def computePSK_hex(ssid, key):
"""
Compute the PSK for the given SSID and Key.
Will return None if the key does not have the necessary length.
"""
if((len(key)>=8) and (len(key)<=63)):
if(QUICK_MODE):
return pbkdf2.pbkdf2_hex(key, ssid, 256, 32)
else:
return pbkdf2.pbkdf2_hex(key, ssid, 4096, 32)
else:
return None
def computePSK_hex(ssid, key):
"""
Compute the PSK for the given SSID and Key.
Will return None if the key does not have the necessary length.
"""
if ((len(key) >= 8) and (len(key) <= 63)):
if (QUICK_MODE):
return pbkdf2.pbkdf2_hex(key, ssid, 256, 32)
else:
return pbkdf2.pbkdf2_hex(key, ssid, 4096, 32)
else:
return None
def decrypt_file(password, in_filename, out_filename=None, chunksize=24*1024):
if not out_filename:
out_filename = os.path.splitext(in_filename)[0]
with open(in_filename, 'rb') as infile:
signature = infile.read(len(SIGNATURE))
if signature != SIGNATURE:
return legacy_decrypt_file(password, in_filename, out_filename, chunksize)
with open(in_filename, 'rb') as infile:
# signature skip
infile.read(len(SIGNATURE))
origsize = struct.unpack('<Q', infile.read(struct.calcsize('Q')))[0]
psalt = infile.read(16)
key = pbkdf2_hex(password, psalt, PBKDF2_ITERATIONS, PBKDF2_KEYLENGTH)
iv = infile.read(16)
decryptor = AES.new(key, AES.MODE_CBC, iv)
with open(out_filename, 'wb') as outfile:
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
outfile.write(decryptor.decrypt(chunk))
outfile.truncate(origsize)
def matches_password(self, password):
"""
Tests if a password will generate the same hash, meaning the password
is the same string used originally to generate the hash.
@param password: The password to test.
@return: bool
"""
# To complete this test, we will generate a new hash based on the input
# but using this objects other settings (salt, etc).
# First, let's make sure we have the required hash function.
if self.algorithm not in hashlib.algorithms:
# We can't generate a hash to test, so fail.
return False
keylen = len(self.hash) / 2
hash = pbkdf2.pbkdf2_hex(password,
self.salt,
hashfunc=getattr(hashlib, self.algorithm),
iterations=self.cost,
keylen=keylen)
return hash == self.hash
def make_password(self, password, salt=None, iterations=None):
if not salt:
salt = self.generate_salt()
if not iterations:
iterations = self.iterations
hash_val = pbkdf2_hex(password, salt, iterations, hashfunc=self.hashfunc)
return '%s$%s$%s$%s' % ('pbkdf2_sha256', iterations, salt, hash_val)
def _GeneratePBKDF2(self, salt):
"""Compute WPA2 key from a passphrase."""
if self.passphrase is None:
return None
return pbkdf2.pbkdf2_hex(self.passphrase,
salt=salt,
iterations=4096,
keylen=32)
def hashNsalt(self, password=None, salt=None):
if password == None:
print 'saltnhash - missing password'
return
hashed = pbkdf2.pbkdf2_hex(password, salt)
return hashed
def check_login(username, password):
user = User.query.filter_by(username=username).first()
if not user:
return False
[hexsalt, cmphash] = user.password.split('$')
salt = unhexlify(hexsalt)
hashed = pbkdf2_hex(str(password), salt)
return hashed == cmphash
def make_hash(cls, username, password, iterations=1):
if iterations == 1:
return hashlib.sha256(
cls.make_key(username, password, 1).encode('hex') +
password).hexdigest()
else:
return pbkdf2.pbkdf2_hex(
cls.make_key(username, password, iterations), password, 1, 32,
hashlib.sha256)
def _hash_pass(password):
if not isinstance(password, bytes):
password = password.encode('utf8')
if HAVE_HASHLIB_PBKDF2:
hash = hashlib.pbkdf2_hmac('sha1', password, app.config['SALT'],
1000, 24)
return binascii.hexlify(hash).decode('ascii')
else:
return pbkdf2.pbkdf2_hex(password, app.config['SALT'])
def make_hash(cls, username, password, iterations=1):
if iterations == 1:
return hashlib.sha256(cls.make_key(username, password, 1).encode('hex') + password).hexdigest()
else:
return pbkdf2.pbkdf2_hex(
cls.make_key(username, password, iterations),
password,
1,
32,
hashlib.sha256)
def __init__(self, raw):
