def login(userfield, passfield, controller):
global loginid, loginpass, loginSuccess, counter
counter = 0
loginSuccess = False
# loginid=input("Enter username: "******"Enter password: "******"Error", "Empty fields cannot be accepted!")
else:
apps = list(db.collection(loginid).stream())
if len(apps) != 0:
print(
str(
security.decrypt(apps[0].to_dict()['username'],
loginpass)[2:-1]))
if str(security.decrypt(apps[0].to_dict()['username'],
loginpass))[2:-1] == loginid and str(
security.decrypt(
apps[0].to_dict()['password'],
loginpass))[2:-1] == loginpass:
loginSuccess = True
controller.show_frame("Choice")
messagebox.showinfo("Success", "Login Successful")
else:
messagebox.showinfo("Error", "Invalid Credentials")
else:
messagebox.showinfo("Error", "User Does Not Exist")
def test_encrypt_decrypt():
key = security.hashKey(pow(A, b, p))
encmsg = base64.b64encode(security.encrypt(key, "{key: value}"))
assert security.decrypt(key, encmsg) == "{key: value}"
encmsg = base64.b64encode(security.encrypt(key, ""))
assert security.decrypt(key, encmsg) == ""
def process_data(self, message: str) -> bool:
"""
Processes a DATA message from the client
This message should contain a chunk of the file
:param message: The message to process
:return: Boolean indicating the success of the operation
"""
logger.debug("Process Data: {}".format(message))
if self.state == STATE_OPEN:
self.state = STATE_DATA
# First Packet
elif self.state == STATE_DATA:
data = security.decrypt_message(message, self.sym_key,
self.rsa_private_key)
message = data.get('message', None).replace("'", "\"")
message = json.loads(message)
data = message.get('data', None)
else:
logger.warning("Invalid state. Discarding")
return False
try:
if data is None:
logger.debug("Invalid message. No data found")
return False
iv = base64.b64decode(message['iv'])
bdata = base64.b64decode(message['data'])
#get decryptor to decrypt the encrypted data
iv, key, decryptor = security.decryptor(key=self.shared_key, iv=iv)
bdata = security.decrypt(self.decryptor,
bdata,
hashing=self.cript['digest'])
bdata = security.decrypt(decryptor,
bdata,
hashing=self.cript['digest'])
except:
logger.exception(
"Could not decode base64 content from message.data")
return False
try:
self.file.write(bdata)
self.file.flush()
except:
logger.exception("Could not write to file")
return False
return True
def display(frame, lbx):
global loginid, loginpass, counter, boxCreated
print(loginid)
apps = list(db.collection(loginid).stream())
print(len(apps))
print(boxCreated)
if boxCreated == True:
# lbx.listNodes.delete(0,'end')
lbx.delete(0, END)
lbx.pack_forget()
# lbx = Listbox(frame, width=50, height=15)
if len(apps) != 0:
print(loginid, loginpass)
# if apps[0].to_dict()['username']==loginid and apps[0].to_dict()['password']==loginpass:
for app in apps:
if app.id != '0':
lbx.insert(
counter,
"--------------------------------------------------------------------------------------------------"
)
counter += 1
lbx.insert(counter, "#" + app.id)
counter += 1
lbx.insert(
counter,
" "
)
counter += 1
lbx.insert(
counter, "Username: "******"Password : "******"--------------------------------------------------------------------------------------------------"
)
counter += 1
# print(app.id)
# print("\t", str(security.decrypt(app.to_dict()['username'], loginpass))[2:-1], " ", str(security.decrypt(app.to_dict()['password'], loginpass))[2:-1])
lbx.pack(side=LEFT)
frame.pack(side=LEFT)
boxCreated = True
def change_note(login: str, password: str) -> bool:
os.chdir('..')
