def __shake128(msg, digest_len):
"""Returns a bytes object containing the SHAKE-128 hash of msg with
digest_len bytes of output"""
shake_ctx = hashes.Hash(hashes.SHAKE128(digest_len),
backend=default_backend())
shake_ctx.update(msg)
return shake_ctx.finalize()
def test_shake128_variable(self, vector, backend):
output_length = int(vector['outputlen']) // 8
msg = binascii.unhexlify(vector['msg'])
shake = hashes.SHAKE128(digest_size=output_length)
m = hashes.Hash(shake, backend=backend)
m.update(msg)
assert m.finalize() == binascii.unhexlify(vector['output'])
class TestSHAKE128(object):
test_shake128 = generate_hash_test(
load_hash_vectors,
os.path.join("hashes", "SHAKE"),
[
"SHAKE128LongMsg.rsp",
"SHAKE128ShortMsg.rsp",
],
hashes.SHAKE128(digest_size=16),
)
@pytest.mark.parametrize("vector",
_load_all_params(
os.path.join("hashes", "SHAKE"),
[
"SHAKE128VariableOut.rsp",
],
load_nist_vectors,
))
def test_shake128_variable(self, vector, backend):
output_length = int(vector['outputlen']) // 8
msg = binascii.unhexlify(vector['msg'])
shake = hashes.SHAKE128(digest_size=output_length)
m = hashes.Hash(shake, backend=backend)
m.update(msg)
assert m.finalize() == binascii.unhexlify(vector['output'])
def create(cls,
name: str,
severity: Severity,
description: str,
display_all: bool = False):
digest = hashes.Hash(hashes.SHAKE128(5), backend=default_backend())
digest.update(name.encode("utf_8"))
d = digest.finalize().hex()
id_val = f"Y{d}"
return cls.__new__(cls, name, severity, description, display_all,
id_val)
def __init__(self, shop_id=None, priv_key=None):
self._priv_key = priv_key if priv_key else Ed25519PrivateKey.generate()
self._cup_signature = None
self._signing_shop = Shop(shop_id)
cup_id_digest = hashes.Hash(hashes.SHAKE128(16),
backend=default_backend())
cup_id_digest.update(
self.pub_key.public_bytes(Encoding.PEM,
PublicFormat.SubjectPublicKeyInfo))
self._cup_id: bytes = cup_id_digest.finalize()
def test_shake128_variable(self, backend, subtests):
vectors = _load_all_params(
os.path.join("hashes", "SHAKE"),
["SHAKE128VariableOut.rsp"],
load_nist_vectors,
)
for vector in vectors:
with subtests.test():
output_length = int(vector["outputlen"]) // 8
msg = binascii.unhexlify(vector["msg"])
shake = hashes.SHAKE128(digest_size=output_length)
m = hashes.Hash(shake, backend=backend)
m.update(msg)
assert m.finalize() == binascii.unhexlify(vector["output"])
async def SHAKE128(message):
message = message.encode()
kdf = PBKDF2HMAC(
algorithm=hashes.SHAKE128(),
length=hashLen,
salt=
b'\xe7\xde\xc1\xf0\x81\x99\xde}\xa4\xb50u;&\x06\xe7\xa4\xbfn\xbc',
iterations=hashIter,
backend=default_backend())
output = base64.urlsafe_b64encode(kdf.derive(message))
return (output)
async def handle_received_data(self, connection):
self.hasher = ManifestHasher(self.source, self.group, self.group_port,
hashes.SHAKE128(16), self.manifest_id)
stream, context, eom = connection.parse()
if len(stream) == 0:
raise taps.DeframingFailed
return
timeout = 0
msg = stream[0]
hash = self.hasher.digest(msg, connection.remote_endpoint.port)
while (timeout <= 2):
if hash in self.hashes:
self.hashes.remove(hash)
return (None, msg, 1, True)
else:
await asyncio.sleep(0.1)
timeout += 0.1
raise taps.DeframingFailed
return
@pytest.mark.requires_backend_interface(interface=HashBackend)
class TestSHA3512(object):
test_sha3_512 = generate_hash_test(
load_hash_vectors,
os.path.join("hashes", "SHA3"),
[
"SHA3_512LongMsg.rsp",
"SHA3_512ShortMsg.rsp",
],
hashes.SHA3_512(),
)
@pytest.mark.supported(
only_if=lambda backend: backend.hash_supported(
hashes.SHAKE128(digest_size=16)),
skip_message="Does not support SHAKE128",
)
@pytest.mark.requires_backend_interface(interface=HashBackend)
class TestSHAKE128(object):
test_shake128 = generate_hash_test(
load_hash_vectors,
os.path.join("hashes", "SHAKE"),
[
"SHAKE128LongMsg.rsp",
"SHAKE128ShortMsg.rsp",
],
hashes.SHAKE128(digest_size=16),
)
@pytest.mark.parametrize("vector",
def signature_hash(self) -> bytes:
signature_hash = hashes.Hash(hashes.SHAKE128(16),
backend=default_backend())
signature_hash.update(self.signature)
return signature_hash.finalize().hex()
def hash_password_for_init_vector(password):
digest = hashes.Hash(hashes.SHAKE128(16), backends.default_backend())
digest.update(password)
return digest.finalize()