# This should select the strongest algorithm available.
self.algorithm = hashlib.algorithms[-1]
hashfunc = getattr(hashlib, self.algorithm)
self.salt = os.urandom(16).encode('hex')
self.cost = 1000
self.hash = pbkdf2.pbkdf2_hex(raw,
self.salt,
hashfunc=hashfunc,
iterations=self.cost)
def generate_pbkdf2_hash():
pwd = generate_password()
start_time = time.clock()
salt = urandom(16)
sha_hash = pbkdf2_hex(pwd, salt, iterations=10000, hashfunc=hashlib.sha256)
time_taken = time.clock() - start_time
return render_template('index.html',
hash_type="PBKDF2-SHA256",
password=pwd,
hash=sha_hash,
duration=time_taken)
def decrypt(self, to_decrypt):
"""
Decrypts the given string using AES in CBC mode using zero padding.
Arguments:
- `to_decrypt`: The string being decrypted.
"""
gen_key = pbkdf2.pbkdf2_hex(self.password, self.salt, 1024, 16)
obj = AES.new(self.key, AES.MODE_CBC,IV = self.iv)
return obj.decrypt(to_decrypt).rstrip(chr(0))
def make_password(self, password, salt=None, iterations=None):
if not salt:
salt = self.generate_salt()
if not iterations:
iterations = self.iterations
hash_val = pbkdf2_hex(password,
salt,
iterations,
hashfunc=self.hashfunc,
keylen=self.keylen)
return '%s$%s$%s$%s' % ('pbkdf2_sha256', iterations, salt, hash_val)
def get_mic(Passphrase, SSID, AP_MAC, STA_MAC, ANonce, SNonce, DATA):
A = "Pairwise key expansion\0"
B = min(AP_MAC.decode('hex'), STA_MAC.decode('hex')) + max(AP_MAC.decode('hex'), STA_MAC.decode('hex')) + min(ANonce.decode('hex'), SNonce.decode('hex')) + max(ANonce.decode('hex'), SNonce.decode('hex'))
psk = pbkdf2.pbkdf2_hex(Passphrase, SSID, 4096, 256)[:64] #只取64字节数据
pmk = psk.decode('hex') #转换为字符串,变成32字节数据,也就是256bits
ptk = prf512.prf512(pmk, A, B)
mic_key = ptk[0:16]
# 注意参数,都是字符串,不是十六进制
mic = hmac.new(mic_key, DATA.decode('hex'), hashlib.sha1).hexdigest()[0:32] #只取前32位
return mic
def hashify(pwd, salt=COMMON_SALT):
"""
Implements password hasshing according to:
- https://issues.apache.org/jira/browse/COUCHDB-1060
- https://issues.apache.org/jira/secure/attachment/12492631/0001-Integrate-PBKDF2.patch
This test uses 'candeira:candeira'
>>> hashify(candeira)
-pbkdf2-99eb34d97cdaa581e6ba7b5386e112c265c5c670,d1d2d4d8909c82c81b6c8184429a0739,10
"""
iterations = 10
keylen = 20
derived_key = pbkdf2_hex(pwd, salt, iterations, keylen)
return "-pbkdf2-%s,%s,%s" % (derived_key, salt, iterations)
def encrypt(to_encrypt):