list_error = ["\\", "/", ":", "*", "?", "\"", "|", "<", ">"]
flag = True
files = os.listdir(login)
files.remove("maininf.conf")
files.remove("encodeinf.conf")
os.chdir(login)
kappa = []
kappa.append("maininf.conf")
kappa.append("encodeinf.conf")
path = os.getcwd()
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
if len(files) == 0:
print("Список заметок пуст")
return False
else:
print("Ваш список заметок")
print(files)
while flag:
try:
nissan = input("Выберите заметку,которую хотите изменить:")
for ch in nissan:
if list_error.count(ch) != 0:
print("Неправильные символы в файле")
if nissan in kappa:
print("Это конфигурационный файл,а не заметка")
if nissan in files:
master_key = security.master_key(password)
encode_key = security.decrypt(encode_key, master_key)
with open(nissan, 'rb') as changing_note:
text = changing_note.read()
text = security.decrypt(text, encode_key)
text_dec = text.decode()
with open(nissan, 'w') as decrypted_note:
decrypted_note.write(text_dec)
os.chmod(path, stat.S_IXOTH)
path_kek = os.path.join(path, nissan)
os.system(path_kek)
with open(nissan, 'r') as crypting_note:
c_text = crypting_note.read()
with open(nissan, 'wb') as bytes_note:
cr_text = security.encrypt(c_text.encode(), encode_key)
bytes_note.write(cr_text)
return True
except FileNotFoundError:
print("Такой заметки нет")
return False
def decrypt():
if request.method == 'POST':
if request.values['send'] == 'DECRYPT':
ciphertext = request.values['CipherText']
pvk = request.values['PrivateKey'].encode()
plain = sec.decrypt(ciphertext, pvk)
return render_template('decrypt.html',
name=request.values['send'],
Contents=plain.decode())
elif request.values['send'] == 'Authenticate':
sender = request.values['sender']
mac = int(request.values['mac'])
with open('member.json', 'r') as file:
users = json.load(file)
pbk = users[sender]["PublicKey"].encode()
number = sec.signature(mac, pbk)
if number == int(users[sender]["MAC"]):
IdentityMsg = "Identity Authentication Success !"
else:
IdentityMsg = "Identity Authentication Failed !"
return render_template('decrypt.html',
name=request.values['send'],
Contents=request.values['CipherText'],
IdentityMsg=IdentityMsg)
return render_template('decrypt.html', name="")
def auth_ldap():
ldap_params = ldapauth.LDAPParameters(
url=request.headers['X-Ldap-URL'],
bind_dn=request.headers['X-Ldap-BindDN'],
bind_passwd=request.headers['X-Ldap-BindPass'],
base_dn=request.headers['X-Ldap-BaseDN'],
search_filter=request.headers['X-Ldap-SearchFilter'],
# disable_referrals=request.headers['X-Ldap-DisableReferrals'],
# starttls=request.headers['X-Ldap-Starttls'],
# realm=request.headers['X-Ldap-Realm']
)
auth_cookie_name = request.headers['X-AuthCookieName']
auth_cookie = request.cookies[auth_cookie_name]
if not auth_cookie:
raise RuntimeError('user not is authenticated')
seal_encrypted_decode_b64 = base64.b64decode(auth_cookie)
seal_decrypted_encode_b64 = security.decrypt(
seal_encrypted_decode_b64.decode('utf-8'))
user, password = security.unseal_auth_b64(seal_decrypted_encode_b64)
auth_handler = ldapauth.LDAPAuthHandler(ldap_params)
auth_handler.check_credentials(user, password)
response = make_response()
response.status_code = 200
return response
def change_key(login: str, master_key: bytes) -> None:
try:
checker1 = db.info(login)
if checker1 is None:
raise Error(
"Error in main.change_key(): A user with this login " +
"is not registered")
except db.db_Error as e:
raise Error(str(e))
info: Tuple[str, bytes, str, bytes, bytes] = checker1
encrypted_data: Dict[str, bytes] = {"ciphertext": info[3], "iv": info[4]}
try:
checker2: bytes = security.decrypt(encrypted_data, master_key)
except security.security_Error as e:
raise Error(str(e))
old_key: object = checker2
key: bytes = security.gen_key()
try:
checker4 = security.encrypt_new(key, master_key)
except security.security_Error as e:
raise Error(str(e))
enc_key: bytes = checker4["ciphertext"]
iv: bytes = checker4["iv"]
try:
