def encryption_oracle(input): plaintext = number.long_to_bytes(random.getrandbits(8 * random.randint(5, 10))) + input + number.long_to_bytes(random.getrandbits(8 * random.randint(5, 10))) plaintext = pkcs7_padding(plaintext, 16) if random.getrandbits(1): return ecb.encrypt(plaintext) else: return cbc.encrypt(plaintext)
def exportKey(): randkey = "%d" % random.getrandbits(128) KEY = MD5.new(randkey).hexdigest() IV = "%d" % random.getrandbits(128) ctr = Counter.new(128,initial_value=long(IV.encode("hex"),16)) COUNTER = long(IV.encode("hex"),16) return "{}:{}".format(KEY,COUNTER)
def post(self): number = self.request.get('number') try: number = float(number) except: self.response.out.write("You should enter an actual number.\n" "Any decimal number is acceptable.\n" '<a href="/">Return.</a>') return #Generate two random numbers, check if they're already there, #commit it into the datastore and give the guy links firstKey = random.getrandbits(63) secondKey = random.getrandbits(63) while FirstCompare.get_by_key_name(str(firstKey)): firstKey = random.getrandbits(63) while FirstCompare.all().filter('secondKey =', secondKey).count() > 0: secondKey = random.getrandbits(63) newFirstCompare = FirstCompare(key_name=str(firstKey), firstKey = firstKey, secondKey = secondKey, firstNum = number) newFirstCompare.put() newResult = Result(key_name = str(firstKey), firstKey = firstKey, secondKey = secondKey) newResult.put() #Rendering the html your_link = "/first?key=" + str(firstKey) their_link = "/second?key=" + str(secondKey) submitTemplate = jinja_environment.get_template('submit.html.part') self.response.out.write(submitTemplate.render({ "yourlink": your_link, "theirlink": their_link}))
def rand_padding(s): pre_padlen = random.randint(5, 10) post_padlen = random.randint(5, 10) prefix = random.getrandbits(8 * pre_padlen).to_bytes(pre_padlen, 'big') postfix = random.getrandbits(8 * post_padlen).to_bytes(post_padlen, 'big') return prefix + s + postfix
def AES_128_Encrypt(message): randkey = "%d" % random.getrandbits(128) KEY = MD5.new(randkey).hexdigest() IV = "%d" % random.getrandbits(128) ctr = Counter.new(128, initial_value=long(IV.encode("hex"), 16)) cipher = AES.new(KEY,AES.MODE_CTR,counter=ctr) ciphertext = cipher.encrypt(message) COUNTER = long(IV.encode("hex"),16) return [ciphertext, KEY,COUNTER]
def keygen(self): N = int(math.log(self.curve.n, 2)) - 1 c = random.getrandbits(N) while c > (self.curve.n - 2): c = random.getrandbits(N) privatekey = c + 1 publickey = privatekey*self.generator return (publickey, privatekey)
def populateFromBlockchain(inPk, mixin): #returns a ckKeyMatrix with your public input keys at "index" which is the second returned parameter. #the returned ctkeyMatrix will have number of columns = mixin rv = [None] * mixin index = rand.getrandbits(mixin - 1) blockchainsize = 10000 for j in range(0, mixin): if j != index: rv[j] = [getKeyFromBlockchain(rand.getrandbits(blockchainsize)) for i in range(0, len(inPk))] else: rv[j] = inPk return rv, index
def random_walk(P, Q, modulo, order, split): a = 1 b = 0 r = P for _ in range(split): yield r, (a, b) u = random.getrandbits(128) % order v = random.getrandbits(128) % order r = (r * power_mod(P, u, modulo)) * (power_mod(Q, v, modulo)) % modulo a = (a + u) % order b = (b + v) % order
def get(self): auth_response = self.request.headers.get("AUTHORIZATION", "none") data = self.getDigestCredentials(auth_response) data['method'] = self.request.method ok = None nonce = data.get("nonce") if nonce: dbnonce = memcache.get(key=nonce, namespace='nonce') if dbnonce: ok = self.getDigestResponse(data) memcache.delete(key=nonce, namespace='nonce') else: ok = False if ok: self.response.out.write('<html><body>Authorized.</body></html>') else: nonce = md5() nonce.update(str(random.getrandbits(64))) nonce = nonce.hexdigest() memcache.add(key=nonce, namespace='nonce', value='t', time=3600) if ok == False: stale = ' stale=TRUE' else: stale = '' self.response.status = 401 self.response.status_message = 'Unauthorized' self.response.headers.add('WWW-Authenticate', 'Digest realm="%s" nonce="%s"%s' % (Digest.REALM, nonce, stale)) self.response.out.write('<html><body>Unauthorized.</body></html>')