# TODO: Add initialization vector.
hard_key = '768EE18AB6480D53CC8FFCD23D117D57'
gen_key = pbkdf2.pbkdf2_hex('password', 'salt', 1024, 16)
print gen_key
obj = AES.new(gen_key, AES.MODE_CBC,IV = 'C111510372A7A003')
BLOCK_SIZE = 16
PADDING = ' '
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
to_encrypt = pad(to_encrypt)
cipher = obj.encrypt(to_encrypt)
return cipher
def hashify(pwd, salt=COMMON_SALT):
"""
Implements password hasshing according to:
- https://issues.apache.org/jira/browse/COUCHDB-1060
- https://issues.apache.org/jira/secure/attachment/12492631/0001-Integrate-PBKDF2.patch
This test uses 'candeira:candeira'
>>> hashify(candeira)
-pbkdf2-99eb34d97cdaa581e6ba7b5386e112c265c5c670,d1d2d4d8909c82c81b6c8184429a0739,10
"""
iterations = 10
keylen = 20
derived_key = pbkdf2_hex(pwd, salt, iterations, keylen)
return "-pbkdf2-%s,%s,%s" % (derived_key, salt, iterations)
def hash_password(plaintext, scheme = "pbkdf2"):
"""
Returns a one-way hash of a password string.
plaintext: The password to hash
scheme: md5, md5java, pbkdf2 or plain (no hash)
"""
if scheme is None or scheme == "" or scheme == "plain":
return "plain:%s" % plaintext
elif scheme == "pbkdf2":
PBKDF2_ITERATIONS = 10000
PBKDF2_ALGORITHM = "sha1"
salt = base64.b64encode(os.urandom(16))
h = pbkdf2.pbkdf2_hex(plaintext, salt, iterations=PBKDF2_ITERATIONS, hashfunc=getattr(hashlib, PBKDF2_ALGORITHM))
return "pbkdf2:%s:%s:%d:%s" % (PBKDF2_ALGORITHM, salt, PBKDF2_ITERATIONS, h)
elif scheme == "md5" or scheme == "md5java":
h = hashlib.md5(plaintext).hexdigest()
if scheme == "md5java" and h.startswith("0"): h = h[1:]
return "%s:%s" % (scheme, h)
def main():
passPhrase = "LINUXZSJ"
ssid = "TP-LINK_4F6C90"
A = "Pairwise key expansion\0"
APmac = "20dce64f6c90".decode('hex')
Clientmac = "e0b9a51fe794".decode('hex')
ANonce = "3320ced2535ed697d52c272aeea799d4d188a4603142f37a240f8064d7cdf58f".decode('hex')
SNonce = "93b0f1cd466efd5f6eb146ffbad9c9c86a74a961539dd3ef3b47f50da5298266".decode('hex')
B = min(APmac, Clientmac) + max(APmac, Clientmac) + min(ANonce, SNonce) + max(ANonce, SNonce)
psk = pbkdf2.pbkdf2_hex(passPhrase, ssid, 4096, 256)[:64] #只取64字节数据
pmk = psk.decode('hex') #转换为字符串,变成32字节数据,也就是256bits
ptk = prf512.prf512(pmk, A, B)
#从wireshark取数据时,要把MIC置0,16个字节
data = '02030077fe01c9002000000000000000023320ced2535ed697d52c272aeea799d4d188a4603142f37a240f8064d7cdf58f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018dd160050f20101000050f20201000050f20201000050f202'
# ce52ff9185830f6bf2f50e1d59d564b4
print get_mic(data.decode('hex'), ptk)
def hash_password(plaintext, scheme = "pbkdf2"):
"""
Returns a one-way hash of a password string.
plaintext: The password to hash
scheme: md5, md5java, pbkdf2 or plain (no hash)
"""
if scheme is None or scheme == "" or scheme == "plain":
return "plain:%s" % plaintext
elif scheme == "pbkdf2":
PBKDF2_ITERATIONS = 10000
PBKDF2_ALGORITHM = "sha1"
salt = base64.b64encode(os.urandom(16))
h = pbkdf2.pbkdf2_hex(plaintext, salt, iterations=PBKDF2_ITERATIONS, hashfunc=getattr(hashlib, PBKDF2_ALGORITHM))
return "pbkdf2:%s:%s:%d:%s" % (PBKDF2_ALGORITHM, salt, PBKDF2_ITERATIONS, h)
elif scheme == "md5" or scheme == "md5java":
h = hashlib.md5(plaintext).hexdigest()
if scheme == "md5java" and h.startswith("0"): h = h[1:]
return "%s:%s" % (scheme, h)
def __init__(self, password, sock, sockthr):
"""
Arguments:
- `password`: The password typed in from the device.