checker6 = db.update(login=login, enc_key=enc_key, iv=iv)
except db.db_Error as e:
raise Error(str(e))
print("The key change was successful")
return None
def change_pass(login: str, old_master_key: bytes) -> None:
try:
checker1 = db.info(login)
if checker1 is None:
raise Error(
"Error in main.change_pass(): A user with this login " +
"is not registered")
except db.db_Error as e:
raise Error(str(e))
info: Tuple[str, bytes, str, bytes, bytes] = checker1
password: str = input("Enter your new password: "******"Error in main.change_pass(): Invalid password")
error_list: List[str] = list()
for elem in password:
if elem not in _ALLOWED_CHARACTERS:
error_list.append(elem)
if len(error_list) != 0:
raise Error(
f"Error in main.change_pass(): '{''.join(error_list)}' " +
"is not allowed")
password_bytes: bytes = password.encode(encoding="utf-8")
encrypted_data: Dict[str, bytes] = {"ciphertext": info[3], "iv": info[4]}
try:
checker2: bytes = security.decrypt(encrypted_data, old_master_key)
except security.security_Error as e:
raise Error(str(e))
key: bytes = checker2
try:
checker3 = security.gen_master_key(password_bytes)
except security.security_Error as e:
raise Error(str(e))
master_key_new: bytes = checker3
try:
checker4 = security.encrypt(key, master_key_new, info[4])
except security.security_Error as e:
raise Error(str(e))
enc_key = checker4["ciphertext"]
try:
checker5 = security.hash(password_bytes)
except security.security_Error as e:
raise Error(str(e))
password_bytes_hash: bytes = checker5
try:
checker6 = db.update(
login=login, hash=password_bytes_hash, enc_key=enc_key)
except db.db_Error as e:
raise Error(str(e))
print("Password change was successful")
return None
def readDatabase(self, filepath):
print "Reading database..."
passwd = raw_input("Enter master password : "******"Read {} entries.".format(len(self.entries))
return True
def read_note(login: str, password: str) -> bool:
os.chdir('..')
list_error = ["\\", "/", ":", "*", "?", "\"", "|", "<", ">"]
flag = True
files = os.listdir(login)
files.remove("maininf.conf")
files.remove("encodeinf.conf")
os.chdir(login)
kappa = []
kappa.append("maininf.conf")
kappa.append("encodeinf.conf")
if len(files) == 0:
print("Список заметок пуст")
return False
print("Ваш список заметок")
print(files)
while flag:
try:
command = input("Выберите заметку которую хотите прочитать:")
for ch in command:
if list_error.count(ch) != 0:
print("Неправильные символы в файле")
if command in kappa:
print("Это конфигурационный файл,а не заметка")
if command in files:
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
master_key = security.master_key(password)
with open(command, 'rb') as changing_note:
encode_key = security.decrypt(encode_key, master_key)
text = changing_note.read()
text = security.decrypt(text, encode_key)
text_d = text.decode()
print(text_d)
return True
except FileNotFoundError:
print("Такой заметки нет")
return False
def process_challenge(self, message) -> bool:
"""
Returns true if the attemp sent by the
client corresponds to the solution expected
"""
nonce = message['nonce']
solution = message['solution'].encode('iso-8859-1')
solution = security.decrypt(self.private_key, solution)[0]
if security.verifyPasswordChallenge(self.password, self.challenge,
nonce, solution) != True:
return False
message = {'type': 'OK'}
self._send(message)
return True
def _decrypt_text(login: str, master_key: bytes, ct: bytes) -> str:
if not isinstance(login, str) or not isinstance(master_key, bytes) \
or not isinstance(ct, bytes):
raise notes_Error("Error in notes._decrypt_text(): Invalid input type")
try:
checker1: Union[Tuple[str, bytes, str, bytes, bytes],
None] = db.info(login)
if checker1 is None:
raise notes_Error(f"Error in notes._encrypt_text(): \
User with login {login} not found")
except db.db_Error as e:
raise notes_Error(str(e))
info: Tuple[str, bytes, str, bytes, bytes] = checker1
encrypted_data: Dict[str, bytes] = {"ciphertext": info[3], "iv": info[4]}
try:
