|
@@ -112,10 +112,11 @@ def decrypt_seed(enc_seed,key,seed_id,key_id):
|
|
|
dmsg(f'Decrypted seed: {dec_seed.hex()}')
|
|
|
return dec_seed
|
|
|
|
|
|
-def encrypt_data(data,key,iv=aesctr_dfl_iv,desc='data',verify=True):
|
|
|
+def encrypt_data(data,key,iv=aesctr_dfl_iv,desc='data',verify=True,silent=False):
|
|
|
from cryptography.hazmat.primitives.ciphers import Cipher,algorithms,modes
|
|
|
from cryptography.hazmat.backends import default_backend
|
|
|
- vmsg(f'Encrypting {desc}')
|
|
|
+ if not silent:
|
|
|
+ vmsg(f'Encrypting {desc}')
|
|
|
c = Cipher(algorithms.AES(key),modes.CTR(iv),backend=default_backend())
|
|
|
encryptor = c.encryptor()
|
|
|
enc_data = encryptor.update(data) + encryptor.finalize()
|
|
@@ -127,7 +128,8 @@ def encrypt_data(data,key,iv=aesctr_dfl_iv,desc='data',verify=True):
|
|
|
dec_data = encryptor.update(enc_data) + encryptor.finalize()
|
|
|
if dec_data != data:
|
|
|
die(2,f'ERROR.\nDecrypted {desc} doesn’t match original {desc}')
|
|
|
- vmsg('done')
|
|
|
+ if not silent:
|
|
|
+ vmsg('done')
|
|
|
|
|
|
return enc_data
|
|
|
|
|
@@ -243,22 +245,42 @@ def _get_random_data_from_user(uchars,desc):
|
|
|
return ret.encode()
|
|
|
|
|
|
def get_random(length):
|
|
|
+
|
|
|
+ os_rand = os.urandom(length)
|
|
|
+ assert len(os_rand) == length, f'OS random number generator returned {len(os_rand)} (!= {length}) bytes!'
|
|
|
+
|
|
|
return add_user_random(
|
|
|
- rand_bytes = os.urandom(length),
|
|
|
- desc = 'generated by your operating system' )
|
|
|
+ rand_bytes = os_rand,
|
|
|
+ desc = 'from your operating system' )
|
|
|
+
|
|
|
+def add_user_random(
|
|
|
+ rand_bytes,
|
|
|
+ desc,
|
|
|
+ urand = {'data':b'', 'counter':0} ):
|
|
|
|
|
|
-def add_user_random(rand_bytes,desc):
|
|
|
assert type(rand_bytes) == bytes, 'add_user_random_chk1'
|
|
|
+
|
|
|
if opt.usr_randchars:
|
|
|
- if not g.user_entropy:
|
|
|
+
|
|
|
+ if not urand['data']:
|
|
|
from hashlib import sha256
|
|
|
- g.user_entropy = sha256(_get_random_data_from_user(opt.usr_randchars,desc)).digest()
|
|
|
- urand_desc = 'user-supplied entropy'
|
|
|
- else:
|
|
|
- urand_desc = 'saved user-supplied entropy'
|
|
|
- key = make_key(g.user_entropy,b'','2',from_what=urand_desc,verbose=True)
|
|
|
- msg(f'Encrypting random data {desc} with key')
|
|
|
- return encrypt_data(rand_bytes,key,desc=desc,verify=False)
|
|
|
+ urand['data'] = sha256(_get_random_data_from_user(opt.usr_randchars,desc)).digest()
|
|
|
+
|
|
|
+ # counter protects against very evil rng that might repeatedly output the same data
|
|
|
+ urand['counter'] += 1
|
|
|
+
|
|
|
+ os_rand = os.urandom(8)
|
|
|
+ assert len(os_rand) == 8, f'OS random number generator returned {len(os_rand)} (!= 8) bytes!'
|
|
|
+
|
|
|
+ import hmac
|
|
|
+ key = hmac.digest(
|
|
|
+ urand['data'],
|
|
|
+ os_rand + int.to_bytes(urand['counter'],8,'big'),
|
|
|
+ 'sha256' )
|
|
|
+
|
|
|
+ msg('Encrypting random data {} with ephemeral key #{}'.format( desc, urand['counter'] ))
|
|
|
+
|
|
|
+ return encrypt_data( data=rand_bytes, key=key, desc=desc, verify=False, silent=True )
|
|
|
else:
|
|
|
return rand_bytes
|
|
|
|