Example #1
0
    def test_hash_nul_bytes(self):
        """
        Hashing passwords with NUL bytes works as expected.
        """
        rv = hash_password_raw(b"abc\x00", TEST_SALT)

        assert rv != hash_password_raw(b"abc", TEST_SALT)
Example #2
0
    def test_hash_nul_bytes(self):
        """
        Hashing passwords with NUL bytes works as expected.
        """
        rv = hash_password_raw(b"abc\x00", TEST_SALT)

        assert rv != hash_password_raw(b"abc", TEST_SALT)
Example #3
0
    def decrypt(self, data, password, salt):
        salt = self._fix_salt(salt)
        key = hash_password_raw(password, hash_len=32, salt=salt)
        box = SecretBox(key)
        data = box.decrypt(data, encoder=nacl.encoding.Base64Encoder)

        return data
Example #4
0
def kdf(key, salt):  # type: (str, str) -> str
    return b64encode(
        hash_password_raw(time_cost=params.get('a2_time', 16),
                          memory_cost=params.get('a2_mem', 32768),
                          parallelism=params.get('a2_paral', 2),
                          password=key.encode(),
                          hash_len=AES.key_size[params.get('aes_size', 2)],
                          type=Type.ID,
                          salt=salt))
Example #5
0
def key_generator_argon2(password, salt):
    #argon2 is industry specified hashing algorithm. Winner of Password Hashing Competition

    password = password.encode('utf-8')

    hash = argon2.hash_password_raw(time_cost=16, memory_cost=2**15, parallelism=2, hash_len=32,
    password=password, salt=salt, type=argon2.low_level.Type.ID)

    return hash
Example #6
0
def kdf(password):  # type: (str) -> str
    return b64encode(
        hash_password_raw(time_cost=get_param('ros_rest/a2_time', 16),
                          memory_cost=get_param('ros_rest/a2_mem', 32768),
                          parallelism=get_param('ros_rest/a2_paral', 2),
                          salt=b64decode(get_param('ros_rest/a2_salt')),
                          hash_len=AES.key_size[get_param(
                              'ros_rest/aes_size', 2)],
                          password=password.encode(),
                          type=Type.ID))
Example #7
0
    def encrypt(self, data, password, salt):
        salt = self._fix_salt(salt)
        key = hash_password_raw(password, hash_len=32, salt=salt)
        box = SecretBox(key)
        nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE)
        encrypted_data = box.encrypt(data,
                                     nonce,
                                     encoder=nacl.encoding.Base64Encoder)

        return encrypted_data
Example #8
0
def kdf_decrypt(passphrase, time, mem, cores):
    print(f'Stretching key...')
    # compute 50 of the available memory
    return hash_password_raw(time_cost=int(time),
                             memory_cost=int(mem),
                             parallelism=int(cores),
                             hash_len=32,
                             password=passphrase,
                             salt=b"k3y der1vati0n",
                             type=low_level.Type.ID)
Example #9
0
def get_hmac(key: bytes, salts: Sequence[bytes]) -> HMAC.HMAC:
    """."""
    hmac_password_derived = argon2.hash_password_raw(
        hash_len=32,
        password=key,
        salt=salts[2],  # hmac_salt
        type=argon2.low_level.Type.ID)
    bytes_to_hmac = b''.join(salts)
    return HMAC.new(key=hmac_password_derived,
                    msg=bytes_to_hmac,
                    digestmod=SHA256)
Example #10
0
def kdf(passphrase):
    ''' Derive the key from a passphrase '''
    time = 16
    mem = floor(
        (virtual_memory().free * 0.75) / 1000)  # use 75% of available memory
    cores = cpu_count()
    print(f'Stretching key...')
    return hash_password_raw(time_cost=time,
                             memory_cost=mem,
                             parallelism=cores,
                             hash_len=32,
                             password=passphrase,
                             salt=b"k3y der1vati0n",
                             type=low_level.Type.ID), f'{time};{mem};{cores}'
Example #11
0
    def test_hash_password_raw(self, type, hash):
        """
        Creates the same raw hash as the Argon2 CLI client.
        """
        rv = hash_password_raw(
            TEST_PASSWORD,
            TEST_SALT,
            TEST_TIME,
            TEST_MEMORY,
            TEST_PARALLELISM,
            TEST_HASH_LEN,
            type,
        )

        assert hash == rv
        assert isinstance(rv, bytes)
Example #12
0
    def test_hash_password_raw(self, type, hash):
        """
        Creates the same raw hash as the Argon2 CLI client.
        """
        rv = hash_password_raw(
            TEST_PASSWORD,
            TEST_SALT,
            TEST_TIME,
            TEST_MEMORY,
            TEST_PARALLELISM,
            TEST_HASH_LEN,
            type,
        )

        assert hash == rv
        assert isinstance(rv, bytes)
Example #13
0
def get_aes(key: bytes, salts: Sequence[bytes]) -> CtrMode:
    """."""
    cipher_password_derived = argon2.hash_password_raw(
        hash_len=32,
        password=key,
        salt=salts[0],  # password_salt
        type=argon2.low_level.Type.ID)
    ctr_counter = Counter.new(
        64,
        prefix=salts[1],  # nonce
        initial_value=5988931115977,
        little_endian=True)
    ctr = AES.new(key=cipher_password_derived,
                  mode=AES.MODE_CTR,
                  counter=ctr_counter)
    # make mypy happy
    assert isinstance(ctr, CtrMode)
    return ctr
Example #14
0
 def test_raw_defaults(self):
     """
     Calling without arguments works.
     """
     hash_password_raw(b"secret")
Example #15
0
 def test_raw_defaults(self):
     """
     Calling without arguments works.
     """
     hash_password_raw(b"secret")
Example #16
0
# antes de executar o código abaixo, é necessário importar
# o pacote argon2_cffi no python. para isso, basta
# executar o comando abaixo.
#
# pip install argon2_cffi

# imprtando bibliotecas
import argon2, binascii

# calcular o raw hash da senha
hash = argon2.hash_password_raw(time_cost=16,
                                memory_cost=2**15,
                                parallelism=2,
                                hash_len=32,
                                password=b'password',
                                salt=b'some salt',
                                type=argon2.low_level.Type.ID)

print("Argon2 raw hash:", binascii.hexlify(hash))

argon2Hasher = argon2.PasswordHasher(time_cost=16,
                                     memory_cost=2**15,
                                     parallelism=2,
                                     hash_len=32,
                                     salt_len=16)
hash = argon2Hasher.hash("password")
print("Argon2 hash (random salt):", hash)

verifyValid = argon2Hasher.verify(hash, "password")
print("Argon2 verify (correct password):", verifyValid)
Example #17
0
from argon2 import hash_password_raw, low_level
import binascii

hash = hash_password_raw(time_cost=16,
                         memory_cost=2**15,
                         parallelism=2,
                         hash_len=32,
                         password=b'My secret password',
                         salt=b'0123456789ABCDEF',
                         type=low_level.Type.ID)

print(f'Argon2id hash: {binascii.hexlify(hash).decode("utf-8")}')