Exemplo n.º 1
0
def arc4_timer(test_vectors):
	"""Encrypts (Alleged-RC4) each element of test_vector and returns a list of tuples with (encryption time, decryption time) """
	timelist = []
	for vector in test_vectors: #test_vector elements are of byte type
		#key generation, we opted for generating our own keys and not using the provided at the test vectors
		key = secrets.token_bytes(32) #secrets provides the most secure pseudo-random function the os has
		#print(key)
		#end of key generation
		#creating a cipher object
		cipher = Cipher(algorithms.ARC4(key), mode = None, backend = default_backend())
		encryptor = cipher.encryptor()
		#encryption begins
		start_e = timer()
		ciphertext = encryptor.update(vector) + encryptor.finalize()
		end_e = timer()
		#encryption ends -this is the fragment we should time for encryption time
		#print("ciphertext: " + str(ciphertext))
		decryptor = cipher.decryptor()
		#decryption begins
		start_d = timer()
		plaintext_d = decryptor.update(ciphertext) + decryptor.finalize()
		end_d = timer()
		#decryption ends -this is the fragment we should time for decryption time
		#print("Deciphered text: "+ str(plaintext_d))
		timelist.append((end_e - start_e, end_d - start_d))
	return timelist
Exemplo n.º 2
0
def get_cipher(key, method, op, iv):
    if method == 'bypass':
        return bypass()
    if method in ('salsa20', 'chacha20', 'chacha20-ietf'):
        return Salsa20Crypto(method, key, iv, op)
    elif method == 'rc4-md5':
        md5 = hashlib.md5()
        md5.update(key)
        md5.update(iv)
        key = md5.digest()
        method = 'rc4'
    cipher = None

    if method.startswith('rc4'):
        pass
    elif method.endswith('ctr'):
        mode = modes.CTR(iv)
    elif method.endswith('ofb'):
        mode = modes.OFB(iv)
    elif method.endswith('cfb'):
        mode = modes.CFB(iv)
    else:
        raise ValueError('operation mode "%s" not supported!' % method.upper())

    if method.startswith('rc4'):
        cipher = Cipher(algorithms.ARC4(key), None, default_backend())
    elif method.startswith('aes'):
        cipher = Cipher(algorithms.AES(key), mode, default_backend())
    elif method.startswith('camellia'):
        cipher = Cipher(algorithms.Camellia(key), mode, default_backend())
    else:
        raise ValueError('crypto algorithm "%s" not supported!' %
                         method.upper())

    return cipher.encryptor() if op else cipher.decryptor()
Exemplo n.º 3
0
def cli(filename):
    """Send file over to server"""
    s = socket.socket()

    host = '172.30.7.187'
    port = 4567

    click.echo(click.style('Connecting...', bold=True, fg='yellow'))
    try:
        s.connect((host, port))
    except socket.error as msg:
        click.echo(
            click.style('Error connecting to server: ' + str(msg[1]),
                        bold=True,
                        fg='red'))

    pt = b""
    while True:
        chunk = filename.read(100)
        if not chunk:
            break
        pt += chunk

    key = open("key.txt", "rb").read(16)
    cipher = Cipher(algorithms.ARC4(key), mode=None, backend=default_backend())
    encryptor = cipher.encryptor()
    ct = encryptor.update(pt)

    s.send(ct)
    s.close()

    click.echo(click.style('File sent!', bold=True, fg='green'))
Exemplo n.º 4
0
def setup_cipher_rc4(salt, password, encrypt=False):
    hash = Hash(SHA1(), default_backend())
    hash.update(salt + bytes(password, 'ascii'))
    cipher = Cipher(algorithms.ARC4(hash.finalize()), None, default_backend())
    cryptor = cipher.encryptor() if encrypt else cipher.decryptor()
    cryptor.update(bytes(RC4_SKIP))
    return cryptor
Exemplo n.º 5
0
def encrypt(nonce, counter, data):
    try:
        nonce = bytes.fromhex(nonce)
        assert len(nonce) == NONCESIZE

        counter = int(counter)
        assert counter >= 0

        counter = counter.to_bytes(length=COUNTERSIZE,
                                   byteorder="little",
                                   signed=False)

        data = bytes.fromhex(data)
        assert len(data) == BLOCKSIZE

    except Exception as e:
        logging.error("Failed to validate inputs", exc_info=e)
        return "Failed to validate inputs."

