示例#1
0
def readProductKey(verifyingPublicKeyInstance, licenseIdSize, productIdSize,
                   expirationTimeSize, hashSize, productKey):
    try:
        productKey = productKey.strip().replace('-', '').replace(' ', '')
        productKeyBytes = b32decode(
            (productKey + '=' * (-len(productKey) % 8)).encode('utf-8'))
        productKeyLong = bytes_to_long(productKeyBytes)
        longValue = verifyingPublicKeyInstance._encrypt(productKeyLong)
        bitString = ('{:0' + str(licenseIdSize + productIdSize +
                                 expirationTimeSize + hashSize * 8) +
                     'b}').format(longValue)
        licenseId = int(bitString[:licenseIdSize], 2)
        productId = int(bitString[licenseIdSize:licenseIdSize + productIdSize],
                        2)
        expirationTime = int(
            bitString[licenseIdSize + productIdSize:licenseIdSize +
                      productIdSize + expirationTimeSize], 2)
        computedHash = int(
            bitString[licenseIdSize + productIdSize + expirationTimeSize:], 2)

        shake = SHAKE256.new()
        shake.update(bitString[:licenseIdSize + productIdSize +
                               expirationTimeSize].encode('utf-8'))

        if computedHash != bytes_to_long(shake.read(hashSize)):
            raise InvalidProductKey()

        return licenseId, productId, expirationTime
    except:
        raise InvalidProductKey()
示例#2
0
 def get_private_key(self, password):
     shake = SHAKE256.new()
     shake.update(password)
     cipher_aes = AES.new(binascii.hexlify(shake.read(16)), AES.MODE_EAX, self.private_nonce)
     try:
         private_key = cipher_aes.decrypt_and_verify(self.private_key, self.private_tag)
         return RSA.import_key(private_key)
     except ValueError:
         return None
示例#3
0
 def generate_key(self, key_length, password):
     random_generator = Random.new().read
     key = RSA.generate(key_length, random_generator)
     shake = SHAKE256.new()
     shake.update(password)
     cipher_aes = AES.new(binascii.hexlify(shake.read(16)), AES.MODE_EAX)
     self.private_nonce = cipher_aes.nonce
     self.private_key, self.private_tag = cipher_aes.encrypt_and_digest(key.export_key('PEM'))
     self.public_key = key.publickey().export_key('PEM')
示例#4
0
def createProductKey(signingPrivateKey,
                     licenseId,
                     productId,
                     expirationTime,
                     groupsLength=None,
                     licenseIdSize=DEFAULT_LICENSE_ID_SIZE,
                     productIdSize=DEFAULT_PRODUCT_ID_SIZE,
                     expirationTimeSize=DEFAULT_EXPIRATION_TIME_SIZE,
                     hashSize=DEFAULT_HASH_SIZE):
    if licenseId > 2**licenseIdSize:
        raise ValueError('License ID is too big for its field size.')

    if productId > 2**productIdSize:
        raise ValueError('Product ID is too big for its field size.')

    if expirationTime > 2**expirationTimeSize:
        raise ValueError('Expiration time is too big for its field size.')

    privateKey = RSA.import_key(signingPrivateKey)
    privateKeySize = privateKey.size_in_bits()
    dataSize = licenseIdSize + productIdSize + expirationTimeSize + hashSize * 8

    if privateKeySize < dataSize:
        raise ValueError(
            'The RSA key is too small (%s bits) for the data size (%s bits).' %
            (privateKeySize, dataSize))

    bitString = ('{:0' + str(licenseIdSize) + 'b}{:0' + str(productIdSize) +
                 'b}{:0' + str(expirationTimeSize) + 'b}').format(
                     licenseId, productId, expirationTime)
    shake = SHAKE256.new()
    shake.update(bitString.encode('utf-8'))
    computedHash = bytes_to_long(shake.read(hashSize))
    bitString += ('{:0' + str(hashSize * 8) + 'b}').format(computedHash)
    longValue = int(bitString, 2)
    productKeyLong = privateKey._decrypt(longValue)
    productKeyBytes = long_to_bytes(productKeyLong)
    productKey = b32encode(productKeyBytes).decode('utf-8').replace('=', '')

    if groupsLength is not None:
        productKey = '-'.join(textwrap.wrap(productKey, groupsLength))

    return productKey
示例#5
0
 def new_test(self, data=data, result=tv.md):
     hobj = SHAKE256.new(data=data)
     digest = hobj.read(len(result))
     self.assertEqual(digest, result)
示例#6
0
 def new_test(self, data=data, result=tv.md):
     hobj = SHAKE256.new(data=data)
     digest = hobj.read(len(result))
     self.assertEqual(digest, result)
示例#7
0
 def __init__(self):
     self.name = 'shake_256'
     self.handle = SHAKE256.new()
示例#8
0
# Released to the public domain.

# Designed for answering security questions deterministically, while
# guaranteeing a minimum security margin to prevent anyone who knows the actual
# answer from compromising an account.

# BLAKE2 is based on ChaCha and uses the HAIFA construction
# SHAKE256 is a SHA-3 XOF based on Keccak which uses the sponge construction
# scrypt is a KDF based on PBKDF2-HMAC-SHA256, which uses the Merkle-Damgard construction

from Cryptodome.Hash import BLAKE2b
from Cryptodome.Hash import SHAKE256
from Cryptodome.Protocol.KDF import scrypt

print("Answers are case-sensitive.")
site = raw_input("What site is this for? Root domain and TLD only (E.G.: example.com) ")
key = raw_input("What is a secret key with at least 128-bits entropy only you know? ")
answer = raw_input("What is the answer to the security question? ")

shake = SHAKE256.new()
secret = shake.update(bytes(key)).read(64)
salt = BLAKE2b.new(digest_bits=512, key=secret)
salt.update(bytes(site))

# A cost of 32 MiB of RAM and 5+ seconds computation
crypt = scrypt(bytes(answer), salt.digest(), 16, 2**15, 8, 1)

print("")
print("Enter this into your security question form: {}".format(crypt.encode('hex')))