def generate_key(bits, e):
"""
Returns p and q.
"""
p = getPrime(bits / 2)
q = getPrime(bits / 2)
if fractions.gcd(p - 1, e) != 1 or fractions.gcd(q - 1, e) != 1:
return generate_key(bits, e)
else:
return p, q, modinv(e, (p - 1) * (q - 1))
def rsa_key_export():
masterkey = rsa.generate_key( 2048 )
print '[+] generate OK!'
print '[+] exporting keypair to disk...'
rsa.export_keypair( 'rsa_server', masterkey )
print '\t[+] attempting to reload keypair from disk... ',
pubkey = rsa.load_key('rsa_server.pub')
prvkey = rsa.load_key('rsa_server.prv')
assert( prvkey.has_private() )
assert( not pubkey.has_private() )
print 'OK!'
assert(pubkey == prvkey.publickey())
def generateRSAKey(self):
str = self.getFolderName()
rsa.generate_key(str)
self.showdialog("Key have been save at ..." + str)
from botocore.exceptions import ClientError
from flask import Flask, abort, render_template, request
from onetimesecret import OneTimeSecretCli
from rsa import decrypt, encrypt, generate_key
server = Flask(__name__)
AWS_ACCESS_KEY_ID = os.environ.get("AWS_ACCESS_KEY_ID")
AWS_S3_REGION = os.environ.get("AWS_S3_REGION", "us-east-1")
AWS_SECRET_ACCESS_KEY = os.environ.get("AWS_SECRET_ACCESS_KEY")
ONETIMESECRET_KEY = os.environ.get("ONETIMESECRET_KEY")
ONETIMESECRET_USER = os.environ.get("ONETIMESECRET_USER")
PASSWORD_STORAGE = os.environ.get("PASSWORD_STORAGE")
SLACK_SERVER = os.environ.get("SLACK_SERVER", "https://slack.slashpass.co")
secret_key = generate_key(os.environ.get("BIP39"))
private_key = secret_key.exportKey("PEM")
public_key = secret_key.publickey().exportKey("PEM")
s3 = boto3.client(
"s3",
region_name=AWS_S3_REGION,
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
)
def _get_encryption_key():
bucket = PASSWORD_STORAGE
key = "slack.slashpass.id_rsa.pub"
encryption_key_url = "{}/public_key".format(SLACK_SERVER)
# longer messages and bigger exponents require more encrypted messages
print ""
print "Assuming that the message length is %d, we compute the bit_length of pow(<biggest string of size %d>, e), which is: %d" % (
len(m), len(m), (pow(pow(2,
len(m) * 8), e).bit_length()))
print "Every encryption operation uses a modulo whose lower bound is %d bit long" % (
key_length - 1)
n_messages = (pow(pow(2,
len(m) * 8), e).bit_length() / (key_length - 1)) + 1
print "So, we need at least (%d/%d) + 1 = %d different encrypted messages to be sure to recover the message" % (
pow(pow(2,
len(m) * 8), e).bit_length(), (key_length - 1), n_messages)
n_list = []
c_list = []
for _ in xrange(n_messages):
p, q, d = generate_key(key_length, e)
n = p * q
# during every encryption step pow(m,e) is always the same "unknown" value, whereas n changes
c = rsa_enc(mint, e, n)
n_list.append(n)
c_list.append(c)
recovered_pow_m_e = crt(c_list, n_list)
recovered_message = int_to_str(invpow(recovered_pow_m_e, e))
print ""
