def test_encrypt_decrypt():
key = security.hashKey(pow(A, b, p))
encmsg = base64.b64encode(security.encrypt(key, "{key: value}"))
assert security.decrypt(key, encmsg) == "{key: value}"
encmsg = base64.b64encode(security.encrypt(key, ""))
assert security.decrypt(key, encmsg) == ""
def sign_up():
form = LoginForm()
global logged_with_password #Flag which determines where we will get credentials from
global credentials
credentials = []
if form.validate_on_submit():
username = form.username.data
pwd = form.password.data
server_address = form.server_address.data
server_port = form.port.data
use_ssl = form.use_ssl.data
remember_me = form.remember_me.data
if len(username) == 0 or len(server_address) == 0 or len(server_port) == 0:
data = db_works.get()
encrypted_pwd = security.encrypt(form.password.data)
if db_works.match_pass(encrypted_pwd)[0][0] == "error":
return redirect('/connection_error')
if encrypted_pwd == db_works.match_pass(encrypted_pwd)[0][0]:
params = db_works.get()
if params[0][0] == 0:
return redirect('/connection_error')
server_address = params[0][3]
username = params[0][1]
server_port = params[0][4]
if params[0][5] == 1:
use_ssl = True
else:
use_ssl = False
logged_with_password = 1
else:
return redirect('/connection_error')
if ldap3_connection(server_address, username, pwd, server_port, use_ssl):
conn = ldap3_connection(server_address, username, pwd, server_port, use_ssl)
try:
res = conn
if res == 'fail':
return redirect('/connection_error')
except:
pass
db_works.table_create()
if form.remember_me.data:
ssl_val = 0
if form.use_ssl.data:
ssl_val = 1
else:
ssl_val = 0
pwd_e = security.encrypt(pwd)
db_works.add(username, pwd_e, server_address, server_port, ssl_val)
else:
if logged_with_password == 0:
db_works.clear()
credentials = [server_address, username, pwd, server_port, use_ssl]
return redirect('/index')
else:
return redirect('/connection_error')
return render_template('login.html', title='Connect to server', form=form)
def addApp(newappname, newappuser, newapppass):
appname = newappname.get()
appusername = security.encrypt(newappuser.get(), loginpass)
apppassword = security.encrypt(newapppass.get(), loginpass)
appref = db.collection(loginid).document(appname)
appref.set({
'username': appusername,
'password': apppassword,
})
newappname.delete(0, END)
newappuser.delete(0, END)
newapppass.delete(0, END)
messagebox.showinfo(
"Success", "Password Successfully Encrypted And Stored In Firebase")
def send():
if request.method == 'POST':
with open("member.json", "r") as file:
users = json.load(file)
if request.values['send'] == 'SEND':
if not request.values['sender'] in users:
return render_template('send.html',
errorMsg="No Such Sender",
name="")
elif not request.values['receiver'] in users:
return render_template('send.html',
errorMsg="No Such Receiver",
name="")
else:
plaintext = request.values['plaintext']
receiver = request.values['receiver']
sender = request.values['sender']
pbk = users[receiver]['PublicKey'].encode()
pvk = request.values['PrivateKey'].encode()
mac = (int)(users[sender]['MAC'])
cipher = sec.encrypt(plaintext, pbk, pvk, mac)
sendEmail(request.values['sender'], request.values['receiver'],
request.values['title'], cipher)
return render_template('send.html',
name=request.values['send'],
receiver=receiver)
return render_template('send.html', name="")
def change_pass(login: str, old_master_key: bytes) -> None:
try:
checker1 = db.info(login)
if checker1 is None:
raise Error(
"Error in main.change_pass(): A user with this login " +
"is not registered")
except db.db_Error as e:
raise Error(str(e))
info: Tuple[str, bytes, str, bytes, bytes] = checker1
password: str = input("Enter your new password: "******"Error in main.change_pass(): Invalid password")
error_list: List[str] = list()
for elem in password:
if elem not in _ALLOWED_CHARACTERS:
error_list.append(elem)
if len(error_list) != 0:
raise Error(
f"Error in main.change_pass(): '{''.join(error_list)}' " +
"is not allowed")
password_bytes: bytes = password.encode(encoding="utf-8")
encrypted_data: Dict[str, bytes] = {"ciphertext": info[3], "iv": info[4]}
try:
checker2: bytes = security.decrypt(encrypted_data, old_master_key)
except security.security_Error as e:
raise Error(str(e))
key: bytes = checker2
