def add_password(self, uname, identifier, pwd): ''' Stores a password in the users database. Opens a connection to the db if neccessary. ''' iv = rng.get_random_bytes(16) ec = AES.new(DB_KEY, AES.MODE_CBC, iv) #Encrypting the password for storage pwd = ec.encrypt(self.__pad_data(pwd)).encode('hex') conn = self.__get_db_conn(uname) cursor = conn.cursor() added = False #Create the table for the user if it doesn't already exist. cursor.execute("create table if not exists sites (id text, iv text, password text)") #Insert into db if identifier is not already there. if not cursor.execute("select * from sites where id=?", (identifier.encode('hex'),)).fetchone(): #IV and ID encoded in hex for storage. self.__logger.debug("We are adding a new password "+identifier+" for user "+uname+".") cursor.execute("insert into sites values (?,?,?)",(identifier.encode('hex'), iv.encode('hex'), pwd,)) # Else update pwd value. else: cursor.execute("update sites set iv=? ,password=? where id=?", (iv.encode('hex'), pwd, identifier.encode('hex'),)) self.__logger.debug("We have updated "+uname+"'s password "+identifier+".") conn.commit() added = True self.__close_db_conn(uname) return added
def generate(self, select_from, count): if len(select_from) < 1: return result = "" for i in range(count): while True: c = get_random_bytes(1) if c in select_from: break result += c self.entry["password"].set_text(result)
def generate_demo_user(self): if len(self.__demos.keys()) > 10: return None demo = {} dname = "demo_" + str(len(self.__demos.keys())) dpass = rng.get_random_bytes(20).encode('hex') demo[m.K_USER] = dname demo[m.K_DEMO_PASS] = dpass self.__demos[dname] = dpass return demo
def generate_demo_user(self): if len(self.__demos.keys()) > 10: return None demo = {} dname = "demo_"+str(len(self.__demos.keys())) dpass = rng.get_random_bytes(20).encode('hex') demo[m.K_USER] = dname demo[m.K_DEMO_PASS] = dpass self.__demos[dname] = dpass return demo
def genAESKey(key_length): """ Generates a random one session AES key Arguments: key_length -- length of key to be generated (bits) Returns: key -- byte array """ key = RNG.get_random_bytes(key_length / 8) return key
def encrypt(cleartext): counter = 0 nonce = RNG.get_random_bytes(12) iv = ctr_to_bytes(counter) + nonce ciphertext = iv while len(cleartext) > 0: block = bytes(a ^ b for a, b in zip(cleartext, cipher.encrypt(iv))) ciphertext += block iv = increment_ctr(iv) cleartext = cleartext[16:] return ciphertext
def genAESKey(key_length): """ Generates a random one session AES key Arguments: key_length -- length of key to be generated (bits) Returns: key -- byte array """ key = RNG.get_random_bytes( key_length / 8 ) return key
def add_password(self, uname, identifier, pwd): ''' Stores a password in the users database. Opens a connection to the db if neccessary. ''' iv = rng.get_random_bytes(16) ec = AES.new(DB_KEY, AES.MODE_CBC, iv) #Encrypting the password for storage pwd = ec.encrypt(self.__pad_data(pwd)).encode('hex') conn = self.__get_db_conn(uname) cursor = conn.cursor() added = False #Create the table for the user if it doesn't already exist. cursor.execute( "create table if not exists sites (id text, iv text, password text)" ) #Insert into db if identifier is not already there. if not cursor.execute("select * from sites where id=?", (identifier.encode('hex'), )).fetchone(): #IV and ID encoded in hex for storage. self.__logger.debug("We are adding a new password " + identifier + " for user " + uname + ".") cursor.execute("insert into sites values (?,?,?)", ( identifier.encode('hex'), iv.encode('hex'), pwd, )) # Else update pwd value. else: cursor.execute("update sites set iv=? ,password=? where id=?", ( iv.encode('hex'), pwd, identifier.encode('hex'), )) self.__logger.debug("We have updated " + uname + "'s password " + identifier + ".") conn.commit() added = True self.__close_db_conn(uname) return added
def generate_secret(): """Generates a shared secret.""" secret = _UserFriendlyRNG.get_random_bytes(16) return secret
def __generate_session_token(self): secret = rng.get_random_bytes(50) return secret.encode('base64').replace('\n', '')
def generate_random(bytes): return Random.get_random_bytes(bytes)
def random_bytes(block=16): return array('B', rng.get_random_bytes(block))
def encrypt(self, text, pad_to=8): text = get_random_bytes(16) + text n_padding_bits = (pad_to - len(text) % pad_to) % pad_to text += "\0" * n_padding_bits return self.cipher(self.key).encrypt(text)
def get_random_bytes(n): """Return the specified number of cryptographically-strong random bytes.""" return _UserFriendlyRNG.get_random_bytes(n)
def new_rid(self): while True: rid = base64.b16encode(get_random_bytes(8)) if not os.path.exists(self.file_of_rid(rid)): return rid
def generate_master_key(self): self.key = get_random_bytes(16)
def get_random_bytes(n): return _UserFriendlyRNG.get_random_bytes(n)
ek2n_i ^= 0x87 return inttoLE(ek2n_i) if __name__ == '__main__': arguments = docopt(__doc__) file = open(arguments['<container>'],'wb') size = int(arguments['<mb-size>']) * 1024 * 1024 #get size in bytes #create large file file.truncate(size) #create empty header header = "" #create salt for normal header salt = RNG.get_random_bytes(64) header += salt #ASCII string "TRUE" header += "TRUE" #Volume header format version header += "\x00\x05" #Same as 7.1a #Minimum program version required to open the volume header += "\x07\x00" #Same as 7.1a #CRC-32 checksum of the (decrypted) bytes 256-511 (to be calculated later) header += "\xAA" * 4 #Reserved (must contain zeroes)