def testchacha():
sk, pk = rsa.generate_key()
key = "12345678"
x = chacha20.encrypt(key,sk)
start = time.time()
for i in range(1000000):
chacha20.decrypt(key,x)
end = time.time()
print(end - start)
def decrypt(cls, private_key, enc_session_key, ciphertext, tag=None):
# Convert to bytes
private_key = trans_to_bytes(private_key)
enc_session_key = trans_to_bytes(enc_session_key)
ciphertext = trans_to_bytes(ciphertext)
# Load key and decrypt session key
private_key_instance = RSA.import_key(private_key)
cipher_rsa = PKCS1_OAEP.new(private_key_instance)
session_key = cipher_rsa.decrypt(enc_session_key)
# Decrypt ciphertext
verify = False
if tag is None:
plain = chacha20.decrypt(session_key, ciphertext)
else:
plain, verify = chacha20.decrypt_and_verify(session_key, ciphertext, tag)
return plain, verify
def get_rsa_key(key_type, password=''):
if key_type == 'pk':
res = ''.join(open(public_key_path, 'r').readlines())
elif key_type == 'sk':
enc_key = base64.b64decode(''.join(
open(private_key_path, 'r').readlines()))
res = str(chacha20.decrypt(password, enc_key),
encoding=config.encoding)
else:
return False
return res
def generate_check_pass_file(username, password):
with open(password_check_path, 'w+') as fi:
new_check_data = '%s:%s:%s' % (''.join(
random.sample(string.ascii_letters + string.digits,
random.randint(16, 32))), username, ''.join(
random.sample(
string.ascii_letters + string.digits,
random.randint(16, 32))))
enc_check_data = chacha20.encrypt(password, new_check_data)
fi.write(
str(base64.b64encode(enc_check_data), encoding=config.encoding))
return True
def encrypt(cls, public_key, plaintext):
# Convert to bytes
public_key = trans_to_bytes(public_key)
plaintext = trans_to_bytes(plaintext)
# Generate a session key and encrypt the message
session_key = get_random_bytes(32)
ciphertext, tag = chacha20.encrypt_and_digest(session_key, plaintext)
# Encrypt session key
recipient_key = RSA.import_key(public_key)
cipher_rsa = PKCS1_OAEP.new(recipient_key)
encrypt_session_key = cipher_rsa.encrypt(session_key)
return encrypt_session_key, ciphertext, tag
def generate_key(password, force=False):
# Check if key exist
if not os.path.exists(root_dir):
os.makedirs(root_dir)
# Create
if not os.path.exists(private_key_path) or force:
print('Generating key pairs...')
sk, pk = rsa.generate_key()
with open(private_key_path, 'w') as fi:
b64_res = base64.b64encode(chacha20.encrypt(password, sk))
fi.write(str(b64_res, encoding=config.encoding))
with open(public_key_path, 'w') as fi:
fi.write(str(pk, encoding=config.encoding))
else:
raise Exception('Key pair exist')
return True
def attackSK():
name = userdata_service.load_unencrypted_data('name')
with open(password_check_path, 'r+') as fi:
check_data = base64.b64decode(
bytes(''.join(fi.readlines()), encoding=config.encoding))
start = time.time()
for pwd in get_pwd(strKey, 6):
try:
plaintext = str(chacha20.decrypt(pwd, check_data),
encoding=config.encoding)
except:
continue
if name in plaintext:
print(pwd +
"----------------------------------------------------------")
break
end = time.time()
print(end - start)
def check_pass(password):
if not check_user_data_integrity():
raise Exception('No password auth file')
username = load_unencrypted_data('name')
with open(password_check_path, 'r+') as fi:
try:
check_data = base64.b64decode(
bytes(''.join(fi.readlines()), encoding=config.encoding))
plaintext = str(chacha20.decrypt(password, check_data),
encoding=config.encoding)
if username in plaintext:
fi.close()
generate_check_pass_file(username, password)
return True
except:
return False
return False