class User(object):
def __init__(self, username, password):
self.username = username
self._cipher = Cipher(password)
self._secret = None
self._sign()
def check_password(self, password):
cipher = Cipher(password)
username = cipher.decrypt(self._signature).decode('utf-8')
return username == self.username
def change_password(self, password):
secret = self.extract_secret()
self._cipher = Cipher(password)
self._sign()
self.place_secret(secret)
def place_secret(self, secret):
self._secret = self._cipher.encrypt(secret)
def extract_secret(self):
if not self._secret:
return b''
return self._cipher.decrypt(self._secret)
def _sign(self):
self._signature = self._cipher.encrypt(self.username.encode('utf-8'))
def test_encrypt_decrypt(self):
integrity = Integrity(
Transform(Transform.Type.INTEG,
Transform.IntegId.AUTH_HMAC_SHA1_96))
cipher = Cipher(
Transform(Transform.Type.ENCR, Transform.EncrId.ENCR_AES_CBC, 256))
encryption_key = b'Mypassword121111' * 2
iv = cipher.generate_iv()
crypto = Crypto(cipher, encryption_key, integrity, b'', None, b'')
payload_sk = PayloadSK.generate(b'Hello there!', iv, crypto)
iv2, clear = payload_sk.decrypt(crypto)
self.assertEqual(clear, b'Hello there!')
self.assertEqual(iv, iv2)
def decrypt_file(rsa: RSA, filename: str, private: PrivateKey):
print("Loading encrypted message from:", filename)
cipher = Cipher.load(filename)
print("Decrypting encrypted message:\n ", cipher)
message = rsa.decrypt(cipher, private)
print("Decrypted message to:\n ", message)
def test_encr(self):
transform = Transform(Transform.Type.ENCR,
Transform.EncrId.ENCR_AES_CBC, 256)
cipher = Cipher(transform)
iv = cipher.generate_iv()
original = b'Hello this is a long message' * cipher.block_size
ciphertext = cipher.encrypt(b'Mypassword121111' * 2, iv, original)
decrypted = cipher.decrypt(b'Mypassword121111' * 2, iv, ciphertext)
decrypted2 = cipher.decrypt(b'Mypassword121112' * 2, iv, ciphertext)
self.assertEqual(cipher.block_size, 16)
self.assertEqual(cipher.key_size, 32)
self.assertEqual(original, decrypted)
self.assertNotEqual(ciphertext, decrypted)
self.assertNotEqual(decrypted, decrypted2)
def test_encrypted(self):
transform1 = Transform(Transform.Type.INTEG,
Transform.IntegId.AUTH_HMAC_SHA2_256_128)
transform2 = Transform(Transform.Type.ENCR,
Transform.EncrId.ENCR_AES_CBC, 256)
proposal1 = Proposal(1, Proposal.Protocol.IKE, b'aspiwhatever',
[transform1, transform2])
payload_sa = PayloadSA([proposal1])
payload_nonce = PayloadNONCE(b'123456789012341232132132131')
crypto = Crypto(
Cipher(
Transform(Transform.Type.ENCR, Transform.EncrId.ENCR_AES_CBC,
256)), b'a' * 32,
Integrity(
Transform(Transform.Type.INTEG,
Transform.IntegId.AUTH_HMAC_SHA2_512_256)), b'a' * 8,
None, b'')
message = Message(spi_i=b'12345678',
spi_r=b'12345678',
major=2,
minor=0,
exchange_type=Message.Exchange.IKE_AUTH,
is_response=False,
can_use_higher_version=False,
is_initiator=False,
message_id=0,
payloads=[],
encrypted_payloads=[payload_sa, payload_nonce],
crypto=crypto)
data = message.to_bytes()
new_message = Message.parse(data, crypto=crypto)
data2 = new_message.to_bytes()
self.assertEqual(data, data2)
def __init__(self, username, password):
self.username = username
self._cipher = Cipher(password)
self._secret = None
self._sign()
def change_password(self, password):
secret = self.extract_secret()
self._cipher = Cipher(password)
self._sign()
self.place_secret(secret)
def check_password(self, password):
cipher = Cipher(password)
username = cipher.decrypt(self._signature).decode('utf-8')
return username == self.username