Created
May 14, 2019 21:19
-
-
Save enedil/226447219ad1c052b904f6e4bc3a21b1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import cgi | |
import os | |
import json | |
from base64 import b64decode, b64encode | |
from Crypto.Cipher import AES | |
from Crypto.Util.strxor import strxor | |
from Crypto.Util.Padding import pad, unpad | |
from Crypto.Util.number import long_to_bytes | |
from secret import key, secret_message | |
block_length = 16 | |
aes = AES.new(key, AES.MODE_ECB) | |
def chunk(data, length): | |
return [data[i:i+length] for i in range(0, len(data), length)] | |
def sign(msg, iv=None): | |
msg = pad(msg, block_length) | |
if not iv: | |
iv = os.urandom(block_length) | |
blocks = chunk(msg, block_length) | |
signature = iv | |
for block in [long_to_bytes(len(blocks), block_length)] + blocks: | |
signature = aes.encrypt(strxor(signature, block)) | |
return iv, signature | |
def verify(msg, iv, signature): | |
_, computed_signature = sign(msg, iv) | |
return computed_signature == signature | |
msg_ = b'{"authenticated":false,"text":"oto_przyklad_uzycia_podpisu"}' | |
iv_, sig_ = sign(msg_) | |
print("Content-type: text/html") | |
print() | |
print( """ | |
<html> | |
<head><title>Zadanie 2: AES CBC MAC</title></head> | |
<meta charset="utf-8"> | |
<body> | |
""") | |
print(""" | |
<p> sign(%r) == b64decode(%r), b64decode(%r) </p> | |
""" % (msg_, b64encode(iv_), b64encode(sig_))) | |
form = cgi.FieldStorage() | |
message = form.getvalue('message', '') | |
iv = form.getvalue('iv', '') | |
signature = form.getvalue('signature', '') | |
print('<p>') | |
def x(message, iv, signature): | |
try: | |
message = b64decode(message) | |
iv = b64decode(iv) | |
signature = b64decode(signature) | |
except Exception as e: | |
print('niepoprawne kodowanie: ', e) | |
if len(iv) != 16 or len(signature) != 16: | |
print('Zła długość.') | |
return | |
try: | |
if verify(message, iv, signature): | |
d = json.loads(message) | |
if d['authenticated']: | |
print('Oto sekretna wiadomość: ', secret_message) | |
else: | |
print('Tym razem niestety nic') | |
else: | |
print('Niepoprawny podpis.') | |
except Exception as e: | |
print(e) | |
if message and iv and signature: | |
x(message, iv, signature) | |
print('</p>') | |
print(""" | |
<p>Wszystkie rzeczy trzeba najpierw zakodować za pomocą base64! | |
<form method="post"> | |
<p>message: <input type="text" name="message"/></p> | |
<p>iv: <input type="text" name="iv"/></p> | |
<p>signature: <input type="text" name="signature"/></p> | |
<input type="submit"> | |
</form> | |
</body> | |
</html> | |
""") | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import cgi | |
from secret import N, e, d | |
def encrypt(m): | |
return pow(m, e, N) | |
def decrypt(c): | |
return pow(c, d, N) | |
print("Content-type: text/html\n") | |
print( """ | |
<html> | |
<head><title>Zadanie 3: RSA</title></head> | |
<meta charset="utf-8"> | |
<body> | |
""") | |
print(""" | |
<p> | |
Oto klucz publiczny: <br/> | |
N = %d <br/> | |
e = %d <br/> | |
</p> | |
""" % (N, e)) | |
print(""" | |
<p> | |
Kluczem tym zaszyfrowano pewną wiadomość (jest to liczba): <br/> | |
928066735300335970761240687353165144477163930660377590215387151172657023088092014506935678554845211540813156 | |
</p> | |
""") | |
form = cgi.FieldStorage() | |
szyfrogram = form.getvalue('szyfrogram', '') | |
if szyfrogram: | |
try: | |
dec = decrypt(int(szyfrogram)) | |
print("Po odszyfrowaniu, stwierdzam że odpowiadająca jemu odszyfrowana liczba jest ", end='') | |
if dec % 2: | |
print('parzysta.') | |
else: | |
print('nieparzysta.') | |
except Exception as e: | |
print("Wystąpił błąd:", e) | |
print( | |
"""<form method="post"> | |
<p>Wprowadź szyfrogram: <input type="text" name="szyfrogram"/></p> | |
<input type="submit"> | |
</form> | |
</body> | |
</html>""") | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment