def test_ecdh_generate_key_random():
aliceSecretKey = SigningKey.generate(curve=NIST256p)
alice = ECDH(curve=NIST256p)
alice.load_private_key(aliceSecretKey)
alicePublicKey = alice.get_public_key()
bobSecretKey = SigningKey.generate(curve=NIST256p)
bob = ECDH(curve=NIST256p)
bob.load_private_key(bobSecretKey)
bobPublicKey = bob.get_public_key()
aliceSecret = derive_shared_secret_from_key(aliceSecretKey, bobPublicKey)
print("Alice secret: ", aliceSecret.hex())
bobSecret = derive_shared_secret_from_key(bobSecretKey, alicePublicKey)
print("Bob secret: ", bobSecret.hex())
# Header parameters used in ConcatKDF
alg = "A256GCM"
apu = "Alice"
apv = "Bob"
keydatalen = 32 # 32 bytes or 256 bit output key length
# After each side generates the shared secret, it is used to independantly derive a shared encryption key
aliceKey = concat_kdf(aliceSecret, alg, apu, apv, keydatalen)
print("Alice key: ", aliceKey.hex())
bobKey = concat_kdf(bobSecret, alg, apu, apv, keydatalen)
print("Bob key: ", bobKey.hex())
assert (aliceKey == bobKey
), "Both parties should generate the same key from the same secret"
def DeriveECDHSecretFromKey(privateKey, publicKey):
"""Generate a shared secret from keys in ecdsa.Keys format."""
derive = ECDH(curve=NIST256p)
derive.load_private_key(privateKey)
derive.load_received_public_key(publicKey)
secret = derive.generate_sharedsecret_bytes()
return secret
def __init__(self, cookie):
self.version = '23.9.2'
self.app_version = '25.2.2'
self.cookie = cookie
self.ua = 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/23.9.2'
self.content_type = 'application/x-www-form-urlencoded'
self.header = {
"User-Agent": self.ua,
"Content-Type": self.content_type,
"Cookie": self.cookie
}
self.remote_pubkey = '0457A29257CD2320E5D6D143322FA4BB8A3CF9D3CC623EF5EDAC62B7678A89C91A83BA800D6129F522D034C895DD2465243ADDC250953BEEBA'
self.crc_salt = '^j>WD3Kr?J2gLFjD4W2y@'
self.private_key = RSA.construct((
0x8C81424BC166F4918756E9F7B22EFAA03479B081E61896872CB7C51C910D7EC1A4CE2871424D5C9149BD5E08A25959A19AD3C981E6512EFDAB2BB8DA3F1E315C294BD117A9FB9D8CE8E633B4962E087C629DC6CA3A149214B4091EF2B0363CB3AE6C7EE702377F055ED3CD93F6C342256A76554BBEA7F203437BBE65F2DA2741,
0x10001,
0x3704DAB00D80C25E464FFB785A16D95F688D0A5823811758C16308D5A1DB55FA800D967A9B4AEDE79AA783ADFFDCDB23541C80B8D436901F172B1CCCA190B224DBE777BF18B96DD9A30AACE8780350793A4F90A645A7747EF695622EADBE23A4C6D88F22E87842B43B35486C2D1B5B1FA77DB3528B0910CA84EDB7A46AFDBED1
))
self.publickey = RSA.construct((
0xD1DEB5A67989D10A5C0B041D11AB47659BC32B3E65A92F9236DD2CC2140A0DA495FA0E7EF875F6FACB4D981F5E5E3BA5E67811DD73B7A4105254222FACC206A74E8911215451AFFCF5EBFDE887BC9ADB675C02A835F75CBE77A603AF820683F439E7CED4289323DF9C9055769E15798B9453E89058B3E2E3F186B07B046A996D,
0x10001))
self.g_key_l = '42da13ba78768d37e8ee0491'.decode('hex')
self.g_key_s = '2923215e'.decode('hex')
self.g_kts = 'f0e569aebfdcbf5a1a45e8be7da67388de8fe7c445da86949b69920b6ab8f17a38063c95266d2c560070569c363862762f9b5f0ff2fefd2d709c86448f3d142771938ae40ec148aedc347fcffeb27ff6559a46c8eb3777a4e06b72937e51cbf137efad2adeeef9c9396b32a1ba35b1b8beda7873f820d527045a6ffd5e7239cf3b9c2b575cf97c4b7bd21266cc7709a6'.decode(
'hex')
self.curve = NIST224p
self.m115_l_rnd_key = None
self.m115_s_rnd_key = None
self.local_private_key = None
self.aes_key = None
self.aes_iv = None
self.local_public_key = None
self.user_id = None
self.user_key = None
self.std_out_handle = None
self.filecount = 0
self.cid = 0
sk = SigningKey.generate(curve=self.curve)
ecdh = ECDH(curve=self.curve)
ecdh.load_private_key(sk)
local_public_key = ecdh.get_public_key()._compressed_encode()
self.local_public_key = chr(29) + local_public_key
ecdh.load_received_public_key_bytes(self.remote_pubkey.decode('hex'))
secret = ecdh.generate_sharedsecret_bytes()
self.aes_key = secret[0:16]
self.aes_iv = secret[-16:]
if self.get_userkey() is False:
print('Get userkey info failed!')
def __init__(self, cookie):
self.version = '23.9.0'
self.app_version = '25.2.2'
self.cookie = cookie
self.ua = 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/23.9.0'
self.content_type = 'application/x-www-form-urlencoded'
self.header = {
"User-Agent": self.ua,
"Content-Type": self.content_type,
"Cookie": self.cookie
}
self.remote_pubkey = '0457A29257CD2320E5D6D143322FA4BB8A3CF9D3CC623EF5EDAC62B7678A89C91A83BA800D6129F522D034C895DD2465243ADDC250953BEEBA'
self.crc_salt = '^j>WD3Kr?J2gLFjD4W2y@'
self.private_key = RSA.construct((
0x8C81424BC166F4918756E9F7B22EFAA03479B081E61896872CB7C51C910D7EC1A4CE2871424D5C9149BD5E08A25959A19AD3C981E6512EFDAB2BB8DA3F1E315C294BD117A9FB9D8CE8E633B4962E087C629DC6CA3A149214B4091EF2B0363CB3AE6C7EE702377F055ED3CD93F6C342256A76554BBEA7F203437BBE65F2DA2741,
0x10001,
0x3704DAB00D80C25E464FFB785A16D95F688D0A5823811758C16308D5A1DB55FA800D967A9B4AEDE79AA783ADFFDCDB23541C80B8D436901F172B1CCCA190B224DBE777BF18B96DD9A30AACE8780350793A4F90A645A7747EF695622EADBE23A4C6D88F22E87842B43B35486C2D1B5B1FA77DB3528B0910CA84EDB7A46AFDBED1
))
self.publickey = RSA.construct((
0xD1DEB5A67989D10A5C0B041D11AB47659BC32B3E65A92F9236DD2CC2140A0DA495FA0E7EF875F6FACB4D981F5E5E3BA5E67811DD73B7A4105254222FACC206A74E8911215451AFFCF5EBFDE887BC9ADB675C02A835F75CBE77A603AF820683F439E7CED4289323DF9C9055769E15798B9453E89058B3E2E3F186B07B046A996D,
0x10001))
self.g_key_l = '\x42\xda\x13\xba\x78\x76\x8d\x37\xe8\xee\x04\x91'
self.g_key_s = '\x29\x23\x21\x5e'
self.g_kts = '\xf0\xe5\x69\xae\xbf\xdc\xbf\x5a\x1a\x45\xe8\xbe\x7d\xa6\x73\x88\xde\x8f\xe7\xc4\x45\xda\x86\x94\x9b\x69\x92\x0b\x6a\xb8\xf1\x7a\x38\x06\x3c\x95\x26\x6d\x2c\x56\x00\x70\x56\x9c\x36\x38\x62\x76\x2f\x9b\x5f\x0f\xf2\xfe\xfd\x2d\x70\x9c\x86\x44\x8f\x3d\x14\x27\x71\x93\x8a\xe4\x0e\xc1\x48\xae\xdc\x34\x7f\xcf\xfe\xb2\x7f\xf6\x55\x9a\x46\xc8\xeb\x37\x77\xa4\xe0\x6b\x72\x93\x7e\x51\xcb\xf1\x37\xef\xad\x2a\xde\xee\xf9\xc9\x39\x6b\x32\xa1\xba\x35\xb1\xb8\xbe\xda\x78\x73\xf8\x20\xd5\x27\x04\x5a\x6f\xfd\x5e\x72\x39\xcf\x3b\x9c\x2b\x57\x5c\xf9\x7c\x4b\x7b\xd2\x12\x66\xcc\x77\x09\xa6'