checker2 = security.decrypt(encrypted_data, master_key)
except security.security_Error as e:
raise notes_Error(str(e))
key: bytes = checker2
encrypted_text = {"ciphertext": ct, "iv": info[4]}
try:
checker3 = security.decrypt(encrypted_text, key)
except security.security_Error as e:
raise notes_Error(str(e))
text: bytes = checker3
result = text.decode(encoding="utf-8")
if not isinstance(result, str):
raise notes_Error(
"Error in notes._decrypt_text(): Invalid output type")
return result
def process_otp_authentication(self, message) -> bool:
"""
Returns true if the attemp sent by the
client corresponds to the solution expected
"""
solution = message['solution'].encode('iso-8859-1')
solution = security.decrypt(self.private_key, solution)[0]
if solution == security.otp(index=self.index,
root=self.raiz,
password=self.password) != True:
return False
message = {'type': 'OK'}
#generate new random index for next authentication
self.index = random.randint(3, 9)
self._send(message)
return True
def test_encrypted_flow():
user = '******'
passwd = 'neto'
seal_source = security.seal_auth_b64(user, passwd)
seal_encrypted = security.encrypt(seal_source)
seal_encrypted_encode_b64 = base64.b64encode(seal_encrypted.encode())
seal_encrypted_decode_b64 = base64.b64decode(seal_encrypted_encode_b64)
seal_decrypted = security.decrypt(seal_encrypted_decode_b64)
user_post_processed, passwd_post_processed = security.unseal_auth_b64(
seal_decrypted)
assert user == user_post_processed
assert passwd == passwd_post_processed
def _login(cur, user, pword):
cur.execute("""
SELECT password FROM users WHERE username=%s
""", (user, ))
try:
p = cur.fetchone()[0]
except:
return None, "user"
if decrypt(p) == pword:
token = session_token()
cur.execute(
"""
UPDATE users SET token=%s WHERE username=%s
""", (token, user))
return token, ""
else:
return None, "password"
def receive_message(client_socket, ack=1):
message_header = client_socket.recv(HEADER_LENGTH)
# print('header - ', message_header)
if not len(message_header):
# client closed the connection
return False
message_length = int(message_header.decode('utf-8').strip())
d1 = client_socket.recv(message_length)
try:
d2 = decrypt(d1)
msg = message_format(message_header, d2)
if ack:
# send an acknowlegement
# print('send ack')
sendACK(client_socket)
return msg
# return {"header": message_header, "data": d2}
except ValueError as e:
print('Unauthorized user tried to access')
return False
def process_client_asym_key_authentication(self, message) -> bool:
"""
Client receives an auth request
Using its private asym key decrypts the nonce
Generates the hash with decrypted nonce and compares with digest sent
"""
client_digest = message['digest'].encode('iso-8859-1')
enc_nonce = message['nonce'].encode('iso-8859-1')
nonce = security.decrypt(self.rsa_private_key, enc_nonce)[0]
digest = security.hash(nonce)
if client_digest != digest:
return False
self.send_assymetric_key_authentication()
return True
def create_note(login: str, password: str) -> bool:
os.chdir('..')
files = os.listdir(login)
os.chdir(login)
for i in range(3):
try:
try:
name, check = pathcheck('txt')
if check is False:
return False
if ' ' in name:
i += 1
elif len(name) < 1:
i += 1
elif len(name) > 100:
i += 1
if name in files:
i += 1
else:
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
master_key = security.master_key(password)
encode_key = security.decrypt(encode_key, master_key)
karapa = ''
space = karapa.encode(encoding='utf-8')
space = security.encrypt(space, encode_key)
new_zap = open(name, 'wb')
new_zap.write(space)
new_zap.close()
return True
if i == 3:
return False
except FileExistsError:
print("Такая заметка уже существует")
except BaseException:
print("Проблемы с заметкой")
return False
def change_password() -> bool:
os.chdir('TheFourth')
files = os.listdir('notes')
for j in range(3):
try:
change_login = input("Введите логин аккаунта который изменяете:")
if change_login in files:
break
else:
j += 1
if j == 3:
os.chdir('..')