def create_key(self): """ Randomly generate an AES key to encrypt the file """ self.key = os.urandom(self.AES_key_size / 8) self.iv = random.getrandbits(self.AES_block_size) self.initialize_cipher()
def randomize(self, ntbk=1): # base key self.p = random.randint(2, _C['n']-1) # address mask, value maskshift, maskval = 0, 0 while (maskval == 0) or (_C['n'] < maskshift): mask, maskval, match = [], 0, 0 for i in range(_maskbits): while True: r = random.randint(0, _masksize-1) if r not in mask: break mask.append(r) bit = 1 << r maskval = maskval + bit match += bit * random.randint(0, 1) maskshift = match << (_C['bits'] - _masksize) self.addr['mask'] = maskval self.addr['mtgt'] = match # time zero, step size for rotating key(s) self.t0 = random.randint(0, int(time.time())) while True: r = random.randint(_tstarget-_tssigma, _tstarget+_tssigma) if (r > _tsmin) and (r < _tsmax): break self.ts = r # time-based-keys self.tbk = [] for i in range(ntbk): tbk = {} tbk['otp'] = random.getrandbits(_C['bits']) tbk['t'] = random.randint(2, _C['n']-1) self.tbk.append(tbk) self.calc_public_key() self.initialized = True
def gen_key(l): """Generate a SAMPLE_LENGTH-char key""" s = '' for i in range(l): b = getrandbits(8) s += chr(b) return s
def encryption_oracle(plaintext): plaintext = bytes(randrange(5, 11)) + plaintext + bytes(randrange(5, 11)) plaintext = pkcs7(plaintext, 16) key = bytes(getrandbits(8) for i in range(16)) if randrange(0,2) == 0: iv = bytes(getrandbits(8) for i in range(16)) cyphertext = encrypt_aes_cbc(plaintext, key, iv) #print("CBC") else: cypher = AES.new(key, AES.MODE_ECB) cyphertext = cypher.encrypt(plaintext) #print("ECB") return cyphertext
def __init__(self, data_dir=None, addr=_DEFAULT_ADDR): if not data_dir: data_dir = ".bitnet" data_path = "%s/%s" % (os.path.expanduser("~"), data_dir) try: os.makedirs(data_path) except OSError: pass id_key_path = "%s/id.pem" % data_path msg_key_path = "%s/msg.pem" % data_path self._client_data_path = "%s/client_data.json" % data_path # ID key try: id_key_data = open(id_key_path, "r").read() self.id_key = ecdsa.SigningKey.from_pem(id_key_data) except IOError: bits = cryptorandom.getrandbits(256) k = binascii.unhexlify(hex(bits)[2:].rstrip("L")) secret = ecdsa.util.string_to_number(k) self.id_key = ecdsa.SigningKey.from_secret_exponent( secret, curve=ecdsa.curves.SECP256k1) open(id_key_path, "w").write(self.id_key.to_pem()) # Messaging key try: msg_key_data = open(msg_key_path, "r").read() self.msg_key = RSA.importKey(msg_key_data) except IOError: # TODO(ortutay): use 4096 bits instead? self.msg_key = RSA.generate(2048, Random.new().read) msg_enc = self.msg_key.exportKey('PEM') open(msg_key_path, "w").write(msg_enc) self._listeners = {} self._next_listener_id = 1 self._seen_messages = set([]) try: self._data = json.loads(open(self._client_data_path, "r").read()) except: self._data = {} self.url = "http://%s/bitnetRPC" % addr ClaimTokens(self.url, "", self.PubKeyStr(), "", "claimfree") # Store messaging key on server, if not already there. # TODO(ortutay): If expiration behavior is implemented in the future, # this code will need to be updated. msgs = self.Get({ "from-pubkey": self.PubKeyStr(), "type": "bitnet.RSAPubKey", }) if not msgs: self.Send(None, { "from-pubkey": self.PubKeyStr(), "type": "bitnet.RSAPubKey", "body": self.MsgPubKeyStr(), })
def __init__(self): self.object_path = None self.server_public_key = None self.aes_key = None self.encrypted = True # 128-bytes-long strong random number self.my_private_key = getrandbits(0x400) self.my_public_key = pow(2, self.my_private_key, DH_PRIME_1024)