print "original message:", repr(m)
print "recovered message:", repr(recovered_message)
assert m == recovered_message
break
n = p * q
l = (p - 1) * (q - 1) # calculate totient function
d = modinv(e, l)
self.n, self.e, self.d = int(n), int(e), int(d)
return self.n, self.e, self.d
def encrypt(self, data):
return pow(int(data), int(self.e), int(self.n))
def decrypt(self, data):
return pow(int(data), int(self.d), int(self.n))
if __name__ == "__main__":
rsa = RSA()
N, E, D = rsa.generate_key(16)
test_data = 25
encrypted = pow(test_data, E, N)
decrypted = pow(encrypted, D, N)
print("n:", N)
print("e:", E)
print("d:", D)
print("data:", test_data)
print("encrypted:", encrypted)
print("decrypted:", decrypted)
assert decrypted == test_data
import os
from datetime import datetime
from urllib.parse import urlparse, urlunparse
import redis
import requests
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from raven.contrib.flask import Sentry
from rsa import generate_key
from core import SlashpassCMD
from environ import BIP39, DATABASE_URL, REDIS_HOST, SENTRY_DSN
secret_key = generate_key(BIP39)
private_key = secret_key.exportKey("PEM")
public_key = secret_key.publickey().exportKey("PEM")
server = Flask(__name__)
server.config["SQLALCHEMY_DATABASE_URI"] = DATABASE_URL
server.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
cache = redis.StrictRedis(host=REDIS_HOST, port=6379)
sentry = Sentry(server, dsn=SENTRY_DSN)
cmd = SlashpassCMD(cache, private_key)
db = SQLAlchemy(server)
class Team(db.Model):
id = db.Column(db.Integer, primary_key=True)
import os
import random
import time
from collections import namedtuple
import rsa
import utils
Interval = namedtuple("Interval", ["lower_bound", "upper_bound"])
# global RSA key
# only the oracle may use the secret key sk, in this setup
modulus_size = 256
pk, sk = rsa.generate_key(modulus_size)
(n, e) = pk
# modulus size in bytes
k = modulus_size // 8
# global start timer
t_start = time.perf_counter()
# keep track of the oracle calls
global queries
queries = 0
# math.ceil and math.floor don't work for large integers
def floor(a, b):
return a // b
def test_key_generator(self):
n, e, d = generate_key(8)
data = 2
en = encrypt(data, e, n)
dec = decrypt(en, d, n)
self.assertEqual(data,dec)
# -*-coding:utf-8-*-
import base64
import aes
import rsa
import ecc
if __name__ == '__main__':
aesKey = b"pI3UfYGBWXR938Ui0ngNsmOsJ675kYcfqhzG86l7K24="
secretRsaPrivateKey = 'KhPQAOlk1QfwaN6Ax5ZvAi15WyYdCdmVrC5Dpy/m31vAXyF5w+fQQV77hv5QpwYxKFJASEPuPM3FxS6kJotVkKiStTwKrXvo4mPJkha6FS7ao5+UdM4IupS6ru8QGV1Xg1qP1WCKYXRwm5aSzmoJmJ/gag2lS9QPFP1l0epjiWf1pwqNR0Y5CNfD82U1nH23D499kXcVTVQFoAUIeThRt7iO+TmlIrXnVO7vkOIikLnRtyTzgM4RhpKecVy7ezKEWyLNatMkEJEdekAkcbD05YxG8tBz7s2YODRG3uDQfC3piPLlvaWA4QPSbiYoHiZX8rCKGYez1K/xe0F1VI9SJiKTezXjxo6SGJybLMKtnzVtIc2OdY+XRznxhOZDqCkEaLZMSQDRv8j7ZvfZV+2v3/4l89VWLsRFXmTUrWDBbo1y6