cipher quality fixes
This commit is contained in:
parent
b16515dc09
commit
36c24cc09a
|
@ -1,10 +1,8 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
"""
|
"""
|
||||||
src/pyelliptic/cipher.py
|
Symmetric Encryption
|
||||||
========================
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
|
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
|
||||||
# See LICENSE for details.
|
# See LICENSE for details.
|
||||||
|
|
||||||
|
@ -14,7 +12,7 @@ from openssl import OpenSSL
|
||||||
# pylint: disable=redefined-builtin
|
# pylint: disable=redefined-builtin
|
||||||
class Cipher(object):
|
class Cipher(object):
|
||||||
"""
|
"""
|
||||||
Symmetric encryption
|
Main class for encryption
|
||||||
|
|
||||||
import pyelliptic
|
import pyelliptic
|
||||||
iv = pyelliptic.Cipher.gen_IV('aes-256-cfb')
|
iv = pyelliptic.Cipher.gen_IV('aes-256-cfb')
|
||||||
|
@ -67,7 +65,7 @@ class Cipher(object):
|
||||||
if OpenSSL.EVP_CipherUpdate(self.ctx, OpenSSL.byref(buffer),
|
if OpenSSL.EVP_CipherUpdate(self.ctx, OpenSSL.byref(buffer),
|
||||||
OpenSSL.byref(i), inp, len(input)) == 0:
|
OpenSSL.byref(i), inp, len(input)) == 0:
|
||||||
raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
|
raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
|
||||||
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
|
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
|
||||||
|
|
||||||
def final(self):
|
def final(self):
|
||||||
"""Returning the final value"""
|
"""Returning the final value"""
|
||||||
|
@ -76,7 +74,7 @@ class Cipher(object):
|
||||||
if (OpenSSL.EVP_CipherFinal_ex(self.ctx, OpenSSL.byref(buffer),
|
if (OpenSSL.EVP_CipherFinal_ex(self.ctx, OpenSSL.byref(buffer),
|
||||||
OpenSSL.byref(i))) == 0:
|
OpenSSL.byref(i))) == 0:
|
||||||
raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
|
raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
|
||||||
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
|
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
|
||||||
|
|
||||||
def ciphering(self, input):
|
def ciphering(self, input):
|
||||||
"""
|
"""
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
"""
|
"""
|
||||||
Asymmetric cryptography using elliptic curves
|
Asymmetric cryptography using elliptic curves
|
||||||
"""
|
"""
|
||||||
# pylint: disable=protected-access
|
# pylint: disable=protected-access, too-many-branches, too-many-locals
|
||||||
|
|
||||||
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
|
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
|
||||||
# See LICENSE for details.
|
# See LICENSE for details.
|
||||||
|
|
||||||
|
@ -172,7 +171,8 @@ class ECC(object):
|
||||||
|
|
||||||
if OpenSSL.EC_POINT_get_affine_coordinates_GFp(
|
if OpenSSL.EC_POINT_get_affine_coordinates_GFp(
|
||||||
group, pub_key, pub_key_x, pub_key_y, 0) == 0:
|
group, pub_key, pub_key_x, pub_key_y, 0) == 0:
|
||||||
raise Exception("[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...")
|
raise Exception(
|
||||||
|
"[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...")
|
||||||
|
|
||||||
privkey = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(priv_key))
|
privkey = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(priv_key))
|
||||||
pubkeyx = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_x))
|
pubkeyx = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_x))
|
||||||
|
@ -275,7 +275,6 @@ class ECC(object):
|
||||||
|
|
||||||
def raw_check_key(self, privkey, pubkey_x, pubkey_y, curve=None):
|
def raw_check_key(self, privkey, pubkey_x, pubkey_y, curve=None):
|
||||||
"""Check key validity, key is supplied as binary data"""
|
"""Check key validity, key is supplied as binary data"""
|
||||||
# pylint: disable=too-many-branches
|
|
||||||
if curve is None:
|
if curve is None:
|
||||||
curve = self.curve
|
curve = self.curve
|
||||||
elif isinstance(curve, str):
|
elif isinstance(curve, str):
|
||||||
|
@ -323,7 +322,6 @@ class ECC(object):
|
||||||
"""
|
"""
|
||||||
Sign the input with ECDSA method and returns the signature
|
Sign the input with ECDSA method and returns the signature
|
||||||
"""
|
"""
|
||||||
# pylint: disable=too-many-branches,too-many-locals
|
|
||||||
try:
|
try:
|
||||||
size = len(inputb)
|
size = len(inputb)
|
||||||
buff = OpenSSL.malloc(inputb, size)
|
buff = OpenSSL.malloc(inputb, size)
|
||||||
|
@ -393,7 +391,6 @@ class ECC(object):
|
||||||
Verify the signature with the input and the local public key.
|
Verify the signature with the input and the local public key.
|
||||||
Returns a boolean
|
Returns a boolean
|
||||||
"""
|
"""
|
||||||
# pylint: disable=too-many-branches
|
|
||||||
try:
|
try:
|
||||||
bsig = OpenSSL.malloc(sig, len(sig))
|
bsig = OpenSSL.malloc(sig, len(sig))
|
||||||
binputb = OpenSSL.malloc(inputb, len(inputb))
|
binputb = OpenSSL.malloc(inputb, len(inputb))
|
||||||
|
@ -436,10 +433,13 @@ class ECC(object):
|
||||||
0, digest, dgst_len.contents, bsig, len(sig), key)
|
0, digest, dgst_len.contents, bsig, len(sig), key)
|
||||||
|
|
||||||
if ret == -1:
|
if ret == -1:
|
||||||
return False # Fail to Check
|
# Fail to Check
|
||||||
|
return False
|
||||||
if ret == 0:
|
if ret == 0:
|
||||||
return False # Bad signature !
|
# Bad signature !
|
||||||
return True # Good
|
return False
|
||||||
|
# Good
|
||||||
|
return True
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
OpenSSL.EC_KEY_free(key)
|
OpenSSL.EC_KEY_free(key)
|
||||||
|
@ -487,7 +487,6 @@ class ECC(object):
|
||||||
"""
|
"""
|
||||||
Decrypt data with ECIES method using the local private key
|
Decrypt data with ECIES method using the local private key
|
||||||
"""
|
"""
|
||||||
# pylint: disable=too-many-locals
|
|
||||||
blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
|
blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
|
||||||
iv = data[:blocksize]
|
iv = data[:blocksize]
|
||||||
i = blocksize
|
i = blocksize
|
||||||
|
|
Reference in New Issue
Block a user