try:
checker3 = security.gen_master_key(password_bytes)
except security.security_Error as e:
raise Error(str(e))
master_key_new: bytes = checker3
try:
checker4 = security.encrypt(key, master_key_new, info[4])
except security.security_Error as e:
raise Error(str(e))
enc_key = checker4["ciphertext"]
try:
checker5 = security.hash(password_bytes)
except security.security_Error as e:
raise Error(str(e))
password_bytes_hash: bytes = checker5
try:
checker6 = db.update(
login=login, hash=password_bytes_hash, enc_key=enc_key)
except db.db_Error as e:
raise Error(str(e))
print("Password change was successful")
return None
def create_new_acc() -> bool:
os.chdir('TheFourth')
files = os.listdir('notes')
for i in range(3):
try:
new_login = input("Придумайте логин аккаунта(без пробелов):")
if ' ' in new_login:
i += 1
elif len(new_login) < 1:
i += 1
elif len(new_login) > 100:
i += 1
elif new_login in files:
i += 1
else:
break
if i == 3:
os.chdir('..')
return False
except BaseException:
print("Проблемы с логином")
for i in range(3):
try:
new_password = input("Придумайте пароль аккаунта(без пробелов):")
if ' ' in new_password:
i += 1
elif len(new_login) < 1:
i += 1
elif len(new_login) > 30:
i += 1
else:
choise = True
break
if i == 3:
os.chdir('..')
return False
except BaseException:
print("Проблемы с паролем")
if choise is True:
os.chdir('notes')
os.mkdir(new_login)
os.chdir(new_login)
master_key = security.master_key(new_password)
encode_key = security.encrypt(security.secret_key(), master_key)
mainfile = open("maininf.conf", 'w')
mainfile.write(new_login + ' ' + security.hash_password(new_password))
mainfile.close()
encodefile = open("encodeinf.conf", 'wb')
encodefile.write(encode_key)
encodefile.close()
os.chdir('..')
os.chdir('..')
os.chdir('..')
return True
return False
def writeDatabase(self):
print "Writing to database"
passwd = raw_input("Enter master password : "******"Password doesnt match"
yamlStr = yaml.dump(self)
encryptStr = security.encrypt(yamlStr, self.password)
with open(self.filepath, 'w') as f:
f.write(encryptStr)
print "Database written to disk"
def mod(user_dn, sn, telephone_number, description, cn, c, old_pass, new_pass):
conn = ldap3_connection(c[0], c[1], c[2], c[3], c[4])
if len(sn) != 0:
conn.modify(user_dn, {'sn': [(MODIFY_REPLACE, [sn])]})
if len(telephone_number):
conn.modify(
user_dn,
{'telephoneNumber': [(MODIFY_REPLACE, [telephone_number])]})
if len(description):
conn.modify(user_dn,
{'description': [(MODIFY_REPLACE, [description])]})
if len(old_pass) != 0 and len(new_pass) != 0:
old_pass_h = security.encrypt(old_pass)
new_pass_h = security.encrypt(new_pass)
try:
ldap.extend.microsoft.modifyPassword.ad_modify_password(
conn, user_dn, new_pass_h, old_pass_h, controls=None)
except:
print("Error - password incorrect")
conn.unbind()
def createUser(userfield, passfield, controller):
global loginid
global loginpass
# loginid=input("Enter Username: "******"Error", "The Fields Can Not Be Empty")
print(list(db.collection(loginid).stream()))
if list(db.collection(loginid).stream()):
# print('username taken')
messagebox.showinfo("Error", "Username Taken")
else:
# loginpass=input('Enter Password: '******'0').set({
'username':
security.encrypt(loginid, loginpass),
'password':
security.encrypt(loginpass, loginpass),
})
controller.show_frame("LoginPage")
def process_RSA_exchange(self, message: str) -> bool:
#parameters = message['parameters']
client_rsa_public_key = message['client_rsa_public_key']
self.client_rsa_public_key = security.deserializePublicKey(
client_rsa_public_key)
self.rsa_private_key, self.rsa_public_key = security.get_rsa_asymn_keys(
)
self.add_key(self.rsa_private_key)
self.add_key(self.rsa_public_key)
rsa_public_key = security.serializePublicKey(
self.rsa_public_key).decode("utf8")
self.iv, self.sym_key, self.encryptor = security.encryptor()
iv_enc = security.encrypt(self.client_rsa_public_key,
self.iv)[0].decode("iso-8859-1")
sym_key_enc = security.encrypt(self.client_rsa_public_key,
self.sym_key)[0].decode("iso-8859-1")
message = {
'type': 'RSA_EXCHANGE',
'server_rsa_public_key': rsa_public_key,
'iv_enc': iv_enc,
'sym_key_enc': sym_key_enc
}
self._send(message)
return True
def change_note(login: str, password: str) -> bool:
os.chdir('..')
