|
1 | | -import os |
2 | | -import struct |
3 | | -import random |
4 | | -from eblib.utils import Timer |
5 | | -from Crypto.Cipher import AES |
6 | | - |
7 | | - |
8 | | -def encrypt_file(key, in_filename, out_filename=None, chunksize=64*1024): |
9 | | - """ Encrypts a file using AES (CBC mode) with the |
10 | | - given key. |
11 | | -
|
12 | | - key: |
13 | | - The encryption key - a bytes object that must be |
14 | | - either 16, 24 or 32 bytes long. Longer keys |
15 | | - are more secure. |
16 | | -
|
17 | | - in_filename: |
18 | | - Name of the input file |
19 | | -
|
20 | | - out_filename: |
21 | | - If None, '<in_filename>.enc' will be used. |
22 | | -
|
23 | | - chunksize: |
24 | | - Sets the size of the chunk which the function |
25 | | - uses to read and encrypt the file. Larger chunk |
26 | | - sizes can be faster for some files and machines. |
27 | | - chunksize must be divisible by 16. |
28 | | - """ |
29 | | - if not out_filename: |
30 | | - out_filename = in_filename + '.enc' |
31 | | - |
32 | | - iv = os.urandom(16) |
33 | | - encryptor = AES.new(key, AES.MODE_CBC, iv) |
34 | | - filesize = os.path.getsize(in_filename) |
35 | | - |
36 | | - with open(in_filename, 'rb') as infile: |
37 | | - with open(out_filename, 'wb') as outfile: |
38 | | - outfile.write(struct.pack('<Q', filesize)) |
39 | | - outfile.write(iv) |
40 | | - |
41 | | - while True: |
42 | | - chunk = infile.read(chunksize) |
43 | | - if len(chunk) == 0: |
44 | | - break |
45 | | - elif len(chunk) % 16 != 0: |
46 | | - chunk += b' ' * (16 - len(chunk) % 16) |
47 | | - |
48 | | - outfile.write(encryptor.encrypt(chunk)) |
49 | | - return out_filename |
50 | | - |
51 | | - |
52 | | -def decrypt_file(key, in_filename, out_filename=None, chunksize=24*1024): |
53 | | - """ Decrypts a file using AES (CBC mode) with the |
54 | | - given key. Parameters are similar to encrypt_file, |
55 | | - with one difference: out_filename, if not supplied |
56 | | - will be in_filename without its last extension |
57 | | - (i.e. if in_filename is 'aaa.zip.enc' then |
58 | | - out_filename will be 'aaa.zip') |
59 | | - """ |
60 | | - if not out_filename: |
61 | | - out_filename = os.path.splitext(in_filename)[0] |
62 | | - |
63 | | - with open(in_filename, 'rb') as infile: |
64 | | - origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0] |
65 | | - iv = infile.read(16) |
66 | | - decryptor = AES.new(key, AES.MODE_CBC, iv) |
67 | | - |
68 | | - with open(out_filename, 'wb') as outfile: |
69 | | - while True: |
70 | | - chunk = infile.read(chunksize) |
71 | | - if len(chunk) == 0: |
72 | | - break |
73 | | - outfile.write(decryptor.decrypt(chunk)) |
74 | | - |
75 | | - outfile.truncate(origsize) |
76 | | - return out_filename |
77 | | - |
78 | | - |
79 | | -if __name__ == "__main__": |
80 | | - pwd = b'1' * 32 |
81 | | - filename = '/tmp/file.my.enc' |
82 | | - |
83 | | - #with Timer('encrypt'): |
84 | | - #enc_filename = encrypt_file(pwd, filename) |
85 | | - |
86 | | - with Timer('decrypt'): |
87 | | - decrypt_file(pwd, filename, out_filename=filename+'.dec') |
| 1 | +import argparse |
| 2 | +import os |
| 3 | +import struct |
| 4 | +import random |
| 5 | +from eblib.utils import Timer |
| 6 | +from Crypto.Cipher import AES |
| 7 | + |
| 8 | + |
| 9 | +def encrypt_file(key, in_filename, out_filename=None, chunksize=64*1024): |
