zebra.lucky
/
joinmarket-clientserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Rewrite AES code with cryptography

master
roshii 2 years ago
parent
cade771d22
commit
91dacf662d
3 changed files with 73 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      pyproject.toml
  2. 34
      src/jmbase/crypto.py
  3. 47
      test/jmbase/test_crypto.py

7
pyproject.toml
Unescape View File

@ -11,10 +11,11 @@ requires-python = ">=3.7"
license = {file = "LICENSE"} license = {file = "LICENSE"}
dependencies = [ dependencies = [
"chromalog==1.0.5", "chromalog==1.0.5",
"pyaes==1.6.1",
"service-identity==21.1.0", "service-identity==21.1.0",
"txtorcon==23.0.0",
"twisted==22.4.0", "twisted==22.4.0",
"txtorcon==23.0.0",
'cryptography==3.3.2; platform_machine != "aarch64" and platform_machine != "amd64" and platform_machine != "x86_64"',
'cryptography==41.0.2; platform_machine == "aarch64" or platform_machine == "amd64" or platform_machine == "x86_64"',
] ]
[project.optional-dependencies] [project.optional-dependencies]
@ -33,8 +34,6 @@ jmclient = [
jmdaemon = [ jmdaemon = [
"libnacl==1.8.0", "libnacl==1.8.0",
"pyopenssl==23.2.0", "pyopenssl==23.2.0",
'cryptography==3.3.2; platform_machine != "aarch64" and platform_machine != "amd64" and platform_machine != "x86_64"',
'cryptography==41.0.2; platform_machine == "aarch64" or platform_machine == "amd64" or platform_machine == "x86_64"',
] ]
jmqtui = [ jmqtui = [
"PyQt5!=5.15.0,!=5.15.1,!=5.15.2,!=6.0", "PyQt5!=5.15.0,!=5.15.1,!=5.15.2,!=6.0",

34
src/jmbase/crypto.py
Unescape View File

@ -1,15 +1,27 @@
import pyaes from cryptography.hazmat.primitives import padding
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
def _pad(data: bytes) -> bytes:
if len(data) % 16 == 0:
return data
padder = padding.PKCS7(128).padder()
return padder.update(data) + padder.finalize()
def _unpad(data: bytes) -> bytes:
try:
unpadder = padding.PKCS7(128).unpadder()
return unpadder.update(data) + unpadder.finalize()
except ValueError:
return data
def aes_cbc_encrypt(key: bytes, data: bytes, iv: bytes) -> bytes: def aes_cbc_encrypt(key: bytes, data: bytes, iv: bytes) -> bytes:
encrypter = pyaes.Encrypter( encrypter = Cipher(algorithms.AES(key), modes.CBC(iv)).encryptor()
pyaes.AESModeOfOperationCBC(key, iv=iv)) return encrypter.update(_pad(data)) + encrypter.finalize()
enc_data = encrypter.feed(data)
enc_data += encrypter.feed()
return enc_data
def aes_cbc_decrypt(key: bytes, data: bytes, iv: bytes) -> bytes: def aes_cbc_decrypt(key: bytes, data: bytes, iv: bytes) -> bytes:
decrypter = pyaes.Decrypter( decrypter = Cipher(algorithms.AES(key), modes.CBC(iv)).decryptor()
pyaes.AESModeOfOperationCBC(key, iv=iv)) return _unpad(decrypter.update(data) + decrypter.finalize())
dec_data = decrypter.feed(data)
dec_data += decrypter.feed()
return dec_data

47
test/jmbase/test_crypto.py
Unescape View File

@ -0,0 +1,47 @@
#! /usr/bin/env python
import os
from binascii import unhexlify
import pytest
from jmbase import crypto
@pytest.mark.parametrize("data", [b"surely a secret message", b"joinmarket"])
def test_aes_cbc_padding(data):
key, iv = os.urandom(32), os.urandom(16)
encrypted = crypto.aes_cbc_encrypt(key, data, iv)
assert crypto.aes_cbc_decrypt(key, encrypted, iv) == data
@pytest.mark.parametrize(
"key, iv, ciphertext, plaintext",
[
(
"2b7e151628aed2a6abf7158809cf4f3c",
"000102030405060708090a0b0c0d0e0f",
"7649abac8119b246cee98e9b12e9197d5086cb9b507219ee95db113a917678b273bed6b8e3c1743b7116e69e222295163ff1caa1681fac09120eca307586e1a7",
"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
),
(
"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
"000102030405060708090a0b0c0d0e0f",
"4f021db243bc633d7178183a9fa071e8b4d9ada9ad7dedf4e5e738763f69145a571b242012fb7ae07fa9baac3df102e008b0e27988598881d920a9e64f5615cd",
"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
),
(
"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4",
"000102030405060708090a0b0c0d0e0f",
"f58c4c04d6e5f1ba779eabfb5f7bfbd69cfc4e967edb808d679f777bc6702c7d39f23369a9d9bacfa530e26304231461b2eb05e2c39be9fcda6c19078c6a9d1b",
"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710",
),
],
)
def test_aes_cbc_nist_vectors(key, iv, ciphertext, plaintext):
_key = unhexlify(key)
_iv = unhexlify(iv)
ct = unhexlify(ciphertext)
pt = unhexlify(plaintext)
assert crypto.aes_cbc_encrypt(_key, pt, _iv) == ct
assert crypto.aes_cbc_decrypt(_key, ct, _iv) == pt
Write Preview
Loading…
Cancel
Save