cipher quality fixes

This commit is contained in:
lakshyacis 2019-12-21 15:13:29 +05:30
parent b16515dc09
commit 36c24cc09a
No known key found for this signature in database
GPG Key ID: D2C539C8EC63E9EB
2 changed files with 13 additions and 16 deletions

View File

@ -1,10 +1,8 @@
#!/usr/bin/env python #!/usr/bin/env python
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
""" """
src/pyelliptic/cipher.py Symmetric Encryption
========================
""" """
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com> # Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
# See LICENSE for details. # See LICENSE for details.
@ -14,7 +12,7 @@ from openssl import OpenSSL
# pylint: disable=redefined-builtin # pylint: disable=redefined-builtin
class Cipher(object): class Cipher(object):
""" """
Symmetric encryption Main class for encryption
import pyelliptic import pyelliptic
iv = pyelliptic.Cipher.gen_IV('aes-256-cfb') iv = pyelliptic.Cipher.gen_IV('aes-256-cfb')
@ -67,7 +65,7 @@ class Cipher(object):
if OpenSSL.EVP_CipherUpdate(self.ctx, OpenSSL.byref(buffer), if OpenSSL.EVP_CipherUpdate(self.ctx, OpenSSL.byref(buffer),
OpenSSL.byref(i), inp, len(input)) == 0: OpenSSL.byref(i), inp, len(input)) == 0:
raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...") raise Exception("[OpenSSL] EVP_CipherUpdate FAIL ...")
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
def final(self): def final(self):
"""Returning the final value""" """Returning the final value"""
@ -76,7 +74,7 @@ class Cipher(object):
if (OpenSSL.EVP_CipherFinal_ex(self.ctx, OpenSSL.byref(buffer), if (OpenSSL.EVP_CipherFinal_ex(self.ctx, OpenSSL.byref(buffer),
OpenSSL.byref(i))) == 0: OpenSSL.byref(i))) == 0:
raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...") raise Exception("[OpenSSL] EVP_CipherFinal_ex FAIL ...")
return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index return buffer.raw[0:i.value] # pylint: disable=invalid-slice-index
def ciphering(self, input): def ciphering(self, input):
""" """

View File

@ -3,8 +3,7 @@
""" """
Asymmetric cryptography using elliptic curves Asymmetric cryptography using elliptic curves
""" """
# pylint: disable=protected-access # pylint: disable=protected-access, too-many-branches, too-many-locals
# Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com> # Copyright (C) 2011 Yann GUIBET <yannguibet@gmail.com>
# See LICENSE for details. # See LICENSE for details.
@ -172,7 +171,8 @@ class ECC(object):
if OpenSSL.EC_POINT_get_affine_coordinates_GFp( if OpenSSL.EC_POINT_get_affine_coordinates_GFp(
group, pub_key, pub_key_x, pub_key_y, 0) == 0: group, pub_key, pub_key_x, pub_key_y, 0) == 0:
raise Exception("[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...") raise Exception(
"[OpenSSL] EC_POINT_get_affine_coordinates_GFp FAIL ...")
privkey = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(priv_key)) privkey = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(priv_key))
pubkeyx = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_x)) pubkeyx = OpenSSL.malloc(0, OpenSSL.BN_num_bytes(pub_key_x))
@ -275,7 +275,6 @@ class ECC(object):
def raw_check_key(self, privkey, pubkey_x, pubkey_y, curve=None): def raw_check_key(self, privkey, pubkey_x, pubkey_y, curve=None):
"""Check key validity, key is supplied as binary data""" """Check key validity, key is supplied as binary data"""
# pylint: disable=too-many-branches
if curve is None: if curve is None:
curve = self.curve curve = self.curve
elif isinstance(curve, str): elif isinstance(curve, str):
@ -323,7 +322,6 @@ class ECC(object):
""" """
Sign the input with ECDSA method and returns the signature Sign the input with ECDSA method and returns the signature
""" """
# pylint: disable=too-many-branches,too-many-locals
try: try:
size = len(inputb) size = len(inputb)
buff = OpenSSL.malloc(inputb, size) buff = OpenSSL.malloc(inputb, size)
@ -393,7 +391,6 @@ class ECC(object):
Verify the signature with the input and the local public key. Verify the signature with the input and the local public key.
Returns a boolean Returns a boolean
""" """
# pylint: disable=too-many-branches
try: try:
bsig = OpenSSL.malloc(sig, len(sig)) bsig = OpenSSL.malloc(sig, len(sig))
binputb = OpenSSL.malloc(inputb, len(inputb)) binputb = OpenSSL.malloc(inputb, len(inputb))
@ -436,10 +433,13 @@ class ECC(object):
0, digest, dgst_len.contents, bsig, len(sig), key) 0, digest, dgst_len.contents, bsig, len(sig), key)
if ret == -1: if ret == -1:
return False # Fail to Check # Fail to Check
return False
if ret == 0: if ret == 0:
return False # Bad signature ! # Bad signature !
return True # Good return False
# Good
return True
finally: finally:
OpenSSL.EC_KEY_free(key) OpenSSL.EC_KEY_free(key)
@ -487,7 +487,6 @@ class ECC(object):
""" """
Decrypt data with ECIES method using the local private key Decrypt data with ECIES method using the local private key
""" """
# pylint: disable=too-many-locals
blocksize = OpenSSL.get_cipher(ciphername).get_blocksize() blocksize = OpenSSL.get_cipher(ciphername).get_blocksize()
iv = data[:blocksize] iv = data[:blocksize]
i = blocksize i = blocksize