def hash(password, salt, N, r, p, dkLen):
"""Returns the result of the scrypt password-based key derivation function.
Constraints:
r * p < (2 ** 30)
dkLen <= (((2 ** 32) - 1) * 32
N must be a power of 2 greater than 1 (eg. 2, 4, 8, 16, 32...)
N, r, p must be positive
"""
# Scrypt implementation. Significant thanks to https://github.com/wg/scrypt
if N < 2 or (N & (N - 1)): raise ValueError('Scrypt N must be a power of 2 greater than 1')
# A psuedorandom function
prf = lambda k, m: hmac.new(key = k, msg = m, digestmod = hashlib.sha256).digest()
# convert into integers
B = [ c for c in pbkdf2(password, salt, 1, p * 128 * r, prf) ]
B = [ ((B[i + 3] << 24) | (B[i + 2] << 16) | (B[i + 1] << 8) | B[i + 0]) for i in range(0, len(B), 4)]
XY = [ 0 ] * (64 * r)
V = [ 0 ] * (32 * r * N)
for i in range(0, p):
smix(B, i * 32 * r, r, N, V, XY)
# Convert back into bytes
Bc = [ ]
for i in B:
Bc.append((i >> 0) & 0xff)
Bc.append((i >> 8) & 0xff)
Bc.append((i >> 16) & 0xff)
Bc.append((i >> 24) & 0xff)
return pbkdf2(password, bytes(Bc), 1, dkLen, prf)
def changePassword():
usr_cookie = request.cookies.get("S_ID")
ip = request.environ['REMOTE_ADDR']
user_UUID = cookies.getUUID(usr_cookie, ip)
csrf_token = request.form.get("token")
if user_UUID == None:
return logoutResponse({
"code":
"danger",
"reason":
"You have been automatically logged out. Please log in again."
})
captcha_code = request.form.get("g-recaptcha-response")
captcha_resp = Verification.verifyCaptchaCode(captcha_code, ip)
if captcha_resp != True:
ret = {"code": "warning", "reason": "Captcha failed"}
return jsonify(ret)
elif not cookies.validateCSRF(usr_cookie, csrf_token):
ret = {"code": "warning", "reason": "CSRF Error."}
else:
old_password = request.form.get("old_p") + P_VALUE
new_password = request.form.get("new_p") + P_VALUE
veri_password = request.form.get("ver_p") + P_VALUE
if new_password != veri_password:
ret = {"code": "warning", "reason": "New passwords do not match"}
else:
username = DB_Manager.getUsername(user_UUID)
u_salt = DB_Manager.execute(
"AUTH", '''SELECT salt FROM User_Auth WHERE (UUID = '%s');''',
user_UUID)
if (len(u_salt) == 0):
ret = {"code": "warning", "reason": "Unknown error"}
else:
u_salt = u_salt[0][0]
u_salt = bytearray.fromhex(u_salt)
e_password = pbkdf2(old_password, u_salt).digest()
if DB_Manager.authenticateUser(username, e_password) == True:
new_salt = Token_generator.new_crypto_bytes(20)
salted_pwd = pbkdf2(new_password, new_salt).digest()
veri_code = Token_generator.new_crypto_bytes(16).hex()
x2 = DB_Manager.changePassword(username, salted_pwd,
new_salt.hex(), veri_code)
if x2 == None:
ret = {
"code": "warning",
"reason": "Error with new password"
}
else:
ret = {"code": "success"}
else:
ret = {"code": "warning", "reason": "Old password incorrect."}
return jsonify(ret)
def __init__(self, ca_address, ca_public_key, username, password):
# socket
self.socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
self.socket.settimeout(0.05)
self.password_key = pbkdf2.pbkdf2(password, hashlib.sha1(username).digest())
# network time
self.network_time_offset = None
self.last_network_time_request_time = 0
self.last_network_time_request_nonce = ""
# certificate
self.ca_address = ca_address
self.ca_public_key = ca_public_key
self.username = username
self.user_id = 0
self.public_key = ""
self.private_key = ""
self.certificate = None
self.last_certificate_request_time = 0
self.last_certificate_request_public_key = ""
self.last_certificate_request_private_key = ""
self.last_certificate_request_nonce = ""
def decrypt(self, pk, sk, c):
alpha_2 = group.hash((c['u1'], c['u2']))
v_2= c['u1'] ** (sk['x']+(sk['y']*alpha_2))