list_error = ["\\", "/", ":", "*", "?", "\"", "|", "<", ">"]
flag = True
files = os.listdir(login)
files.remove("maininf.conf")
files.remove("encodeinf.conf")
os.chdir(login)
kappa = []
kappa.append("maininf.conf")
kappa.append("encodeinf.conf")
path = os.getcwd()
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
if len(files) == 0:
print("Список заметок пуст")
return False
else:
print("Ваш список заметок")
print(files)
while flag:
try:
nissan = input("Выберите заметку,которую хотите изменить:")
for ch in nissan:
if list_error.count(ch) != 0:
print("Неправильные символы в файле")
if nissan in kappa:
print("Это конфигурационный файл,а не заметка")
if nissan in files:
master_key = security.master_key(password)
encode_key = security.decrypt(encode_key, master_key)
with open(nissan, 'rb') as changing_note:
text = changing_note.read()
text = security.decrypt(text, encode_key)
text_dec = text.decode()
with open(nissan, 'w') as decrypted_note:
decrypted_note.write(text_dec)
os.chmod(path, stat.S_IXOTH)
path_kek = os.path.join(path, nissan)
os.system(path_kek)
with open(nissan, 'r') as crypting_note:
c_text = crypting_note.read()
with open(nissan, 'wb') as bytes_note:
cr_text = security.encrypt(c_text.encode(), encode_key)
bytes_note.write(cr_text)
return True
except FileNotFoundError:
print("Такой заметки нет")
return False
def login_post():
username = request.form['username']
password = request.form['password']
target = request.form['target']
seal_b64 = security.seal_auth_b64(username, password)
seal_encrypted = security.encrypt(seal_b64)
seal_encrypted_b64 = base64.b64encode(seal_encrypted.encode('utf-8'))
redirect_response = redirect(target, code=302)
redirect_response.set_cookie("nginxauth",
seal_encrypted_b64,
httponly=True)
return redirect_response
def send_msg(s, socket, typeof='txt', ack=0):
if typeof in ['txt', 'cmd']:
s1 = typeof + s
try:
s_body = encrypt(s1.encode('utf-8'))
except ValueError as e:
print("ERROR encountered: ", str(e))
print('Sorry unable to send try again')
return False
s_header = f'{len(s_body):<{HEADER_LENGTH}}'.encode('utf-8')
# print('EM - ',encrypted_message)
socket.send(s_header + s_body)
else:
raise ValueError('Invalid type input')
return True
def test_encrypted_flow():
user = '******'
passwd = 'neto'
seal_source = security.seal_auth_b64(user, passwd)
seal_encrypted = security.encrypt(seal_source)
seal_encrypted_encode_b64 = base64.b64encode(seal_encrypted.encode())
seal_encrypted_decode_b64 = base64.b64decode(seal_encrypted_encode_b64)
seal_decrypted = security.decrypt(seal_encrypted_decode_b64)
user_post_processed, passwd_post_processed = security.unseal_auth_b64(
seal_decrypted)
assert user == user_post_processed
assert passwd == passwd_post_processed
def send_assymetric_key_authentication(self) -> bool:
"""
Server sends a request to the client to authenticate
Using the clients rsa public key it encrypts the value
Finnaly it hashes the original nonce value for authentication
"""
nonce = os.urandom(12)
enc_nonce = security.encrypt(self.client_rsa_public_key, nonce)[0]
digest = security.hash(nonce)
message = {
'type': 'SERVER_RSA_AUTH',
'nonce': enc_nonce.decode('iso-8859-1'),
