def des3():
mode = input("Input mode - e or d: ")
key0 = input("Input a key with length 24: \n")
keys = seperateKey(key0)
key1 = DesKey(keys[0].encode())
key2 = DesKey(keys[1].encode())
key3 = DesKey(keys[2].encode())
if(mode=="e"):
data = input("Input data: \n")
s1 = key1.encrypt(data.encode(), padding=True)
s2 = key2.decrypt(s1, padding=True)
s3 = key3.encrypt(s2, padding=True)
f = open("ciphertext", "wb")
f.write(s3)
print("Encryption done")
elif(mode=="d"):
filename = input("ciphertext filename: ")
f = open(filename, "rb")
lines = f.readlines()
s3 = key3.decrypt(lines[0], padding=True)
s2 = key2.encrypt(s3, padding=True)
s1 = key1.decrypt(s2, padding=True)
print(s1)
else:
print("Mode not supported")
class DES:
def __init__(self, key_size, blocklength):
if key_size != 64:
raise InvalidKeyLength("Keylength of DES must be 64 bits!")
if blocklength % 64 != 0:
raise InvalidCipherBlockLength(
"Blocklength of DES should be multiplier of 64")
self._key = None
self._blocklength = blocklength
def set_key(self, key):
string_key = bits_to_bytes(key)
self._key = DesKey(string_key)
if not self._key.is_single():
raise WrongConfiguration("3DES has been configured")
def encrypt(self, message):
byte_message = bits_to_bytes(message)
encrypted_bytes = None
for _ in range(round(self._blocklength / 64)):
encrypted_bytes = self._key.encrypt(byte_message)
return bytes_to_bits(encrypted_bytes)
def decrypt(self, message):
byte_message = bits_to_bytes(message)
decrypted_bytes = None
for _ in range(round(self._blocklength / 64)):
decrypted_bytes = self._key.decrypt(byte_message)
return bytes_to_bits(decrypted_bytes)
class Encryption:
def __init__(self, password):
"""
Выполняет инициализацию шифрования
:param password: Пароль для защиты
"""
self._des = DesKey(password.encode('utf8'))
def encrypt(self, text) -> str:
"""
Шифрует строку
:param text: Строка для шифрования
:return: base64 результат
"""
return b64encode(self._des.encrypt(text.encode('utf8'),
padding=True)).decode('utf8')
def decrypt(self, text) -> str:
"""
Расшифровывает строку
:param text: Строка для расшифровки
:return: Результат
"""
return self._des.decrypt(b64decode(text.encode('utf8')),
padding=True).decode('utf8')
def decrypt_file(self,
in_filename,
out_filename=None,
chunksize=64 * 1024):
if not out_filename:
out_filename = os.path.splitext(in_filename)[0]
print(out_filename)
with open(in_filename, 'rb') as infile:
index = struct.unpack('Q', infile.read(sizeQ))[0]
origsize = struct.unpack('Q', infile.read(sizeQ))[0]
iv = infile.read(self.block_size)
uk = self.userKey.getDecryptionKey(index)
decryptionKey = XORKey(self.key, uk)
UIFunctions.log("DES Decryption Started. Size of file: " +
str(origsize) + " bytes")
cipher = DesKey(decryptionKey)
with open(out_filename, 'wb') as outfile:
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
decryptedText = cipher.decrypt(chunk, initial=iv)
outfile.write(decryptedText)
outfile.truncate(origsize)
UIFunctions.log("DES Decryption Completed.")
def decrypt_txt():
"""
This function decrypts the text that was previously encrypted by first
encrypting it again and then calling decrypt() to decrypt and display the
decrypted text to the decrypt_txt_lb()
"""
key = ent_choose_key.get() # Get key from the user
# Check to see if the key is of valid length
if len(key) == 8 or len(key) == 16 or len(key) == 24:
# Clear error label is condition is mer
error_lbl['text'] = ''
# Convert the key from a string to a bytes format
key2 = key.encode()
# Create DesKey() instance
key2 = DesKey(key2)
# Encrypt message
decrypted_txt = ent_encrypt.get().encode()
decrypted_txt = key2.encrypt(decrypted_txt, padding=True)
# Decrypt message
message = key2.decrypt(decrypted_txt, padding=True)
message = str(message)
message = message[2:]
message = message[:len(message) - 1]
# Pass the message to the label to display to user
decrypted_txt_lbl["text"] = f"Decrypted String: {message}"
print(message)
else:
error_lbl['text'] = 'PLEASE MAKE SURE YOUR KEY IS OF LENGTH 8, ' \
'16, OR 24!'
