Last active
December 11, 2015 08:29
-
-
Save psihotoxic/4573721 to your computer and use it in GitHub Desktop.
Primjer RC4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- coding: UTF-8 -*- | |
# Version 1.0 | |
# AUTHOR: Ljubo Barac (ljubarac@gmail.com) | |
# CREDITS: | |
# Based on the work of Thimo Kramere <thimo.kraemer@joonis.de> and | |
# Per Tunedal <info@tunedal.nu> | |
# Availible at: http://www.joonis.de/content/RC4ARC4ARCFOURAlgorithmForPython | |
# | |
# | |
# This program is free software: you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation, either version 3 of the License, or | |
# (at your option) any later version. | |
# | |
# Made for demonstration purposes @ FOI OSS http://security.foi.hr/wiki/index.php/Glavna_stranica | |
#RC4 algoritam, KSA i PRGA standardna implementacija (wiki) | |
def crypt(data, key): | |
# KSA (wiki) | |
j = 0 | |
S = range(256) | |
for i in range(256): | |
j = (j + S[i] + ord(key[i % len(key)])) % 256 | |
S[i], S[j] = S[j], S[i] | |
# inicijaliziraj | |
j = i = 0 | |
out = [] #gdje se zapisuje output, no sh** | |
# Drop 1024 (FMS) | |
for i in xrange(1024): | |
i = (i + 1) % 256 | |
j = (j + S[i]) % 256 | |
S[i], S[j] = S[j], S[i] | |
# PRGA (wiki) | |
for char in data: | |
i = (i + 1) % 256 | |
j = (j + S[i]) % 256 | |
S[i], S[j] = S[j], S[i] | |
out.append(chr(ord(char) ^ S[(S[i] + S[j]) % 256])) | |
return ''.join(out) | |
import os, base64, hashlib, hmac, sys | |
def encrypt(data, key, encode=base64.standard_b64encode, salt_length=16): | |
# HMAC za provjeru autenticnosti i integriteta podataka | |
# moze se i generirati slucajni mackey | |
# preporuka: ne koristiti isti kljuc za kriptiranje i mac! | |
# ovdje se koristi. neka je. | |
mackey = key | |
salt = os.urandom(salt_length) #random salt duljine 16 | |
# Hash SHA512 | |
key = hashlib.sha512(key + salt).digest() #hashiramo kljuc zajedno sa salt | |
# kriptiranje | |
data = chr(salt_length) + salt + crypt(data, key) #nisam siguran da je ok | |
if encode: | |
data = encode(data) | |
# HMAC (sha512) | |
check = hmac.new(mackey, data, hashlib.sha512).digest() | |
check = encode(check) | |
# print len(check) #da se sjetim duljine u base64 -.- | |
data = data + check | |
return data | |
def decrypt(data, key, decode=base64.standard_b64decode): | |
mackey = key | |
# 88 bytes za mac provjeru koji smo dodali na kraj (check) | |
# base64 encodano je 88 '-.- | |
mac = data [(len(data) - 88):] # koji dio podataka je check | |
data = data [0: (len(data) - 88)] # a koji zapravo podaci | |
# provjera HMAC | |
check = hmac.new(mackey, data, hashlib.sha512).digest() #ponovno racunanje provjere | |
mac = decode(mac) #dekodiranje iz base64 za provjeru | |
if check != mac: # ponovno kreirani mac razlicit od dohvacenog? | |
print 'Manipulirana poruka ili krivi kljuc!' | |
elif decode: | |
data = decode(data) | |
pos = ord(data[0]) + 1 | |
salt = data[1:pos] | |
key = hashlib.sha512(key + salt).digest() | |
clear = crypt(data[pos:], key) | |
return clear |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment