def __shake128(msg, digest_len): """Returns a bytes object containing the SHAKE-128 hash of msg with digest_len bytes of output""" shake_ctx = hashes.Hash(hashes.SHAKE128(digest_len), backend=default_backend()) shake_ctx.update(msg) return shake_ctx.finalize()
def test_shake128_variable(self, vector, backend): output_length = int(vector['outputlen']) // 8 msg = binascii.unhexlify(vector['msg']) shake = hashes.SHAKE128(digest_size=output_length) m = hashes.Hash(shake, backend=backend) m.update(msg) assert m.finalize() == binascii.unhexlify(vector['output'])
class TestSHAKE128(object): test_shake128 = generate_hash_test( load_hash_vectors, os.path.join("hashes", "SHAKE"), [ "SHAKE128LongMsg.rsp", "SHAKE128ShortMsg.rsp", ], hashes.SHAKE128(digest_size=16), ) @pytest.mark.parametrize("vector", _load_all_params( os.path.join("hashes", "SHAKE"), [ "SHAKE128VariableOut.rsp", ], load_nist_vectors, )) def test_shake128_variable(self, vector, backend): output_length = int(vector['outputlen']) // 8 msg = binascii.unhexlify(vector['msg']) shake = hashes.SHAKE128(digest_size=output_length) m = hashes.Hash(shake, backend=backend) m.update(msg) assert m.finalize() == binascii.unhexlify(vector['output'])
def create(cls, name: str, severity: Severity, description: str, display_all: bool = False): digest = hashes.Hash(hashes.SHAKE128(5), backend=default_backend()) digest.update(name.encode("utf_8")) d = digest.finalize().hex() id_val = f"Y{d}" return cls.__new__(cls, name, severity, description, display_all, id_val)
def __init__(self, shop_id=None, priv_key=None): self._priv_key = priv_key if priv_key else Ed25519PrivateKey.generate() self._cup_signature = None self._signing_shop = Shop(shop_id) cup_id_digest = hashes.Hash(hashes.SHAKE128(16), backend=default_backend()) cup_id_digest.update( self.pub_key.public_bytes(Encoding.PEM, PublicFormat.SubjectPublicKeyInfo)) self._cup_id: bytes = cup_id_digest.finalize()
def test_shake128_variable(self, backend, subtests): vectors = _load_all_params( os.path.join("hashes", "SHAKE"), ["SHAKE128VariableOut.rsp"], load_nist_vectors, ) for vector in vectors: with subtests.test(): output_length = int(vector["outputlen"]) // 8 msg = binascii.unhexlify(vector["msg"]) shake = hashes.SHAKE128(digest_size=output_length) m = hashes.Hash(shake, backend=backend) m.update(msg) assert m.finalize() == binascii.unhexlify(vector["output"])
async def SHAKE128(message): message = message.encode() kdf = PBKDF2HMAC( algorithm=hashes.SHAKE128(), length=hashLen, salt= b'\xe7\xde\xc1\xf0\x81\x99\xde}\xa4\xb50u;&\x06\xe7\xa4\xbfn\xbc', iterations=hashIter, backend=default_backend()) output = base64.urlsafe_b64encode(kdf.derive(message)) return (output)
async def handle_received_data(self, connection): self.hasher = ManifestHasher(self.source, self.group, self.group_port, hashes.SHAKE128(16), self.manifest_id) stream, context, eom = connection.parse() if len(stream) == 0: raise taps.DeframingFailed return timeout = 0 msg = stream[0] hash = self.hasher.digest(msg, connection.remote_endpoint.port) while (timeout <= 2): if hash in self.hashes: self.hashes.remove(hash) return (None, msg, 1, True) else: await asyncio.sleep(0.1) timeout += 0.1 raise taps.DeframingFailed return
@pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHA3512(object): test_sha3_512 = generate_hash_test( load_hash_vectors, os.path.join("hashes", "SHA3"), [ "SHA3_512LongMsg.rsp", "SHA3_512ShortMsg.rsp", ], hashes.SHA3_512(), ) @pytest.mark.supported( only_if=lambda backend: backend.hash_supported( hashes.SHAKE128(digest_size=16)), skip_message="Does not support SHAKE128", ) @pytest.mark.requires_backend_interface(interface=HashBackend) class TestSHAKE128(object): test_shake128 = generate_hash_test( load_hash_vectors, os.path.join("hashes", "SHAKE"), [ "SHAKE128LongMsg.rsp", "SHAKE128ShortMsg.rsp", ], hashes.SHAKE128(digest_size=16), ) @pytest.mark.parametrize("vector",
def signature_hash(self) -> bytes: signature_hash = hashes.Hash(hashes.SHAKE128(16), backend=default_backend()) signature_hash.update(self.signature) return signature_hash.finalize().hex()
def hash_password_for_init_vector(password): digest = hashes.Hash(hashes.SHAKE128(16), backends.default_backend()) digest.update(password) return digest.finalize()
