def runTest(self): data = b"0123" key = b"9" * 32 nonce = b"t" * 8 # Encryption data_mv = memoryview(bytearray(data)) key_mv = memoryview(bytearray(key)) nonce_mv = memoryview(bytearray(nonce)) cipher1 = Salsa20.new(key=key, nonce=nonce) ct = cipher1.encrypt(data) cipher2 = Salsa20.new(key=key_mv, nonce=nonce_mv) key_mv[:1] = b'\xFF' nonce_mv[:1] = b'\xFF' ct_test = cipher2.encrypt(data_mv) self.assertEqual(ct, ct_test) self.assertEqual(cipher1.nonce, cipher2.nonce) # Decryption key_mv = memoryview(bytearray(key)) nonce_mv = memoryview(bytearray(nonce)) ct_mv = memoryview(bytearray(ct)) cipher3 = Salsa20.new(key=key_mv, nonce=nonce_mv) key_mv[:1] = b'\xFF' nonce_mv[:1] = b'\xFF' pt_test = cipher3.decrypt(ct_mv) self.assertEqual(data, pt_test)
def runTest(self): # Encrypt/Decrypt data and test output parameter key = b'4' * 32 nonce = b'5' * 8 cipher = Salsa20.new(key=key, nonce=nonce) pt = b'5' * 16 ct = cipher.encrypt(pt) output = bytearray(16) cipher = Salsa20.new(key=key, nonce=nonce) res = cipher.encrypt(pt, output=output) self.assertEqual(ct, output) self.assertEqual(res, None) cipher = Salsa20.new(key=key, nonce=nonce) res = cipher.decrypt(ct, output=output) self.assertEqual(pt, output) self.assertEqual(res, None) import sys if sys.version[:3] != '2.6': output = memoryview(bytearray(16)) cipher = Salsa20.new(key=key, nonce=nonce) cipher.encrypt(pt, output=output) self.assertEqual(ct, output) cipher = Salsa20.new(key=key, nonce=nonce) cipher.decrypt(ct, output=output) self.assertEqual(pt, output) cipher = Salsa20.new(key=key, nonce=nonce) self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16) cipher = Salsa20.new(key=key, nonce=nonce) self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16) shorter_output = bytearray(7) cipher = Salsa20.new(key=key, nonce=nonce) self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output) cipher = Salsa20.new(key=key, nonce=nonce) self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output)
def encrypt(self, key: bytes, data: bytes, nonce: Optional[bytes] = None) -> bytes: """ Encrypts buffer using Salsa20 algorithm. :param key: Cryptographic key (16/32 bytes) :type key: bytes :param data: Buffer to be encrypted :type data: bytes :param nonce: Nonce value (8 bytes, defaults to `b"\\\\x00"*8` ) :type nonce: bytes, optional :return: Encrypted data :rtype: bytes """ if nonce is None: nonce = b"\x00" * 8 return Salsa20Cipher.new(key=key, nonce=nonce).encrypt(data)
def encrypt(self, byte_input): """ Takes byte input and returns encrypted input using a key and encryption nonce. :param byte_input: byte string to be encrypted. :return: encrypted string, nonce, and HMAC validation. """ if isinstance(byte_input, bytes): pass else: byte_input.encode(encoding="ascii", errors="replace") pass ciphering = Salsa20.new(self.key) validation = HMAC.new(self.hmac_key, msg=ciphering.encrypt(byte_input), digestmod=SHA256) return [ ciphering.encrypt(byte_input), ciphering.nonce, validation.hexdigest() ]
def decrypt(self, encrypted_input, validate, nonce): """ Decrypts given encrypted message and validates message with HMAC and nonce from encryption. :param encrypted_input: encrypted string to be decrypted. :param validate: HMAC validation byte string. :param nonce: nonce, additional security feature to prevent replay attacks. """ validation = HMAC.new(self.hmac_key, msg=encrypted_input, digestmod=SHA256) try: validation.hexverify(validate) except ValueError: self.socket.close() host.restart() raise Exception( "[FAIL]: Message is not authentic, failed HMAC validation!") pass ciphering = Salsa20.new(self.key, nonce=nonce) return ciphering.decrypt(encrypted_input)
def decrypt_file(self): if State.encrypt_method and State.filename and State.generated_key: with open(State.filename, 'rb') as f: text = f.read() try: if State.encrypt_method == 'AES': cipher = AES.new(State.generated_key, AES.MODE_EAX, text[:16]) decoded = cipher.decrypt_and_verify( text[32:], text[16:32]).decode() elif State.encrypt_method == 'Triple DES': cipher = DES3.new(State.generated_key, DES3.MODE_CFB) decoded = cipher.decrypt( text)[len(cipher.iv):].decode() elif State.encrypt_method == 'Salsa20': cipher = Salsa20.new(key=State.generated_key, nonce=text[:8]) decoded = cipher.decrypt(text[8:]).decode() else: return messagebox.showerror( title='Error', message='Choose algorithm to decode with') except Exception as e: print(e) return messagebox.showerror( title='Wrong key', message= 'File can not be decoded with this key. Try another one.' ) self.parent.textarea.delete('1.0', 'end-1c') self.parent.textarea.insert('1.0', decoded) self.parent.root.navbar.file_helper.text_modified() self.parent.textarea.see('1.0') self.parent.linenumberingarea.see('1.0') messagebox.showinfo(title='Success', message='File was decoded successfully.') else: messagebox.showerror(title='Error', message='Something went wrong. Try again.')
