[Mailman-Users] AOL redacts user addresses even with VERP and full personalization enabled
Lindsay Haisley
fmouse-mailman at fmp.com
Tue Jun 19 01:20:32 CEST 2012
On Mon, 2012-06-18 at 17:58 -0500, Lindsay Haisley wrote:
> FWIW, pursuant to Stephen's comments re. using encryption rather than
> hashing for passing recipient addresses in headers, I've attached a
> short Python script which puts short strings of data, such as an email
> address, into an AES cipher.
It looks as if the attachment got stripped. Here's the script, based on
information at
http://www.codekoala.com/blog/2009/aes-encryption-python-using-pycrypto/
class AEScrypt:
from Crypto.Cipher import AES
from Crypto.Util import randpool
import base64
block_size = 16
key_size = 32
mode = AES.MODE_CBC
def genkey(self):
key_bytes = self.randpool.RandomPool(512).get_bytes(self.key_size)
key_string = self.base64.urlsafe_b64encode(str(key_bytes))
return key_string
def encrypt(self, plain_text, key_string):
pad = self.block_size - len(plain_text) % self.block_size
data = plain_text + pad * chr(pad)
iv_bytes = self.randpool.RandomPool(512).get_bytes(self.block_size)
encrypted_bytes = iv_bytes + self.AES.new(self.base64.urlsafe_b64decode(key_string),
self.mode, iv_bytes).encrypt(data)
return self.base64.urlsafe_b64encode(str(encrypted_bytes))
def decrypt(self, cypher_text, key_string):
key_bytes = self.base64.urlsafe_b64decode(key_string)
encrypted_bytes = self.base64.urlsafe_b64decode(cypher_text)
iv_bytes = encrypted_bytes[:self.block_size]
encrypted_bytes = encrypted_bytes[self.block_size:]
plain_text = self.AES.new(key_bytes, self.mode, iv_bytes).decrypt(encrypted_bytes)
pad = ord(plain_text[-1])
return plain_text[:-pad]
--
Lindsay Haisley | "In an open world, who needs
FMP Computer Services | Windows or Gates"
512-259-1190 |
http://www.fmp.com |
More information about the Mailman-Users
mailing list