    block_key = nonce + counter + RC4_KEY

    cipher = Cipher(algorithm=algorithms.ARC4(block_key),
                    mode=None,
                    backend=default_backend())
    encryptor = cipher.encryptor()
    ciphertext_bytes = encryptor.update(data)

    return ciphertext_bytes.hex()
Exemplo n.º 6
0
 def __init__(self, key):
     if isinstance(key, str):
         key = key.encode('utf-8')
     cipher = Cipher(algorithms.ARC4(key),
                     mode=None,
                     backend=default_backend())
     self.encrypter = cipher.encryptor()
Exemplo n.º 7
0
def get_msg_from_queue(s, msg_buffers, recv_len, msg_len, msg_ids,
                       symmetric_keys):
    recv_str = msg_buffers[s]
    ret_str = ''

    if recv_str is not None:

        # Recommended spot for decryption of symmetric cipher
        if s in symmetric_keys and symmetric_keys[s]:
            algorithm = algorithms.ARC4(symmetric_keys[s])
            cipher = Cipher(algorithm, mode=None, backend=default_backend())
            decryptor = cipher.decryptor()
            recv_str = decryptor.update(recv_str)

        try:
            ret_str = recv_str.decode()
        except BaseException:
            ret_str = recv_str

    del msg_buffers[s]
    del recv_len[s]
    del msg_len[s]

    id = None

    if s in msg_ids:
        id = msg_ids[s]
        del msg_ids[s]

    return id, ret_str
Exemplo n.º 8
0
    def __read_and_decrypt(self, filename, password):
        """
        Reads and decrypts files using the given password expanded as a key

        Arguments:
            filename    - The filename to open and decrypt
            password    - Tha password to expand and use as key
        Returns:
            String containing decrypted contents
        """
        if(type(password) is str):
            password = str.encode(password)

        key = KeyStore.__generate_key(password)

        file_ = open(filename, 'rb')

        cipher = Cipher(algorithms.ARC4(key), mode=None, backend=default_backend())
        decryptor = cipher.decryptor()

        ct = file_.read()

        dt = decryptor.update(ct)

        return dt.decode("utf-8")
Exemplo n.º 9
0
    def decrypt(password, salt, keySize, ibuf, blocksize=0x200):
        r'''
        Return decrypted data.
        '''
        obuf = io.BytesIO()

        block = 0
        key = _makekey(password, salt, keySize, block)

        for c, buf in enumerate(iter(functools.partial(ibuf.read, blocksize), b'')):
            cipher = Cipher(algorithms.ARC4(key), mode=None, backend=default_backend())
            decryptor = cipher.decryptor()

            dec = decryptor.update(buf) + decryptor.finalize()
            obuf.write(dec)

            # From wvDecrypt:
            # at this stage we need to rekey the rc4 algorithm
            # Dieter Spaar <*****@*****.**> figured out
            # this rekeying, big kudos to him
            block += 1
            key = _makekey(password, salt, keySize, block)

