golden hour
/opt/imunify360/venv/lib/python3.11/site-packages/Crypto/Cipher
⬆️ Go Up
Upload
File/Folder
Size
Actions
AES.py
8.71 KB
Del
OK
AES.pyi
3.63 KB
Del
OK
ARC2.py
6.85 KB
Del
OK
ARC2.pyi
980 B
Del
OK
ARC4.py
5 KB
Del
OK
ARC4.pyi
413 B
Del
OK
Blowfish.py
5.82 KB
Del
OK
Blowfish.pyi
1016 B
Del
OK
CAST.py
5.93 KB
Del
OK
CAST.pyi
981 B
Del
OK
ChaCha20.py
10.48 KB
Del
OK
ChaCha20.pyi
788 B
Del
OK
ChaCha20_Poly1305.py
11.29 KB
Del
OK
ChaCha20_Poly1305.pyi
1.08 KB
Del
OK
DES.py
5.81 KB
Del
OK
DES.pyi
961 B
Del
OK
DES3.py
6.76 KB
Del
OK
DES3.pyi
1.01 KB
Del
OK
PKCS1_OAEP.py
8.62 KB
Del
OK
PKCS1_OAEP.pyi
1.15 KB
Del
OK
PKCS1_v1_5.py
7.95 KB
Del
OK
PKCS1_v1_5.pyi
686 B
Del
OK
Salsa20.py
6.2 KB
Del
OK
Salsa20.pyi
751 B
Del
OK
_ARC4.abi3.so
20.52 KB
Del
OK
_EKSBlowfish.py
5.08 KB
Del
OK
_EKSBlowfish.pyi
266 B
Del
OK
_Salsa20.abi3.so
26.38 KB
Del
OK
__init__.py
2.78 KB
Del
OK
__init__.pyi
0 B
Del
OK
__pycache__
-
Del
OK
_chacha20.abi3.so
29.91 KB
Del
OK
_mode_cbc.py
10.63 KB
Del
OK
_mode_cbc.pyi
687 B
Del
OK
_mode_ccm.py
23.8 KB
Del
OK
_mode_ccm.pyi
1.56 KB
Del
OK
_mode_cfb.py
10.47 KB
Del
OK
_mode_cfb.pyi
727 B
Del
OK
_mode_ctr.py
15.44 KB
Del
OK
_mode_ctr.pyi
800 B
Del
OK
_mode_eax.py
14.11 KB
Del
OK
_mode_eax.pyi
1.51 KB
Del
OK
_mode_ecb.py
8.11 KB
Del
OK
_mode_ecb.pyi
592 B
Del
OK
_mode_gcm.py
20.8 KB
Del
OK
_mode_gcm.pyi
1.5 KB
Del
OK
_mode_ocb.py
19.47 KB
Del
OK
_mode_ocb.pyi
1.2 KB
Del
OK
_mode_ofb.py
9.97 KB
Del
OK
_mode_ofb.pyi
691 B
Del
OK
_mode_openpgp.py
6.89 KB
Del
OK
_mode_openpgp.pyi
556 B
Del
OK
_mode_siv.py
13.65 KB
Del
OK
_mode_siv.pyi
1.23 KB
Del
OK
_pkcs1_decode.abi3.so
34.85 KB
Del
OK
_raw_aes.abi3.so
104.3 KB
Del
OK
_raw_aesni.abi3.so
103.89 KB
Del
OK
_raw_arc2.abi3.so
45.38 KB
Del
OK
_raw_blowfish.abi3.so
76.8 KB
Del
OK
_raw_cast.abi3.so
56.06 KB
Del
OK
_raw_cbc.abi3.so
22.46 KB
Del
OK
_raw_cfb.abi3.so
26.23 KB
Del
OK
_raw_ctr.abi3.so
30.6 KB
Del
OK
_raw_des.abi3.so
69.88 KB
Del
OK
_raw_des3.abi3.so
70.82 KB
Del
OK
_raw_ecb.abi3.so
18.57 KB
Del
OK
_raw_eksblowfish.abi3.so
176.95 KB
Del
OK
_raw_ocb.abi3.so
44.78 KB
Del
OK
_raw_ofb.abi3.so
21.61 KB
Del
OK
Edit: PKCS1_v1_5.py
# -*- coding: utf-8 -*- # # Cipher/PKCS1-v1_5.py : PKCS#1 v1.5 # # =================================================================== # The contents of this file are dedicated to the public domain. To # the extent that dedication to the public domain is not available, # everyone is granted a worldwide, perpetual, royalty-free, # non-exclusive license to exercise all rights associated with the # contents of this file for any purpose whatsoever. # No rights are reserved. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # =================================================================== __all__ = ['new', 'PKCS115_Cipher'] from Crypto import Random from Crypto.Util.number import bytes_to_long, long_to_bytes from Crypto.Util.py3compat import bord, is_bytes, _copy_bytes from Crypto.Util._raw_api import (load_pycryptodome_raw_lib, c_size_t, c_uint8_ptr) _raw_pkcs1_decode = load_pycryptodome_raw_lib("Crypto.Cipher._pkcs1_decode", """ int pkcs1_decode(const uint8_t *em, size_t len_em, const uint8_t *sentinel, size_t len_sentinel, size_t expected_pt_len, uint8_t *output); """) def _pkcs1_decode(em, sentinel, expected_pt_len, output): if len(em) != len(output): raise ValueError("Incorrect output length") ret = _raw_pkcs1_decode.pkcs1_decode(c_uint8_ptr(em), c_size_t(len(em)), c_uint8_ptr(sentinel), c_size_t(len(sentinel)), c_size_t(expected_pt_len), c_uint8_ptr(output)) return ret class PKCS115_Cipher: """This cipher can perform PKCS#1 v1.5 RSA encryption or decryption. Do not instantiate directly. Use :func:`Crypto.Cipher.PKCS1_v1_5.new` instead.""" def __init__(self, key, randfunc): """Initialize this PKCS#1 v1.5 cipher object. :Parameters: key : an RSA key object If a private half is given, both encryption and decryption are possible. If a public half is given, only encryption is possible. randfunc : callable Function that returns random bytes. """ self._key = key self._randfunc = randfunc def can_encrypt(self): """Return True if this cipher object can