/usr/lib/python3/dist-packages/pgpy/symenc.py is in python3-pgpy 0.4.3-3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | """ symenc.py
"""
import six
from cryptography.exceptions import UnsupportedAlgorithm
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers import modes
from .errors import PGPDecryptionError
from .errors import PGPEncryptionError
from .errors import PGPInsecureCipher
__all__ = ['_encrypt',
'_decrypt']
def _encrypt(pt, key, alg, iv=None):
if iv is None:
iv = b'\x00' * (alg.block_size // 8)
if alg.is_insecure:
raise PGPInsecureCipher("{:s} is not secure. Do not use it for encryption!".format(alg.name))
if not callable(alg.cipher):
raise PGPEncryptionError("Cipher {:s} not supported".format(alg.name))
try:
encryptor = Cipher(alg.cipher(key), modes.CFB(iv), default_backend()).encryptor()
except UnsupportedAlgorithm as ex: # pragma: no cover
six.raise_from(PGPEncryptionError, ex)
else:
return bytearray(encryptor.update(pt) + encryptor.finalize())
def _decrypt(ct, key, alg, iv=None):
if iv is None:
"""
Instead of using an IV, OpenPGP prefixes a string of length
equal to the block size of the cipher plus two to the data before it
is encrypted. The first block-size octets (for example, 8 octets for
a 64-bit block length) are random, and the following two octets are
copies of the last two octets of the IV.
"""
iv = b'\x00' * (alg.block_size // 8)
try:
decryptor = Cipher(alg.cipher(key), modes.CFB(iv), default_backend()).decryptor()
except UnsupportedAlgorithm as ex: # pragma: no cover
six.raise_from(PGPDecryptionError, ex)
else:
return bytearray(decryptor.update(ct) + decryptor.finalize())
|