output size asked = 0 pt = self.rng(40) self.key1024._randfunc = localRng cipher = PKCS.new(self.key1024, hashmod) ct = cipher.encrypt(pt) self.assertEqual(cipher.decrypt(ct), pt) self.failUnless(asked > hashmod.digest_size)
Example #12
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_decrypted_message(self): recipient_key_bytes = int(self.recipient_key.publickey().n.bit_length() / 8) decryption = Decryption(self.recipient_key, self.sender_key) iv = Random.new().read(16) key = Random.new().read(32) encrypted_key = Random.new().read(recipient_key_bytes) message = ("a" * 2000).encode('utf-8') block_size = AES.block_size pad = lambda s: s + (block_size - len(s) % block_size) * chr(block_size - len(s) % block_size).encode('utf-8') message_to_encrypt = pad(message) cipher = AES.new(key, mode=AES.MODE_CBC, IV=iv) encrypted_message = cipher.encrypt(message_to_encrypt) self.assertEqual(message, decryption.get_decrypted_message(iv, key, iv + encrypted_key + encrypted_message))
Example #13
Source File: crypto.py From Apfell with BSD 3-Clause "New" or "Revised" License | 5 votes |
def hash_MD5(data) -> str: if isinstance(data, str): hash_digest = MD5.new(data=str.encode(data)) else: hash_digest = MD5.new(data=data) return hash_digest.hexdigest() # https://pycryptodome.readthedocs.io/en/latest/src/examples.html
Example #14
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_signature(self): sender_key_bytes = int(self.sender_key.publickey().n.bit_length() / 8) decryption = Decryption(self.recipient_key, self.sender_key) signature = Random.new().read(sender_key_bytes) message = Random.new().read(500) decrypted_message = signature + message self.assertEqual(signature, decryption.get_signature(decrypted_message))
Example #15
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_message(self): sender_key_bytes = int(self.sender_key.publickey().n.bit_length() / 8) decryption = Decryption(self.recipient_key, self.sender_key) signature = Random.new().read(sender_key_bytes) message = Random.new().read(500) decrypted_message = signature + message self.assertEqual(message, decryption.get_message(decrypted_message))
Example #16
Source File: crypto.py From Apfell with BSD 3-Clause "New" or "Revised" License | 5 votes |
def decrypt_AES256(data: bytes, key: bytes): # hmac should include IV mac = data[-32:] # sha256 hmac at the end iv = data[:16] # 16 Bytes for IV at the beginning message = data[16:-32] # the rest is the message h = HMAC.new(key=key, msg=iv + message, digestmod=SHA256) h.verify(mac) decryption_cipher = AES.new(key, AES.MODE_CBC, iv=iv) decrypted_message = decryption_cipher.decrypt(message) # print(decrypted_message) # now to remove any padding that was added on to make it the right block size of 16 return unpad(decrypted_message, 16)
Example #17
Source File: crypto.py From Apfell with BSD 3-Clause "New" or "Revised" License | 5 votes |
def decrypt_pub_key(data: bytes, key: bytes): recipient_key = RSA.import_key(key) cipher_rsa = PKCS1_OAEP.new(recipient_key) decrypted_data = cipher_rsa.decrypt(data) return decrypted_data
Example #18
Source File: crypto.py From Apfell with BSD 3-Clause "New" or "Revised" License | 5 votes |
def encrypt_pub_key(data: bytes, key: bytes): recipient_key = RSA.import_key(key) cipher_rsa = PKCS1_OAEP.new(recipient_key) encrypted_data = cipher_rsa.encrypt(data) return encrypted_data
Example #19
Source File: privrules.py From Loki with GNU General Public License v3.0 | 5 votes |
def generate_RSA_key(keysize): random_generator = Random.new().read key = RSA.generate(keysize, random_generator) return key
Example #20
Source File: encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def get_iv(self): return Random.new().read(16)
Example #21
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_key(self): decryption = Decryption(self.recipient_key, self.sender_key) raw = Random.new().read(16) key = Random.new().read(32) cipher = PKCS1_OAEP.new(self.recipient_key.publickey()) encrypted_key = cipher.encrypt(key) raw += encrypted_key + Random.new().read(2000) self.assertEqual(key, decryption.get_key(raw))
Example #22
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_decrypt_incorrect_length(self, verify, get_message, get_signature, get_decrypted_message, get_key, get_iv): decryption = Decryption(self.recipient_key, self.sender_key) get_key.side_effect = DecryptionError("Incorrect message length.") raw = Random.new().read(2000) encrypted = base64.b64encode(raw) verify.return_value = False six.assertRaisesRegex(self, DecryptionError, "Incorrect message length.", decryption.decrypt, encrypted)
Example #23
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_decrypt_invalid(self, verify, get_message, get_signature, get_decrypted_message, get_key, get_iv): decryption = Decryption(self.recipient_key, self.sender_key) raw = Random.new().read(2000) encrypted = base64.b64encode(raw) verify.return_value = False six.assertRaisesRegex(self, InvalidMessageException, "Invalid message signature", decryption.decrypt, encrypted)
Example #24
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_encrypt_message(self): encryption = Encryption(self.sender_key, self.recipient_key) key = encryption.get_key() iv = encryption.get_iv() message = Random.new().read(10) signed_message = encryption.sign_message(message) encrypted = encryption.encrypt_message(signed_message, message, key, iv) cipher = AES.new(key, AES.MODE_CBC, iv) unpad = lambda s: s[:-ord(s[len(s) - 1:])] decrypted = unpad(cipher.decrypt(encrypted)) self.assertEqual(decrypted, signed_message + message)
Example #25
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_sign_message(self): message = Random.new().read(2000) encryption = Encryption(self.sender_key, self.recipient_key) signed_message = encryption.sign_message(message) public_key = self.sender_key.publickey() hash = SHA512.new(message) verifier = PKCS1_v1_5.new(public_key) self.assertTrue(verifier.verify(hash, signed_message))
Example #26
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_key(self, Random): expected = Random.new.return_value.read.return_value encryption = Encryption(self.sender_key, self.recipient_key) self.assertEqual(encryption.get_key(), expected) Random.new.return_value.read.assert_called_once_with(32)
Example #27
Source File: test_encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def test_get_iv(self, Random): expected = Random.new.return_value.read.return_value encryption = Encryption(self.sender_key, self.recipient_key) self.assertEqual(encryption.get_iv(), expected) Random.new.return_value.read.assert_called_once_with(16)
Example #28
Source File: encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def verify(self, signature, message): hash = SHA512.new(message) verifier = PKCS1_v1_5.new(self.sender_key) return verifier.verify(hash, signature)
Example #29
Source File: encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def get_decrypted_message(self, iv, key, raw): recipient_key_bytes = int(self.recipient_key.publickey().n.bit_length() / 8) encrypted_message = raw[16 + recipient_key_bytes:] unpad = lambda s: s[:-ord(s[len(s) - 1:])] cipher = AES.new(key, AES.MODE_CBC, iv) return unpad(cipher.decrypt(encrypted_message))
Example #30
Source File: encryption.py From tbk with GNU General Public License v3.0 | 5 votes |
def sign_message(self, message): hash = SHA512.new(message) signer = PKCS1_v1_5.new(self.sender_key) return signer.sign(hash)