acquire.acquire.crypt

Module Contents

Classes

EncryptedStream

Encrypted AES-256-GCM stream.

Functions

key_fingerprint

Attributes

HAS_PYSTANDALONE

HAS_PYCRYPTODOME

acquire_def

c_acquire

FILE_MAGIC

FILE_VERSION

HEADER_MAGIC

FOOTER_MAGIC

acquire.acquire.crypt.HAS_PYSTANDALONE = True
acquire.acquire.crypt.HAS_PYCRYPTODOME = True
acquire.acquire.crypt.acquire_def = Multiline-String
Show Value
"""
enum HeaderType : uint8 {
    PKCS1_OAEP = 0x1,
};

enum CipherType : uint8 {
    AES_256_GCM = 0x1,
};

struct file {
    char        magic[16];              // ENCRYPTEDACQUIRE
    uint8       version;                // Currently 1
    HeaderType  header_type;            // Currently PKCS1_OAEP
    uint16      header_size;            // Most often 512
    uint64      timestamp;              // Timestamp of write
    char        key_digest[32];         // SHA256(DER)
};

struct header {
    char        magic[12];              // KUSJESVANSRT
    CipherType  cipher_type;            // Currently AES_256_GCM
    uint8       key_length;             // Cipher key length
    uint8       iv_length;              // Cipher IV length
    uint8       _reserved;              // Reserved
    char        key[key_length];        // Cipher key
    char        iv[iv_length];          // Cipher IV
};

struct footer {
    char        magic[6];               // FOOTER
    uint16      length;                 // Digest length (precedes footer)
};
"""
acquire.acquire.crypt.c_acquire
acquire.acquire.crypt.FILE_MAGIC = b'ENCRYPTEDACQUIRE'
acquire.acquire.crypt.FILE_VERSION = 1
acquire.acquire.crypt.HEADER_MAGIC = b'KUSJESVANSRT'
acquire.acquire.crypt.FOOTER_MAGIC = b'FOOTER'
class acquire.acquire.crypt.EncryptedStream(fh: BinaryIO, public_key: str)

Bases: io.RawIOBase

Encrypted AES-256-GCM stream.

Generates a random key and IV and uses AES-256-GCM to encrypt all written data. The key and IV are encrypted with the given RSA public key and written as header.

The header is included as AD to the AEAD cipher. The digest is written when the file is closed in the footer.

Parameters:

  • fh – The file-like object to write to.

  • public_key – The RSA public key to encrypt the header with.

fh
write_header(header: bytes) None
write(b: bytes) int
tell() int

Return current stream position.

seek(pos: int, whence: int = io.SEEK_CUR) int

Change stream position.

Change the stream position to the given byte offset. The offset is interpreted relative to the position indicated by whence. Values for whence are:

  • 0 – start of stream (the default); offset should be zero or positive

  • 1 – current stream position; offset may be negative

  • 2 – end of stream; offset is usually negative

Return the new absolute position.

close() None

Flush and close the IO object.

This method has no effect if the file is already closed.

finalize() None
acquire.acquire.crypt.key_fingerprint(pkey: Crypto.Cipher.PKCS1_OAEP.PKCS1OAEP_Cipher) bytes