move cipher() to crypto_utils
git-svn-id: svn+ssh://localhost/home/henryk/svn/cyberflex-shell/trunk@128 f711b948-2313-0410-aaa9-d29f33439f0b
This commit is contained in:
parent
3994578708
commit
c21d63752f
|
@ -4,6 +4,50 @@ from Crypto.Cipher import DES3
|
|||
iv = '\x00' * 8
|
||||
PADDING = '\x80' + '\x00' * 7
|
||||
|
||||
## *******************************************************************
|
||||
## * Generic methods *
|
||||
## *******************************************************************
|
||||
def cipher(do_encrypt, cipherspec, key, data, iv = None):
|
||||
"""Do a cryptographic operation.
|
||||
operation = do_encrypt ? encrypt : decrypt,
|
||||
cipherspec must be of the form "cipher-mode", or "cipher\""""
|
||||
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
|
||||
cipherparts = cipherspec.split("-")
|
||||
|
||||
if len(cipherparts) > 2:
|
||||
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
|
||||
elif len(cipherparts) == 1:
|
||||
cipherparts[1] = "ecb"
|
||||
|
||||
c_class = locals().get(cipherparts[0].upper(), None)
|
||||
if c_class is None:
|
||||
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
|
||||
|
||||
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
|
||||
if mode is None:
|
||||
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
|
||||
|
||||
cipher = None
|
||||
if iv is None:
|
||||
cipher = c_class.new(key, mode)
|
||||
else:
|
||||
cipher = c_class.new(key, mode, iv)
|
||||
|
||||
|
||||
result = None
|
||||
if do_encrypt:
|
||||
result = cipher.encrypt(data)
|
||||
else:
|
||||
result = cipher.decrypt(data)
|
||||
|
||||
del cipher
|
||||
return result
|
||||
|
||||
|
||||
|
||||
## *******************************************************************
|
||||
## * Cyberflex specific methods *
|
||||
## *******************************************************************
|
||||
def verify_card_cryptogram(session_key, host_challenge,
|
||||
card_challenge, card_cryptogram):
|
||||
message = host_challenge + card_challenge
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: iso-8859-1 -*-
|
||||
|
||||
import pycsc, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
|
||||
import pycsc, crypto_utils, utils, cards, os, re, binascii, sys, exceptions, traceback, getopt
|
||||
from shell import Shell
|
||||
|
||||
def list_readers():
|
||||
|
@ -62,40 +62,6 @@ class Cyberflex_Shell(Shell):
|
|||
"List the available readers"
|
||||
list_readers()
|
||||
|
||||
@staticmethod
|
||||
def cipher(do_encrypt, cipherspec, key, data, iv = None):
|
||||
from Crypto.Cipher import DES3, DES, AES, IDEA, RC5
|
||||
cipherparts = cipherspec.split("-")
|
||||
|
||||
if len(cipherparts) > 2:
|
||||
raise ValueError, 'cipherspec must be of the form "cipher-mode" or "cipher"'
|
||||
elif len(cipherparts) == 1:
|
||||
cipherparts[1] = "ecb"
|
||||
|
||||
c_class = locals().get(cipherparts[0].upper(), None)
|
||||
if c_class is None:
|
||||
raise ValueError, "Cipher '%s' not known, must be one of %s" % (cipherparts[0], ", ".join([e.lower() for e in dir() if e.isupper()]))
|
||||
|
||||
mode = getattr(c_class, "MODE_" + cipherparts[1].upper(), None)
|
||||
if mode is None:
|
||||
raise ValueError, "Mode '%s' not known, must be one of %s" % (cipherparts[1], ", ".join([e.split("_")[1].lower() for e in dir(c_class) if e.startswith("MODE_")]))
|
||||
|
||||
cipher = None
|
||||
if iv is None:
|
||||
cipher = c_class.new(key, mode)
|
||||
else:
|
||||
cipher = c_class.new(key, mode, iv)
|
||||
|
||||
|
||||
result = None
|
||||
if do_encrypt:
|
||||
result = cipher.encrypt(data)
|
||||
else:
|
||||
result = cipher.decrypt(data)
|
||||
|
||||
del cipher
|
||||
return result
|
||||
|
||||
def cmd_enc(self, *args):
|
||||
"Encrypt or decrypt with openssl-like interface"
|
||||
|
||||
|
@ -143,7 +109,7 @@ class Cyberflex_Shell(Shell):
|
|||
text = fp.read()
|
||||
fp.close()
|
||||
|
||||
result = self.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
|
||||
result = crypto_utils.cipher(mode == MODE_ENCRYPT, cipher, key, text, iv)
|
||||
|
||||
self.card.last_result = utils.R_APDU(result+"\x00\x00")
|
||||
print utils.hexdump(result)
|
||||
|
|
Loading…
Reference in New Issue