def user():
start = yield []
assert start is Start
a = dh_secret(P)
A = mod(G, a)
print("user: sending email")
salt, B = yield [b"*****@*****.**", A]
u = hash_to_int(int_to_bytes(A) + int_to_bytes(B))
print("user: A:", A)
print("user: B:", B)
print("user: salt:", bytes_to_int(salt))
print("user: u", u)
x = hash_to_int(salt + b"pass")
print("user: x:", x)
t1 = B - K * mod(G, x)
assert t1 > 0
S = mod(t1, a + u * x)
print("user: S:", S)
key = hashlib.sha256(int_to_bytes(S)).digest()
print("user: key:", binascii.hexlify(key))
response, *_ = yield [hmac_sha256(key, salt)]
print("server says password was", response)
assert response == "OK"
def host():
email, A = yield []
password = USERS[email]
salt = random_bytes(16)
x = hash_to_int(salt + password)
print("s: x:", x)
v = mod(G, x)
b = dh_secret(P)
B = K * v + mod(G, b)
print("{} trying to log in".format(email.decode()))
u = hash_to_int(int_to_bytes(A) + int_to_bytes(B))
print("host: A:", A)
print("host: B:", B)
print("host: salt:", bytes_to_int(salt))
print("host: u", u)
print("host: x:", x)
user_mac, *_ = yield [salt, B]
t0 = A * mod(v, u)
S = mod(t0, b)
print("host: S:", S)
key = hashlib.sha256(int_to_bytes(S)).digest()
print("host: key:", binascii.hexlify(key))
host_mac = hmac_sha256(key, salt)
yield ["OK" if user_mac == host_mac else "NO"]
def get_jwk_from_public_key(public_key):
e = public_key.public_numbers().e
n = public_key.public_numbers().n
e = util.to_base64(util.int_to_bytes(e))
n = util.to_base64(util.int_to_bytes(n))
my_jwk = {"kty": "RSA", "n": n, "e": e}
return my_jwk
def do_generate_proof(self, opts):
""" Command to hash the flash memory """
msg = Message().set_code(Opcodes.MD5_FLASH)
if opts.bounds is None:
msg.set_data(bytes())
else:
msg.set_data(int_to_bytes(opts.bounds[0], 2) + int_to_bytes(opts.bounds[1], 2))
self.comm.write_serial(msg.serialize())
self.print_response()
def output_analog(self, data):
p = pyaudio.PyAudio()
stream = p.open(format=p.get_format_from_width(self.sample_width),
channels=self.n_channels,
rate=self.frame_rate,
output=True)
outfile = []
# We need to go back from our floats in [0.0, 1.0) to our ints
# in [-2**15, 2**15).
for x in data:
wave_n = int((x * 2**16) - 2**15)
in_two = util.int_to_bytes(wave_n)
stream.write(bytes(in_two))
outfile.append(bytes(in_two))
stream.stop_stream()
stream.close()
p.terminate()
ext = self.filename.split(".")[-1]
new_filename = self.filename.rstrip("." + ext) + "_analog." + ext
print("Outputting to file: %s" % new_filename)
self.write_wav_file(outfile, new_filename)
def user():
start = yield []
assert start is actors.Start
a = dh_secret(P)
A = mod(G, a)
salt, B, u = yield [b"*****@*****.**", A]
x = hash_to_int(salt + b"pass")
S = mod(B, a + u * x)
key = hashlib.sha256(int_to_bytes(S)).digest()
response, *_ = yield [hmac_sha256(key, salt)]
print("=" * 80)
print("user: A:", A)
print("user: B:", B)
print("user: salt:", bytes_to_int(salt))
print("user: u", u)
print("user: x:", x)
print("user: S:", S)
print("user: key:", binascii.hexlify(key))
print("user: server says password was", response)
assert response == "OK"
def host():
email, A = yield []
password = USERS[email]
salt = random_bytes(16)
x = hash_to_int(salt + password)
v = mod(G, x)
b = dh_secret(P)
B = mod(G, b)
u = random_int_from_n_bytes(128 // 8)
user_mac, *_ = yield [salt, B, u]
S = mod(A * mod(v, u), b)
key = hashlib.sha256(int_to_bytes(S)).digest()
host_mac = hmac_sha256(key, salt)
print("=" * 80)
print("{} trying to log in".format(email.decode()))
print("host: A:", A)
print("host: B:", B)
print("host: salt:", bytes_to_int(salt))
print("host: u", u)
print("host: x:", x)
print("host: S:", S)
print("host: key:", binascii.hexlify(key))
yield ["OK" if user_mac == host_mac else "NO"]
def key_expansion(key: bytearray, word: List[bytearray], nk: int, nr: int):
i = 0
while i < nk:
word[i] = bytearray([key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]])
i = i + 1
i = nk
while i < Nb * (nr + 1):
temp = word[i - 1]
if i % nk == 0:
temp = bytes_to_int(subWord(rotWord(temp))) ^ \
Rcon[int(i / nk)]
temp = int_to_bytes(temp)
elif nk > 6 and i % nk == 4:
temp = subWord(temp)
word[i] = int_to_bytes(bytes_to_int(word[i - nk]) ^ bytes_to_int(temp))
i = i + 1
def _respond_to_login_request(self, username, A, k=3):
# A == public ephemeral number from client
user = self.users[username]
