tcsenpai/hmacrypt
1
0
Fork 0
mirror of https://github.com/tcsenpai/hmacrypt.git synced 2025-06-06 02:45:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

ok

Browse Source
This commit is contained in:
thecookingsenpai 2024-02-06 16:27:52 +01:00
parent de6def5a30
commit 72bdf0378e
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/hmacrypt.py
View File

@ -1,16 +1,20 @@
from src.libs.seedable_rsa import generate_key, encrypt, decrypt
import subprocess
from src.libs.seedable_rsa import decrypt, encrypt, generate_key
# INFO This method is the core of the whole process as it derives a RSA keypair from the stored secret and the hardware key
def inferKeys(hidePrivate=False, savePublic=False, keyfilePath="src/bins/.keyfile"):
"""Infer keys from the secret stored in the hardware key"""
hmac_secret_raw = subprocess.check_output(["src/bins/hmac_secret_regenerate", keyfilePath])
hmac_secret_raw = subprocess.check_output(
["src/bins/hmac_secret_regenerate", keyfilePath]
)
# Convert to string
hmac_secret_dirty = hmac_secret_raw.decode("utf-8")
# Divide lines and keep last one
hmac_secret = hmac_secret_dirty.splitlines()[-1]
hmac_secret = hmac_secret.strip()
secret_key = generate_key(hmac_secret) # RSA Key (2048) derivation
secret_key = generate_key(hmac_secret) # RSA Key (2048) derivation
# We use them in memory, we never save them
# Privacy should be possible here
if hidePrivate:
@ -24,26 +28,31 @@ def inferKeys(hidePrivate=False, savePublic=False, keyfilePath="src/bins/.keyfil
f.write(public_key)
return private_key, public_key
# NOTE All the below methods generates keys on the fly to avoid persistance
# NOTE You should NEVER save the keypair to disk or even to a globlal variable
# NOTE Security is only guaranteed by the observance of the above rule
# STRINGS
def self_encrypt(secret, encoded=False):
"""Encrypt secret with public key"""
private_key, public_key = inferKeys()
secret = encrypt(secret, public_key, encoded)
return secret
def self_decrypt(encrypted):
"""Decrypt secret with private key"""
private_key, public_key = inferKeys()
secret = decrypt(encrypted, private_key)
return secret
# SMALL FILES
def self_encrypt_file(filepath, outpath):
"""Encrypt file with public key"""
private_key, public_key = inferKeys(hidePrivate=True)
@ -54,6 +63,7 @@ def self_encrypt_file(filepath, outpath):
f.write(encrypted)
return outpath
def self_decrypt_file(filepath, outpath):
"""Decrypt file with private key"""
private_key, public_key = inferKeys()
@ -64,6 +74,7 @@ def self_decrypt_file(filepath, outpath):
f.write(decrypted)
return outpath
# TODO LARGE FILES