be used for encryption.""" return self._key.can_encrypt() def can_decrypt(self): """Return True if this cipher object can be used for decryption.""" return self._key.can_decrypt() def encrypt(self, message): """Produce the PKCS#1 v1.5 encryption of a message. This function is named ``RSAES-PKCS1-V1_5-ENCRYPT``, and it is specified in `section 7.2.1 of RFC8017 <https://tools.ietf.org/html/rfc8017#page-28>`_. :param message: The message to encrypt, also known as plaintext. It can be of variable length, but not longer than the RSA modulus (in bytes) minus 11. :type message: bytes/bytearray/memoryview :Returns: A byte string, the ciphertext in which the message is encrypted. It is as long as the RSA modulus (in bytes). :Raises ValueError: If the RSA key length is not sufficiently long to deal with the given message. """ # See 7.2.1 in RFC8017 k = self._key.size_in_bytes() mLen = len(message) # Step 1 if mLen > k - 11: raise ValueError("Plaintext is too long.") # Step 2a ps = [] while len(ps) != k - mLen - 3: new_byte = self._randfunc(1) if bord(new_byte[0]) == 0x00: continue ps.append(new_byte) ps = b"".join(ps) assert(len(ps) == k - mLen - 3) # Step 2b em = b'\x00\x02' + ps + b'\x00' + _copy_bytes(None, None, message) # Step 3a (OS2IP) em_int = bytes_to_long(em) # Step 3b (RSAEP) m_int = self._key._encrypt(em_int) # Step 3c (I2OSP) c = long_to_bytes(m_int, k) return c def decrypt(self, ciphertext, sentinel, expected_pt_len=0): r"""Decrypt a PKCS#1 v1.5 ciphertext. This is the function ``RSAES-PKCS1-V1_5-DECRYPT`` specified in `section 7.2.2 of RFC8017 <https://tools.ietf.org/html/rfc8017#page-29>`_. Args: ciphertext (bytes/bytearray/memoryview): The ciphertext that contains the message to recover. sentinel (any type): The object to return whenever an error is detected. expected_pt_len (integer): The length the plaintext is known to have, or 0 if unknown. Returns (byte string): It is either the original message or the ``sentinel`` (in case of an error). .. warning:: PKCS#1 v1.5 decryption is intrinsically vulnerable to timing attacks (see `Bleichenbacher's`__ attack). **Use PKCS#1 OAEP instead**. This implementation attempts to mitigate the risk with some constant-time constructs. However, they are not sufficient by themselves: the type of protocol you implement and the way you handle errors make a big difference. Specifically, you should make it very hard for the (malicious) party that submitted the ciphertext to quickly understand if decryption succeeded or not. To this end, it is recommended that your protocol only encrypts plaintexts of fixed length (``expected_pt_len``), that ``sentinel`` is a random byte string of the same length, and that processing continues for as long as possible even if ``sentinel`` is returned (i.e. in case of incorrect decryption). .. __: https://dx.doi.org/10.1007/BFb0055716 """ # See 7.2.2 in RFC8017 k = self._key.size_in_bytes() # Step 1 if len(ciphertext) != k: raise ValueError("Ciphertext with incorrect length (not %d bytes)" % k) # Step 2a (O2SIP) ct_int = bytes_to_long(ciphertext) # Step 2b (RSADP) m_int = self._key._decrypt(ct_int) # Complete step 2c (I2OSP) em = long_to_bytes(m_int, k) # Step 3 (not constant time when the sentinel is not a byte string) output = bytes(bytearray(k)) if not is_bytes(sentinel) or len(sentinel) > k: size = _pkcs1_decode(em, b'', expected_pt_len, output) if size < 0: return sentinel else: return output[size:] # Step 3 (somewhat constant time) size = _pkcs1_decode(em, sentinel, expected_pt_len, output) return output[size:] def new(key, randfunc=None): """Create a cipher for performing PKCS#1 v1.5 encryption or decryption. :param key: The key to use to encrypt or decrypt the message. This is a `Crypto.PublicKey.RSA` object. Decryption is only possible if *key* is a private RSA key. :type key: RSA key object :param randfunc: Function that return random bytes. The default is :func:`Crypto.Random.get_random_bytes`. :type randfunc: callable :returns: A cipher object `PKCS115_Cipher`. """ if randfunc is None: randfunc = Random.get_random_bytes return PKCS115_Cipher(key, randfunc)
Save