ka_2=bytes(str(int(c['u1'] ** sk['z'])), 'utf-8')
salt=b'This is salt'
salt2=b'This is salty'
k_2=group.encode(pbkdf2.pbkdf2(hashlib.sha256,ka_2 , salt, 32000, 16))
K_2=group.encode(pbkdf2.pbkdf2(hashlib.sha256,ka_2 , salt2, 32000, 16))
if (c['v']!=v_2):
return 'ERROR'
if (c['t']!=hmac.new(bytes(str(int(k_2)),'utf-8'),bytes(str(c['chi']),"utf-8"),digestmod=sha1hashlib).hexdigest()):
return 'ERROR'
if (c['u2']!=(c['u1']**sk['w'])):
return 'ERROR'
m= c['chi'] ^ K_2
return m
def generateMasterKey(self, pw, symmetrickey_offset):
base_addr = sizeof(_APPL_DB_HEADER) + symmetrickey_offset + 0x38 # header
dbblob = _memcpy(self.fbuf[base_addr:base_addr + sizeof(_DB_BLOB)], _DB_BLOB)
masterkey = pbkdf2(pw, str(bytearray(dbblob.salt)), 1000, KEYLEN)
return masterkey
def __init__(self, ca_address, ca_public_key, username, password):
# socket
self.socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM,
socket.IPPROTO_UDP)
self.socket.settimeout(0.05)
self.password_key = pbkdf2.pbkdf2(password,
hashlib.sha1(username).digest())
# network time
self.network_time_offset = None
self.last_network_time_request_time = 0
self.last_network_time_request_nonce = ""
# certificate
self.ca_address = ca_address
self.ca_public_key = ca_public_key
self.username = username
self.user_id = 0
self.public_key = ""
self.private_key = ""
self.certificate = None
self.last_certificate_request_time = 0
self.last_certificate_request_public_key = ""
self.last_certificate_request_private_key = ""
self.last_certificate_request_nonce = ""
def login():
global cookies
username = request.form.get("usernameInput")
password = request.form.get("passwordInput") + P_VALUE
u_UUID = DB_Manager.getUUID(username)
if u_UUID == None:
ret = {"code": "warning", "reason": "Username or Password incorrect."}
return jsonify(ret)
u_salt = DB_Manager.execute(
"AUTH", '''SELECT salt FROM User_Auth WHERE (UUID = '%s');''', u_UUID)
if (len(u_salt) == 0):
ret = {"code": "warning", "reason": "Username or Password incorrect."}
return jsonify(ret)
else:
u_salt = u_salt[0][0]
u_salt = bytearray.fromhex(u_salt)
e_password = pbkdf2(password, u_salt).digest()
ip = request.environ['REMOTE_ADDR']
if DB_Manager.authenticateUser(username, e_password) == True:
userCookie = cookies.createCookie(u_UUID, ip)
ret = {"code": "success"}
response = make_response(jsonify(ret))
c_response = Headers.addCookie(response, 'S_ID', userCookie)
c_response = Headers.addCookie(response, 'USR_ID', u_UUID)
return c_response
else:
ret = {"code": "warning", "reason": "Username or Password incorrect."}
return jsonify(ret)
def encrypt(self, pk, M):
r = group.random()
ka=bytes(str(int(pk['h'] ** r)), 'utf-8')
salt=b'This is salt'
salt2=b'This is salty'
k=group.encode(pbkdf2.pbkdf2(hashlib.sha256,ka, salt, 32000, 16))
K=group.encode(pbkdf2.pbkdf2(hashlib.sha256,ka, salt2, 32000, 16))
u1 = pk['g1'] ** r
u2 = pk['g2'] ** r
alpha = group.hash((u1, u2))
#msg = group.encode(M)
chi = K ^ integer(M)
v = (pk['c'] ** r) * (pk['d'] ** (r * alpha))
t=hmac.new(bytes(str(int(k)),'utf-8'),bytes(str(chi),"utf-8"),digestmod=sha1hashlib).hexdigest()
c = { 'u1' : u1, 'u2' : u2, 'v' : v, 'chi' : chi, 't' : t}
return c
def getdbkey( f, pw ):
global dbblobpos, dbkey
# DbBlob format:
# The offsets from the start of the blob are as follows:
# 0 0xfade0711 - magic number
# 4 version
# 8 crypto-offset - offset of the encryption and signing key
# 12 total len
# 16 signature (16 bytes)
# 32 sequence
# 36 idletimeout
# 40 lockonsleep flag
# 44 salt (20 bytes)
# 64 iv (8 bytes)
# 72 blob signature (20)
f.seek(-4, 2)
while 1:
f.seek(-8, 1) # back 4
str = f.read(4)
if not str or len(str) == 0:
print>>stderr, "Couldn't find db key. Is a keychain file?"