def __init__(self, users): self.users = users self.name = None self.state = "GETNAME" self.myhash = MD5.new() self.myhash.update(str(getrandbits(42))) self.challenge = self.myhash.hexdigest() self.user_pubkey = None
def get_random_key(byte_length=RANDOM_KEY_BYTE_LENGTH): """Return a hexadecimal random key with the byte length specified. :param byte_length: The length of the key, in bytes :type byte_length: int :rtype: str """ return hexlify(long_to_bytes(getrandbits(byte_length << 3)))
def getrandbytes(k): ''' get an ascii string of randbits ''' bits = getrandbits(k * 8) hex_bits = hex(bits)[2:].strip('L') if len(hex_bits) % 2 == 1: hex_bits = '0' + hex_bits return unhexlify(hex_bits)
def _intern(self,contents): base=str(time.time())+":"+str(getrandbits(128))+":" for n in range(10000): filename=hashlib.sha256(base+str(n)).hexdigest()[:self.fs_hash_length] split_path=self._check_and_create(filename,contents) if split_path: return split_path log_error('Failed to intern contents') return None
def create(self): network = "BTC" if not self.proxy.use_production: network = "XTN" entropy = "".join([chr(random.getrandbits(8)) for i in range(32)]) key = BIP32Node.from_master_secret(entropy, network) private = key.wallet_key(as_private=True).encode("utf-8") public = key.wallet_key(as_private=False).encode("utf-8") return {"xpub": public, "xprv": private}
def get(self): client_id = hex(random.getrandbits(128))[2:].rstrip('L') token = channel.create_channel(client_id, duration_minutes=60) result = { 'channel_id': client_id, 'token': token } self.response.headers['Content-Type'] = 'application/json' self.response.write(json.dumps(result))
def GenerateServerSeed(link,game): identity=link.identity() try: salt="kfn3kjg4nkngvekjvn3u4vgb:" + config.site_game_salt + ":" + game s=salt+":"+identity+":"+str(time.time())+":"+str(getrandbits(128)) seed=hashlib.sha256(s).hexdigest() SetServerSeed(link,game,seed) except Exception,e: log_error('Failed to generate %s server seed for %s: %s' % (game,identity,str(e))) raise
def login(self, password): if self.hash is None and self.salt is None: # Set new password self.salt = long_to_bytes(getrandbits(128)) self.hash = PBKDF2(password, self.salt) else: #actually check if self.hash != PBKDF2(password, self.salt): raise LoginError('password') session['user_id'] = self.id
def __startHandshake(self, passphrase): """ self.__rsa_key = RSA.generate(self.__rsa_keylength) self.__rsa_cipher = PKCS1_OAEP.new(self.__rsa_key) pem = self.__rsa_key.exportKey() self.sendMessage(pem) result, error = self.receiveMessageBlocking() if error != 0: return error self.__rsa_other_pubkey = RSA.importKey(result) self.__rsa_othercipher = PKCS1_OAEP.new(self.__rsa_other_pubkey) exp1 = random.getrandbits(256) msg_crypt = self.__rsa_othercipher.encrypt(str(exp1)) self.sendMessage(base64.b64encode(msg_crypt)) exp2 = None result, error = self.receiveMessageBlocking() if error != 0: return error msg = base64.b64decode(result) try: exp2 = long(self.__rsa_cipher.decrypt(msg)) except Exception as e: exit() self.__shared_key = buffer(self.__intToBytes(exp1 ^ exp2, 256 / 8)) return 0 """ key_exchange_cipher = AES.new(passphrase, AES.MODE_CTR, counter=Counter.new(128)) exp1 = random.getrandbits(256) msg_crypt = key_exchange_cipher.encrypt(str(exp1)) self.sendMessage(base64.b64encode(msg_crypt)) exp2 = None result, error = self.receiveMessageBlocking() if error == -1: return -3 #a -1 (disconnection) error indicates that the other party did not accept the key, so it is cast to -3 (bad key) elif error != 0: return error msg = base64.b64decode(result) try: exp2 = long(key_exchange_cipher.decrypt(msg)) except Exception as e: return -3 self.__shared_key = buffer(self.__intToBytes(exp1 ^ exp2, 256 / 8)) return 0