def unpack_data(file_name, private_key_path=None, key_password=None):
print(Fore.LIGHTMAGENTA_EX + "\n\n# ------------------------------------------------------\n"
"# Warning the extractor module is not secure against erroneous or\n"
"# maliciously constructed data. Never unpack data received from an\n"
"# untrusted or unauthenticated source.\n"
"# ------------------------------------------------------\n\n")
enc_key = base64.b85decode(get_key_data("PRIVATE", private_key_path))
if key_password:
password = key_password
else:
password = getpass.getpass("Insert the key's password: "******"Decryption failed - Check if the key's password is correct: \n" + str(e))
exit(668)
private_key = serialization.load_pem_private_key(
dec_key,
password=None,
backend=default_backend()
)
if not private_key:
print(Fore.RED + "Could not load the public key")
exit(667)
with open(file_name,"rb") as file:
encrypted = file.read()
hmac_hash = encrypted[-64:]
encrypted_password = (encrypted[:-64])[-1024:]
key_password = private_key.decrypt(
encrypted_password,
ass_padding.OAEP(
mgf=ass_padding.MGF1(algorithm=hashes.SHA512()),
algorithm=hashes.SHA512(),
label=None
)
)
cipher_text = encrypted[:-1088]
digest = hashes.Hash(hashes.SHAKE128(16), backend=default_backend())
digest.update(key_password)
salt = digest.finalize()
# Real key digested from the key_password
kdf_kp = PBKDF2HMAC(algorithm = hashes.SHA512(),
length = 32,
salt = salt,
iterations = 1000,
backend = default_backend())
key = kdf_kp.derive(key_password)
# ChaCha20 Nonce
kdf_n = PBKDF2HMAC(algorithm = hashes.SHA256(),
length = 16,
salt = salt,
iterations = 200,
backend = default_backend())
nonce = kdf_n.derive(key)
# AES CBC Init vector
kdf_iv = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=16,
salt=salt,
iterations=200,
backend=default_backend())
iv = kdf_iv.derive(nonce + key)
# HMAC Derivated key
kdf_hmac = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=200,
backend=default_backend())
hmac_key = kdf_hmac.derive(iv + key)
try:
h = hmac.HMAC(hmac_key, hashes.SHA512(), backend=default_backend())
h.update(cipher_text)
h.verify(hmac_hash)
except:
print(Fore.RED + "Could not authenticate data pack")
exit(667)
print(Fore.GREEN + "Valid data")
# AES
cipher_aes = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
decryptor = cipher_aes.decryptor()
chacha_encrypted = decryptor.update(cipher_text) + decryptor.finalize()
# CHACHA
chacha_alg = algorithms.ChaCha20(key, nonce)
cipher_chacha = Cipher(chacha_alg, mode=None, backend=default_backend())
decryptor = cipher_chacha.decryptor()
compressed_padded = decryptor.update(chacha_encrypted)
# PKCS7 padding
unpadder = padding.PKCS7(256).unpadder()
data = unpadder.update(compressed_padded)
compressed = data + unpadder.finalize()
## =====
try:
data = lzma.decompress(compressed)
except Exception as e:
var = traceback.format_exc()
raise Exception("Decompress A {} \n {}".format(str(var), str(e)))
print("Done!")
ret_data = b""
try:
ret_data = pickle.loads(data)
except Exception as e:
print(Fore.RED + "Error while unserializing")
var = traceback.format_exc()
raise Exception("Unpack Serial {} \n {}".format(str(var), str(e)))
return ret_data
def pack_data(data_migrate=None, send_now=True, unencrypted=False):
print(constants.EXTRACTOR_WIZARD_HEADER)
#Used in case automatic submission fails
output_name = str("data_pack_"+str(time.time())).replace(".","")
public_key = serialization.load_pem_public_key(
get_key_data("PUBLIC"),
backend=default_backend()
)
print(constants.EXTRACTOR_HELP_STRING)
if not public_key:
print(Fore.RED + "Could not load the public key")
exit(667)
data_pack = {}
if data_migrate is not None:
data_pack = data_migrate
else:
try:
print("{}Please fill these infos precisely, they will appear on the report".format(Fore.LIGHTCYAN_EX))
data_pack = dl.get_info(include_am_configs=True, include_fw_configs=True)
except Exception as e:
print(Fore.RED + "--------------Error while getting the data-------------- \n"
+ Fore.LIGHTWHITE_EX + str(e) + "\n" + Fore.RED + "--------------Error while getting the data--------------")
# Used to populate the HTTP request's JSON body
generation_data = data_pack.get("customer_info")
data = pickle.dumps(data_pack)
if unencrypted:
generate_unencrypted(data_pack,output_name)
with tqdm(total=3) as pbar:
pbar.set_description("Compressing data...")
