Archive for the ‘python’ Category

3
Dec

AWS Lambda - Layer

   Posted by: admin

mkdir lambda-layer

cd lambda-layer

cat requirements.txt

pgpy

docker run -v "$PWD":/var/task "lambci/lambda:build-python3.8" /bin/sh \
  -c "pip install -r requirements.txt -t python/lib/python3.8/site-packages/; exit"
zip -r -9 layer.zip python
AWS Lambda, create layer from zip file, linux_x86 python3.8
AWS Lambda, create function, add custom layer
https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
https://docs.aws.amazon.com/lambda/latest/dg/python-package.html
import json, boto3,os, sys, uuid, pgpy

s3_client = boto3.client("s3")
S3_BUCKET = 'defend-ai-images'
S3_ENCRYPTED = 'defend-encrypted-images'
S3_PREFIX = 'my'

def lambda_handler(event, context):
    response = s3_client.list_objects_v2(
        Bucket=S3_BUCKET,)
    keyCount = response["KeyCount"]
    if keyCount==0:
        return keyCount
    s3_files = response["Contents"]

    pub_blob="""-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBGOI6lMBEACYAJgGRJaIXz1XWimgsuCLwXV2l3aPYCIFv4dRg6deLKJH/bVW
R35eileDuA8e3ynvlsBHwiJL+l2gxDMUI03iL+DxXN7OqpR43Hxh/E8MyPHVsi19
OB6XDtkJ8LdFGAZqBP+E6tctw02nn7D4PoGdDa7LSDFnjivBXLQcT5omH+7ftbkI
cUTQWGg4dTHtSOIR8IvCm9r8oF4lDAjiwIIQn1NPTfYsYy+IS+nJ9uzUBCr9PCuK
6SJmnw+ikd+nuhl/ljJiWRL0JcJrKxk7W1UuoqVITmNsrtVDCjF0tKZEy/uIDrYH
9d9KMKcN0zR/dZZZrPVtl5cWg0lBkAplk800nx56z6MHQs0SDOI/bLssqeP0auml
rnTxFpCaQXSgFsE9AvjE8zX807gok7D4tpjFIWPA6Ns9W8wUoNbu2mgiJzYhZCQW
lqJ+N0FuJ1oTllyne+YVzWe/MydU6e9N6e1y6NkrKkqUHMG6b8igePoX3ug2z2MZ
XRnSMVkcq50+VV3c6ymBL8GtqNgYf7e3njfQicnGfniG1tE8iPcy8gcKOgjO8mZe
50eyWHRR1kFMWsbVthQByzPnkfAK4dCb7tcZ6SHruuU9iF+6fvKLxsERC9jsWIqm
8zJ1Q4ZsxL/NNXRaCED4DHWrjiAZBN+QTsluZQnah6rattXl0/CQJflVJwARAQAB
zTBIYXJyeSAoSGFycnlzIHRlc3Qga2V5KSA8aGFycnlAaGVscHVzZGVmZW5kLmNv
bT7CwYoEEwEIADQFAmOI6q0CGw4ECwkIBwUVCAkKCwUWAgMBAAIeARYhBBXleiAB
F1iZVTFWE9uksLIDVhvQAAoJENuksLIDVhvQ+GkQAIfDEYgvQMWRSWdJQ7LRAiHr
7OJY21CCJhUZdfJnNqVmcuK3n9n7m+qRpb8FjrKPgXjspGzUHbGpVnRurBOLRFFE
71V56xMmBzsR2Ku47pxoif3ZBZjOHE8DplMTP62uAcBjMaHpkHCjZh1FCzj7syEZ
khtO+Zhc6WCIZBzRPSoS7EBRG8ayxlox09PnDOnWNIanA/fHrY9RsGA36XToamQ+
0Kv8H2i+kfPVFxIWFAJea+Oaud1igzOATcu5NmYcF9Cc17ELy1JMYnxxoCZIAZs3
mLPhv+7BqWiflIuxx7hKPlJ1N4s7dsJNE+emMuXf/N9r8p9hOnCfscrW1qxsv+if
WekfuAmjs/E29pA1MVe3Rqrf65aQcjXPynRQbbIdVo0Ln9mkJL+6SkTV/Nl014YU
w33+Tuep7MFERRuBBGQ1RMgRqSd8T5f4DEnlwVkEvd5F2ZafjfWf01SZ2q5Dmowa
nS/MOtOTMYSCn3SlQyCMKDdbJ6pMe1GYWfPUIU2EEG/JtBuiCtjw1m/8EpJIoGo6
4DgxPjQEQR1Dqz0ZZ/fQii+F6EFrVGsEOBZgnMYod9m4ONxU1zDJAxvihb0gi0hm
rv+u4/VyE7nrsFxDMFN6lzQd6psSe5m++ENjzTNA/pN1B7HtLlTc/ioL6qaCMDg0
tRbz8aGnRHl9XWWIPPsW
=28Qw
-----END PGP PUBLIC KEY BLOCK-----
"""
    pubkey, _ = pgpy.PGPKey.from_blob(pub_blob)
    s3_jpgs = filter(lambda obj: obj['Key'].endswith('.jpg'), s3_files)
    s3 = boto3.resource("s3")
    for s3_file in s3_jpgs:
        file_content = s3_client.get_object(
            Bucket=S3_BUCKET, Key=s3_file["Key"])["Body"].read()
        message = pgpy.PGPMessage.new(file_content)
        encrypt_content = pubkey.encrypt(message)
        output_file_name=s3_file["Key"]
        s3.meta.client.put_object(Body=bytes(encrypt_content), Bucket=S3_ENCRYPTED, Key=output_file_name)
        s3.meta.client.delete_object(Bucket=S3_BUCKET, Key=s3_file["Key"])