'digest': digest.decode('iso-8859-1')
}
self._send(message)
self._state = STATE_SERVER_RSA_AUTH
def add_entry():
form = AddForm()
if form.validate_on_submit():
if form.add.data:
path = form.path.data
sn = form.sn.data
global cn
cn = form.cn.data
telephone_number = form.telephone_number.data
description = form.description.data
user_dn = "cn=" + cn + "," + path
pwd = form.add_password.data
pwd_hashed = security.encrypt(pwd)
add(user_dn, sn, telephone_number, description, cn, credentials, pwd_hashed)
form_s = SuccessForm()
if form_s.return_index_add.data:
return redirect('/index')
if form_s.return_add.data:
return redirect('/add_entry')
return render_template('success_var.html', p1='Successfully added', p2=str(cn), title='Success', form=form_s)
if form.cancel.data:
return redirect('/index')
return render_template('add_entry.html', title='Connected server', form=form)
def create_note(login: str, password: str) -> bool:
os.chdir('..')
files = os.listdir(login)
os.chdir(login)
for i in range(3):
try:
try:
name, check = pathcheck('txt')
if check is False:
return False
if ' ' in name:
i += 1
elif len(name) < 1:
i += 1
elif len(name) > 100:
i += 1
if name in files:
i += 1
else:
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
master_key = security.master_key(password)
encode_key = security.decrypt(encode_key, master_key)
karapa = ''
space = karapa.encode(encoding='utf-8')
space = security.encrypt(space, encode_key)
new_zap = open(name, 'wb')
new_zap.write(space)
new_zap.close()
return True
if i == 3:
return False
except FileExistsError:
print("Такая заметка уже существует")
except BaseException:
print("Проблемы с заметкой")
return False
def _encrypt_text(login: str, master_key: bytes, text: str) -> bytes:
if not isinstance(login, str) or not isinstance(master_key, bytes) \
or not isinstance(text, str):
raise notes_Error("Error in notes._encrypt_text(): Invalid input type")
text_bytes = text.encode(encoding="utf-8")
if not isinstance(text_bytes, bytes):
raise notes_Error(
"Error in notes._encrypt_text(): Invalid text encoding")
try:
checker1: Union[Tuple[str, bytes, str, bytes, bytes],
None] = db.info(login)
if checker1 is None:
raise notes_Error(f"Error in notes._encrypt_text(): \
User with login {login} not found")
except db.db_Error as e:
raise notes_Error(str(e))
info: Tuple[str, bytes, str, bytes, bytes] = checker1
encrypted_data: Dict[str, bytes] = {"ciphertext": info[3], "iv": info[4]}
try:
checker2 = security.decrypt(encrypted_data, master_key)
except security.security_Error as e:
raise notes_Error(str(e))
key: bytes = checker2
try:
checker3 = security.encrypt(text_bytes, key, info[4])
except security.security_Error as e:
raise notes_Error(str(e))
ct: bytes = checker3["ciphertext"]
if not isinstance(ct, bytes):
raise notes_Error(
"Error in notes._encrypt_text(): Invalid output type")
return ct
#!/usr/bin/python
# -*- coding: utf-8 -*-
import socket
import security as sec
import makereply as mr
port = 8888
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', port))
s.listen(1)
print("## Host:", socket.gethostbyname(socket.getfqdn()))
key = input("Enter Security-Key: ")
print("Log) Socket Listen Started.")
