def encrypt(self, data):
"""Encrypt sensitive data by KIK.
For (3)DES, data must be padded to BS.
For AES, if data not BS-alligned, they are padded by '80..00'"""
l = len(data)
if self.zAES:
l %= 16
if l > 0:
data += '\x80' + '\0'*(15-l)
key = AES.new(self.keyValue, AES.MODE_CBC, IV='\0'*16)
else:
# suppose 8B aligned data
assert l % 8 == 0
# for (3)DES KIK, ECB is used
# KeyType.DES_IMPLICIT is supposed to be 3DES ECB
if self.keyType in (KeyType.TDES_CBC, KeyType.DES_IMPLICIT):
key = DES3.new(self.keyValue, DES.MODE_ECB)
elif self.keyType in (KeyType.DES_ECB, KeyType.DES_CBC):
key = DES.new(self.keyValue, DES.MODE_ECB)
else:
raise ValueError("Unknown key type %02X" % self.keyType)
return key.encrypt(data)
评论列表
文章目录