exit(1)
if str == magic:
break
pos = f.tell() - 4
dbblobpos = pos
# ciphertext offset
f.seek( pos + 8 )
str = f.read(4)
cipheroff = unpack(">I", str)[0]
# salt
f.seek( pos + 44 )
salt = f.read( SALTLEN )
# IV
f.seek( pos + 64 )
iv = f.read( IVLEN )
# ciphertext
f.seek( pos + cipheroff )
ciphertext = f.read( 48 )
# derive the key
master = pbkdf2( pw, salt, 1000, KEYLEN )
# decrypt the key
plain = kcdecrypt( master, iv, ciphertext )
dbkey = plain[0:KEYLEN]
return dbkey
def generateMasterKey(self, pw, symmetrickey_offset):
base_addr = sizeof(_APPL_DB_HEADER) + symmetrickey_offset + 0x38 # header
# salt
SALTLEN = 20
salt = self.fbuf[base_addr + 44:base_addr + 44 + SALTLEN]
masterkey = pbkdf2(pw, salt, 1000, KEYLEN)
return masterkey
def generateMasterKey(self, pw, symmetrickey_offset):
base_addr = sizeof(
_APPL_DB_HEADER) + symmetrickey_offset + 0x38 # header
# salt
SALTLEN = 20
salt = self.fbuf[base_addr + 44:base_addr + 44 + SALTLEN]
masterkey = pbkdf2(pw, salt, 1000, KEYLEN)
return masterkey
def __init__(self, ssid, key, hashed_key=""):
"One of key, hashed_key must be present"
super(WpaPsk, self).__init__(ssid)
self["802-11-wireless"]["security"] = "802-11-wireless-security"
self["802-11-wireless-security"] = {}
self["802-11-wireless-security"]["group"] = ["tkip", "ccmp"]
self["802-11-wireless-security"]["pairwise"] = ["tkip", "ccmp"]
self["802-11-wireless-security"]["key-mgmt"] = "wpa-psk"
if hashed_key == "":
hashed_key = binascii.b2a_hex(pbkdf2.pbkdf2(key, ssid, 4096, 32))
self["802-11-wireless-security"]["psk"] = hashed_key
def __init__(self, ssid, key, hashed_key=""):
"One of key, hashed_key must be present"
super(WpaPsk, self).__init__(ssid)
self["802-11-wireless"]["security"] = "802-11-wireless-security"
self["802-11-wireless-security"] = {}
self["802-11-wireless-security"]["group"] = ["tkip", "ccmp"]
self["802-11-wireless-security"]["pairwise"] = ["tkip", "ccmp"]
self["802-11-wireless-security"]["key-mgmt"] = "wpa-psk"
if hashed_key == "":
hashed_key = binascii.b2a_hex(pbkdf2.pbkdf2(key, ssid, 4096, 32))
self["802-11-wireless-security"]["psk"] = hashed_key
def encrypt(text, secret):
key = pbkdf2(secret, '').read(Cipher.keySize)
plaintext = bytearray(text)
header = bytearray('')
aes = AES(Cipher.keySize * 8)
ocb = OCB(aes)
nonce = bytearray(Random.get_random_bytes(Cipher.blockSize))
ocb.setKey(key)
ocb.setNonce(nonce)
(tag,ciphertext) = ocb.encrypt(plaintext, header)
enc = b64encode(nonce + tag + ciphertext)
return enc
def createUser():
global cookies
#print("fields: ", request.form)
UUID = Token_generator.new_crypto_bytes(16).hex()
verification_code = Token_generator.new_crypto_bytes(16).hex()