connector, addr = s.accept()
while 1:
msg = connector.recv(1024)
if not msg:
break
print("Log) Message Received: ", msg.decode('utf-8'))
print("Log) Decrypted: ", sec.decrypt(key, msg.decode('utf-8')))
reply = mr.echo(sec.decrypt(key, msg.decode('utf-8')))
connector.send(sec.encrypt(key, reply).encode('utf-8'))
s.close()
def change_password() -> bool:
os.chdir('TheFourth')
files = os.listdir('notes')
for j in range(3):
try:
change_login = input("Введите логин аккаунта который изменяете:")
if change_login in files:
break
else:
j += 1
if j == 3:
os.chdir('..')
return False
except FileNotFoundError:
print("Не найдено такого аккаунта")
os.chdir('notes')
os.chdir(change_login)
with open("maininf.conf", 'r', encoding='utf-8') as change_file:
method = change_file.readline().rstrip().split(' ')
for i in range(3):
try:
change_pass = input("Введите пароль для данного аккаунта:")
if security.check_password(method[1], change_pass) is True:
check = True
break
else:
i += 1
if i == 3:
os.chdir('..')
os.chdir('..')
os.chdir('..')
return False
except BaseException:
print("Проблемы с паролем")
if check is True:
for i in range(3):
try:
new_pass = input("Введите ваш новый пароль(без пробелов):")
if ' ' in new_pass:
i += 1
elif len(new_pass) < 1:
i += 1
elif len(new_pass) > 30:
i += 1
else:
choise = True
break
if i == 3:
os.chdir('..')
os.chdir('..')
os.chdir('..')
return False
except BaseException:
print("Проблемы с паролем")
if choise is True:
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
master_key = security.master_key(change_pass)
new_master_key = security.master_key(new_pass)
new_encode_key = security.decrypt(encode_key, master_key)
new_encode_key = security.encrypt(new_encode_key, new_master_key)
mainf = open("maininf.conf", 'w')
mainf.write(change_login + ' ' + security.hash_password(new_pass))
mainf.close()
encodefile = open("encodeinf.conf", 'wb')
encodefile.write(new_encode_key)
encodefile.close()
os.chdir('..')
os.chdir('..')
os.chdir('..')
return True
return False
def create_user(username, password):
p = encrypt(password)
execute(_create_user, username, p)
first_match = service_matches[0]
port = first_match["port"]
name = first_match["name"]
host = first_match["host"]
print "找到蓝牙服务", first_match
# 创建客户端 Socket
socket = BluetoothSocket(RFCOMM)
socket.connect((host, port))
my_public_key = security.get_public_key()
socket.send(my_public_key)
server_public_key = socket.recv(1024)
# 收发数据
while True:
q = raw_input("我:")
if q == "exit":
break
elif q:
# 向客户端发送内容
socket.send(security.encrypt(q, server_public_key))
# 获取客户发送的内容
print "对方:", security.decrypt(socket.recv(1024))
# 关闭连接
socket.close()
import os
import socket
import security as sec
port = 8888
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
def cls():
os.system('cls' if os.name == 'nt' else 'clear')
print("===== Socket Chat Client by kde713 =====")
s.connect((input("Input Host Address: "), port))
key = input("Type Security-Key (Server Set): ")
cls()
print("===== Socket Chat Client by kde713 =====")
print()
while 1:
msg = input(">> ")
s.send(sec.encrypt(key, msg).encode('utf-8'))
reply = s.recv(1024)
if not reply:
break
print("Server says '", sec.decrypt(key, reply.decode('utf-8')), "'")
print("(!) Connection Lost")
s.close()
from matplotlib import pyplot
from security import encrypt
import sys
code_path = sys.argv[1]
with open(code_path, 'rb') as code_file:
code = bytearray(code_file.read())
key = b"11111ghtr11111111111111111111111"
iv = b"11111acedA111111"
pyplot.hist(list(map(lambda x: x, code)), bins=256)
pyplot.show()
code = encrypt(code, key, iv)
pyplot.hist(list(map(lambda x: x, code)), bins=256)
pyplot.show()
service_id=uuid,
service_classes=[uuid, SERIAL_PORT_CLASS],
profiles=[SERIAL_PORT_PROFILE],
)