def get_random_byte_string(byte_length): """ Use this function to generate random byte string """ byte_list = [] i = 0 while i < byte_length: byte_list.append(chr(random.getrandbits(8))) i = i + 1 # Make into a string byte_string = ''.join(byte_list) return byte_string
def GetPaymentID(link, random=False): salt = "2u3g55bkwrui32fi3g4bGR$j5g4ugnujb-" + coinspecs.name + "-" if random: salt = salt + "-" + str(time.time()) + "-" + str(getrandbits(128)) p = hashlib.sha256(salt + link.identity()).hexdigest() try: redis_hset("paymentid", p, link.identity()) except Exception, e: log_error( 'GetPaymentID: failed to set payment ID for %s to redis: %s' % (link.identity(), str(e)))
def generate_recovery_key(): # hash a random 256-bit long integer rand_nbr = random.getrandbits(256) sha = SHA.new(str(rand_nbr)) # get the hex digest (40 alphanumeric characters) k = sha.hexdigest() # take the first 25 characters and upper case them k = k[:25].upper() # now insert hyphens for readability k = '%s-%s-%s-%s-%s' % (k[:5],k[5:10],k[10:15],k[15:20],k[20:]) return k
def ns_client(self): #print('NS_Client: Initating NS-SK protocol.') nonce_a = getrandbits(NONCE_SIZE) #Send M1 self.socket_a.sendto( b'm1' + pickle.dumps([('A', self.host_a, self.port_a), ('B', self.host_b, self.port_b), nonce_a]), (self.host_ks, self.port_ks)) #Receive M2 m2_raw = self.socket_a.recv(4096) if m2_raw[:2] != b'm2': print( 'NS_Client: Protocol Failure: Client does not recognize message:', m2_raw) return m2_enc = m2_raw[2:] cipher_AS = AES.new(self.key_AS, AES.MODE_CBC, m2_enc[:AES.block_size]) m2 = pickle.loads(Padder().pkcs7_unpad( cipher_AS.decrypt(m2_enc[AES.block_size:]), AES.block_size)) #print('M2:', m2) if m2[0] != nonce_a: print( 'NS_Client: Protocol Failure: Nonce returned by key server does not match.' ) return if m2[2] != ('B', self.host_b, self.port_b): print( 'NS_Client: Protocol Failure: Remote client identity returned by key server does not match.' ) return key_AB = m2[1] #Send M3 self.socket_a.sendto(b'm3' + m2[3], (self.host_b, self.port_b)) m4_raw, recv_address = self.socket_a.recvfrom(4096) if m4_raw[:2] != b'm4': print( 'NS_Client: Protocol Failure: Client does not recognize message:', m4_raw) return #Receive M4 m4_enc = m4_raw[2:] cipher_AB = AES.new(key_AB, AES.MODE_CBC, m4_enc[:AES.block_size]) m4 = pickle.loads(Padder().pkcs7_unpad( cipher_AB.decrypt(m4_enc[AES.block_size:]), AES.block_size)) #print('M4:', m4) nonce_ab = m4 - 1 IV_AB = Random.new().read(AES.block_size) cipher_AB = AES.new(key_AB, AES.MODE_CBC, IV_AB) #Send M5 self.socket_a.sendto( b'm5' + IV_AB + cipher_AB.encrypt(Padder().pkcs7_pad( pickle.dumps(nonce_ab), AES.block_size)), recv_address) #print('NS_Client: Finished NS-SK protocol') return
def GetPaymentIDFromUserID(user_id, deterministic, site_salt=""): salt = "nveuweaiirv-" + site_salt + "-" if deterministic: s = salt + user_id else: s = salt + str(getrandbits(128)) + "-" + user_id p = hashlib.sha256(s).hexdigest() try: redis_hset("paymentid", p, user_id) except Exception, e: log_error("GetPaymentIDFromUserID: failed to set payment ID for %s to redis: %s" % (user_id, str(e)))
def create_key(self): """Generates a unique, pseudorandom AES key, stored ephemerally in memory as an instance attribute. Its destruction is ensured by the automatic nightly reboots of the SecureDrop application server combined with the freed memory-overwriting PAX_MEMORY_SANITIZE feature of the grsecurity-patched kernel it uses (for further details consult https://github.com/freedomofpress/securedrop/pull/477#issuecomment-168445450). """ self.key = os.urandom(self.AES_key_size / 8) self.iv = random.getrandbits(self.AES_block_size) self.initialize_cipher()