self.m115_rnd_key = None
self.curve = NIST224p
self.local_private_key = None
self.aes_key = None
self.aes_iv = None
self.local_public_key = None
self.user_id = None
self.user_key = None
self.std_out_handle = None
self.filecount = 0
self.cid = 0
sk = SigningKey.generate(curve=self.curve)
ecdh = ECDH(curve=self.curve)
ecdh.load_private_key(sk)
local_public_key = ecdh.get_public_key()._compressed_encode()
self.local_public_key = chr(29) + local_public_key
ecdh.load_received_public_key_bytes(self.remote_pubkey.decode('hex'))
secret = ecdh.generate_sharedsecret_bytes()
self.aes_key = secret[0:16]
self.aes_iv = secret[-16:]
if self.get_userkey() is False:
print('Get userkey info failed!')
def test_ecdh_derive_shared_secret_random():
# Generate random keys for the two participating users
aliceSecretKey = SigningKey.generate(curve=NIST256p)
alice = ECDH(curve=NIST256p)
alice.load_private_key(aliceSecretKey)
alicePublicKey = alice.get_public_key()
bobSecretKey = SigningKey.generate(curve=NIST256p)
bob = ECDH(curve=NIST256p)
bob.load_private_key(bobSecretKey)
bobPublicKey = bob.get_public_key()
# Each user derives the same shared secret, independantly, using the other's public key which is exchanged
aliceSecret = derive_shared_secret_from_key(aliceSecretKey, bobPublicKey)
print("Alice secret: ", aliceSecret.hex())
bobSecret = derive_shared_secret_from_key(bobSecretKey, alicePublicKey)
print("Bob secret: ", bobSecret.hex())
assert aliceSecret == bobSecret, "Both parties should generate the same secret"
def __init__(self, cookie):
self.version = '23.9.1'
self.app_version = '25.2.2'
self.cookie = cookie
self.ua = 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/23.9.1'
self.content_type = 'application/x-www-form-urlencoded'
self.header = {
"User-Agent": self.ua,
"Content-Type": self.content_type,
"Cookie": self.cookie
}
self.remote_pubkey = '0457A29257CD2320E5D6D143322FA4BB8A3CF9D3CC623EF5EDAC62B7678A89C91A83BA800D6129F522D034C895DD2465243ADDC250953BEEBA'
self.crc_salt = '^j>WD3Kr?J2gLFjD4W2y@'
self.curve = NIST224p
self.local_private_key = None
self.aes_key = None
self.aes_iv = None
self.local_public_key = None
self.user_id = None
self.user_key = None
self.std_out_handle = None
self.filecount = 0
self.cid = 0
sk = SigningKey.generate(curve=self.curve)
ecdh = ECDH(curve=self.curve)
ecdh.load_private_key(sk)
local_public_key = ecdh.get_public_key()._compressed_encode()
self.local_public_key = chr(29) + local_public_key
ecdh.load_received_public_key_bytes(self.remote_pubkey.decode('hex'))
secret = ecdh.generate_sharedsecret_bytes()
self.aes_key = secret[0:16]
self.aes_iv = secret[-16:]
if self.get_userkey() is False:
print('Get userkey info failed!')