| 10 | + """ Encrypts a file using AES (CBC mode) with the |
| 11 | + given key. |
| 12 | +
|
| 13 | + key: |
| 14 | + The encryption key - a bytes object that must be |
| 15 | + either 16, 24 or 32 bytes long. Longer keys |
| 16 | + are more secure. |
| 17 | +
|
| 18 | + in_filename: |
| 19 | + Name of the input file |
| 20 | +
|
| 21 | + out_filename: |
| 22 | + If None, '<in_filename>.enc' will be used. |
| 23 | +
|
| 24 | + chunksize: |
| 25 | + Sets the size of the chunk which the function |
| 26 | + uses to read and encrypt the file. Larger chunk |
| 27 | + sizes can be faster for some files and machines. |
| 28 | + chunksize must be divisible by 16. |
| 29 | + """ |
| 30 | + if not out_filename: |
| 31 | + out_filename = in_filename + '.enc' |
| 32 | + |
| 33 | + iv = os.urandom(16) |
| 34 | + encryptor = AES.new(key, AES.MODE_CBC, iv) |
| 35 | + filesize = os.path.getsize(in_filename) |
| 36 | + |
| 37 | + with open(in_filename, 'rb') as infile: |
| 38 | + with open(out_filename, 'wb') as outfile: |
| 39 | + outfile.write(struct.pack('<Q', filesize)) |
| 40 | + outfile.write(iv) |
| 41 | + |
| 42 | + while True: |
| 43 | + chunk = infile.read(chunksize) |
| 44 | + if len(chunk) == 0: |
| 45 | + break |
| 46 | + elif len(chunk) % 16 != 0: |
| 47 | + chunk += b' ' * (16 - len(chunk) % 16) |
| 48 | + |
| 49 | + outfile.write(encryptor.encrypt(chunk)) |
| 50 | + return out_filename |
| 51 | + |
| 52 | + |
| 53 | +def decrypt_file(key, in_filename, out_filename=None, chunksize=24*1024): |
| 54 | + """ Decrypts a file using AES (CBC mode) with the |
| 55 | + given key. Parameters are similar to encrypt_file, |
| 56 | + with one difference: out_filename, if not supplied |
| 57 | + will be in_filename without its last extension |
| 58 | + (i.e. if in_filename is 'aaa.zip.enc' then |
| 59 | + out_filename will be 'aaa.zip') |
| 60 | + """ |
| 61 | + if not out_filename: |
| 62 | + out_filename = os.path.splitext(in_filename)[0] |
| 63 | + |
| 64 | + with open(in_filename, 'rb') as infile: |
| 65 | + origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0] |
| 66 | + iv = infile.read(16) |
| 67 | + decryptor = AES.new(key, AES.MODE_CBC, iv) |
| 68 | + |
| 69 | + with open(out_filename, 'wb') as outfile: |
| 70 | + while True: |
| 71 | + chunk = infile.read(chunksize) |
| 72 | + if len(chunk) == 0: |
| 73 | + break |
| 74 | + outfile.write(decryptor.decrypt(chunk)) |
| 75 | + |
| 76 | + outfile.truncate(origsize) |
| 77 | + return out_filename |
| 78 | + |
| 79 | + |
| 80 | +if __name__ == "__main__": |
| 81 | + argparser = argparse.ArgumentParser(description='Encrypt/Decrypt AES') |
| 82 | + argparser.add_argument('filename', nargs=1) |
| 83 | + argparser.add_argument('-e', dest='encrypt', action='store_true') |
| 84 | + argparser.add_argument('-d', dest='decrypt', action='store_true') |
| 85 | + args = argparser.parse_args() |
| 86 | + infile = args.filename[0] |
| 87 | + |
| 88 | + key = b'1' * 32 |
| 89 | + |
| 90 | + if args.encrypt: |
| 91 | + ofname = encrypt_file(key, infile, out_filename=infile+'.enc') |
| 92 | + print('Encrypted to', ofname) |
| 93 | + elif args.decrypt: |
| 94 | + ofname = decrypt_file(key, infile, out_filename=infile+'.dec') |
| 95 | + print('Decrypted to', ofname) |
| 96 | + else: |
| 97 | + argparser.print_help() |
| 98 | + os.Exit(1) |
0 commit comments