def get_cipher(self, protected_stream_key): key = hashlib.sha256(protected_stream_key).digest() return Salsa20.new( key=key, nonce=b'\xE8\x30\x09\x4B\x97\x20\x5D\x2A' )
def test_default_nonce(self): cipher1 = Salsa20.new(bchr(1) * 16) cipher2 = Salsa20.new(bchr(1) * 16) self.assertEqual(len(cipher1.nonce), 8) self.assertNotEqual(cipher1.nonce, cipher2.nonce)
def encrypt(self, file_path, alg): if alg not in ALG_OPTIONS: return False with open(file_path, 'rb') as fi, open(file_path + ENCRYPT_EXTEND, 'wb') as fo: public_key = self.get_public_key() cipher_rsa = PKCS1_OAEP.new(public_key) plain_text = fi.read() msg = {'alg': alg} if alg == ALG_OPTIONS[0]: secret_key = Random.get_random_bytes(16) cipher = AES.new(secret_key, AES.MODE_EAX) msg.update({'nonce': cipher.nonce}) elif alg == ALG_OPTIONS[1]: secret_key = Random.get_random_bytes(16) cipher = AES.new(secret_key, AES.MODE_OCB) msg.update({'nonce': cipher.nonce}) elif alg == ALG_OPTIONS[2]: secret_key = Random.get_random_bytes(16) iv = Random.new().read(AES.block_size) cipher = AES.new(secret_key, AES.MODE_CFB, iv) msg.update({'iv': iv}) elif alg == ALG_OPTIONS[3]: secret_key = Random.get_random_bytes(16) cipher = AES.new(secret_key, AES.MODE_CTR) msg.update({'nonce': cipher.nonce}) elif alg == ALG_OPTIONS[4]: secret_key = Random.get_random_bytes(8) cipher = DES.new(secret_key, DES.MODE_OFB) msg.update({'iv': cipher.iv}) elif alg == ALG_OPTIONS[5]: secret_key = Random.get_random_bytes(16) cipher = ARC2.new(secret_key, ARC2.MODE_CFB) msg.update({'iv': cipher.iv}) elif alg == ALG_OPTIONS[6]: secret_key = Random.get_random_bytes(40) cipher = ARC4.new(secret_key) elif alg == ALG_OPTIONS[7]: secret_key = Random.get_random_bytes(32) cipher = ChaCha20.new(key=secret_key) msg.update({'nonce': cipher.nonce}) elif alg == ALG_OPTIONS[8]: secret_key = Random.get_random_bytes(32) cipher = Salsa20.new(key=secret_key) msg.update({'nonce': cipher.nonce}) else: return False if alg in ALG_OPTIONS[1:3]: cipher_text, tag = cipher.encrypt_and_digest(plain_text) elif alg in ALG_OPTIONS[3:]: cipher_text = cipher.encrypt(plain_text) tag = SHA256.new(plain_text).hexdigest() else: return False dir_path, file_name = os.path.split(file_path) msg.update({'secret_key': cipher_rsa.encrypt(secret_key), 'cipher_text': cipher_text, 'tag': tag, 'file_name': file_name}) for key, value in msg.iteritems(): msg[key] = b64encode(value).encode('utf-8') fo.write(json.dumps(msg)) return True
def Salsa20Decrypt(in_string, key): msg_nonce = in_string[:8] ciphertext = in_string[8:] cipher = Salsa20.new(key=key, nonce=msg_nonce) msg = cipher.decrypt(ciphertext) return msg
def Salsa20Encrypt(in_string): encryptionkey1 = get_passphrase(32) encryptionkey = str.encode(encryptionkey1) cipher = Salsa20.new(key=encryptionkey) msg = cipher.nonce + cipher.encrypt(in_string.encode('utf-8')) return [msg, encryptionkey1]
def decrypt(key, msg): msg = unhexlify(msg.encode()) nonce = msg[:8] c = msg[8:] cipher = Salsa20.new(key=key, nonce=nonce) return cipher.decrypt(c)
def encrypt(data, number): data = base64.b64encode(data.encode('utf-8')) seckey = hashlib.sha256(str(number).encode('utf-8')).digest() cipher = Salsa20.new(key=seckey) msg = cipher.nonce + cipher.encrypt(data) return base64.b64encode(msg)
def encrypt(key, msg): cipher = Salsa20.new(key=key) return hexlify(cipher.nonce + cipher.encrypt(msg)).decode()