        obuf.seek(0)
        return obuf
Exemplo n.º 10
0
def _build_vectors():
    count = 0
    output = []
    key = None
    plaintext = binascii.unhexlify(32 * '0')
    for size in _SIZES_TO_GENERATE:
        for keyinfo in _RFC6229_KEY_MATERIALS:
            key = _key_for_size(size, keyinfo)
            cipher = ciphers.Cipher(algorithms.ARC4(binascii.unhexlify(key)),
                                    None, default_backend())
            encryptor = cipher.encryptor()
            current_offset = 0
            for offset in _RFC6229_OFFSETS:
                if offset % 16 != 0:
                    raise ValueError(
                        "Offset {} is not evenly divisible by 16".format(
                            offset))
                while current_offset < offset:
                    encryptor.update(plaintext)
                    current_offset += len(plaintext)
                output.append("\nCOUNT = {}".format(count))
                count += 1
                output.append("KEY = {}".format(key))
                output.append("OFFSET = {}".format(offset))
                output.append("PLAINTEXT = {}".format(
                    binascii.hexlify(plaintext)))
                output.append("CIPHERTEXT = {}".format(
                    binascii.hexlify(encryptor.update(plaintext))))
                current_offset += len(plaintext)
            assert not encryptor.finalize()
    return "\n".join(output)
Exemplo n.º 11
0
def encrypt(secret, plaintext, nosalt=False):
    """Given the first 16 bytes of splunk.secret, encrypt a Splunk password"""
    if len(secret) < 16:
        raise ValueError("secret too short, need 16 bytes, got %d" %
                         len(secret))

    key = secret[:16]

    chars = []
    if nosalt is False:
        for char1, char2 in zip(plaintext, itertools.cycle("DEFAULTSA")):
            if ord(char1) == ord(char2):
                chars.append(ord(char1))
            else:
                chars.append(ord(char1) ^ ord(char2))
    else:
        chars = [ord(x) for x in plaintext]

    chars.append(0)

    plaintext = b"".join([six.int2byte(c) for c in chars])

    algorithm = algorithms.ARC4(key)
    cipher = Cipher(algorithm, mode=None, backend=default_backend())
    encryptor = cipher.encryptor()
    ciphertext = encryptor.update(plaintext)

    return "$1$%s" % base64.b64encode(ciphertext).decode()
Exemplo n.º 12
0
 def __init__(self, flags, session_key):
     self._key = _Ntlm1Session._weaken_key(flags, session_key)
     cipher = Cipher(algorithms.ARC4(self._key),
                     mode=None,
                     backend=default_backend())
     self._encrypt = cipher.encryptor()
     self._decrypt = cipher.decryptor()
     self._sequence = 0
Exemplo n.º 13
0
 def get_cipher(self, iv):
     md5 = hashlib.md5()
     md5.update(self.key)
     md5.update(iv)
     rc4_key = md5.digest()
     return Cipher(algorithms.ARC4(rc4_key),
                   None,
                   backend=default_backend())
Exemplo n.º 14
0
def ARC4_encrypt(key, data, skip=0):
    """Encrypt data @data with key @key, skipping @skip first bytes of the
    keystream"""

    algorithm = algorithms.ARC4(key)
    cipher = Cipher(algorithm, mode=None, backend=default_backend())
    encryptor = cipher.encryptor()
    if skip:
        encryptor.update("\x00" * skip)
    return encryptor.update(data)
 def decrypt(self, key=None):
     if key is None:
         key = conf.wepkey
     if key and conf.crypto_valid:
         d = Cipher(
             algorithms.ARC4(self.iv + key.encode("utf8")),
             None,
             default_backend(),
         ).decryptor()
         self.add_payload(LLC(d.update(self.wepdata) + d.finalize()))
Exemplo n.º 16
0
    def store_key(key, keystore_file, master_password):
        """Encrypts file with the given password using RC4"""

        if(type(master_password) is str):
            master_password = str.encode(master_password)

        cipher = Cipher(algorithms.ARC4(master_password), mode=None, backend=default_backend())
        encryptor = cipher.encryptor()