username = request.form.get("usernameInput")
password = request.form.get("passwordInput") + P_VALUE
email = request.form.get("emailInput")
forename = request.form.get("forenameInput")
surname = request.form.get("surnameInput")
DOB = request.form.get("dobInput")
ip = request.environ['REMOTE_ADDR']
password_blacklist = [
"uea", "pirate", "cove", "piratecove", "password", "topsecret", "123",
"12345", "qwerty", "abc", email, forename, surname, username
]
flag, level, mess = checkValidPassword(password, password_blacklist)
if flag == False:
ret = {"code": level, "reason": mess}
return jsonify(ret)
captcha_code = request.form.get("g-recaptcha-response")
captcha_resp = Verification.verifyCaptchaCode(captcha_code, ip)
if captcha_resp == False:
ret = {"code": "warning", "reason": "Captcha failed"}
return jsonify(ret)
print("Passed captcha veri")
salt = Token_generator.new_crypto_bytes(20)
salted_pwd = pbkdf2(password, salt).digest()
x1 = DB_Manager.execute(
"ALTER",
'''INSERT INTO Users VALUES ('%s', '%s', '%s', '%s', '%s', '%s')''',
UUID, username, email, forename, surname, DOB)
x2 = DB_Manager.changePassword(username, salted_pwd, salt.hex(),
verification_code)
if x1 == None or x2 == None:
ret = {
"code": "warning",
"reason": "There was an issue with your request"
}
return jsonify(ret)
else:
Verification.sendVerificationEmail(email, forename, verification_code)
ret = {"code": "success"}
return jsonify(ret)
ret = {"code": "warning", "reason": "There was an issue with your request"}
return jsonify(ret)
def CheckPassphrase(self, passphrase):
pw = passphrase.encode("utf-8")
salt_str = self.data["authentication"]["auth_salt"]
auth_str = self.data["authentication"]["auth_hash"]
iter_cnt = self.data["authentication"]["iteration"]
salt = b64decode(salt_str.encode("utf-8"))
self.key = pbkdf2(sha512, pw, salt, iter_cnt, sha512().digest_size)
comp = sha512(self.key).digest()[:len(salt)]
auth = b64decode(auth_str.encode("utf-8"))
return ccmp(comp, auth)
def ChangePassphrase(self, passphrase):
pw = passphrase.encode("utf-8")
salt = os.urandom(SALT_LEN)
self.key = pbkdf2(sha512, pw, salt, KDF_ITER, sha512().digest_size)
auth = sha512(self.key).digest()[:len(salt)]
salt_str = b64encode(salt).decode("utf-8")
auth_str = b64encode(auth).decode("utf-8")
self.data["authentication"]["auth_salt"] = salt_str
self.data["authentication"]["auth_hash"] = auth_str
self.data["authentication"]["iteration"] = KDF_ITER
def hash(password, salt, N, r, p, dkLen):
"""Returns the result of the scrypt password-based key derivation function.
Constraints:
r * p < (2 ** 30)
dkLen <= (((2 ** 32) - 1) * 32
N must be a power of 2 greater than 1 (eg. 2, 4, 8, 16, 32...)