def key_discussion(ciphertext):
send_message("\"But computer,\" you say, \"how could someone decode that message?\"\n\n")
sleep(7)
send_message("Your original message was encoded with a \"secret key\", and\n")
send_message("with that same key, your message can be decoded!\n\n")
sleep(7)
f = open("DESkey.txt", "r")
key_from_file = str.encode(f.read())
key0 = DesKey(key_from_file)
substring = re.search(r"b'(.*?)'", str(key_from_file)).group(1)
send_message("For this example, the key was an 8-character string that \n")
send_message("was randomly generated: " + substring + "\n\n")
sleep(7)
send_message("When we decode that ciphertext with the key, we get the original word you typed!\n")
plaintext = key0.decrypt(ciphertext, padding=True)
cleaned_plaintext = re.search(r"b'(.*?)'", str(plaintext)).group(1)
send_message("Original word: " + cleaned_plaintext + "\n\n")
sleep(7)
def des_timer(test_vectors):
"""Encrypts (DES) each element of test_vector with a padding (64 bits)
and returns a list of tuples with (encryption time, decryption time)"""
timelist = []
for vector in test_vectors: #test_vector elements are of byte type
#key creation for DES
iv = secrets.token_bytes(8)
des_instance = DesKey(secrets.token_bytes(8))
#print(des_instance.is_single())
#creating padding instance
padder = padding.PKCS7(64).padder()
#encrypting begins (using CBC mode)
start_e = timer()
padded_m = padder.update(vector) + padder.finalize(
) #padding is included in the process as instructed
cyphertext = des_instance.encrypt(padded_m, initial=iv)
end_e = timer()
#encrypting ends, timing this section
#print(str(cyphertext))
#creating unpadding instance
unpadder = padding.PKCS7(64).unpadder()
#decrypting begins
start_d = timer()
plaintext_d = des_instance.decrypt(cyphertext, initial=iv)
plaintext = unpadder.update(plaintext_d) + unpadder.finalize()
end_d = timer()
#decryption ends
#print(plaintext)
timelist.append((end_e - start_e, end_d - start_d))
return timelist
class DES:
def __init__(self, key):
key = key.to_bytes(24, byteorder='big')
self.key = key
self.create_cipher()
def create_cipher(self):
# try:
# key2 = DES3.adjust_key_parity(self.key)
# except ValueError:
# pass
# self.cipher = DES3.new(key1, DES3.MODE_CFB)
# print(self.key)
# key2=pad(self.key,24)
# print(key2)
assert (len(self.key) == 24)
self.key1 = DesKey(self.key)
# print(self.key1.is_triple())
def encryption(self, data, file=None):
if file == None:
data = data.encode(FORMAT)
cipher_text = self.key1.encrypt(data, padding=True)
return cipher_text
def decryption(self, data, file=None):
plain_text = self.key1.decrypt(data, padding=True)
if file == None:
plain_text = plain_text.decode(FORMAT)
return plain_text
def decryptage(data, key):
key = parsekey(key)
nkey = key.encode('utf-8')
key0 = DesKey(nkey)
decrypted_message = key0.decrypt(data, padding=True)
decrypted_message = decrypted_message.decode('utf-8')
return decrypted_message
def decrypt_ultravnc(password):
key = bytes.fromhex('E84AD660C4721AE0')
des = DesKey(key)
input_password = password
if len(input_password) % 8 == 0:
clear = des.decrypt(bytes.fromhex(password))
#print(bytes.fromhex(password))
#print(clear)
return clear.decode('utf-8')
else:
padding = len(input_password) % 8
padded_password = input_password + ('00' * padding)
clear = des.decrypt(bytes.fromhex(padded_password))
print(clear)
sys.exit()
return clear.decode('utf-8')
def server_program():
# get the hostname
host = socket.gethostname()
port = 12345
s = socket.socket()
s.bind((host, port))
desFile = open("deskey.txt", "r")
hmacFile = open("hmackey.txt", "r")
desKeystr = desFile.read()
desKey = DesKey(desKeystr.encode('utf-8'))
hmacKey = hmacFile.read()
hmacKeystr = hmacFile.read()
byteHmacKey = bytes(hmacKeystr, encoding='utf8')
digest_maker = hmac.new(byteHmacKey, msg=None, digestmod=hashlib.sha1)
print("Connecting to client...")
