def runTest(self):
data = b"0123"
key = b"9" * 32
nonce = b"t" * 8
# Encryption
data_mv = memoryview(bytearray(data))
key_mv = memoryview(bytearray(key))
nonce_mv = memoryview(bytearray(nonce))
cipher1 = Salsa20.new(key=key, nonce=nonce)
ct = cipher1.encrypt(data)
cipher2 = Salsa20.new(key=key_mv, nonce=nonce_mv)
key_mv[:1] = b'\xFF'
nonce_mv[:1] = b'\xFF'
ct_test = cipher2.encrypt(data_mv)
self.assertEqual(ct, ct_test)
self.assertEqual(cipher1.nonce, cipher2.nonce)
# Decryption
key_mv = memoryview(bytearray(key))
nonce_mv = memoryview(bytearray(nonce))
ct_mv = memoryview(bytearray(ct))
cipher3 = Salsa20.new(key=key_mv, nonce=nonce_mv)
key_mv[:1] = b'\xFF'
nonce_mv[:1] = b'\xFF'
pt_test = cipher3.decrypt(ct_mv)
self.assertEqual(data, pt_test)
def runTest(self):
# Encrypt/Decrypt data and test output parameter
key = b'4' * 32
nonce = b'5' * 8
cipher = Salsa20.new(key=key, nonce=nonce)
pt = b'5' * 16
ct = cipher.encrypt(pt)
output = bytearray(16)
cipher = Salsa20.new(key=key, nonce=nonce)
res = cipher.encrypt(pt, output=output)
self.assertEqual(ct, output)
self.assertEqual(res, None)
cipher = Salsa20.new(key=key, nonce=nonce)
res = cipher.decrypt(ct, output=output)
self.assertEqual(pt, output)
self.assertEqual(res, None)
import sys
if sys.version[:3] != '2.6':
output = memoryview(bytearray(16))
cipher = Salsa20.new(key=key, nonce=nonce)
cipher.encrypt(pt, output=output)
self.assertEqual(ct, output)
cipher = Salsa20.new(key=key, nonce=nonce)
cipher.decrypt(ct, output=output)
self.assertEqual(pt, output)
cipher = Salsa20.new(key=key, nonce=nonce)
self.assertRaises(TypeError, cipher.encrypt, pt, output=b'0'*16)
cipher = Salsa20.new(key=key, nonce=nonce)
self.assertRaises(TypeError, cipher.decrypt, ct, output=b'0'*16)
shorter_output = bytearray(7)
cipher = Salsa20.new(key=key, nonce=nonce)
self.assertRaises(ValueError, cipher.encrypt, pt, output=shorter_output)
cipher = Salsa20.new(key=key, nonce=nonce)
self.assertRaises(ValueError, cipher.decrypt, ct, output=shorter_output)
def encrypt(self,
key: bytes,
data: bytes,
nonce: Optional[bytes] = None) -> bytes:
"""
Encrypts buffer using Salsa20 algorithm.
:param key: Cryptographic key (16/32 bytes)
:type key: bytes
:param data: Buffer to be encrypted
:type data: bytes
:param nonce: Nonce value (8 bytes, defaults to `b"\\\\x00"*8` )
:type nonce: bytes, optional
:return: Encrypted data
:rtype: bytes
"""
if nonce is None:
nonce = b"\x00" * 8
return Salsa20Cipher.new(key=key, nonce=nonce).encrypt(data)
def encrypt(self, byte_input):
"""
Takes byte input and returns encrypted input using a key and encryption nonce.
:param byte_input: byte string to be encrypted.
:return: encrypted string, nonce, and HMAC validation.
"""
if isinstance(byte_input, bytes):
pass
else:
byte_input.encode(encoding="ascii", errors="replace")
pass
ciphering = Salsa20.new(self.key)
validation = HMAC.new(self.hmac_key,
msg=ciphering.encrypt(byte_input),
digestmod=SHA256)
return [
ciphering.encrypt(byte_input), ciphering.nonce,
validation.hexdigest()
]
def decrypt(self, encrypted_input, validate, nonce):
"""
Decrypts given encrypted message and validates message with HMAC and nonce from encryption.
:param encrypted_input: encrypted string to be decrypted.
:param validate: HMAC validation byte string.
:param nonce: nonce, additional security feature to prevent replay attacks.
"""
validation = HMAC.new(self.hmac_key,
msg=encrypted_input,
digestmod=SHA256)
try:
validation.hexverify(validate)
except ValueError:
self.socket.close()
host.restart()
raise Exception(
"[FAIL]: Message is not authentic, failed HMAC validation!")
pass
ciphering = Salsa20.new(self.key, nonce=nonce)
return ciphering.decrypt(encrypted_input)
def decrypt_file(self):
if State.encrypt_method and State.filename and State.generated_key:
with open(State.filename, 'rb') as f:
text = f.read()
try:
if State.encrypt_method == 'AES':
cipher = AES.new(State.generated_key, AES.MODE_EAX,
text[:16])
decoded = cipher.decrypt_and_verify(
text[32:], text[16:32]).decode()
elif State.encrypt_method == 'Triple DES':
cipher = DES3.new(State.generated_key, DES3.MODE_CFB)
decoded = cipher.decrypt(
text)[len(cipher.iv):].decode()
elif State.encrypt_method == 'Salsa20':
cipher = Salsa20.new(key=State.generated_key,
nonce=text[:8])
decoded = cipher.decrypt(text[8:]).decode()
else:
return messagebox.showerror(
title='Error',
message='Choose algorithm to decode with')
except Exception as e:
print(e)
return messagebox.showerror(
title='Wrong key',
message=
'File can not be decoded with this key. Try another one.'