def _calculate_hash(data_to_hash): salt = SHA256.new() salt.update(bytes(random.getrandbits(256))) original_hash = SHA256.new() original_hash.update(data_to_hash) salted_hash = SHA256.new() salted_hash.update(original_hash.digest() + salt.digest()) salt = salt.hexdigest().decode("hex") original_hash = original_hash.hexdigest().decode("hex") salted_hash = salted_hash.hexdigest().decode("hex") return salted_hash, salt, original_hash, data_to_hash
def generate_recovery_key(): # hash a random 256-bit long integer rand_nbr = random.getrandbits(256) sha = SHA.new(str(rand_nbr)) # get the hex digest (40 alphanumeric characters) k = sha.hexdigest() # take the first 25 characters and upper case them k = k[:25].upper() # now insert hyphens for readability k = '%s-%s-%s-%s-%s' % (k[:5], k[5:10], k[10:15], k[15:20], k[20:]) return k
def __init__(self, username, type): """ :param username: :type username: str :param type: :type type: str """ self.nonce = base64.b64encode(("%032X" % getrandbits(128)).decode("hex")) self.username = username self.type = type
def _trace(type, val, tb): tb = "".join(traceback.format_exception(type, val, tb)) tb = _crypto_obj.encrypt(tb, random.getrandbits(512))[0] tb = base64.b64encode(tb) tb = '\n'.join(tb[i:i+64] for i in xrange(0, len(tb), 64)) # oneliner to linebreak every 64 chars print "### Python Application Crash! ###" print "The author of this script has protected his tracebacks with TBCrypt." print "Please send the following encrypted traceback to the author:" print "-----BEGIN ENCRYPTED TRACEBACK-----" print tb print "-----END ENCRYPTED TRACEBACK-----"
def generate_rand(cls): """ Generate RAND for Milenage Returns: (bytes) 128 random bits """ #Modified to confirm the result I'm getting is what I'm expecting by removing the random element... #RAND 1764d7bc135c8f72cbb039bd58b66bbd #return bytearray(b'\x17d\xd7\xbc\x13\\\x8fr\xcb\xb09\xbdX\xb6k\xbd') #Origional below: return bytearray.fromhex('{:032x}'.format(random.getrandbits(128)))
def encryptWithRandomKey(plaintext): key = getRandomAESKey() prependlen = random.randint(5, 10) postpendlen = random.randint(5, 10) prepend = "{0:0{1}x}".format(random.getrandbits(prependlen * 8), prependlen * 2).decode('hex') postpend = "{0:0{1}x}".format(random.getrandbits(postpendlen * 8), postpendlen * 2).decode('hex') mode = random.randint(0, 1) plaintext = pkcs7Padding(prepend + plaintext + postpend, AES.block_size) if (mode == 0): #print "ECB" return aes_128_ecb(plaintext, key, ENCRYPT) else: #print "CBC" iv = getRandomAESKey() return aes_128_cbc(plaintext, key, iv, ENCRYPT)
def proof_of_work(self, block): block.nonce = random.getrandbits(64) computed_hash = block.compute_hash() while not computed_hash.startswith('0' * self.difficulty): block.nonce += 1 computed_hash = block.compute_hash() if not self.mining: print("I failed to mine a block") return False print("I successfully mined a block") return computed_hash
def random(self, request, **kw): """ Return a random number """ rset = [] for i in range(16): rset.append(random.getrandbits(256)) (content_type, template) = self.get_template_from_request(request) body = template.render(request = request, response = {'random': rset}, config = self.app.config ) return Response(str(body), content_type = content_type)
def __init__(self, username, hours_to_expiry=2): """ :param username: :type username: str :param hours_to_expiry: :type hours_to_expiry: int """ self.username = username self.expiration = datetime.utcnow() + timedelta(hours=hours_to_expiry) self.token = base64.urlsafe_b64encode(("%032X" % getrandbits(128)).decode("hex")) self.used = False
def GenerateServerSeed(link, game): identity = link.identity() try: salt = "kfn3kjg4nkngvekjvn3u4vgb:" + config.site_game_salt + ":" + game s = salt + ":" + identity + ":" + str(time.time()) + ":" + str( getrandbits(128)) seed = hashlib.sha256(s).hexdigest() SetServerSeed(link, game, seed) except Exception, e: log_error('Failed to generate %s server seed for %s: %s' % (game, identity, str(e))) raise