# configure how many client the server can listen simultaneously
s.listen(10)
connection, address = s.accept() # accepts the new connection
print("Connection from: " + str(address))
while True:
# receive data stream. it won't accept data packet greater than 1024 bytes
data = connection.recv(1024)
if not data:
break
print("received cipher text: %s" % data.decode('utf-8', 'ignore'))
pt = desKey.decrypt(data, padding=True).decode()
print("received plaintext: %s" % pt)
digest_maker.update(data)
digest = digest_maker.hexdigest()
# rhmacKey = hashlib.sha256(str(data).encode('utf-8'))
print("received HMAC message: " + digest)
print("calculated HMAC: " + digest)
print("HMAC Verified")
print("===========================================================")
data = input(' -> ')
ct = desKey.encrypt(data.encode('utf-8'), padding=True)
digest_maker.update(data.encode())
print("shared DES key: ", desKeystr)
print("shared HMAC key: %s" % hmacKey)
print("sent plaintext: %s" % data)
print("sent HMAC message: " + digest_maker.hexdigest())
print("sent ciphertext: %s" % ct.decode('utf-8', 'ignore'))
print("===========================================================")
connection.send(ct)
connection.close()
desFile.close()
hmacFile.close()
def tgs_rep(sock: socket, key_c_tgs: DesKey):
data_tgs = sock.recv(1024)
if b'Error' in data_tgs:
print(data_tgs.decode('utf-8'))
return None
st = sock.recv(1024)
data_tgs = key_c_tgs.decrypt(data_tgs)
data_tgs = json.loads(data_tgs)
return data_tgs, st
def main():
server_address = ('localhost', 9999) # authentication server address
ss_id = '1efeggrvv' # id of service server
ss_address = ('localhost', 5000) # address of service server
tgt_path = 'tgt'
data_path = 'data.json'
login = input('login: '******'password: '******'utf-8')
# create key from hash of password
m = hashlib.sha256()
m.update(password)
key_c = DesKey(m.digest()[:8])
with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as sock:
is_authenticated = is_auth(data_path, tgt_path)
# Loop while we are not authorized
while True:
# skip authentication if we already have tgt
if is_authenticated:
with open('data.json') as f1, open('tgt', 'rb') as f2:
data = json.load(f1)
tgt = f2.read()
else:
# AS_REQ
as_req(sock, server_address, login, key_c)
# AS_REP
data, tgt = as_rep(sock, key_c, tgt_path, data_path)
key_c_tgs, tgs_address, p1 = data
# key_c_tgs is a string key
key_c_tgs = DesKey(key_c_tgs.encode('utf-8'))
# tgs_address is a list (need a tuple)
tgs_address = tuple(tgs_address)
# TGS_REQ
tgs_req(sock, tgs_address, login, ss_id, tgt, key_c_tgs)
# TGS_REP
tgs_rep_data = tgs_rep(sock, key_c_tgs)
if tgs_rep_data:
break
else:
is_authenticated = False
data_tgs, st = tgs_rep_data
key_c_ss, ss, p2 = data_tgs
# key_c_ss is a string key
key_c_ss = DesKey(key_c_ss.encode('utf-8'))
# SS_REQ
t4 = int(dt.datetime.utcnow().timestamp())
ss_req(sock, ss_address, login, t4, st, key_c_ss)
# SS_REP
t_c1 = sock.recv(1024)
t_c1 = int(key_c_ss.decrypt(t_c1))
if t_c1 - t4 == 1:
print('Success authorization :)')
else:
print('Server is not authorized!')