)
self.parent.textarea.delete('1.0', 'end-1c')
self.parent.textarea.insert('1.0', decoded)
self.parent.root.navbar.file_helper.text_modified()
self.parent.textarea.see('1.0')
self.parent.linenumberingarea.see('1.0')
messagebox.showinfo(title='Success',
message='File was decoded successfully.')
else:
messagebox.showerror(title='Error',
message='Something went wrong. Try again.')
def get_cipher(self, protected_stream_key):
key = hashlib.sha256(protected_stream_key).digest()
return Salsa20.new(
key=key,
nonce=b'\xE8\x30\x09\x4B\x97\x20\x5D\x2A'
)
def test_default_nonce(self):
cipher1 = Salsa20.new(bchr(1) * 16)
cipher2 = Salsa20.new(bchr(1) * 16)
self.assertEqual(len(cipher1.nonce), 8)
self.assertNotEqual(cipher1.nonce, cipher2.nonce)
def encrypt(self, file_path, alg):
if alg not in ALG_OPTIONS:
return False
with open(file_path, 'rb') as fi, open(file_path + ENCRYPT_EXTEND, 'wb') as fo:
public_key = self.get_public_key()
cipher_rsa = PKCS1_OAEP.new(public_key)
plain_text = fi.read()
msg = {'alg': alg}
if alg == ALG_OPTIONS[0]:
secret_key = Random.get_random_bytes(16)
cipher = AES.new(secret_key, AES.MODE_EAX)
msg.update({'nonce': cipher.nonce})
elif alg == ALG_OPTIONS[1]:
secret_key = Random.get_random_bytes(16)
cipher = AES.new(secret_key, AES.MODE_OCB)
msg.update({'nonce': cipher.nonce})
elif alg == ALG_OPTIONS[2]:
secret_key = Random.get_random_bytes(16)
iv = Random.new().read(AES.block_size)
cipher = AES.new(secret_key, AES.MODE_CFB, iv)
msg.update({'iv': iv})
elif alg == ALG_OPTIONS[3]:
secret_key = Random.get_random_bytes(16)
cipher = AES.new(secret_key, AES.MODE_CTR)
msg.update({'nonce': cipher.nonce})
elif alg == ALG_OPTIONS[4]:
secret_key = Random.get_random_bytes(8)
cipher = DES.new(secret_key, DES.MODE_OFB)
msg.update({'iv': cipher.iv})
elif alg == ALG_OPTIONS[5]:
secret_key = Random.get_random_bytes(16)
cipher = ARC2.new(secret_key, ARC2.MODE_CFB)
msg.update({'iv': cipher.iv})
elif alg == ALG_OPTIONS[6]:
secret_key = Random.get_random_bytes(40)
cipher = ARC4.new(secret_key)
elif alg == ALG_OPTIONS[7]:
secret_key = Random.get_random_bytes(32)
cipher = ChaCha20.new(key=secret_key)
msg.update({'nonce': cipher.nonce})
elif alg == ALG_OPTIONS[8]:
secret_key = Random.get_random_bytes(32)
cipher = Salsa20.new(key=secret_key)
msg.update({'nonce': cipher.nonce})
else:
return False
if alg in ALG_OPTIONS[1:3]:
cipher_text, tag = cipher.encrypt_and_digest(plain_text)
elif alg in ALG_OPTIONS[3:]:
cipher_text = cipher.encrypt(plain_text)
tag = SHA256.new(plain_text).hexdigest()
else:
return False
dir_path, file_name = os.path.split(file_path)
msg.update({'secret_key': cipher_rsa.encrypt(secret_key), 'cipher_text': cipher_text, 'tag': tag, 'file_name': file_name})
for key, value in msg.iteritems():
msg[key] = b64encode(value).encode('utf-8')
fo.write(json.dumps(msg))
return True
def Salsa20Decrypt(in_string, key):
msg_nonce = in_string[:8]
ciphertext = in_string[8:]
cipher = Salsa20.new(key=key, nonce=msg_nonce)
msg = cipher.decrypt(ciphertext)
return msg
def Salsa20Encrypt(in_string):
encryptionkey1 = get_passphrase(32)
encryptionkey = str.encode(encryptionkey1)
cipher = Salsa20.new(key=encryptionkey)
msg = cipher.nonce + cipher.encrypt(in_string.encode('utf-8'))
return [msg, encryptionkey1]
def decrypt(key, msg):
msg = unhexlify(msg.encode())
nonce = msg[:8]
c = msg[8:]
cipher = Salsa20.new(key=key, nonce=nonce)
return cipher.decrypt(c)
def encrypt(data, number):
data = base64.b64encode(data.encode('utf-8'))
seckey = hashlib.sha256(str(number).encode('utf-8')).digest()
cipher = Salsa20.new(key=seckey)
msg = cipher.nonce + cipher.encrypt(data)
return base64.b64encode(msg)
def encrypt(key, msg):
cipher = Salsa20.new(key=key)
return hexlify(cipher.nonce + cipher.encrypt(msg)).decode()
