forked from satoshilabs/slips
-
Notifications
You must be signed in to change notification settings - Fork 9
/
3_decrypt.py
38 lines (29 loc) · 1.03 KB
/
3_decrypt.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#!/usr/bin/env python2
import hmac, hashlib, binascii, sys
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
key = sys.argv[1]
constant_hex = "0123456789abcdeffedcba9876543210"
constant = binascii.unhexlify(constant_hex)
digest = hmac.new(key, constant, hashlib.sha512).digest()
filename_binary = digest[0:32]
# right now the file needs to be in the working directory
filename = binascii.hexlify(filename_binary) + ".mtdt"
backend = default_backend()
cipherkey = digest[32:64]
with open(filename, "rb") as f:
iv = f.read(12)
tag = f.read(16)
cipher = Cipher(algorithms.AES(cipherkey), modes.GCM(iv, tag), backend=backend)
decryptor = cipher.decryptor()
data = "";
while True:
block = f.read(16)
# data are not authenticated yet
if block:
data = data + decryptor.update(block)
else:
break
# throws exception when the tag is wrong
data = data + decryptor.finalize()
print data