def handle_request(self, request):
key = DesKey(request.key) # Create a DesKey object using the user provided key
if request.encryption_state == CryptoMode.EN:
request.result = key.encrypt(request.data_input, padding=True)
else:
request.result = key.decrypt(request.data_input, padding=True)
self.next_handler.handle_request(request) # pass the control to the next handler
def decrypt(masterpass, userid, cipher):
# masterpass = hashlib.shake_256(masterkey.encode())
userpass = hashlib.shake_256(userid.encode())
masterpass = masterpass.hexdigest(24)
userpass = userpass.hexdigest(24)
masterpass = bytearray.fromhex(masterpass)
userpass = bytearray.fromhex(userpass)
masterpass = DesKey(masterpass)
userpass = DesKey(userpass)
cipher1 = bytes.fromhex(cipher)
plain = masterpass.decrypt(cipher1, padding=True)
plain = userpass.decrypt(plain, padding=True)
plain = masterpass.decrypt(plain, padding=True)
return plain.decode()
def handle_request(self, request: Request) -> (str, bool):
if not request.data_input and request.input_file:
return self.next_handler.handle_request(request)
key = DesKey(request.key.encode('utf-8'))
request.result = key.decrypt(ast.literal_eval(request.data_input),
padding="True")
if self.next_handler is None:
return "", True
return self.next_handler.handle_request(request)
def brute_force_des(key_size):
# Calculating Time of brute-force attack
start = time()
# Iterating on all possible space of keys
for i in range(2**key_size):
des = DesKey(i.to_bytes(8, byteorder='big'))
decrypted_text = des.decrypt(ciphertext, padding=True)
if decrypted_text == email:
# print(i.to_bytes(8, byteorder='big'), decrypted_text, sep = '\n', end = '\n\n')
# print(key, des, plain_text, cypher_text, deciphered_text, des.is_single(), sep='\n', end = '\n\n')
return time() - start
def handle_request(self, request_: Request) -> (str, bool):
"""
Decrypts either the given string or file
:param request_: a Request
:return: a tuple
"""
print("Decrypt Reading")
key = DesKey(request_.key.encode('utf-8'))
if request_.data_input:
data = r"{0}".format(request_.data_input)
data = ast.literal_eval(data)
request_.result = key.decrypt(data, padding=True).decode('utf-8')
else:
with open(request_.input_file, "r") as file:
data = file.read()
data = ast.literal_eval(data)
request_.result = key.decrypt(data,
padding=True).decode('utf-8')
if not self.next_handler:
return "", True
return self.next_handler.handle_request(request_)
def as_rep(sock: socket, key_c: DesKey, tgt_path, data_path):
data = sock.recv(1024)
if b'Error' in data:
raise Exception(data.decode('utf-8')[7:])
data = key_c.decrypt(data)
data = json.loads(data)
# save key
with open(data_path, 'w') as jf:
json.dump(data, jf)
tgt = sock.recv(1024)
# save ticket
with open(tgt_path, 'wb') as f:
f.write(tgt)
return data, tgt
def main():
DESBlackbox() #generate plaintext ciphertext pairs for some keys
knownk1 = "aaaaaaaa" #known 32 bits of keys
knownkBits = BitArray(hex=knownk1)
print(knownkBits)
p, c = plaincipher[0]
print("Plaintext 1 = " + p)
print("Ciphertext 1 =" + c)
for k in generateKeys(knownkBits):
k1 = formatKey(k.bin)
key = DesKey(BitArray(k1).tobytes())
firstDict[key.encrypt(p)] = k
secondDict[key.decrypt(c)] = k
mitm()
mitm()
def handle_request(self, request: Request) -> (str, bool):
if request.data_input and not request.input_file:
return self.next_handler.handle_request(request)
key = DesKey(request.key.encode('utf-8'))
try:
with open(request.input_file, 'r') as file_object:
request.result = key.decrypt(ast.literal_eval(
file_object.read()),
padding=True)
if self.next_handler is None:
return "", True
return self.next_handler.handle_request(request)
except FileNotFoundError:
return f"{request.input_file} not exist!", False
def client_program():
host = socket.gethostname()
port = 12345 # socket server port number
# create the socket in the client side
s = socket.socket()
s.connect((host, port)) # connect to the server
desFile = open("deskey.txt", "r")
hmacFile = open("hmackey.txt", "r")
desKeystr = desFile.read()
key = DesKey(desKeystr.encode('utf-8')) # create a key
hmacKey = hmacFile.read()
hmacKeystr = hmacFile.read()
byteHmacKey = bytes(hmacKeystr, encoding='utf8')
digest_maker = hmac.new(byteHmacKey, msg=None, digestmod=hashlib.sha1)
message = input(" -> ")
while message.lower().strip() != 'bye':
con = key.encrypt(message.encode('utf-8'), padding=True)
digest_maker.update(message.encode())
digest = digest_maker.hexdigest()
print("shared DES key: %s" % desKeystr)
print("shared HMAC key: %s" % hmacKey)
print("sent plaintext: %s" % message)
print("sent HMAC message: " + digest)
print("sent ciphertext: %s" % con.decode('utf-8', 'ignore'))
print("===========================================================")
s.send(con)
data = s.recv(1024) # receive response
print("received ciphertext: %s" % data.decode('utf-8', 'ignore'))
pt = key.decrypt(data, padding=True).decode()
print("received plaintext: %s" % pt)
digest_maker.update(data)
digest = digest_maker.hexdigest()
print("received HMAC message: " + digest)
print("calculated HMAC: " + digest)
print("HMAC Verified")
print("===========================================================")
message = input(" -> ") # again take input
s.close() # close the connection
desFile.close()
hmacFile.close()
def handle_request(self, request: Request) -> (str, bool):
"""
Decrypts the data with the key. Decryption can fail if the data is not valid (divisible by 8).