compressed = lzma.compress(data, preset=9 | lzma.PRESET_EXTREME)
pbar.update(1)
pbar.set_description("Crypto 1/2...")
key_password = os.urandom(32) # 32 bytes / 256 bits
# Padding
padder = padding.PKCS7(256).padder()
compressed_padded = padder.update(compressed)
compressed_padded += padder.finalize()
# Salt
digest = hashes.Hash(hashes.SHAKE128(16), backend=default_backend())
digest.update(key_password)
salt = digest.finalize()
# IV, NONCE, HMAC_KEY values generated from PBKDF2 using a single use key
# Create real key from a given "key password"
kdf_kp = PBKDF2HMAC(algorithm = hashes.SHA512(),
length = 32,
salt = salt,
iterations = 1000,
backend = default_backend())
key = kdf_kp.derive(key_password)
kdf_n = PBKDF2HMAC(algorithm = hashes.SHA256(),
length = 16,
salt = salt,
iterations = 200,
backend = default_backend())
nonce = kdf_n.derive(key)
kdf_iv = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=16,
salt=salt,
iterations=200,
backend=default_backend())
iv = kdf_iv.derive(nonce + key)
kdf_hmac = PBKDF2HMAC(algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=200,
backend=default_backend())
hmac_key = kdf_hmac.derive(iv + key)
# Chacha
chacha_alg = algorithms.ChaCha20(key, nonce)
cipher_chacha = Cipher(chacha_alg, mode=None, backend=default_backend())
encryptor_chacha = cipher_chacha.encryptor()
chacha_cipher = encryptor_chacha.update(compressed_padded)
pbar.update(1)
pbar.set_description("Crypto 2/2...")
# Aes
cipher_aes = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
encryptor_aes = cipher_aes.encryptor()
aes_cipher = encryptor_aes.update(chacha_cipher) + encryptor_aes.finalize()
# HMAC
h = hmac.HMAC(hmac_key, hashes.SHA512(), backend=default_backend())
h.update(aes_cipher)
hmac_bytes = h.finalize()
# RSA
# Encrypt the key with an 8192 RSA pub Key
encrypted_password = public_key.encrypt(
key_password,
ass_padding.OAEP(
mgf=ass_padding.MGF1(algorithm=hashes.SHA512()),
algorithm=hashes.SHA512(),
label=None
)
)
pbar.update(1)
pbar.set_description("Done!")
aes_cipher += encrypted_password
aes_cipher += hmac_bytes
if send_now:
if not upload(aes_cipher, generation_data):
try:
with open(output_name+".dat","wb") as out:
out.write(aes_cipher)
except Exception as e:
print(str(e)+"\nCould not save to disk! (permissions?)")
exit(-1)
print("{}Probably connection issues due to Firewall or no internet connection, please use this tool\n"
" to resubmit the packege on a network with internet access using the command {}--send ".format(Fore.LIGHTYELLOW_EX,Fore.LIGHTRED_EX))
print("{}To do it copy/send the new {}{}{} file created on this folder to other machine with internet\n"
"access. the file is extremelly secure it can be manipulated anywere".format(Fore.LIGHTCYAN_EX,
Fore.LIGHTYELLOW_EX,output_name,Fore.LIGHTCYAN_EX))
print(Fore.LIGHTGREEN_EX + "Package was saved successfully as {} !".format(output_name))
else:
try:
with open(output_name+".dat","wb") as out:
out.write(aes_cipher)
except Exception as e:
print(str(e)+"\nCould not save to disk! (permissions?)")
exit(-1)
print(Fore.LIGHTYELLOW_EX+"The package was not sent for processing, you will have to use the command --send to send another time.")
print("{}To do it copy/send the new {}{}{} file created on this folder to another machine with internet\n"
"access. the file is very secure and it can be sent/stored anywere.".format(Fore.LIGHTCYAN_EX,
Fore.LIGHTYELLOW_EX,output_name,Fore.LIGHTCYAN_EX))
print(Fore.LIGHTGREEN_EX + "Package was saved successfully as {} !".format(output_name))
taps.print_time("New manifest without sender)",
color)
self.last_wrote = datetime.datetime.now()
self.cur_hashes = []
self.manifest_seq += 1
# map from names in hash-algorithm-t in
# https://tools.ietf.org/html/draft-ietf-netconf-crypto-types-11
# to options from cryptography.hazmat.primitives import hashes
HASH_ALG_MAP = {
'sha-224': hashes.SHA3_224,
'sha-256': hashes.SHA3_256,
'sha-384': hashes.SHA3_384,
'sha-512': hashes.SHA3_512,
'shake-128': hashes.SHAKE128(16),
# 'shake-224': hashes.SHAKE256(28), # TBD: is this right?
'shake-256': hashes.SHAKE256(32),
}
class ManifestServer(object):
def __init__(self, addr, port, trust_ca, local_identity):
self.preconnection = None
self.addr = addr
self.port = port
self.trust_ca = trust_ca
self.local_identity = local_identity
self.loop = asyncio.get_event_loop()
self.connections = []
async def push_new_manifest(self, manifest):