b = random.randint(1, IETF_PRIME - 1) # private ephemeral number
# B == public ephemeral number. Usually, B depends on the password, but
# if k == 0, it is a completely random Diffie-Hellman public key, which
# causes u to be essentially random.
B = ((k * user["verifier"]) + pow(self.g, b, IETF_PRIME)) % IETF_PRIME
u = scramble_keys(A, B)
S = pow(A * pow(user["verifier"], u, IETF_PRIME), b, IETF_PRIME)
user["shared_session_key"] = sha256(int_to_bytes(S)).digest()
return (user["salt"], B, u)
def log_in(self, server, username, password, k=3):
a = random.randint(1, IETF_PRIME - 1) # private ephemeral number
A = pow(self.g, a, IETF_PRIME) # public ephemeral number
# B == public ephemeral number from server
salt, B, u = server._respond_to_login_request(username, A, k=k)
# TODO: figure out if it is possible to make the offline attack work if
# the following line is uncommented
# assert u == scramble_keys(A, B)
x = generate_private_key(username, password, salt)
S = pow(B - k * pow(self.g, x, IETF_PRIME), a + u*x, IETF_PRIME)
shared_session_key = sha256(int_to_bytes(S)).digest() # called "K" in challenge
hmac = calculate_hmac(shared_session_key, salt, sha256)
return server._verify_hmac(hmac, username)
def _verify_hmac(self, hmac, username):
user = self.users[username]
# 20 most common passwords according to xato.net
common_passwords = [
"password", "123456", "12345678", "1234", "qwerty", "12345", "dragon",
"pussy", "baseball", "football", "letmein", "monkey", "696969", "abc123",
"mustang", "michael", "shadow", "master", "jennifer", "111111"]
u = 1
for test_password in common_passwords:
test_x = generate_private_key(username, test_password, user["salt"])
test_verifier = pow(self.g, test_x, IETF_PRIME)
test_S = pow(user["A"] * pow(test_verifier, u, IETF_PRIME), user["b"], IETF_PRIME)
test_session_key = sha256(int_to_bytes(test_S)).digest()
if calculate_hmac(test_session_key, user["salt"], sha256) == hmac:
user["password"] = test_password
return True
return False
def get_rpc_credentials(config):
rpc_user = config.get('rpcuser', None)
rpc_password = config.get('rpcpassword', None)
if rpc_user is None or rpc_password is None:
rpc_user = '******'
import ecdsa, base64
bits = 128
nbytes = bits // 8 + (bits % 8 > 0)
pw_int = ecdsa.util.randrange(pow(2, bits))
pw_b64 = base64.b64encode(int_to_bytes(pw_int, nbytes, 'big'), b'-_')
rpc_password = to_string(pw_b64, 'ascii')
config.set_key('rpcuser', rpc_user)
config.set_key('rpcpassword', rpc_password, save=True)
elif rpc_password == '':
from .util import print_stderr
print_stderr('WARNING: RPC authentication is disabled.')
return rpc_user, rpc_password
def user():
start = yield []
assert start is actors.Start
A = 0
print("user: sending email")
salt, B = yield [b"*****@*****.**", A]
S = 0
print("user: S:", S)
key = hashlib.sha256(int_to_bytes(S)).digest()
print("user: key:", binascii.hexlify(key))
response, *_ = yield [hmac_sha256(key, salt)]
print("server says password was", response)
assert response == "OK"
def output_digital(self, data):
p = pyaudio.PyAudio()
stream = p.open(format=p.get_format_from_width(self.sample_width),
channels=self.n_channels,
rate=self.frame_rate,
output=True)
outfile = []
# Take the floats back to two-bit ints in the correct range.
# Beecause of how floats are formatted and how we've added
# noise, we occasionally end up with invalid floats; the
# error-checking below deals with that.
floats = util.bits_to_floats(data)
for i in range(len(floats)):
x = floats[i]
# Error checking
try:
wave_n = int((x * 2**16) - 2**15)
except:
wave_n = 0
if wave_n < -2**15:
wave_n = -2**15
elif wave_n >= 2**15:
wave_n = 2**15 - 1
in_two = util.int_to_bytes(wave_n)
stream.write(bytes(in_two))
outfile.append(bytes(in_two))
stream.stop_stream()
stream.close()
p.terminate()
ext = self.filename.split(".")[-1]
new_filename = self.filename.rstrip("." + ext) + "_digital." + ext
print("Outputting to file: %s" % new_filename)
self.write_wav_file(outfile, new_filename)
def serialize(self) -> bytes:
""" Returns the complete message as bytes, ready to be send to the Arduino """
return int_to_bytes(self.code, 2) + int_to_bytes(len(self.data),
2) + self.data
def scramble_keys(A, B):
return int(sha256(int_to_bytes(A) + int_to_bytes(B)).hexdigest(), 16)
def derive_key(secret: int):
return hashlib.sha1(int_to_bytes(secret)).digest()[:16]
def _generate_symmetric_key(self, other):
return sha1(int_to_bytes(self.get_shared_key_for(other))).digest()[:16]
