From dd77bc02bb7fd069fdb52e45a2c6f6f6735832d4 Mon Sep 17 00:00:00 2001 From: jaseg Date: Sun, 23 Jun 2019 19:27:29 +0900 Subject: Remove openssl command line call --- encrypt.py | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/encrypt.py b/encrypt.py index 5bc1508..162b6df 100644 --- a/encrypt.py +++ b/encrypt.py @@ -7,34 +7,35 @@ import struct import subprocess import binascii -def encrypt_file(filename_in): +def encrypt_file(filename_in, chunk_size=1000000//16): file_id = secrets.token_urlsafe(22) auth_secret = secrets.token_bytes(16) key = secrets.token_bytes(16) - cipher_nonce = secrets.token_bytes(8) + data_nonce = secrets.token_bytes(8) token_cipher = AES.new(auth_secret, AES.MODE_GCM) ciphertext, token_tag = token_cipher.encrypt_and_digest(key) token = base64.b64encode(ciphertext) - with open(f'{file_id}.enc', 'wb') as fout: + with open(f'{file_id}.enc', 'wb') as fout, open(filename_in, 'rb') as fin: fout.write(token_cipher.nonce) # 16 bytes fout.write(token_tag) # 16 bytes fout.write(auth_secret) # 16 bytes - fout.write(cipher_nonce) # 8 bytes - fout.flush() + fout.write(data_nonce) # 8 bytes - subprocess.check_call(['openssl', 'enc', '-aes-128-ctr', - '-K', binascii.hexlify(key), - '-iv', binascii.hexlify(cipher_nonce + b'\0'*8), # nonce || counter format - '-in', filename_in, # no out: output defaults to stdout - ], stdout=fout.fileno()) + cipher = AES.new(key, AES.MODE_CTR, + initial_value=struct.pack('