- `salt`: The salt received from the device.
- `iv`: The IV received from the device.
"""
self.password = password
self.sock = sock
self.salt = base64.b64decode(self.receive())
self.iv = base64.b64decode(self.receive())
self.key = pbkdf2.pbkdf2_hex(self.password, self.salt, 1024, 16)
self.send(self.encrypt("Doge!!"))
sockthr.set_crypt(self)
sockthr.start()
def encrypt(self, to_encrypt):
"""
Encrypts the given string using AES in CBC mode using zero padding.
Arguments:
- `to_enrypt`: The string being decrypted.
"""
gen_key = pbkdf2.pbkdf2_hex(self.password, self.salt, 1024, 16)
obj = AES.new(self.key, AES.MODE_CBC,IV = self.iv)
BLOCK_SIZE = 16
PADDING = ' '
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
to_encrypt = pad(to_encrypt)
cipher = obj.encrypt(to_encrypt)
return cipher
def verify_password(plaintext, passwordhash):
"""
Verifies whether or not password "plaintext" hashes to the same
value as passwordhash.
Hash scheme is auto detected from passwordhash itself.
"""
if passwordhash.startswith("pbkdf2:"):
scheme, algorithm, salt, iterations, phash = passwordhash.split(":")
return pbkdf2.pbkdf2_hex(plaintext, salt, iterations=int(iterations), hashfunc=getattr(hashlib, algorithm)) == phash
elif passwordhash.startswith("plain:"):
return plaintext == passwordhash[passwordhash.find(":")+1:]
elif passwordhash.startswith("md5:"):
return hash_password(plaintext, "md5") == passwordhash
elif passwordhash.startswith("md5java:"):
return hash_password(plaintext, "md5java") == passwordhash
else:
# Fall back to assuming historic undecorated md5
md5py = hashlib.md5(plaintext).hexdigest()
md5java = md5py
if md5java.startswith("0"): md5java = md5java[1:]
return passwordhash == md5py or passwordhash == md5java
def verify_password(plaintext, passwordhash):
"""
Verifies whether or not password "plaintext" hashes to the same
value as passwordhash.
Hash scheme is auto detected from passwordhash itself.
"""
if passwordhash.startswith("pbkdf2:"):
scheme, algorithm, salt, iterations, phash = passwordhash.split(":")
return pbkdf2.pbkdf2_hex(plaintext, salt, iterations=int(iterations), hashfunc=getattr(hashlib, algorithm)) == phash
elif passwordhash.startswith("plain:"):
return plaintext == passwordhash[passwordhash.find(":")+1:]
elif passwordhash.startswith("md5:"):
return hash_password(plaintext, "md5") == passwordhash
elif passwordhash.startswith("md5java:"):
return hash_password(plaintext, "md5java") == passwordhash
else:
# Fall back to assuming historic undecorated md5
md5py = hashlib.md5(plaintext).hexdigest()
md5java = md5py
if md5java.startswith("0"): md5java = md5java[1:]
return passwordhash == md5py or passwordhash == md5java
def encrypt_file(password, in_filename, out_filename=None, chunksize=64*1024):
if not out_filename: out_filename = in_filename + '.enc'
psalt = random_salt()
key = pbkdf2_hex(password, psalt, PBKDF2_ITERATIONS, PBKDF2_KEYLENGTH)
iv = random_salt()
encryptor = AES.new(key, AES.MODE_CBC, iv)
filesize = os.path.getsize(in_filename)
with open(in_filename, 'rb') as infile:
with open(out_filename, 'wb') as outfile:
outfile.write(SIGNATURE)
outfile.write(struct.pack('<Q', filesize))
outfile.write(psalt)
outfile.write(iv)
while True:
chunk = infile.read(chunksize)
if len(chunk) == 0:
break
elif len(chunk) % 16 != 0:
chunk += ' ' * (16 - len(chunk) % 16)
outfile.write(encryptor.encrypt(chunk))
def default_hasher (data): return pbkdf2_hex (data, '', iterations=50000, keylen=32, hashfunc=hashlib.sha256)
def hash_password(password, salt):
from pbkdf2 import pbkdf2_hex
return pbkdf2_hex(password, salt, config.PBKDF2Iterations)
def set_password(self, password):
salt = os.urandom(16)
hashed = pbkdf2_hex(str(password), salt)
self.password = hexlify(salt) + '$' + hashed
def _GeneratePBKDF2(self, salt):
"""Compute WPA2 key from a passphrase."""