:param request: Request from cmd line args
:return: (str, bool) str: a message, bool True if validation is passed
"""
key = DesKey(request.key.encode('utf-8'))
data = request.data_input
if len(data) % 8 != 0:
return "length of the message should be divisible by 8, cannot be decrypted", False
request.result = key.decrypt(data, padding=True)
if request.result == b"":
return f"Data cannot be decrypted with key {request.key}", False
if self.next_handler:
return self.next_handler.handle_request(request)
else:
return "", True
def handle_request(self, command: Request) -> (bool, str):
"""
It conveerts the Key into DesKey and decrypt the data,
assigns it to a result attribute of the request.
:param command: a Request
:return: a tuple where the first element is a string stating the
outcome and the reason, and the second a bool indicating
successful handling of the form or not.
"""
print("Decrypting...")
try:
key = DesKey(command.key.encode("utf-8"))
command.result = key.decrypt(command.data,
padding=True).decode("utf-8")
except Exception as e:
return False, f"Decryption Failed!"
else:
return self.pass_handler(command)
def worker_func(i):
# Simply computes the sum of the i-th row of the input matrix X
# X_np = np.frombuffer(var_dict['X'], dtype=np.uint8).reshape(
# var_dict['X_shape'])
# time.sleep(1) # Some heavy computations
# return np.asscalar(np.sum(X_np[i, :]))
des = DesKey(bytes(var_dict['key'], encoding="utf-8"))
img_array = np.frombuffer(var_dict['X'],
dtype=np.uint8).reshape(var_dict['X_shape'])
if var_dict['mode'] == 'e':
enc_x = des.encrypt(img_array[i].tobytes(), padding=False)
else:
enc_x = des.decrypt(img_array[i].tobytes(), padding=False)
enc_x = np.frombuffer(enc_x, dtype=np.uint8).reshape(
(var_dict['X_shape'][1], var_dict['X_shape'][2]))
return enc_x
def handle_request(self, request) -> None:
# Set up decryption key
bytes_key = request.key.encode()
key0 = DesKey(bytes_key)
if request.data_input:
print("Decrypting request from direct string... ...")
request.result = ast.literal_eval(r"{0}".format(
request.data_input))
else:
with open(request.input_file, "rb+") as input_file:
request.result = input_file.read()
request.result = key0.decrypt(request.result,
padding=True).decode('utf-8')
if self.next_handler:
self.next_handler.handle_request(request)
else:
return
def receiveResponse():
ciphertext_received = s.recv(1024)
if ciphertext_received != "":
print("Ciphertext received from server:", end=' ')
print(ciphertext_received)
f = open("DESkey.txt", "r")
des_key_from_file = str.encode(f.read())
des_key0 = DesKey(des_key_from_file)
decrypted_text = des_key0.decrypt(ciphertext_received, padding=True)
# use regex to pull message from the decrypted text received
pattern = "b\"(.*?)b'"
substring = re.search(pattern, str(decrypted_text)).group(1)
print("received message: " + substring)
# use regex to pull received hmac from the decrypted text received, remove duplicate backslashes
pattern2 = "b\"" + substring + "(.*?)" + "\""
substring2 = re.search(pattern2, str(decrypted_text)).group(1)
substring2 = substring2.replace('\\\\', '\\')
print("received hmac: " + substring2)
# calculate own HMAC with the message and shared secret HMAC key
f2 = open("HMACKey.txt", "r")
hmac_key_from_file = f2.read()
hmac_key_bytes_from_file = bytes(hmac_key_from_file, 'latin-1')
substring_bytes = bytes(substring, 'latin-1')
digest_maker = hmac.new(hmac_key_bytes_from_file,
substring_bytes,
digestmod='MD5')
hashed_message = str(digest_maker.digest())
print("calculated hmac: " + hashed_message)
# verify the generated hmac and the received hmac
if substring2.find(hashed_message) != -1:
print("HMAC VERIFIED")
else:
print("HMAC NOT VERIFIED")
print("************************************************")
class MyUDPHandler(socketserver.BaseRequestHandler):
def handle(self):
data = self.request[0].strip()
socket = self.request[1]
print(f"{self.client_address[0]} wrote:\n{data}")
if data == b'AS_REQ':
user_login = socket.recv(1024).decode('utf-8')
t1 = socket.recv(1024)
print(user_login, t1)
if user_login not in USER_DB:
socket.sendto(b'Error: You are not in DB', self.client_address)
return
password = USER_DB[user_login].encode('utf-8')
m = hashlib.sha256()
m.update(password)
# create key
self.key_c = DesKey(m.digest()[:8])
t1_kc = self.key_c.decrypt(t1)
delta = dt.datetime.utcnow() - dt.datetime.fromtimestamp(
int.from_bytes(t1_kc, 'big'))
if delta.total_seconds() / 60 > 5:
socket.sendto(
b'Error: Timezones must be identical or check your password',
self.client_address)
return
# AS_REP
# key generation:
# https://stackoverflow.com/questions/2257441/random-string-generation-with-upper-case-letters-and-digits/23728630#23728630
key_c_tgs = ''.join(
secrets.choice(string.ascii_letters + string.digits)
for _ in range(8))
p1 = 8 # hours
t_kdc = int(dt.datetime.utcnow().timestamp())
data_kc = json.dumps([key_c_tgs, TGS_ADDRESS, p1]).encode('utf-8')
data_kc = self.key_c.encrypt(data_kc)
socket.sendto(data_kc, self.client_address)
tgt = json.dumps([user_login, key_c_tgs, p1,
t_kdc]).encode('utf-8')
tgt = K_TGS.encrypt(tgt)
socket.sendto(tgt, self.client_address)
def brute_force_des(key_size):
# Generating random key of 'key_size' bits in bytes format
key = randint(2**(key_size - 1), 2**key_size - 1).to_bytes(8,
byteorder='big')
des = DesKey(key)
# Chosen text pair
plain_text = b"Hello World!"
cypher_text = des.encrypt(plain_text, padding=True)
# Redundant Check
# deciphered_text = des.decrypt(cypher_text, padding=True)
# Calculating Time of brute-force attack
start = time()
# Iterating on all possible space of keys
for i in range(2**key_size):
des = DesKey(i.to_bytes(8, byteorder='big'))
decrypted_text = des.decrypt(cypher_text, padding=True)
if decrypted_text == plain_text:
# print(i.to_bytes(8, byteorder='big'), decrypted_text, sep = '\n', end = '\n\n')
# print(key, des, plain_text, cypher_text, deciphered_text, des.is_single(), sep='\n', end = '\n\n')
return time() - start
class DES_Crypt():
def __init__(self, key: str, text: str):
"""
:key: private key, will be encoded into bytes
:text: plaintext, will be encoded into bytes
"""
self.key = DesKey(bytes(key.encode('utf-8')))
self.text = bytes(text.encode('utf-8'))
@MyTools.info("T encrypt")
def encrypt(self):
self.encrypted = self.key.encrypt(self.text, padding=True)
return self.encrypted
@MyTools.info("T decrypt")
def decrypt(self):
self.decrypted = self.key.decrypt(self.encrypted, padding=True)
return self.decrypted
def is_single(self):
return self.key.is_single()