MReKSFivZDvG4AmVVO/cOv6p9akuoxzkAWd/fp3Qg1+jFl7Wbf2d1pn4P3VokfPj6V1VmKPWGSpJ1k55vVpD29Lw2EIUTSVJ/2MYCDrXZKWmuSiKaA+Wb4aFSRTDQqW0xbM31Mj2D29pLY0ujc7pBfOe2c97+7TDGKoYlh6pzclPhdT2bk73u4vDogIRT0d13OzWp5G3NyoWUATjgJYPnXIuRSLwK/tJ+w93jBOI3LFbQkWavsz09ZAdOu3DKkytMcCaGHhrKshiDV83Q2elStzd5SPHjTH290LokC58A/0FT+xlqG0WbRS1O248Spou/CH/RfPBo96ZU+XIXV9tW2WAoVz/GEh8zdP3FSph+6CxNVUQqj1EMXD64XcAAVxX3XUmpclObXezJ3HioyrhIveRPOfsJBrsm7Hm9akcf3I6KZJpGKgdKcjbJ48o4MKgFQKvjnW+ykWxwThF4uqybPNepjLyLoBuUkWWg+Y77s4q0ZtIzZaTVqi+51K5al8MvvthV7+ZwR13yApNOg3j+kz4v/ahOuXEDH7cM+stqbuN1tft0GJ+eAx4Mm8irmEYuCNUK0fLGKcPImLRS32QFzJ79oGmiYfHf8ca0NBpx+l2pZHoBQtCWLVirEluOLPiaHiWvpglDiD1oWb99KnrdWVCz9NZ5gkXRwjPdh7zHB+bFYOlo6+wy7MhJolJGLD+DIthzLluVRT0ZrtWB9bMGjVMHyCgMAhZEEi7DmklIBIXtqjKZEtD+N+6peyV2OF+/v5HwHvo392wUBeyllCz3LqZO0u/wfvFCYlqglIChgnQb6EOF3E1ubYAROPFZeYty9KJMpwXZKv0R3UccLBF0kbWZ3aEh7CWmeI8E4Y0t8PT2pLNAfxBBm+nSPDkfbrGOpNM6J+wQCGS0RPopmmjQ65Qw43wGVbWzf1NHp6U88ep06jtWY2wxAG1mmPPDJmpSJSwjqt00d4ennWqIKdHCGK72Or19SgaryHAzKmjw8ks9PqlPMu07f/SXYJqCk9Ugjkwhwn1Ddl+U40djq1sq3BAtqOIbGnKEJjyV16ZPTVaN1Gq1gRn+IFTFaWb+5pUN5UlqIyJYHUBubvHWhWKga++3bQeWyQlKc+os+nKPD/rCMn2FyLp/2TF3AIyagdBvF42CaB3DLW33xFgIfbIZtRjqZj1fhKZg8ifdkQMXTc4/3uGF/qpySvM64KBtSgTN959DaO/sl6dYw+xFDHeCchZSceVo5uPh54UKpUCHahYP51k2bmQit9gsWA+W7zV8Qb4+BZdr0yBlfa7AomTwwgp/Kxs0ya2sZ885BZR+ah6nFjuc4OzIH60a8gUFZxDEC/05278OWRntnToP6UYzbHyfGCdzKbiPOGoDaFZfSGRD6MCBuP0MWYqGG6B6/Vza87NfluFOAjpu5iMXgqX1XT5rYe0PEZCYrto3KV3H4FpP65gs3AP92kFHQ62pGJkzj22bua53OZqLx+ylO97m62FOkqKQYV+c820Td6bCHjUSjxTQEvGOJsX36ukV37URsHfwXdykOugsbQZT0gddpRZj3pPv/zgl+4LCVXR/uD1ziKrmdmBTSUIFu2/hurLOAzXXmJSk3qKLMJJz0FquRESELLqR5ujAKVA9GQ7+sR8bbCA3d+BU5yMcRx0vrvf41+Sadf6IRF2KwR5juzUS7EwMDMOaDrsN3V1/QYhtTM4Ji+ZqPXav7yuWjULadPAcucelReTbLfka2RPMEk'
publicKey = 'MIIBCgKCAQEA2xdcIYkim4HRgc8eW/KNZhESYIF/LBbr4WTwK0sygZkBUrXdQeEeYyeK08E1CF2VxsVQzkdP+RU6O8Z7y8JXyCh0Jdx7uEb1KKHYVT99BK1TEQZ32Ittba0xoybC/CAd3D1RPJtK+ymF837hp2FradVqAxrYcpcvk0vqKx4Lucylp6Z9Tq32xJYVK4dVihqZWaWnSLnodfCnPluW5JR6V3Y4unsX9bjxiqUHN9YtC6HE+MnFc/5wQkX1x8gFRTamt0B4BZsEzWSg3JG+L8Vy+MxnYibx+Y0rGWhysP7u5zHGx8cmCmZp9aDO0/WArvoFaaAIhBke7SxARMbcZpHY8wIDAQAB'
privateKeyBase64 = aes.aes_ecb_decrypt(
base64.b64decode(aesKey), base64.b64decode(secretRsaPrivateKey))
signature = rsa.sign_by_rsa_with_sha256(base64.b64decode(privateKeyBase64),
b"this is message")
print(
rsa.verify_signature(base64.b64decode(publicKey), signature,
b"this is message"))
ciphertext = aes.aes_ecb_encrypt(base64.b64decode(aesKey),
b"this is message")
print(aes.aes_ecb_decrypt(base64.b64decode(aesKey), ciphertext))
private, public = rsa.generate_key()
print(base64.b64encode(private).decode())
print(base64.b64encode(public).decode())
private, public = ecc.generate_key()
signature = ecc.sign_with_sha256(private, b"this is message")
print(ecc.verify_signature(public, signature, b"this is message"))