# 获取客户端连接
client, client_info = bluetooth_socket.accept()
print "客户连接:", client_info
my_public_key = security.get_public_key()
client.send(my_public_key)
client_public_key = client.recv(1024)
while True:
# 获取客户发送的内容
print "对方:", security.decrypt(client.recv(1024))
q = raw_input("我:")
if q == "exit":
break
elif q:
# 向客户端发送内容
client.send(security.encrypt(q, client_public_key))
# 关闭客户端连接
client.close()
# 关闭服务器连接。
bluetooth_socket.close()
def encrypt_text() -> None:
global key
text = input("Введите шифруемый текст: ")
ciphertext = security.encrypt(text.encode(encoding='utf-8'), key)
print("шифротекст: ", ciphertext, "", sep="'")
def main():
global tcp_s
server_addr = ("xcoa.av.it.pt", 8080)
tcp_s = net.tcpConnect(server_addr)
values = security.DHInitialValues()
initial_value = str(values).strip('()').replace(
" ", "") # transformar (A, p, g) para string válida "A,p,g"
# Tentar efetuar a troca de parametros inicial
# Se a resposta do servidor estiver corrompida durante esta fase inicial então não será possivel continuar a comunicação,
# Visto que o servidor estará à espera da mensagem READ encriptada mas o cliente não saberá calcular a chave do AES devido a ter recebido o parametro B de forma corrompida
try:
token, B = initialExchange(initial_value)
secret = security.DHGetSecret(values[1], B)
# Enviar "READ <token>" ao server
net.tcpSend(security.encrypt(secret, "READ " + str(token)), True)
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except:
handleFatalError()
wrote_header = False
started_receiving = False
# Receber e tratar das respostas do server indefinitivamente
while 1:
data = net.tcpRead()
if isValidJSON(data):
# Se for JSON válido então os dados enviados não foram encriptados. Logo, deve ser uma mensagem de erro
data = readJSON(data)
else:
# Se não for JSON válido então os dados devem estar encriptados, como se estava à espera
try:
data = readJSON(security.decrypt(secret, data))
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except:
print(
colors.warning(
"DECODE ERROR : A última mensagem do servidor estava corrompida."
))
# Se ainda não tinha sido recebida a mensagem {type : 'OK'}, executar a lógica de erro fatal
if not started_receiving:
handleFatalError()
else:
continue
if ("type" in data.keys()) and (data['type'] == "OK"):
# Foi recebida mensagem "{type : 'OK'}"
started_receiving = True
print(
colors.okgreen("Conexão ao servidor bem sucedida!\n") +
"Serão recolhidos novos valores a cada " +
colors.bold("10 segundos") + ".\nEstes serão registados em " +
colors.bold("data.csv"))
file = open("data.csv", "w+")
print("\n" + colors.bold(" Temperatura") + " | " +
colors.bold("Humidade") + " | " + colors.bold("Vento"))
print("-------------|------------|-----------")
elif hasError(data):
# Fazer print à mensagem de erro vinda do servidor
try:
print(colors.fail(data['type'] + ": " + data['content']))
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except ValueError:
print(
colors.warning(
"ERROR: A última mensagem do servidor era um erro mas pelo menos uma key estava corrompida."
))
else:
try:
temp = data['TEMPERATURE']
hum = data['HUMIDITY']
wind = data['WIND']
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except ValueError:
print(
colors.warning(
"ERROR: A última mensagem do servidor não continha os valores esperados."
))
continue
print(
(colors.okblue(" %8.5f ") + "|" +
colors.okblue(" %8.5f ") + "|" + colors.okblue(" %8.5f")) %
(temp, hum, wind))
getInfo(temp, hum, wind)
if not wrote_header:
fields = [key for key in data.keys()]
fields.insert(0, 'TIME')
fw = csv.DictWriter(file, fieldnames=fields)
fw.writeheader()
wrote_header = True
data.update({'TIME': datetime.now()})
fw.writerow(data)
file.flush() # escreve as alterações feitas no buffer
tcp_s.close()
