def user(): start = yield [] assert start is Start a = dh_secret(P) A = mod(G, a) print("user: sending email") salt, B = yield [b"*****@*****.**", A] u = hash_to_int(int_to_bytes(A) + int_to_bytes(B)) print("user: A:", A) print("user: B:", B) print("user: salt:", bytes_to_int(salt)) print("user: u", u) x = hash_to_int(salt + b"pass") print("user: x:", x) t1 = B - K * mod(G, x) assert t1 > 0 S = mod(t1, a + u * x) print("user: S:", S) key = hashlib.sha256(int_to_bytes(S)).digest() print("user: key:", binascii.hexlify(key)) response, *_ = yield [hmac_sha256(key, salt)] print("server says password was", response) assert response == "OK"
def host(): email, A = yield [] password = USERS[email] salt = random_bytes(16) x = hash_to_int(salt + password) print("s: x:", x) v = mod(G, x) b = dh_secret(P) B = K * v + mod(G, b) print("{} trying to log in".format(email.decode())) u = hash_to_int(int_to_bytes(A) + int_to_bytes(B)) print("host: A:", A) print("host: B:", B) print("host: salt:", bytes_to_int(salt)) print("host: u", u) print("host: x:", x) user_mac, *_ = yield [salt, B] t0 = A * mod(v, u) S = mod(t0, b) print("host: S:", S) key = hashlib.sha256(int_to_bytes(S)).digest() print("host: key:", binascii.hexlify(key)) host_mac = hmac_sha256(key, salt) yield ["OK" if user_mac == host_mac else "NO"]
def get_jwk_from_public_key(public_key): e = public_key.public_numbers().e n = public_key.public_numbers().n e = util.to_base64(util.int_to_bytes(e)) n = util.to_base64(util.int_to_bytes(n)) my_jwk = {"kty": "RSA", "n": n, "e": e} return my_jwk
def do_generate_proof(self, opts): """ Command to hash the flash memory """ msg = Message().set_code(Opcodes.MD5_FLASH) if opts.bounds is None: msg.set_data(bytes()) else: msg.set_data(int_to_bytes(opts.bounds[0], 2) + int_to_bytes(opts.bounds[1], 2)) self.comm.write_serial(msg.serialize()) self.print_response()
def output_analog(self, data): p = pyaudio.PyAudio() stream = p.open(format=p.get_format_from_width(self.sample_width), channels=self.n_channels, rate=self.frame_rate, output=True) outfile = [] # We need to go back from our floats in [0.0, 1.0) to our ints # in [-2**15, 2**15). for x in data: wave_n = int((x * 2**16) - 2**15) in_two = util.int_to_bytes(wave_n) stream.write(bytes(in_two)) outfile.append(bytes(in_two)) stream.stop_stream() stream.close() p.terminate() ext = self.filename.split(".")[-1] new_filename = self.filename.rstrip("." + ext) + "_analog." + ext print("Outputting to file: %s" % new_filename) self.write_wav_file(outfile, new_filename)
def user(): start = yield [] assert start is actors.Start a = dh_secret(P) A = mod(G, a) salt, B, u = yield [b"*****@*****.**", A] x = hash_to_int(salt + b"pass") S = mod(B, a + u * x) key = hashlib.sha256(int_to_bytes(S)).digest() response, *_ = yield [hmac_sha256(key, salt)] print("=" * 80) print("user: A:", A) print("user: B:", B) print("user: salt:", bytes_to_int(salt)) print("user: u", u) print("user: x:", x) print("user: S:", S) print("user: key:", binascii.hexlify(key)) print("user: server says password was", response) assert response == "OK"
def host(): email, A = yield [] password = USERS[email] salt = random_bytes(16) x = hash_to_int(salt + password) v = mod(G, x) b = dh_secret(P) B = mod(G, b) u = random_int_from_n_bytes(128 // 8) user_mac, *_ = yield [salt, B, u] S = mod(A * mod(v, u), b) key = hashlib.sha256(int_to_bytes(S)).digest() host_mac = hmac_sha256(key, salt) print("=" * 80) print("{} trying to log in".format(email.decode())) print("host: A:", A) print("host: B:", B) print("host: salt:", bytes_to_int(salt)) print("host: u", u) print("host: x:", x) print("host: S:", S) print("host: key:", binascii.hexlify(key)) yield ["OK" if user_mac == host_mac else "NO"]
def key_expansion(key: bytearray, word: List[bytearray], nk: int, nr: int): i = 0 while i < nk: word[i] = bytearray([key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]]) i = i + 1 i = nk while i < Nb * (nr + 1): temp = word[i - 1] if i % nk == 0: temp = bytes_to_int(subWord(rotWord(temp))) ^ \ Rcon[int(i / nk)] temp = int_to_bytes(temp) elif nk > 6 and i % nk == 4: temp = subWord(temp) word[i] = int_to_bytes(bytes_to_int(word[i - nk]) ^ bytes_to_int(temp)) i = i + 1
