def malicious_g_attack():
p = DiffieHellman.DEFAULT_P
for g in [1, p, p - 1]:
alice = DiffieHellman()
bob = DiffieHellman(g=g)
A = alice.get_public_key()
B = bob.get_public_key()
_msg = b'Hello, how are you?'
_a_key = unhexlify(sha1(str(alice.get_shared_secret_key(B)).encode()))[:16]
_a_iv = Random.new().read(AES.block_size)
a_question = aes_cbc_encrypt(_msg, _a_key, _a_iv) + _a_iv
mitm_a_iv = a_question[-AES.block_size:]
if g == 1:
mitm_hacked_key = unhexlify(sha1(b'1').encode())[:16]
mitm_hacked_message = aes_cbc_decrypt(a_question[:-AES.block_size], mitm_hacked_key, mitm_a_iv)
elif g == p:
mitm_hacked_key = unhexlify(sha1(b'0').encode())[:16]
mitm_hacked_message = aes_cbc_decrypt(a_question[:-AES.block_size], mitm_hacked_key, mitm_a_iv)
else:
for candidate in [str(1).encode(), str(p - 1).encode()]:
mitm_hacked_key = unhexlify(sha1(candidate).encode())[:16]
mitm_hacked_message = aes_cbc_decrypt(a_question[:-AES.block_size], mitm_hacked_key,
mitm_a_iv, unpad=False)
if is_pkcs7_padded(mitm_hacked_message):
mitm_hacked_message = pkcs7_unpad(mitm_hacked_message)
break
assert _msg == mitm_hacked_message
#!/usr/bin/env python
#coding=utf-8
import binascii
#import DES_code
import DiffieHellman
from RSA2 import RSA_encryption, RSA_decryption
from RC4_DH import RC4_encryption, RC4_decryption
#from DES_code import DES_encryption,DES_decryption
from DiffieHellman import DiffieHellman
import hashlib
#修改私钥! 源码见DH_2
#DH协商密钥
a = DiffieHellman(group=5, keyLength=256)
b = DiffieHellman(group=5, keyLength=256)
a.genKey(b.publicKey)
b.genKey(a.publicKey)
if (a.getKey() == b.getKey()):
#print("密钥协商完成")
#print("Key:", binascii.b2a_hex(a.key).decode('utf-8')) #字符串转ascii hexlify('abc') # '616263'
with open("RC4_key.txt", "w") as f:
f.write(binascii.b2a_hex(a.key).decode('utf-8'))
'''
以下是接口函数
'''
def ret0():
def main():
alice = DiffieHellman()
bob = DiffieHellman()
parameter_injection_attack(alice, bob)
