pjht/buku
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #35 from asergi/cryptography

Browse Source 
Switch from PyCrypto to cryptography
This commit is contained in:
Arun Prakash Jana 2016-06-01 17:18:54 +05:30
commit 8600b06c76
3 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -60,15 +60,15 @@ Copyright (C) 2015-2016 [Arun Prakash Jana](mailto:engineerarun@gmail.com).
`buku` requires Python 3.x to work. `buku` requires Python 3.x to work.
Optional dependencies: Optional dependencies:
- Encryption: PyCrypto - Encryption: cryptography
- Import bookmarks: Beautiful Soup - Import bookmarks: Beautiful Soup
Run: Run:
$ sudo pip3 install pycrypto beautifulsoup4 $ sudo pip3 install cryptography beautifulsoup4
or on Ubuntu: or on Ubuntu:
$ sudo apt-get install python3-crypto python3-bs4 $ sudo apt-get install python3-cryptography python3-bs4
## Installing from this repository ## Installing from this repository

23
buku
View File

@ -33,8 +33,9 @@ import signal
try: try:
import getpass import getpass
import hashlib import hashlib
from Crypto.Cipher import AES
import struct import struct
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
no_crypto = False no_crypto = False
BLOCKSIZE = 65536 BLOCKSIZE = 65536
@ -1088,7 +1089,11 @@ def encrypt_file(iterations):
key = hashlib.sha256(key).digest() key = hashlib.sha256(key).digest()
iv = os.urandom(16) iv = os.urandom(16)
cipher = AES.new(key, AES.MODE_CBC, iv) encryptor = Cipher(
algorithms.AES(key),
modes.CBC(iv),
backend=default_backend()
).encryptor()
filesize = os.path.getsize(dbpath) filesize = os.path.getsize(dbpath)
with open(dbpath, 'rb') as infile: with open(dbpath, 'rb') as infile:
@ -1107,7 +1112,7 @@ def encrypt_file(iterations):
elif len(chunk) % 16 != 0: elif len(chunk) % 16 != 0:
chunk = '%s%s' % (chunk, ' ' * (16 - len(chunk) % 16)) chunk = '%s%s' % (chunk, ' ' * (16 - len(chunk) % 16))
outfile.write(cipher.encrypt(chunk)) outfile.write(encryptor.update(chunk) + encryptor.finalize())
os.remove(dbpath) os.remove(dbpath)
print('File encrypted') print('File encrypted')
@ -1144,7 +1149,11 @@ def decrypt_file(iterations):
key = hashlib.sha256(key).digest() key = hashlib.sha256(key).digest()
iv = infile.read(16) iv = infile.read(16)
cipher = AES.new(key, AES.MODE_CBC, iv) decryptor = Cipher(
algorithms.AES(key),
modes.CBC(iv),
backend=default_backend(),
).decryptor()
# Get original DB file's SHA256 hash from encrypted file # Get original DB file's SHA256 hash from encrypted file
enchash = infile.read(32) enchash = infile.read(32)
@ -1155,7 +1164,7 @@ def decrypt_file(iterations):
if len(chunk) == 0: if len(chunk) == 0:
break break
outfile.write(cipher.decrypt(chunk)) outfile.write(decryptor.update(chunk) + decryptor.finalize())
outfile.truncate(origsize) outfile.truncate(origsize)
@ -1435,7 +1444,7 @@ if __name__ == '__main__':
# Handle encrypt/decrypt options at top priority # Handle encrypt/decrypt options at top priority
if args.encrypt is not None: if args.encrypt is not None:
if no_crypto: if no_crypto:
printmsg('PyCrypto missing', 'ERROR') printmsg('cryptography missing', 'ERROR')
sys.exit(1) sys.exit(1)
if args.encrypt < 1: if args.encrypt < 1:
printmsg('Iterations must be >= 1', 'ERROR') printmsg('Iterations must be >= 1', 'ERROR')
@ -1444,7 +1453,7 @@ if __name__ == '__main__':
if args.decrypt is not None: if args.decrypt is not None:
if no_crypto: if no_crypto:
printmsg('PyCrypto missing', 'ERROR') printmsg('cryptography missing', 'ERROR')
sys.exit(1) sys.exit(1)
if args.decrypt < 1: if args.decrypt < 1:
printmsg('Decryption failed', 'ERROR') printmsg('Decryption failed', 'ERROR')

2
requirements.txt
View File

@ -1,2 +1,2 @@
beautifulsoup4>=4.4.1 beautifulsoup4>=4.4.1
pycrypto>=2.6.1 cryptography>=1.3.2