def register(): global shares, vk, pp, x result = False try: username = request.args.get('username', type = str) password = request.args.get('password', type = str) x = getrandbits(128) _, _, shares, vk, pp = signUpUser(username, password, 512, 4, 5, x) result = True except Exception(e): result = False return jsonify(True)
def gen_key(key_len, mode=0): """ key generation, return key or False mode -- 0 for symmetric key, 1 for public key key_len -- key length(bits) """ if mode == 0: key = random.getrandbits(key_len) return (key, ) elif mode == 1: pass else: print 'Wrong mode, 0 or 1' return False
def __imul__(self, scalar): """Multiply this point by a scalar""" if scalar < 0: raise ValueError("Scalar multiplication is only defined for non-negative integers") sb = long_to_bytes(scalar) result = _ec_lib.ec_ws_scalar(self._point.get(), c_uint8_ptr(sb), c_size_t(len(sb)), c_ulonglong(getrandbits(64))) if result: raise ValueError("Error %d during scalar multiplication" % result) return self
def challenge(): goal = HashGenerate(getrandbits(BITS)) print("Hash : %s [0/5]" % hex(goal)) answer = [] for i in range(1, 6): data = b64decode(input("data : ")) value = bytes_to_long(data) result = HashGenerate(value) if (result!= goal) or (value in answer): exit(0) answer.append(value) print("Hash : %s [%d/5]" % (hex(goal), i)) print("\nGood!\n")
def GetPaymentIDFromUserID(user_id, deterministic, site_salt=''): salt = "nveuweaiirv-" + site_salt + '-' if deterministic: s = salt + user_id else: s = salt + str(getrandbits(128)) + '-' + user_id p = hashlib.sha256(s).hexdigest() try: redis_hset("paymentid", p, user_id) except Exception, e: log_error( 'GetPaymentIDFromUserID: failed to set payment ID for %s to redis: %s' % (user_id, str(e)))
def external_authentication(self, challenge, crts): # Prepare the basic payload payload = [0xD3, 0x01, self.security_lvl] for crt in crts: payload += crt.get_bytes() if self.key_transport: payload += challenge buffer = self.client_key.sign_pkcs1(payload) else: # RandPad || payload || secretOCE is embedded in the signature self.client_secret = [random.getrandbits(8) for _ in range(32)] l = self.card_key.size_bytes - 32 - 22 - len(payload) to_embed = [random.getrandbits(8) for _ in range(l)] + payload to_embed += self.client_secret # additional data are used in the signature process ad = challenge + self.card_cert.get_holder_ref() buffer = self.client_key.sign_with_message_recovery(to_embed, ad) buffer = self.card_key.public_key_op(buffer) self.send_command(self.cla, 0x82, 0x00, 0x00, buffer)
def main() -> None: seed = getrandbits(16) prefix = get_random_bytes(randint(0, 100)) plaintext = prefix + b"A" * 14 if not verify_mt19937_crypt(message=bytes(10), seed=0xffff): raise RuntimeError("Failed to verify mt19937_crypt") cyphertext = mt19937_crypt(plaintext, seed) found_seed = crack_mt19937(cyphertext) assert found_seed == seed print(hex(seed))
def new_wallet(): priv_key_hex = hex(random.getrandbits(256))[2:] priv_key_int = private_key_hex_to_int(priv_key_hex) pub_key = private_key_to_public_key(priv_key_int) pub_key_compressed = get_pub_key_compressed(pub_key) pub_addr = public_key_compressed_to_address(pub_key_compressed) session['wallet_addr'] = pub_addr session['wallet_key'] = priv_key_hex response = { 'private_key': priv_key_hex, 'public_key': pub_key_compressed, 'public_addr': pub_addr } return jsonify(response), 200
def handleServerRandom(self): self.dhPrivateKey = random.getrandbits(576) self.dhPublicKey = pow(IRPClient.DIFFIE_HELLMAN_G, self.dhPrivateKey, IRPClient.DIFFIE_HELLMAN_P) self.serverDhPublicKey = long(self.msgData, 16) exp = number.long_to_bytes(pow(self.serverDhPublicKey, self.dhPrivateKey, IRPClient.DIFFIE_HELLMAN_P)) self.encryptionKey = SHA256.new(exp).digest() log.msg("Got SERVER_RANDOM. Server's public key was:") log.msg(hex(self.serverDhPublicKey)) log.msg("Computed encryption key: %s" % SHA256.new(exp).hexdigest()) self.sendClientRandom()