def _respond_to_login_request(self, username, A, k=3): # A == public ephemeral number from client user = self.users[username] b = random.randint(1, IETF_PRIME - 1) # private ephemeral number # B == public ephemeral number. Usually, B depends on the password, but # if k == 0, it is a completely random Diffie-Hellman public key, which # causes u to be essentially random. B = ((k * user["verifier"]) + pow(self.g, b, IETF_PRIME)) % IETF_PRIME u = scramble_keys(A, B) S = pow(A * pow(user["verifier"], u, IETF_PRIME), b, IETF_PRIME) user["shared_session_key"] = sha256(int_to_bytes(S)).digest() return (user["salt"], B, u)
def log_in(self, server, username, password, k=3): a = random.randint(1, IETF_PRIME - 1) # private ephemeral number A = pow(self.g, a, IETF_PRIME) # public ephemeral number # B == public ephemeral number from server salt, B, u = server._respond_to_login_request(username, A, k=k) # TODO: figure out if it is possible to make the offline attack work if # the following line is uncommented # assert u == scramble_keys(A, B) x = generate_private_key(username, password, salt) S = pow(B - k * pow(self.g, x, IETF_PRIME), a + u*x, IETF_PRIME) shared_session_key = sha256(int_to_bytes(S)).digest() # called "K" in challenge hmac = calculate_hmac(shared_session_key, salt, sha256) return server._verify_hmac(hmac, username)
def _verify_hmac(self, hmac, username): user = self.users[username] # 20 most common passwords according to xato.net common_passwords = [ "password", "123456", "12345678", "1234", "qwerty", "12345", "dragon", "pussy", "baseball", "football", "letmein", "monkey", "696969", "abc123", "mustang", "michael", "shadow", "master", "jennifer", "111111"] u = 1 for test_password in common_passwords: test_x = generate_private_key(username, test_password, user["salt"]) test_verifier = pow(self.g, test_x, IETF_PRIME) test_S = pow(user["A"] * pow(test_verifier, u, IETF_PRIME), user["b"], IETF_PRIME) test_session_key = sha256(int_to_bytes(test_S)).digest() if calculate_hmac(test_session_key, user["salt"], sha256) == hmac: user["password"] = test_password return True return False
def get_rpc_credentials(config): rpc_user = config.get('rpcuser', None) rpc_password = config.get('rpcpassword', None) if rpc_user is None or rpc_password is None: rpc_user = '******' import ecdsa, base64 bits = 128 nbytes = bits // 8 + (bits % 8 > 0) pw_int = ecdsa.util.randrange(pow(2, bits)) pw_b64 = base64.b64encode(int_to_bytes(pw_int, nbytes, 'big'), b'-_') rpc_password = to_string(pw_b64, 'ascii') config.set_key('rpcuser', rpc_user) config.set_key('rpcpassword', rpc_password, save=True) elif rpc_password == '': from .util import print_stderr print_stderr('WARNING: RPC authentication is disabled.') return rpc_user, rpc_password
def user(): start = yield [] assert start is actors.Start A = 0 print("user: sending email") salt, B = yield [b"*****@*****.**", A] S = 0 print("user: S:", S) key = hashlib.sha256(int_to_bytes(S)).digest() print("user: key:", binascii.hexlify(key)) response, *_ = yield [hmac_sha256(key, salt)] print("server says password was", response) assert response == "OK"
def output_digital(self, data): p = pyaudio.PyAudio() stream = p.open(format=p.get_format_from_width(self.sample_width), channels=self.n_channels, rate=self.frame_rate, output=True) outfile = [] # Take the floats back to two-bit ints in the correct range. # Beecause of how floats are formatted and how we've added # noise, we occasionally end up with invalid floats; the # error-checking below deals with that. floats = util.bits_to_floats(data) for i in range(len(floats)): x = floats[i] # Error checking try: wave_n = int((x * 2**16) - 2**15) except: wave_n = 0 if wave_n < -2**15: wave_n = -2**15 elif wave_n >= 2**15: wave_n = 2**15 - 1 in_two = util.int_to_bytes(wave_n) stream.write(bytes(in_two)) outfile.append(bytes(in_two)) stream.stop_stream() stream.close() p.terminate() ext = self.filename.split(".")[-1] new_filename = self.filename.rstrip("." + ext) + "_digital." + ext print("Outputting to file: %s" % new_filename) self.write_wav_file(outfile, new_filename)
def serialize(self) -> bytes: """ Returns the complete message as bytes, ready to be send to the Arduino """ return int_to_bytes(self.code, 2) + int_to_bytes(len(self.data), 2) + self.data
def scramble_keys(A, B): return int(sha256(int_to_bytes(A) + int_to_bytes(B)).hexdigest(), 16)
def derive_key(secret: int): return hashlib.sha1(int_to_bytes(secret)).digest()[:16]
def _generate_symmetric_key(self, other): return sha1(int_to_bytes(self.get_shared_key_for(other))).digest()[:16]