return False
except FileNotFoundError:
print("Не найдено такого аккаунта")
os.chdir('notes')
os.chdir(change_login)
with open("maininf.conf", 'r', encoding='utf-8') as change_file:
method = change_file.readline().rstrip().split(' ')
for i in range(3):
try:
change_pass = input("Введите пароль для данного аккаунта:")
if security.check_password(method[1], change_pass) is True:
check = True
break
else:
i += 1
if i == 3:
os.chdir('..')
os.chdir('..')
os.chdir('..')
return False
except BaseException:
print("Проблемы с паролем")
if check is True:
for i in range(3):
try:
new_pass = input("Введите ваш новый пароль(без пробелов):")
if ' ' in new_pass:
i += 1
elif len(new_pass) < 1:
i += 1
elif len(new_pass) > 30:
i += 1
else:
choise = True
break
if i == 3:
os.chdir('..')
os.chdir('..')
os.chdir('..')
return False
except BaseException:
print("Проблемы с паролем")
if choise is True:
with open('encodeinf.conf', 'rb') as encode_file:
encode_key = encode_file.read()
master_key = security.master_key(change_pass)
new_master_key = security.master_key(new_pass)
new_encode_key = security.decrypt(encode_key, master_key)
new_encode_key = security.encrypt(new_encode_key, new_master_key)
mainf = open("maininf.conf", 'w')
mainf.write(change_login + ' ' + security.hash_password(new_pass))
mainf.close()
encodefile = open("encodeinf.conf", 'wb')
encodefile.write(new_encode_key)
encodefile.close()
os.chdir('..')
os.chdir('..')
os.chdir('..')
return True
return False
first_match = service_matches[0]
port = first_match["port"]
name = first_match["name"]
host = first_match["host"]
print "找到蓝牙服务", first_match
# 创建客户端 Socket
socket = BluetoothSocket(RFCOMM)
socket.connect((host, port))
my_public_key = security.get_public_key()
socket.send(my_public_key)
server_public_key = socket.recv(1024)
# 收发数据
while True:
q = raw_input("我:")
if q == "exit":
break
elif q:
# 向客户端发送内容
socket.send(security.encrypt(q, server_public_key))
# 获取客户发送的内容
print "对方:", security.decrypt(socket.recv(1024))
# 关闭连接
socket.close()
import os
import socket
import security as sec
port = 8888
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
def cls():
os.system('cls' if os.name == 'nt' else 'clear')
print("===== Socket Chat Client by kde713 =====")
s.connect((input("Input Host Address: "), port))
key = input("Type Security-Key (Server Set): ")
cls()
print("===== Socket Chat Client by kde713 =====")
print()
while 1:
msg = input(">> ")
s.send(sec.encrypt(key, msg).encode('utf-8'))
reply = s.recv(1024)
if not reply:
break
print("Server says '", sec.decrypt(key, reply.decode('utf-8')), "'")
print("(!) Connection Lost")
s.close()
def main():
global tcp_s
server_addr = ("xcoa.av.it.pt", 8080)
tcp_s = net.tcpConnect(server_addr)
values = security.DHInitialValues()
initial_value = str(values).strip('()').replace(
" ", "") # transformar (A, p, g) para string válida "A,p,g"
# Tentar efetuar a troca de parametros inicial
# Se a resposta do servidor estiver corrompida durante esta fase inicial então não será possivel continuar a comunicação,
# Visto que o servidor estará à espera da mensagem READ encriptada mas o cliente não saberá calcular a chave do AES devido a ter recebido o parametro B de forma corrompida
try:
token, B = initialExchange(initial_value)
secret = security.DHGetSecret(values[1], B)
# Enviar "READ <token>" ao server
net.tcpSend(security.encrypt(secret, "READ " + str(token)), True)
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except:
handleFatalError()
wrote_header = False
started_receiving = False
# Receber e tratar das respostas do server indefinitivamente
while 1:
data = net.tcpRead()
if isValidJSON(data):
# Se for JSON válido então os dados enviados não foram encriptados. Logo, deve ser uma mensagem de erro
data = readJSON(data)
else:
# Se não for JSON válido então os dados devem estar encriptados, como se estava à espera
try:
data = readJSON(security.decrypt(secret, data))
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except:
print(
colors.warning(
"DECODE ERROR : A última mensagem do servidor estava corrompida."