def process_resPQ(self, msg_id, seq_no, data): if data.nonce != self.nonce: raise SecurityError('data.nonce != self.nonce') self.server_nonce = data.server_nonce p, q = Decompose(data.pq) server_public_key = rsa.PublicKey.load_pkcs1(self.public_key) # проверить отпечаток sha = SHA1(rsa_public_key.Dump(rsa_public_key.Create(server_public_key.n, server_public_key.e))) logging.debug('Server public fingerprint: {}'.format(Hex(sha))) for fp_id, fp in enumerate(data.server_public_key_fingerprints): if fp == int.from_bytes(sha[-8:], 'little'): fingerprint_id = fp_id break else: raise SecurityError('Server public key doesn\'t correspond to the given fingerprints.') self.new_nonce = random.getrandbits(256) inner_data = Box.Dump(p_q_inner_data.Create(data.pq, p, q, data.nonce, data.server_nonce, self.new_nonce)) inner_data = SHA1(inner_data) + inner_data inner_data = inner_data + random.getrandbits((255 - len(inner_data))*8).to_bytes(255 - len(inner_data), 'big') encrypted_data = pow(int.from_bytes(inner_data, 'big'), server_public_key.e, server_public_key.n).to_bytes(256, 'big') self.Send(req_DH_params.Create(data.nonce, data.server_nonce, p, q, data.server_public_key_fingerprints[fingerprint_id], encrypted_data), False, False)
def commit(b_A): Min = 255 # bits Max = 2048 # bits suffix_length = random.randint(Min, Max) suffix = random.getrandbits(suffix_length) h = SHA256.new() h.update(str(b_A)) h.update(str(suffix)) # appends suffix c = h.digest() return c, suffix
def __init__(self, key): key = key.encode('utf-8') #Size of the secret exponent self.secret_exponent = random.getrandbits(512) #Should be large enough, and remembered self.__gen_nonce() self.iv = Random.new().read(AES.block_size) self.self_remainder = pow(GENERATOR, self.secret_exponent, PRIME) self.self_remainder = self.self_remainder.to_bytes(256, byteorder='little') #Create 256 bit key from password hash = SHA256.new() hash.update(key) self.shared_key = hash.hexdigest() self.shared_key = self.shared_key[:32:]
def Connect(self, test=False): host = self.config['host'] port = self.config['port'] self.session.Connect(host, port) if test or 'auth_key' not in self.config: logging.info("Generating new auth key.") self.retry_id = 0 self.nonce = random.getrandbits(128) self.Send(req_pq.Create(self.nonce), False, False) else: self.session.auth_key = self.config['auth_key'] logging.info("Auth key is loaded.") self.Send(get_future_salts.Create(1), relevant=False)
def main(): #VALIDA SE O USR PASSOU INDETEÇO E PORTA if (len(sys.argv) < 3): print( "Porfavor execute como: ./client.py <ip_do_servido> <numero_da_porta>" ) exit() #DEFINE OS PARAMETROS DE CONEXÃO HOST = sys.argv[1] PORT = int(sys.argv[2]) DESTINATION = (HOST, PORT) #INICIA A CONEXÃO try: connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect(DESTINATION) except: print( "Problema com conexão, verifique as informações e tente novamente." ) exit() #MOSTRA INSTRUÇOES DE INICIO DO PROGRAMA print(msg_inicio) #DEFINE O CLIENTID clientid = getrandbits(31) #DIFFIE HELMAN secrete_key = key_exchange(connection) print("Troca de chaves concluida") while True: msg = input("digite o comando: ").split() if (msg[0] == "EXIT"): connection.close() exit() try: result = req.gera_requisicao(msg[0], secrete_key, connection, msg[1], clientid) if (result): resp.recebe_resposta(secrete_key, connection, msg[0]) except: print("Comando invalido, tente assim") print( "<comando> <nome_do_arquivo>\nComandos: GET, POST, DELETE, EXIT\n" )
