Implemented proxies to pyca X25519

This commit is contained in:
Mark Qvist 2022-06-08 17:03:40 +02:00
parent e2aeb56c12
commit 94edc8eff3
6 changed files with 86 additions and 15 deletions

View File

@ -20,14 +20,13 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE. # SOFTWARE.
PROVIDER_INTERNAL = 0x01 import RNS.Cryptography.Provider as cp
PROVIDER_PYCA = 0x02
provider = PROVIDER_PYCA if cp.PROVIDER == cp.PROVIDER_INTERNAL:
# TODO: Use internal AES
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
if provider == PROVIDER_INTERNAL: elif cp.PROVIDER == cp.PROVIDER_PYCA:
pass
elif provider == PROVIDER_PYCA:
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
@ -35,9 +34,14 @@ class AES_128_CBC:
@staticmethod @staticmethod
def encrypt(plaintext, key, iv): def encrypt(plaintext, key, iv):
if provider == PROVIDER_INTERNAL: if cp.PROVIDER == cp.PROVIDER_INTERNAL:
pass # TODO: Use internal AES
elif provider == PROVIDER_PYCA: cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
encryptor = cipher.encryptor()
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
return ciphertext
elif cp.PROVIDER == cp.PROVIDER_PYCA:
cipher = Cipher(algorithms.AES(key), modes.CBC(iv)) cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
encryptor = cipher.encryptor() encryptor = cipher.encryptor()
ciphertext = encryptor.update(plaintext) + encryptor.finalize() ciphertext = encryptor.update(plaintext) + encryptor.finalize()
@ -45,9 +49,14 @@ class AES_128_CBC:
@staticmethod @staticmethod
def decrypt(ciphertext, key, iv): def decrypt(ciphertext, key, iv):
if provider == PROVIDER_INTERNAL: if cp.PROVIDER == cp.PROVIDER_INTERNAL:
pass # TODO: Use internal AES
elif provider == PROVIDER_PYCA: cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
decryptor = cipher.decryptor()
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
return plaintext
elif cp.PROVIDER == cp.PROVIDER_PYCA:
cipher = Cipher(algorithms.AES(key), modes.CBC(iv)) cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
decryptor = cipher.decryptor() decryptor = cipher.decryptor()
plaintext = decryptor.update(ciphertext) + decryptor.finalize() plaintext = decryptor.update(ciphertext) + decryptor.finalize()

View File

@ -0,0 +1,5 @@
PROVIDER_INTERNAL = 0x01
PROVIDER_PYCA = 0x02
# PROVIDER = PROVIDER_PYCA
PROVIDER = PROVIDER_INTERNAL

View File

@ -0,0 +1,43 @@
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey, X25519PublicKey
class X25519PrivateKeyProxy:
def __init__(self, real):
self.real = real
@classmethod
def generate(cls):
return cls(X25519PrivateKey.generate())
@classmethod
def from_private_bytes(cls, data):
return cls(X25519PrivateKey.from_private_bytes(data))
def private_bytes(self):
return self.real.private_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PrivateFormat.Raw,
encryption_algorithm=serialization.NoEncryption(),
)
def public_key(self):
return X25519PublicKeyProxy(self.real.public_key())
def exchange(self, peer_public_key):
return self.real.exchange(peer_public_key.real)
class X25519PublicKeyProxy:
def __init__(self, real):
self.real = real
@classmethod
def from_public_bytes(cls, data):
return cls(X25519PublicKey.from_public_bytes(data))
def public_bytes(self):
return self.real.public_bytes(
encoding=serialization.Encoding.Raw,
format=serialization.PublicFormat.Raw
)

View File

@ -6,5 +6,19 @@ from .HKDF import hkdf
from .PKCS7 import PKCS7 from .PKCS7 import PKCS7
from .Fernet import Fernet from .Fernet import Fernet
import RNS.Cryptography.Provider as cp
if cp.PROVIDER == cp.PROVIDER_INTERNAL:
print("INTERNAL")
from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey
# TODO: Use internal Ed25519
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
elif cp.PROVIDER == cp.PROVIDER_PYCA:
print("PYCA")
from RNS.Cryptography.Proxies import X25519PrivateKeyProxy as X25519PrivateKey
from RNS.Cryptography.Proxies import X25519PublicKeyProxy as X25519PublicKey
modules = glob.glob(os.path.dirname(__file__)+"/*.py") modules = glob.glob(os.path.dirname(__file__)+"/*.py")
__all__ = [ os.path.basename(f)[:-3] for f in modules if not f.endswith('__init__.py')] __all__ = [ os.path.basename(f)[:-3] for f in modules if not f.endswith('__init__.py')]

View File

@ -31,7 +31,7 @@ from .vendor import umsgpack as umsgpack
from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey from RNS.Cryptography import X25519PrivateKey, X25519PublicKey
from RNS.Cryptography import Fernet from RNS.Cryptography import Fernet

View File

@ -24,7 +24,7 @@ from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey
from RNS.Cryptography.X25519 import X25519PrivateKey, X25519PublicKey from RNS.Cryptography import X25519PrivateKey, X25519PublicKey
from RNS.Cryptography import Fernet from RNS.Cryptography import Fernet
from time import sleep from time import sleep