def unpack_data(file_name, private_key_path=None, key_password=None): print(Fore.LIGHTMAGENTA_EX + "\n\n# ------------------------------------------------------\n" "# Warning the extractor module is not secure against erroneous or\n" "# maliciously constructed data. Never unpack data received from an\n" "# untrusted or unauthenticated source.\n" "# ------------------------------------------------------\n\n") enc_key = base64.b85decode(get_key_data("PRIVATE", private_key_path)) if key_password: password = key_password else: password = getpass.getpass("Insert the key's password: "******"Decryption failed - Check if the key's password is correct: \n" + str(e)) exit(668) private_key = serialization.load_pem_private_key( dec_key, password=None, backend=default_backend() ) if not private_key: print(Fore.RED + "Could not load the public key") exit(667) with open(file_name,"rb") as file: encrypted = file.read() hmac_hash = encrypted[-64:] encrypted_password = (encrypted[:-64])[-1024:] key_password = private_key.decrypt( encrypted_password, ass_padding.OAEP( mgf=ass_padding.MGF1(algorithm=hashes.SHA512()), algorithm=hashes.SHA512(), label=None ) ) cipher_text = encrypted[:-1088] digest = hashes.Hash(hashes.SHAKE128(16), backend=default_backend()) digest.update(key_password) salt = digest.finalize() # Real key digested from the key_password kdf_kp = PBKDF2HMAC(algorithm = hashes.SHA512(), length = 32, salt = salt, iterations = 1000, backend = default_backend()) key = kdf_kp.derive(key_password) # ChaCha20 Nonce kdf_n = PBKDF2HMAC(algorithm = hashes.SHA256(), length = 16, salt = salt, iterations = 200, backend = default_backend()) nonce = kdf_n.derive(key) # AES CBC Init vector kdf_iv = PBKDF2HMAC(algorithm=hashes.SHA256(), length=16, salt=salt, iterations=200, backend=default_backend()) iv = kdf_iv.derive(nonce + key) # HMAC Derivated key kdf_hmac = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=200, backend=default_backend()) hmac_key = kdf_hmac.derive(iv + key) try: h = hmac.HMAC(hmac_key, hashes.SHA512(), backend=default_backend()) h.update(cipher_text) h.verify(hmac_hash) except: print(Fore.RED + "Could not authenticate data pack") exit(667) print(Fore.GREEN + "Valid data") # AES cipher_aes = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) decryptor = cipher_aes.decryptor() chacha_encrypted = decryptor.update(cipher_text) + decryptor.finalize() # CHACHA chacha_alg = algorithms.ChaCha20(key, nonce) cipher_chacha = Cipher(chacha_alg, mode=None, backend=default_backend()) decryptor = cipher_chacha.decryptor() compressed_padded = decryptor.update(chacha_encrypted) # PKCS7 padding unpadder = padding.PKCS7(256).unpadder() data = unpadder.update(compressed_padded) compressed = data + unpadder.finalize() ## ===== try: data = lzma.decompress(compressed) except Exception as e: var = traceback.format_exc() raise Exception("Decompress A {} \n {}".format(str(var), str(e))) print("Done!") ret_data = b"" try: ret_data = pickle.loads(data) except Exception as e: print(Fore.RED + "Error while unserializing") var = traceback.format_exc() raise Exception("Unpack Serial {} \n {}".format(str(var), str(e))) return ret_data
def pack_data(data_migrate=None, send_now=True, unencrypted=False): print(constants.EXTRACTOR_WIZARD_HEADER) #Used in case automatic submission fails output_name = str("data_pack_"+str(time.time())).replace(".","") public_key = serialization.load_pem_public_key( get_key_data("PUBLIC"), backend=default_backend() ) print(constants.EXTRACTOR_HELP_STRING) if not public_key: print(Fore.RED + "Could not load the public key") exit(667) data_pack = {} if data_migrate is not None: data_pack = data_migrate else: try: print("{}Please fill these infos precisely, they will appear on the report".format(Fore.LIGHTCYAN_EX)) data_pack = dl.get_info(include_am_configs=True, include_fw_configs=True) except Exception as e: print(Fore.RED + "--------------Error while getting the data-------------- \n" + Fore.LIGHTWHITE_EX + str(e) + "\n" + Fore.RED + "--------------Error while getting the data--------------") # Used to populate the HTTP request's JSON body generation_data = data_pack.get("customer_info") data = pickle.dumps(data_pack) if unencrypted: generate_unencrypted(data_pack,output_name) with tqdm(total=3) as pbar: pbar.set_description("Compressing data...") compressed = lzma.compress(data, preset=9 | lzma.PRESET_EXTREME) pbar.update(1) pbar.set_description("Crypto 1/2...") key_password = os.urandom(32) # 32 bytes / 256 bits # Padding padder = padding.PKCS7(256).padder() compressed_padded = padder.update(compressed) compressed_padded += padder.finalize() # Salt digest = hashes.Hash(hashes.SHAKE128(16), backend=default_backend()) digest.update(key_password) salt = digest.finalize() # IV, NONCE, HMAC_KEY values generated from PBKDF2 using a single use key # Create real key from a given "key password" kdf_kp = PBKDF2HMAC(algorithm = hashes.SHA512(), length = 32, salt = salt, iterations = 1000, backend = default_backend()) key = kdf_kp.derive(key_password) kdf_n = PBKDF2HMAC(algorithm = hashes.SHA256(), length = 16, salt = salt, iterations = 200, backend = default_backend()) nonce = kdf_n.derive(key) kdf_iv = PBKDF2HMAC(algorithm=hashes.SHA256(), length=16, salt=salt, iterations=200, backend=default_backend()) iv = kdf_iv.derive(nonce + key) kdf_hmac = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=200, backend=default_backend()) hmac_key = kdf_hmac.derive(iv + key) # Chacha chacha_alg = algorithms.ChaCha20(key, nonce) cipher_chacha = Cipher(chacha_alg, mode=None, backend=default_backend()) encryptor_chacha = cipher_chacha.encryptor() chacha_cipher = encryptor_chacha.update(compressed_padded) pbar.update(1) pbar.set_description("Crypto 2/2...") # Aes cipher_aes = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend()) encryptor_aes = cipher_aes.encryptor() aes_cipher = encryptor_aes.update(chacha_cipher) + encryptor_aes.finalize() # HMAC h = hmac.HMAC(hmac_key, hashes.SHA512(), backend=default_backend()) h.update(aes_cipher) hmac_bytes = h.finalize() # RSA # Encrypt the key with an 8192 RSA pub Key encrypted_password = public_key.encrypt( key_password, ass_padding.OAEP( mgf=ass_padding.MGF1(algorithm=hashes.SHA512()), algorithm=hashes.SHA512(), label=None ) ) pbar.update(1) pbar.set_description("Done!") aes_cipher += encrypted_password aes_cipher += hmac_bytes if send_now: if not upload(aes_cipher, generation_data): try: with open(output_name+".dat","wb") as out: out.write(aes_cipher) except Exception as e: print(str(e)+"\nCould not save to disk! (permissions?)") exit(-1) print("{}Probably connection issues due to Firewall or no internet connection, please use this tool\n" " to resubmit the packege on a network with internet access using the command {}--send ".format(Fore.LIGHTYELLOW_EX,Fore.LIGHTRED_EX)) print("{}To do it copy/send the new {}{}{} file created on this folder to other machine with internet\n" "access. the file is extremelly secure it can be manipulated anywere".format(Fore.LIGHTCYAN_EX, Fore.LIGHTYELLOW_EX,output_name,Fore.LIGHTCYAN_EX)) print(Fore.LIGHTGREEN_EX + "Package was saved successfully as {} !".format(output_name)) else: try: with open(output_name+".dat","wb") as out: out.write(aes_cipher) except Exception as e: print(str(e)+"\nCould not save to disk! (permissions?)") exit(-1) print(Fore.LIGHTYELLOW_EX+"The package was not sent for processing, you will have to use the command --send to send another time.") print("{}To do it copy/send the new {}{}{} file created on this folder to another machine with internet\n" "access. the file is very secure and it can be sent/stored anywere.".format(Fore.LIGHTCYAN_EX, Fore.LIGHTYELLOW_EX,output_name,Fore.LIGHTCYAN_EX)) print(Fore.LIGHTGREEN_EX + "Package was saved successfully as {} !".format(output_name))
taps.print_time("New manifest without sender)", color) self.last_wrote = datetime.datetime.now() self.cur_hashes = [] self.manifest_seq += 1 # map from names in hash-algorithm-t in # https://tools.ietf.org/html/draft-ietf-netconf-crypto-types-11 # to options from cryptography.hazmat.primitives import hashes HASH_ALG_MAP = { 'sha-224': hashes.SHA3_224, 'sha-256': hashes.SHA3_256, 'sha-384': hashes.SHA3_384, 'sha-512': hashes.SHA3_512, 'shake-128': hashes.SHAKE128(16), # 'shake-224': hashes.SHAKE256(28), # TBD: is this right? 'shake-256': hashes.SHAKE256(32), } class ManifestServer(object): def __init__(self, addr, port, trust_ca, local_identity): self.preconnection = None self.addr = addr self.port = port self.trust_ca = trust_ca self.local_identity = local_identity self.loop = asyncio.get_event_loop() self.connections = [] async def push_new_manifest(self, manifest):