move cipher() to crypto_utils

git-svn-id: svn+ssh://localhost/home/henryk/svn/cyberflex-shell/trunk@128 f711b948-2313-0410-aaa9-d29f33439f0b
This commit is contained in:
hploetz 2006-11-19 04:53:10 +00:00
parent 3994578708
commit c21d63752f
2 changed files with 46 additions and 36 deletions

View File

@ -4,6 +4,50 @@ from Crypto.Cipher import DES3
iv = '\x00' * 8
PADDING = '\x80' + '\x00' * 7
## *******************************************************************
## * Generic methods *
## *******************************************************************
def cipher(do_encrypt, cipherspec, key, data, iv = None):
"""Do a cryptographic operation.
operation = do_encrypt ? encrypt : decrypt,
cipherspec must be of the form "cipher-mode", or "cipher\""""
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
cipherparts = cipherspec.split("-")
if len(cipherparts) > 2:
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
elif len(cipherparts) == 1:
cipherparts[1] = "ecb"
c_class = locals().get(cipherparts[0].upper(), None)
if c_class is None:
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
if mode is None:
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
cipher = None
if iv is None:
cipher = c_class.new(key, mode)
else:
cipher = c_class.new(key, mode, iv)
result = None
if do_encrypt:
result = cipher.encrypt(data)
else:
result = cipher.decrypt(data)
del cipher
return result
## *******************************************************************
## * Cyberflex specific methods *
## *******************************************************************
def verify_card_cryptogram(session_key, host_challenge,
card_challenge, card_cryptogram):
message = host_challenge + card_challenge

View File

@ -1,7 +1,7 @@
#!/usr/bin/env python
# -*- coding: iso-8859-1 -*-
import pycsc, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
import pycsc, crypto_utils, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
from shell import Shell
def list_readers():
@ -62,40 +62,6 @@ class Cyberflex_Shell(Shell):
"List the available readers"
list_readers()
@staticmethod
def cipher(do_encrypt, cipherspec, key, data, iv = None):
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
cipherparts = cipherspec.split("-")
if len(cipherparts) > 2:
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
elif len(cipherparts) == 1:
cipherparts[1] = "ecb"
c_class = locals().get(cipherparts[0].upper(), None)
if c_class is None:
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
if mode is None:
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
cipher = None
if iv is None:
cipher = c_class.new(key, mode)
else:
cipher = c_class.new(key, mode, iv)
result = None
if do_encrypt:
result = cipher.encrypt(data)
else:
result = cipher.decrypt(data)
del cipher
return result
def cmd_enc(self, *args):
"Encrypt or decrypt with openssl-like interface"
@ -143,7 +109,7 @@ class Cyberflex_Shell(Shell):
text = fp.read()
fp.close()
result = self.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
result = crypto_utils.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
self.card.last_result = utils.R_APDU(result+"\x00\x00")
print utils.hexdump(result)