    return keyCount

2
Dec

Python: Encrypt/Decrypt file with PGP

   Posted by: admin

pip3 install pgpy

[root@master-node pgp]# cat keygen.py

from pgpy.constants import PubKeyAlgorithm, KeyFlags, HashAlgorithm, SymmetricKeyAlgorithm, CompressionAlgorithm

import pgpy

key = pgpy.PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 4096)

uid = pgpy.PGPUID.new(’Harry’, comment=’Harrys test key’, email=’harry@——.com’)

key.add_uid(uid, usage={KeyFlags.Sign, KeyFlags.EncryptCommunications, KeyFlags.EncryptStorage},

hashes=[HashAlgorithm.SHA256, HashAlgorithm.SHA384, HashAlgorithm.SHA512, HashAlgorithm.SHA224],

ciphers=[SymmetricKeyAlgorithm.AES256, SymmetricKeyAlgorithm.AES192, SymmetricKeyAlgorithm.AES128],

compression=[CompressionAlgorithm.ZLIB, CompressionAlgorithm.BZ2, CompressionAlgorithm.ZIP, CompressionAlgorithm.Uncompressed])

print(key)

print(key.pubkey)

==================================
[root@master-node pgp]# cat encrypt.py
import sys
import pgpy
pubkey, _ = pgpy.PGPKey.from_file(”pgpkey.pub”)
message = pgpy.PGPMessage.new(sys.argv[1], file=True)
encrypted_message = pubkey.encrypt(message)
fo=sys.argv[2]
f2=open(fo,”w”)
f2.write(str(encrypted_message))
f2.close()
=====================================
[root@master-node pgp]# cat decrypt.py
import sys
import pgpy
key, _ = pgpy.PGPKey.from_file(”pgpkey”)
#f1=open(sys.argv[1],”rb”)
#message=f1.read()
#f1.close()
message = pgpy.PGPMessage.from_file(sys.argv[1])
decrypted_message = key.decrypt(message).message
fo=sys.argv[2]
f2=open(fo,”wb”)
f2.write(bytes(decrypted_message))
f2.close()
=========================================

pip3 install pyopenssl

pip3 install cryptography

============================================

[root@master-node encryption]# cat keygen.py
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
# Generate the RSA private key
key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
pem = key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
print(pem)
public_key = key.public_key()
pem = public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo
)
print(pem)
===========================================
[root@master-node encryption]# cat encrypt.py
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives.serialization import load_pem_public_key
import sys
public_pem_data=b’—–BEGIN PUBLIC KEY—–\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ikdHKIUkRKKmxm5OMmH\nX8T2mx05ggDD7oEqZBd8×9lrzLOmADPoYT/qZGpFkXu6ys9IWlIqGp96qRsXQaRA\nO5EJziNdrCpMYGZFX5cxc8hnVh15h8DrvWj7pKoNmWkZhLiQ+vFsWLq3m41omQi/\ndhNMybPLsLGqS7EOO17z1VifSp33XOXLNZkrU3otItoqPPNq6nAXuINXZsPTdRY7\nk/ERmEXU2l6+GMKWnesRWm7txJSTgdpH8hjfoSZmJTHy7+uZqTdHC3PpCojZeIRw\ndgOEErYnKEHMQ6/4DV0a0tF5BzwXhrolSYkWmpt65pblbLQAzgR0KA91F8iJHp5Y\ncQIDAQAB\n—–END PUBLIC KEY—–\n’
key = load_pem_public_key(public_pem_data)
fi.open(sys.argv[1],’rb’)
message = fi.read()
fi.close()
ciphertext = key.encrypt(
message,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
fo=open(sys.argv[2],’wb’)
f.write(ciphertext)
f.close()
===========================================
[root@master-node encryption]# cat decrypt.py
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding
pem_data=b’—–BEGIN RSA PRIVATE KEY—–\nMIIEogIAdf8a1kupHcqgVHzcBlgBfRDBr\nEQyKr9JWXzLTwgbpft/7qvOkv4T0pOzhWBvKJaKvm1sY+4l+Z1g=\n—–END RSA PRIVATE KEY—–\n’

fi=open(sys.argv[1],’rb’)
ciphertext=fi.read()
fi.close()
key = load_pem_private_key(pem_data, password=None)
plaintext = key.decrypt(
ciphertext,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
print(plaintext)
fo=open(sys.argv[2],’wb’)
f.write(plaintext)
f.close()
==========================================
https://www.misterpki.com/python-public-private-key-encryption/