self['public-key-algorithm']))
return b''.join(chunks)
+ def _string_to_key(self, string, key_size):
+ if key_size % 8:
+ raise ValueError(
+ '{}-bit key is not an integer number of bytes'.format(
+ key_size))
+ key_size_bytes = key_size // 8
+ hash_name = self._hashlib_name[
+ self['string-to-key-hash-algorithm']]
+ string_hash = _hashlib.new(hash_name)
+ hashes = _math.ceil(key_size_bytes / string_hash.digest_size)
+ key = b''
+ if self['string-to-key-type'] == 'simple':
+ update_bytes = string
+ else:
+ raise NotImplementedError(
+ 'key calculation for string-to-key type {}'.format(
+ self['string-to-key-type']))
+ for padding in range(hashes):
+ string_hash = _hashlib.new(hash_name)
+ string_hash.update(padding * b'\x00')
+ if self['string-to-key-type'] == 'simple':
+ string_hash.update(update_bytes)
+ key += string_hash.digest()
+ key = key[:key_size_bytes]
+ return key
+
def decrypt_symmetric_encryption(self, data):
"""Decrypt OpenPGP's Cipher Feedback mode"""
algorithm = self['symmetric-encryption-algorithm']
passphrase = _getpass.getpass(
'passphrase for {}: '.format(self['fingerprint'][-8:]))
passphrase = passphrase.encode('ascii')
+ key = self._string_to_key(string=passphrase, key_size=key_size)
cipher = module.new(
- key=passphrase,
+ key=key,
mode=module.MODE_CFB,
IV=self['initial-vector'],
segment_size=segment_size_bits)
projects / gpg-migrate.git / commitdiff