dolor.encryption¶

Encryption used for authentication between the server and client.

gen_shared_secret()[source]¶

Generates the shared secret to be encrypted and sent to the server.

Returns: The shared secret.
Return type: bytes

gen_server_hash(server_id, shared_secret, public_key)[source]¶

Generates the server hash for use in authentication.

Parameters

server_id (str) – The server id found in EncryptionRequestPacket.
shared_secret – The shared secret gotten from gen_shared_secret().
public_key – The public key found in EncryptionRequestPacket.

Returns

The server hash.

Return type

str

encrypt_secret_and_token(public_key, shared_secret, verify_token)[source]¶

Encrypts the secret and token with the server’s public key.

Parameters

public_key – The public key found in EncryptionRequestPacket.
shared_secret – The shared secret gotten from gen_shared_secret().
verify_token – The verify token found in EncryptionRequestPacket.

Returns

enc_secret (bytes) – The encrypted shared secret.
enc_token (bytes) – The encrypted verify token.

gen_cipher(shared_secret)[source]¶

Generates a cryptography.hazmat.primitives.ciphers.Cipher from a shared secret.

Parameters: shared_secret – The shared secret gotten from gen_shared_secret().
Returns: The cipher based on the shared secret.
Return type: cryptography.hazmat.primitives.ciphers.Cipher

format_public_key(public_key)[source]¶

Formats a public key to DER format.

Parameters: public_key – The unformatted public key.
Returns: The DER formatted public key.
Return type: bytes

gen_private_public_keys()[source]¶

Generates the private and public keys used by the server.

Returns

private_key (cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey) – The private key.
public_key (bytes) – The public key, already formatted with format_public_key().

gen_verify_token()[source]¶

Generates the verify token sent to the client.

Returns: The verify token.
Return type: bytes

decrypt_secret_and_token(private_key, enc_secret, enc_token)[source]¶

Decrypts the shared secret and token with the server’s private key.

Parameters

private_key – The private key generated with gen_private_public_keys().
enc_secret – The encrypted shared secret found in EncryptionResponsePacket.
enc_token – The encrypted verify token found in EncryptionResponsePacket.

Returns

shared_secret (bytes) – The decrypted shared secret.
verify_token (bytes) – The decrypted verify token.

class EncryptedStream(f, decryptor, encryptor)[source]¶

Bases: object

An asyncio stream that wraps another stream and decrypts/encrypts it.

Parameters

f – The stream to wrap.
decryptor – The decryptor used to decrypt data read from the stream.
encryptor – The encryptor used to encrypt data written to the stream.

async read(length=- 1)[source]¶

Reads and decrypts data from the wrapped stream.

Parameters: length (int, optional) – The maximum of how many bytes to read. If -1, all data will be read.
Returns: The decrypted data.
Return type: bytes

async readexactly(length)[source]¶

Reads and decrypts an exact amount of data from the wrapped stream.

Parameters: length (int) – The length to read.
Returns: The decrypted data.
Return type: bytes
Raises: asyncio.IncompleteReadError – If EOF is reached before length can be read.

write(data)[source]¶

Encrypts and writes data to the wrapped stream.

Should be used along with the drain() method.

Parameters: data (bytes) – The data to write.

async drain()[source]¶: Waits until it is appropriate to resume writing to the stream.

is_closing()[source]¶

Checks if the stream is closed or being closed.

Returns: Whether the stream is closed or being closed.
Return type: bool

close()[source]¶

Closes the stream.

Should be used along with the wait_closed() method.

async wait_closed()[source]¶: Waits until the stream is closed.