AES Cryptography

In [11]:
# Imports
import os
import re
import base64
import hashlib
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.backends import default_backend

In [12]:
def derive_key(password, salt, iterations=100000, length=32):
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(),
        length=length,  # AES-256
        salt=salt,
        iterations=iterations,
        backend=default_backend()
    )
    key = kdf.derive(password)
    return key

In [17]:
class AESCipher:
    """
        An AESCipher object contains a key and a block_size. An AESCipher object also contains two methods for encryption and decryption that can be
        called from the object.
        
        encrypt: Encrypts the plaintext data of a file and encrypts the file in place.
            Parameters:
            - plaintext (string): Contains the plaintext data from the file that the user wants to encrypt.
            - file_name (string): Contains the data path to the file that the user wants to encrypt.
            
        decrypt: Decrypts the ciphertext data of a file and decrypts the file in place.
            Parameters:
            - ciphertext (string): Contains the ciphertext data from the file that the user wants to decrypt.
            - file_name (string): Contains the data path to the file that the user wants to decrypt.
            
    """
    def __init__(self, key, is_binary):
        self.key = key  # Key should be bytes
        self.is_binary = is_binary  # True for binary files, False for text files
        self.block_size = algorithms.AES.block_size // 8  # Block size in bytes

    def encrypt(self, plaintext_data, file_name):
        # Generate a random IV
        iv = os.urandom(self.block_size)

        # Define the cipher using the key
        cipher = Cipher(algorithms.AES(self.key), modes.CBC(iv))
        encryptor = cipher.encryptor()

        # Pad the plaintext to ensure it's a multiple of the block size
        padder = padding.PKCS7(algorithms.AES.block_size).padder()
        padded_data = padder.update(plaintext_data) + padder.finalize()

        # Encrypt the padded data
        ciphertext = encryptor.update(padded_data) + encryptor.finalize()

        # Write the encrypted data to the file
        mode = 'wb' if self.is_binary else 'w'
        with open(file_name, mode) as file:
            if self.is_binary:
                file.write(ciphertext)
            else:
                # For text files, base64-encode the ciphertext for safe storage
                ciphertext_b64 = base64.b64encode(ciphertext).decode('utf-8')
                file.write(ciphertext_b64)

        # Write the IV to a separate file
        with open(file_name + '.iv', 'wb') as iv_file:
            iv_file.write(iv)

        print("File encrypted")

    def decrypt(self, file_name):
        # Read the IV from the separate file
        with open(file_name + '.iv', 'rb') as iv_file:
            iv = iv_file.read()

        # Read the ciphertext from the file
        mode = 'rb' if self.is_binary else 'r'
        with open(file_name, mode) as file:
            if self.is_binary:
                ciphertext = file.read()
            else:
                ciphertext_b64 = file.read()
                ciphertext = base64.b64decode(ciphertext_b64)

        # Define the cipher using the key and the IV
        cipher = Cipher(algorithms.AES(self.key), modes.CBC(iv))
        decryptor = cipher.decryptor()

        # Decrypt the ciphertext
        decrypted_padded_data = decryptor.update(ciphertext) + decryptor.finalize()

        # Unpad the decrypted data to get the original plaintext
        unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
        plaintext_data = unpadder.update(decrypted_padded_data) + unpadder.finalize()

        # Write the decrypted plaintext back to the file
        mode = 'wb' if self.is_binary else 'w'
        with open(file_name, mode) as file:
            if self.is_binary:
                file.write(plaintext_data)
            else:
                file.write(plaintext_data.decode('utf-8'))

        print("File decrypted")

In [18]:
def obfuscate_script(file_name, is_binary):
    # Open the file and read in the contents
    mode = 'rb' if is_binary else 'r'
    with open(file_name, mode) as file:
        file_content = file.read()

    # Obfuscate the data using base64 encoding
    if is_binary:
        obfuscated_content = base64.b64encode(file_content)
        write_mode = 'wb'
    else:
        obfuscated_content = base64.b64encode(file_content.encode('utf-8')).decode('utf-8')
        write_mode = 'w'

    # Write the obfuscated data back to the file
    with open(file_name, write_mode) as file:
        file.write(obfuscated_content)

    print("File obfuscated")

In [19]:
def deobfuscate_script(file_name, is_binary):
    # Open the file and read in the contents
    mode = 'rb' if is_binary else 'r'
    with open(file_name, mode) as file:
        obfuscated_content = file.read()

    # Deobfuscate the data using base64 decoding
    try:
        if is_binary:
            file_content = base64.b64decode(obfuscated_content)
            write_mode = 'wb'
        else:
            file_content = base64.b64decode(obfuscated_content).decode('utf-8')
            write_mode = 'w'
    except Exception as e:
        print("Error during deobfuscation:", e)
        return

    # Write the deobfuscated data back to the file
    with open(file_name, write_mode) as file:
        file.write(file_content)

    print("File deobfuscated")


In [None]:
def main():
    # Enter filename
    file_name = input("Enter the filename (with extension): ").strip()

    # Determine if the file is binary or text
    file_type = input("Is this a binary file (e.g., Word document)? (y/n): ").strip().lower()
    is_binary = file_type == 'y'

    # Prompt the user for the key
    user_key_input = input("Please enter the key: ").strip()
    user_key_bytes = user_key_input.encode('utf-8')

    # Hash the user's input key
    user_key_hash = hashlib.sha256(user_key_bytes).hexdigest()

    # Stored hash of the correct key
    stored_key_hash = 'ac5efc53c483be20c2e765066a3d83434df39b03961a1a95a1c0c18ef58c1380'

    # Compare the hashes
    if user_key_hash != stored_key_hash:
        print("Incorrect key. Access denied.")
        return

    # Key derivation parameters
    salt = b'some_salt_value'  # Use a secure random salt in practice
    iterations = 100000

    # Derive the key from the user's input
    key = derive_key(user_key_bytes, salt, iterations)

    # Choose action based on user input
    print("\nPlease choose from one of the following:")
    print("1: Encrypt and Obfuscate")
    print("2: Encrypt Only")
    print("3: Obfuscate Only")
    print("4: Decrypt and Deobfuscate")
    print("5: Decrypt Only")
    print("6: Deobfuscate Only")
    action = input().strip()

    cipher = AESCipher(key, is_binary)

    if action == '1':
        # Encrypt and Obfuscate
        # Read the file contents to encrypt
        mode = 'rb' if is_binary else 'r'
        with open(file_name, mode) as file:
            file_contents = file.read()
            if not is_binary:
                file_contents = file_contents.encode('utf-8')

        # Encrypt the file
        cipher.encrypt(file_contents, file_name)

        # Obfuscate the file
        obfuscate_script(file_name, is_binary)

    elif action == '2':
        # Encrypt Only
        mode = 'rb' if is_binary else 'r'
        with open(file_name, mode) as file:
            file_contents = file.read()
            if not is_binary:
                file_contents = file_contents.encode('utf-8')
        cipher.encrypt(file_contents, file_name)

    elif action == '3':
        # Obfuscate Only
        obfuscate_script(file_name, is_binary)

    elif action == '4':
        # Decrypt and Deobfuscate
        # Deobfuscate the file first
        deobfuscate_script(file_name, is_binary)
        # Then decrypt the file
        cipher.decrypt(file_name)

    elif action == '5':
        # Decrypt Only
        cipher.decrypt(file_name)

    elif action == '6':
        # Deobfuscate Only
        deobfuscate_script(file_name, is_binary)

    else:
        print("Invalid action. Please enter a number between 1 and 6.")

if __name__ == "__main__":
    main()