        ct = encryptor.update(key)
        keystore_file.write(ct)
Exemplo n.º 17
0
def DRC4(key, file_path, iv):           # RC4 decryption function
    f = open(file_path, "rb")
    content = f.read()
    f.close()
    backend = default_backend()
    cipher = Cipher(algorithms.ARC4(key), mode=None, backend=backend)
    decryptor = cipher.decryptor()
    content = decryptor.update(content) + decryptor.finalize()
    f = open(file_path, "wb")
    f.write(content)
    f.close()
Exemplo n.º 18
0
class TestARC4(object):
    test_rfc = generate_stream_encryption_test(
        load_nist_vectors,
        os.path.join("ciphers", "ARC4"),
        [
            "rfc-6229-40.txt", "rfc-6229-56.txt", "rfc-6229-64.txt",
            "rfc-6229-80.txt", "rfc-6229-128.txt", "rfc-6229-192.txt",
            "rfc-6229-256.txt", "arc4.txt"
        ],
        lambda key, **kwargs: algorithms.ARC4(binascii.unhexlify(key)),
    )
Exemplo n.º 19
0
def rc4(message, key):
    """
    Simple wrapper for RC4 cipher that encrypts message with key
    :param str message: input to encrypt
    :param str key: encryption key
    :return: ciphertext
    :rtype: str
    """
    algorithm = algorithms.ARC4(key)
    cipher = Cipher(algorithm, mode=None, backend=default_backend())
    encryptor = cipher.encryptor()
    return encryptor.update(message)
Exemplo n.º 20
0
    def encrypt(cls, key, keyusage, plaintext, confounder):
        if confounder is None:
            confounder = get_random_bytes(8)
        ki = HMAC_HASH(key.contents, cls.usage_str(keyusage), hashes.MD5)
        cksum = HMAC_HASH(ki, confounder + plaintext, hashes.MD5)
        ke = HMAC_HASH(ki, cksum, hashes.MD5)

        encryptor = Cipher(
            ciphers.ARC4(ke), None, default_backend()).encryptor()
        ctext = encryptor.update(confounder + plaintext)

        return cksum + ctext
Exemplo n.º 21
0
def decrypt(secret, ciphertext, nosalt=False):
    """Given the first 16 bytes of splunk.secret, decrypt a Splunk password"""
    plaintext = None

    if ciphertext.startswith("$1$"):
        ciphertext = b64decode(ciphertext[3:])
        if len(secret) < 16:
            raise ValueError("secret too short, need 16 bytes, got %d" %
                             len(secret))
        key = secret[:16]

        algorithm = algorithms.ARC4(key)
        cipher = Cipher(algorithm, mode=None, backend=default_backend())
        decryptor = cipher.decryptor()
        plaintext = decryptor.update(ciphertext)

        chars = []
        if nosalt is False:
            for char1, char2 in zip(plaintext[:-1],
                                    itertools.cycle("DEFAULTSA")):
                if six.byte2int([char1]) == ord(char2):
                    chars.append(six.byte2int([char1]))
                else:
                    chars.append(six.byte2int([char1]) ^ ord(char2))
        else:
            chars = [six.byte2int([char]) for char in plaintext[:-1]]

        plaintext = "".join([six.unichr(c) for c in chars])
    elif ciphertext.startswith("$7$"):
        if len(secret) < 254:
            raise ValueError("secret too short, need 254 bytes, got %d" %
                             len(secret))
        ciphertext = b64decode(ciphertext[3:])

        kdf = PBKDF2HMAC(algorithm=hashes.SHA256(),
                         length=32,
                         salt=b"disk-encryption",
                         iterations=1,
                         backend=default_backend())
        key = kdf.derive(secret[:254])

        iv = ciphertext[:16]  # pylint: disable=invalid-name
        tag = ciphertext[-16:]
        ciphertext = ciphertext[16:-16]

        algorithm = algorithms.AES(key)
        cipher = Cipher(algorithm,
                        mode=modes.GCM(iv, tag),
                        backend=default_backend())
        decryptor = cipher.decryptor()
        plaintext = decryptor.update(ciphertext).decode()

    return plaintext
Exemplo n.º 22
0
    def load_key(keystore_file, master_password):
        """Decrypts file with the given password using RC4"""