))
# Se ainda não tinha sido recebida a mensagem {type : 'OK'}, executar a lógica de erro fatal
if not started_receiving:
handleFatalError()
else:
continue
if ("type" in data.keys()) and (data['type'] == "OK"):
# Foi recebida mensagem "{type : 'OK'}"
started_receiving = True
print(
colors.okgreen("Conexão ao servidor bem sucedida!\n") +
"Serão recolhidos novos valores a cada " +
colors.bold("10 segundos") + ".\nEstes serão registados em " +
colors.bold("data.csv"))
file = open("data.csv", "w+")
print("\n" + colors.bold(" Temperatura") + " | " +
colors.bold("Humidade") + " | " + colors.bold("Vento"))
print("-------------|------------|-----------")
elif hasError(data):
# Fazer print à mensagem de erro vinda do servidor
try:
print(colors.fail(data['type'] + ": " + data['content']))
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except ValueError:
print(
colors.warning(
"ERROR: A última mensagem do servidor era um erro mas pelo menos uma key estava corrompida."
))
else:
try:
temp = data['TEMPERATURE']
hum = data['HUMIDITY']
wind = data['WIND']
except KeyboardInterrupt:
tcp_s.close()
sys.exit(0)
except ValueError:
print(
colors.warning(
"ERROR: A última mensagem do servidor não continha os valores esperados."
))
continue
print(
(colors.okblue(" %8.5f ") + "|" +
colors.okblue(" %8.5f ") + "|" + colors.okblue(" %8.5f")) %
(temp, hum, wind))
getInfo(temp, hum, wind)
if not wrote_header:
fields = [key for key in data.keys()]
fields.insert(0, 'TIME')
fw = csv.DictWriter(file, fieldnames=fields)
fw.writeheader()
wrote_header = True
data.update({'TIME': datetime.now()})
fw.writerow(data)
file.flush() # escreve as alterações feitas no buffer
tcp_s.close()
service_id=uuid,
service_classes=[uuid, SERIAL_PORT_CLASS],
profiles=[SERIAL_PORT_PROFILE],
)
# 获取客户端连接
client, client_info = bluetooth_socket.accept()
print "客户连接:", client_info
my_public_key = security.get_public_key()
client.send(my_public_key)
client_public_key = client.recv(1024)
while True:
# 获取客户发送的内容
print "对方:", security.decrypt(client.recv(1024))
q = raw_input("我:")
if q == "exit":
break
elif q:
# 向客户端发送内容
client.send(security.encrypt(q, client_public_key))
# 关闭客户端连接
client.close()
# 关闭服务器连接。
bluetooth_socket.close()
#!/usr/bin/python
# -*- coding: utf-8 -*-
import socket
import security as sec
import makereply as mr
port = 8888
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', port))
s.listen(1)
print("## Host:", socket.gethostbyname(socket.getfqdn()))
key = input("Enter Security-Key: ")
print("Log) Socket Listen Started.")
connector, addr = s.accept()
while 1:
msg = connector.recv(1024)
if not msg:
break
print("Log) Message Received: ", msg.decode('utf-8'))
print("Log) Decrypted: ", sec.decrypt(key, msg.decode('utf-8')))
reply = mr.echo(sec.decrypt(key, msg.decode('utf-8')))
connector.send(sec.encrypt(key, reply).encode('utf-8'))
s.close()
