-
Notifications
You must be signed in to change notification settings - Fork 1
/
openSSL.py
99 lines (95 loc) · 3.36 KB
/
openSSL.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Helper module for interfacing with OpenSSL
import fileIO
import subprocess
import uuid
# Hashes the input to a key
# @param String plaintext The string to hash
# @return Returns the hashed key
def hash(plaintext, outputType = '-hex'):
hashKey = None
retval = 0
try:
# name the temporary files randomly
# since the client and server are in the same dir, sometimes
# when both tried to use openSSL simultaneously there were collisions
temp_name = str(uuid.uuid1())
plaintext_file = 'p' + temp_name
key_file = 'k' + temp_name
# write out input / create output files
fileIO.writeFile(plaintext_file, plaintext)
fileIO.writeFile(key_file, '')
# run openssl hash command
retval = subprocess.call(['openssl', 'dgst', '-sha256', outputType, '-out', key_file, plaintext_file])
# read in the output
hashKey = fileIO.readFile(key_file)
finally:
# delete temp files
fileIO.removeFile(plaintext_file)
fileIO.removeFile(key_file)
# return the output
if hashKey is None or retval != 0:
raise Exception('Hash failed')
else:
return hashKey.replace('SHA256(plain.tmp)= ', '', 1)
# Decrypts the cipher with the given key
# @param String keyfile The keyfile to use when decrypting the cipher
# @param String cipher The encrypted text
# @return Returns the cipher in plaintext
def decrypt(keyfile, ciphertext):
plaintext = None
retval = 0
try:
# name the temporary files randomly
# since the client and server are in the same dir, sometimes
# when both tried to use openSSL simultaneously there were collisions
temp_name = str(uuid.uuid1())
plaintext_file = 'p' + temp_name
cipher_file = 'c' + temp_name
# write out input / create output files
fileIO.writeFile(plaintext_file, '')
fileIO.writeFile(cipher_file, ciphertext)
# run openssl dec command
with open(keyfile) as f:
retval = subprocess.call(['openssl', 'enc', '-d', '-aes-256-cbc', '-a', '-pass', 'stdin', '-out', plaintext_file, '-in', cipher_file], stdin=f)
# read in the output
plaintext = fileIO.readFile(plaintext_file)
finally:
# delete temp files
fileIO.removeFile(plaintext_file)
fileIO.removeFile(cipher_file)
# return the output
if plaintext is None or retval != 0:
raise Exception('Decrypt failed')
else:
return plaintext
# Encrypts the plaintext with the given key
# @param String keyfile The keyfile to use when encrypting the plaintext
# @param String plaintext The text to encrypt
# @return Returns the encrypted plaintext
def encrypt(keyfile, plaintext):
ciphertext = None
retval = 0
try:
# name the temporary files randomly
# since the client and server are in the same dir, sometimes
# when both tried to use openSSL simultaneously there were collisions
temp_name = str(uuid.uuid1())
plaintext_file = 'p' + temp_name
cipher_file = 'c' + temp_name
# write out input / create output files
fileIO.writeFile(plaintext_file, plaintext)
fileIO.writeFile(cipher_file, '')
# run openssl enc command
with open(keyfile) as f:
retval = subprocess.call(['openssl', 'enc', '-aes-256-cbc', '-a', '-pass', 'stdin', '-out', cipher_file, '-in', plaintext_file], stdin=f)
# read in the output
ciphertext = fileIO.readFile(cipher_file)
finally:
# delete temp files
fileIO.removeFile(plaintext_file)
fileIO.removeFile(cipher_file)
# return the output
if ciphertext is None or retval != 0:
raise Exception('Encrypt failed')
else:
return ciphertext