        if(type(master_password) is str):
            master_password = str.encode(master_password)

        cipher = Cipher(algorithms.ARC4(master_password), None, backend=default_backend())
        decryptor = cipher.decryptor()

        ct = keystore_file.read()

        dt = decryptor.update(ct)
        return dt
Exemplo n.º 23
0
 def verifypw(password, salt, keySize, encryptedVerifier, encryptedVerifierHash, algId=0x00006801):
     r'''
     Return True if the given password is valid.
     '''
     # https://msdn.microsoft.com/en-us/library/dd953617(v=office.12).aspx
     block = 0
     key = _makekey(password, salt, keySize, block)
     cipher = Cipher(algorithms.ARC4(key), mode=None, backend=default_backend())
     decryptor = cipher.decryptor()
     verifier = decryptor.update(encryptedVerifier)
     verfiferHash = decryptor.update(encryptedVerifierHash)
     hash = sha1(verifier).digest()
     logging.debug([verfiferHash, hash])
     return hash == verfiferHash
Exemplo n.º 24
0
    def __init__(self, flags, session_key, mode):
        self.key_exchange = True
        self.outgoing_sequence = 0
        self.incoming_sequence = 0
        session_key = _Ntlm2Session._weaken_key(flags, session_key)
        #logger.debug("Session Key after Weakening: %s", AsHex(session_key))
        client_signing_key = _Ntlm2Session._generate_key(
            session_key + _Ntlm2Session.client_signing)
        server_signing_key = _Ntlm2Session._generate_key(
            session_key + _Ntlm2Session.server_signing)
        client_sealing_key = _Ntlm2Session._generate_key(
            session_key + _Ntlm2Session.client_sealing)
        server_sealing_key = _Ntlm2Session._generate_key(
            session_key + _Ntlm2Session.server_sealing)

        if mode == 'client':
            self.outgoing_signing_key = client_signing_key
            self.incoming_signing_key = server_signing_key
            client_arc4 = algorithms.ARC4(client_sealing_key)
            server_arc4 = algorithms.ARC4(server_sealing_key)
            self.outgoing_seal = Cipher(client_arc4,
                                        mode=None,
                                        backend=default_backend()).encryptor()
            self.incoming_seal = Cipher(server_arc4,
                                        mode=None,
                                        backend=default_backend()).decryptor()
        elif mode == 'server':
            self.outgoing_signing_key = server_signing_key
            self.incoming_signing_key = client_signing_key
            client_arc4 = algorithms.ARC4(client_sealing_key)
            server_arc4 = algorithms.ARC4(server_sealing_key)
            self.outgoing_seal = Cipher(server_arc4,
                                        mode=None,
                                        backend=default_backend()).encryptor()
            self.incoming_seal = Cipher(client_arc4,
                                        mode=None,
                                        backend=default_backend()).decryptor()
Exemplo n.º 25
0
def encrypt(key, plaintext):
    """Given the first 16 bytes of splunk.secret, encrypt a Splunk password"""
    chars = []
    for char1, char2 in zip(plaintext, itertools.cycle("DEFAULTSA")):
        chars.append(ord(char1) ^ ord(char2))
    chars.append(0)

    plaintext = b"".join([six.int2byte(c) for c in chars])

    algorithm = algorithms.ARC4(key)
    cipher = Cipher(algorithm, mode=None, backend=default_backend())
    encryptor = cipher.encryptor()
    ciphertext = encryptor.update(plaintext)

    return "$1$%s" % base64.b64encode(ciphertext).decode()
Exemplo n.º 26
0
def decrypt(key, ciphertext):
    """Given the first 16 bytes of splunk.secret, decrypt a Splunk password"""
    if ciphertext.startswith("$1$"):
        ciphertext = base64.b64decode(ciphertext[3:])

    algorithm = algorithms.ARC4(key)
    cipher = Cipher(algorithm, mode=None, backend=default_backend())
    decryptor = cipher.decryptor()
    plaintext = decryptor.update(ciphertext)

    chars = []
    for char1, char2 in zip(plaintext[:-1], itertools.cycle("DEFAULTSA")):
        chars.append(six.byte2int([char1]) ^ ord(char2))

    return "".join([six.unichr(c) for c in chars])
Exemplo n.º 27
0
    def _DecryptARC4(self, key, data):
        """Decrypts ARC4 encrypted data.