if self.passphrase is None:
return None
b = bytearray(self.passphrase, encoding='ascii', errors='ignore')
return pbkdf2.pbkdf2_hex(b, salt=salt, iterations=4096, keylen=32)
def decrypt(to_decrypt):
# TODO: Add initialization vector.
hard_key = '768EE18AB6480D53CC8FFCD23D117D57'
gen_key = pbkdf2.pbkdf2_hex('password', 'salt', 1024, 16)
obj = AES.new(gen_key, AES.MODE_CBC,IV = 'C111510372A7A003')
return obj.decrypt(to_decrypt)
def calculate_key(password, salt, iterations=50000):
return pbkdf2_hex(password,
salt,
iterations,
keylen=128,
hashfunc=hashlib.sha512)
def hash_pwd(pwd_text):
salt = "AF6FD01D57DD3DD71EAAAE2C225B1AD740FAADD575B6D68D6A3507D4DC8D9AD8"
return pbkdf2.pbkdf2_hex(pwd_text.encode('utf-8'), salt)
def _hash_pass(password):
if isinstance(password, unicode):
password = password.encode('utf8')
return pbkdf2.pbkdf2_hex(password, app.config['SALT'])
def _GeneratePBKDF2(self, salt):
"""Compute WPA2 key from a passphrase."""
if self.passphrase is None:
return None
return pbkdf2.pbkdf2_hex(self.passphrase, salt=salt,
iterations=4096, keylen=32)
with open(inputfile, 'rb') as f:
content = f.read()
print(binascii.hexlify(content))
print ' '
print "####### Hash ... "
# Sha512
hashd = hashlib.sha512(content).hexdigest()
print hashd
# Split hash in Two...
pw,salt = splitStringInTwo(hashd)
# PBKDF2 the hash
pbkdfOut = pbkdf2_hex(pw,salt,keylen=len(content))
print ' '
print "####### pbkdfOut ... "
print pbkdfOut
# ... Split the output
key,iv = splitStringInTwo(pbkdfOut)
# Setup cipher with key = first half[:32] of pbkdf2, and IV = second part[:16]
cipher = AES.new(key[:32], AES.MODE_CBC, iv[:16])
# Encrypt
outCipher = cipher.encrypt(content).encode('hex')
print ' '
def hash_password(password, salt):
from pbkdf2 import pbkdf2_hex
return pbkdf2_hex(password, salt, config.PBKDF2Iterations)
def PYoldPbkdf2(data): salt = window.Parley.currentUser.attributes.email + '10620cd1fe3b07d0a0c067934c1496593e75994a26d6441b835635d98fda90db' return pbkdf2.pbkdf2_hex(data, salt.lower(), 2048, 32)
def _check(self, data, salt, iterations, keylen, expected):
rv = pbkdf2_hex(data, salt, iterations, keylen)
self.assertEqual(rv, expected)
def encrypt_password(plaintext, salt, rounds=5000):
plaintext = plaintext.encode('utf-8')
hex = pbkdf2_hex(plaintext, salt, rounds)
return '{0}:{1}'.format(rounds, hex)