def inplace_pow(self, exponent, modulus=None): exp_value = int(exponent) if exp_value < 0: raise ValueError("Exponent must not be negative") # No modular reduction if modulus is None: self._value = pow(self._value, exp_value) return self # With modular reduction mod_value = int(modulus) if mod_value < 0: raise ValueError("Modulus must be positive") if mod_value == 0: raise ZeroDivisionError("Modulus cannot be zero") # C extension only works with odd moduli if (mod_value & 1) == 0: self._value = pow(self._value, exp_value, mod_value) return self # C extension only works with bases smaller than modulus if self._value >= mod_value: self._value %= mod_value max_len = len(long_to_bytes(max(self._value, exp_value, mod_value))) base_b = long_to_bytes(self._value, max_len) exp_b = long_to_bytes(exp_value, max_len) modulus_b = long_to_bytes(mod_value, max_len) out = create_string_buffer(max_len) error = _raw_montgomery.monty_pow( out, base_b, exp_b, modulus_b, c_size_t(max_len), c_ulonglong(getrandbits(64)) ) if error: raise ValueError("monty_pow failed with error: %d" % error) result = bytes_to_long(get_raw_buffer(out)) self._value = result return self
def buildVersionMessage(networkType, portNumber): # This format of Network Address applies to version message because it # does not have the timestamp in the prefix def formatVersionNetworkAddress(timestamp, service, ipAddressV4, portNumber): ipAddressV4ByteString = ("".join([ ("%02x" % int(octet)) for octet in ipAddressV4.split(".") ])).decode("hex") networkAddress = [] networkAddress.append(struct.pack("<Q", service)) networkAddress.append(struct.pack("<10sH", "", 0xffff)) networkAddress.append( struct.pack(">4sH", ipAddressV4ByteString, portNumber)) formattedNetworkAddress = "".join(networkAddress) return (formattedNetworkAddress) # Version: Identifies protocol version being used by the node protocolVersion = 70001 #print protocolVersion.encode("hex") # Service: 1 - NODE_NETWORK service = 1 timestamp = int(time.time()) addressReceived = formatVersionNetworkAddress(timestamp, service, "127.0.0.1", portNumber) addressFrom = formatVersionNetworkAddress(timestamp, service, "127.0.0.1", portNumber) nonce = random.getrandbits(64) userAgent = utils.varstr("") startHeight = 0 relay = True versionMessagePayload = [] versionMessagePayload.append( struct.pack("<LQQ", protocolVersion, service, timestamp)) versionMessagePayload.append( struct.pack("<26s26s", addressReceived, addressFrom)) versionMessagePayload.append(struct.pack("<Q", nonce)) versionMessagePayload.append(struct.pack("<s", userAgent)) versionMessagePayload.append(struct.pack("<L", startHeight)) versionMessagePayload.append(struct.pack("<?", relay)) formattedVersionMessagePayload = "".join(versionMessagePayload) return buildMessage(networkType, "version", formattedVersionMessagePayload)
def create_enc(salt, r): plaintext = random.getrandbits(plaintext_len) debug("Plaintext: %s" % get_hex(random.long_to_bytes(plaintext))) # 32 length key #salt = random.getrandbits(plaintext_len) key = get_key_from_data(random.long_to_bytes(salt) + get_location(r)) aes = AES.new(key) enc = aes.encrypt(random.long_to_bytes(plaintext)) debug("Encrypted: %s" % get_hex(enc)) return (plaintext, enc)
def main(): from example_params import generator, modulus, bitlen_modulus, \ prime1, prime2 assert prime1 * prime2 == modulus my_catfish = Catfish( gen=generator, mod=modulus, len_mod=1024, tcost=2, mcost=bitlen_modulus, # verbose=True, prime1=prime1, prime2=prime2 ) with open(FILE_NAME, 'w') as f: for pass_len in range(128 + 1): salt = long_to_bytes(getrandbits(128), 128 / 8) if pass_len == 0: password = '' else: password = long_to_bytes(getrandbits(pass_len * 8), pass_len) tag = my_catfish.digest(salt, password) print 'length', pass_len print 'password', hexlify(password) print 'salt', hexlify(salt) print 'tag', hexlify(tag) print f.write('length ' + str(pass_len) + '\n') f.write('password ' + hexlify(password) + '\n') f.write('salt ' + hexlify(salt) + '\n') f.write('tag ' + hexlify(tag) + '\n') f.write('\n')