    Args:
      key (str): key used to decrypt the data.
      data (bytes): data to decrypt.

    Returns:
      bytes: decrypted data.
    """
        algorithm = algorithms.ARC4(key)
        backend = backends.default_backend()
        cipher = ciphers.Cipher(algorithm, mode=None, backend=backend)
        cipher_context = cipher.decryptor()
        return cipher_context.update(data)
Exemplo n.º 28
0
def decrypt_RC4(connection, outfile):
    key = open("key.txt", 'rb').read(16)

    cipher = Cipher(algorithms.ARC4(key), None, backend=default_backend())
    decryptor = cipher.decryptor()

    ct = b""
    while True:
        chunk = connection.recv(50)
        if not chunk:
            break
        ct += chunk

    dt = decryptor.update(ct)
    outfile.write(dt)

    click.echo(click.style('Decryption successful!', bold = True, fg = 'green'))
Exemplo n.º 29
0
    def utils_encrypt_plainfile(filename, password, output):
        file_ = open(filename, 'rb')
        file_out = open(output, 'wb')

        if(type(password) is str):
            password = str.encode(password)

        key = KeyStore.__generate_key(password)

        cipher = Cipher(algorithms.ARC4(key), mode=None, backend=default_backend())
        encryptor = cipher.encryptor()

        bite_stream = file_.read()

        ct = encryptor.update(bite_stream)

        file_out.write(ct)
Exemplo n.º 30
0
def get_encryptor(algoname, key, iv=None, mode='ecb', padd='pkcs7'):
    backend = default_backend()
    if algoname == 'ChaCha20':
        algoer = algorithms.ChaCha20(key, iv)
        cipher = Cipher(algoer, None, backend=backend)
    elif algoname == 'ARC4':
        algoer = algorithms.ARC4(key)
        cipher = Cipher(algoer, None, backend=backend)
    else:
        algoer = algos[algoname](key)
        if mode == 'ecb': mode = modes.ECB()
        if mode == 'cfb': mode = modes.CFB(iv)
        if mode == 'ofb': mode = modes.OFB(iv)
        if mode == 'cbc': mode = modes.CBC(iv)
        if mode == 'ctr': mode = modes.CTR(iv)
        cipher = Cipher(algoer, mode, backend=backend)

    def enc(bitstring):
        if algoname not in ['ARC4', 'ChaCha20']:
            if padd.upper() == 'PKCS7':
                padder = padding.PKCS7(algoer.block_size).padder()
                bitstring = padder.update(bitstring) + padder.finalize()
            elif padd.upper() == 'ANSIX923':
                padder = padding.ANSIX923(algoer.block_size).padder()
                bitstring = padder.update(bitstring) + padder.finalize()
        encryptor = cipher.encryptor()
        return encryptor.update(bitstring) + encryptor.finalize()

    def dec(bitstring):
        decryptor = cipher.decryptor()
        ddata = decryptor.update(bitstring) + decryptor.finalize()
        if algoname not in ['ARC4', 'ChaCha20']:
            if padd.upper() == 'PKCS7':
                unpadder = padding.PKCS7(algoer.block_size).unpadder()
                ddata = unpadder.update(ddata) + unpadder.finalize()
            elif padd.upper() == 'ANSIX923':
                unpadder = padding.ANSIX923(algoer.block_size).unpadder()
                ddata = unpadder.update(ddata) + unpadder.finalize()
        return ddata

    class f:
        pass

    f.encrypt = enc
    f.decrypt = dec
    return f