N, r, p must be positive
"""
# Scrypt implementation. Significant thanks to https://github.com/wg/scrypt
if N < 2 or (N & (N - 1)):
raise ValueError('Scrypt N must be a power of 2 greater than 1')
# A psuedorandom function
prf = lambda k, m: hmac.new(key=k, msg=m, digestmod=hashlib.sha256).digest(
)
# convert into integers
B = [c for c in pbkdf2(password, salt, 1, p * 128 * r, prf)]
B = [((B[i + 3] << 24) | (B[i + 2] << 16) | (B[i + 1] << 8) | B[i + 0])
for i in range(0, len(B), 4)]
XY = [0] * (64 * r)
V = [0] * (32 * r * N)
for i in range(0, p):
smix(B, i * 32 * r, r, N, V, XY)
# Convert back into bytes
Bc = []
for i in B:
Bc.append((i >> 0) & 0xff)
Bc.append((i >> 8) & 0xff)
Bc.append((i >> 16) & 0xff)
Bc.append((i >> 24) & 0xff)
return pbkdf2(password, bytes(Bc), 1, dkLen, prf)
def decrypt(enc, secret):
dec = b64decode(enc)
nonce = bytearray(dec[:Cipher.blockSize])
tag = bytearray(dec[Cipher.blockSize:Cipher.keySize])
ciphertext = bytearray(dec[Cipher.keySize:])
key = pbkdf2(secret, '').read(Cipher.keySize)
aes = AES(Cipher.keySize * 8)
ocb = OCB(aes)
ocb.setKey(key)
ocb.setNonce(nonce)
kept_integrity, values = ocb.decrypt('', ciphertext, tag)
if not kept_integrity:
raise Exception('Ciphertext has been messed with!')
return values.decode("utf-8")
def _get_pwd(self,h, master_password) :
if master_password == None :
pawd = getpass.getpass("password :")
else :
pawd = master_password
return pbkdf2(pawd, h)
def generateSeedFromStr(code: str, salt: str):
seed = pbkdf2.pbkdf2(hashlib.sha512, code, salt, 2048, 64)
print('seed = %s' % bytes.decode(binascii.hexlify(seed)))
return seed
import os
import base64
from pbkdf2 import pbkdf2
import codecs
import hashlib
import sys
import getpass
if len(sys.argv) < 2:
print("error: username is required")
exit(1)
username = sys.argv[1]
password = getpass.getpass('password for %s:' % username).encode('utf-8')
confirm = getpass.getpass('re-enter password:'******'utf-8')
if confirm != password:
print("error: passwords didn't match")
exit(1)
ITERATIONS = 1000
SALT_BYTESIZE = 24
HASH_BYTESIZE = 24
salt = os.urandom(SALT_BYTESIZE)
b64salt = base64.b64encode(salt).decode('utf-8')
hash = pbkdf2(hashlib.sha1, password, salt, ITERATIONS, HASH_BYTESIZE)
b64hash = base64.b64encode(hash).decode('utf-8')
print("{} {}:{}:{}".format(username, ITERATIONS, b64salt, b64hash))
def pinToAesKey(pin):
# use pbkdf2 magic
ret = pbkdf2.pbkdf2(pin, 16)
ret = pbkdf2.pbkdf2(hexlify(ret), 32)
return hexlify(ret) # the encryption key
def run(self):
self.emit(SIGNAL('started()'))
salt, crypt=pbkdf2.pbkdf2(self.clearpw)
self.emit(SIGNAL('finished(QString, QString, QString)'), salt, crypt, self.username)
return
import os
import base64
from pbkdf2 import pbkdf2
import codecs
import hashlib
import sys
import getpass
if len(sys.argv) < 2:
print("error: username is required")
exit(1)
username = sys.argv[1]
password = getpass.getpass('password for %s:' % username).encode('utf-8')
confirm = getpass.getpass('re-enter password:'******'utf-8')
if confirm != password:
print("error: passwords didn't match")
exit(1)
ITERATIONS = 1000
SALT_BYTESIZE = 24
HASH_BYTESIZE = 24
salt = os.urandom(SALT_BYTESIZE)
b64salt = base64.b64encode(salt).decode('utf-8')
hash = pbkdf2(hashlib.sha1, password, salt, ITERATIONS, HASH_BYTESIZE)
b64hash = base64.b64encode(hash).decode('utf-8')
print("{} {}:{}:{}".format(username, ITERATIONS, b64salt, b64hash))
def kdf(password):
return pbkdf2(password, password, 2000)[:16]
def pinToAesKey(pin):
# use pbkdf2 magic
ret = pbkdf2.pbkdf2(pin, 16)
ret = pbkdf2.pbkdf2(hexlify(ret), 32)
return hexlify(ret) # the encryption key
