API tools faq
paste
Guest User

Untitled

a guest
Feb 15th, 2018
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.90 KB | None | 0 0
raw download clone embed print report
  1. import os.path
  2. from OpenSSL import *
  3. from struct import *
  4. from Crypto.Hash import SHA512
  5. from Crypto.Protocol import KDF
  6. from Crypto.Cipher import AES
  7. from Crypto.Util import Counter
  8. from sys import *
  9.  
  10. def main():
  11. if not (os.path.isfile("passwd_file") and os.path.isfile("master_passwd")):
  12. master_registration()
  13. else:
  14. if len(argv)==1:
  15. print("Enter your master password in command line!")
  16. else:
  17. check_match(argv[1])
  18. user_key=get_key(argv[1])
  19. text_byte_content=extract(user_key,"INTEGRITY CHECK OF PASSWORD FILE FAILED!\n")
  20. check_integrity(text_byte_content[1],"INTEGRITY CHECK OF PASSWORD FILE FAILED!\n")
  21. user_cmd(user_key,text_byte_content)
  22.  
  23. def master_registration():
  24. pff=open("passwd_file","wb")
  25. mpf=open("master_passwd","wb")
  26. mp=input("Please enter a master password:\n")
  27. IV=rand.bytes(256)
  28. mpf.write(IV)
  29. mpf.write(hash_mp(mp,IV))
  30. mpf.close()
  31. pff.close()
  32.  
  33. def hash_mp(mp,IV):
  34. pwIV=b''.join([pack("B",ord(mp[i])) for i in range(len(mp))])
  35. pwIV+=IV
  36. h = SHA512.new()
  37. h.update(pwIV)
  38. return h.digest()
  39.  
  40. def check_match(pw):
  41. mpf=open("master_passwd","rb")
  42. IVhash=mpf.read()
  43. IV,Hash=IVhash[:256],IVhash[256:]
  44. if hash_mp(pw,IV)!=Hash:
  45. print("WRONG MASTER PASSWORD!\n")
  46. mpf.close()
  47. exit()
  48.  
  49. def extract(key,words):
  50. pff=open("passwd_file","rb")
  51. contents=pff.read()
  52. if len(contents)>=76:
  53. root,num,IV,curpos=contents[:64],contents[64:68],contents[68:76],76
  54. num_users=unpack("I",num)[0]
  55. text_list,byte_list=[num_users,IV],[root,num,IV]
  56. cipher=initialize_cipher(IV,key)
  57. for i in range(num_users):
  58. unlen_byte,curpos=contents[curpos:curpos+4],curpos+4
  59. check_len(unlen_byte,4,words)
  60. unlen=unpack("I",unlen_byte)[0]
  61. un_ct,curpos=contents[curpos:curpos+unlen],curpos+unlen
  62. check_len(un_ct,unlen,words)
  63. pwlen_byte,curpos=contents[curpos:curpos+4],curpos+4
  64. check_len(pwlen_byte,4,words)
  65. pwlen=unpack("I",pwlen_byte)[0]
  66. pw_ct,curpos=contents[curpos:curpos+pwlen],curpos+pwlen
  67. check_len(pw_ct,pwlen,words)
  68. dnlen_byte,curpos=contents[curpos:curpos+4],curpos+4
  69. check_len(dnlen_byte,4,words)
  70. dnlen=unpack("I",dnlen_byte)[0]
  71. dn_ct,curpos=contents[curpos:curpos+dnlen],curpos+dnlen
  72. check_len(dn_ct,dnlen,words)
  73. byte_list+=[unlen_byte,un_ct,pwlen_byte,pw_ct,dnlen_byte,dn_ct]
  74. un_byte,pw_byte,dn_byte = cipher.decrypt(un_ct),cipher.decrypt(pw_ct),cipher.decrypt(dn_ct)
  75. un=''.join([chr(x) for x in un_byte])
  76. pw=''.join([chr(x) for x in pw_byte])
  77. dn=''.join([chr(x) for x in dn_byte])
  78. text_list.append([un,pw,dn])
  79. check_len(contents,curpos,words)
  80. pff.close()
  81. return [text_list,byte_list]
  82. elif len(contents)==0:
  83. pff.close()
  84. return [[0,b''],[]]
  85. else:
  86. check_integrity([],words,True)
  87.  
  88. def check_len(item,length,words):
  89. if len(item)!=length:
  90. check_integrity([],words,True)
  91.  
  92. def initialize_cipher(IV,key):
  93. l=list(unpack("B"*8,IV))
  94. initial=sum([l[i]*(256**(len(l)-i-1)) for i in range(len(l))])
  95. ctr = Counter.new(128,initial_value=initial)
  96. return AES.new(key, AES.MODE_CTR, counter=ctr)
  97.  
  98. def user_input(mode="all"):
  99. un,pw,dn="","",""
  100. while True and mode=="all":
  101. un=input("Please enter a username less than 80 characters without space character and '!':\n")
  102. if '!' not in un and ' ' not in un and len(un)<80:
  103. break
  104. elif len(un)>=80:
  105. print("The username should be less than 80 characters!\n")
  106. else:
  107. print("The username should not contain space character or '!'\n")
  108. while True and (mode=="all" or mode=="chg_acct"):
  109. word=" "
  110. if mode=="chg_acct":
  111. word=" new "
  112. pw=input("Please enter a"+word+"password less than 80 characters without space character and '!':\n")
  113. if '!' not in pw and ' ' not in pw and len(pw)<80:
  114. break
  115. elif len(pw)>=80:
  116. print("The password should be less than 80 characters!\n")
  117. else:
  118. print("The password should not contain space character or '!'\n")
  119. while True and (mode=="all" or mode=="get_pw"):
  120. dn=input("Please enter a domain name less than 80 characters without space character and '!':\n")
  121. if '!' not in dn and ' ' not in dn and len(dn)<80:
  122. break
  123. elif len(dn)>=80:
  124. print("The domain name should be less than 80 characters!\n")
  125. else:
  126. print("The domain name should not contain space character or '!'\n")
  127. return un,pw,dn
  128.  
  129. def check_exist(un,dn,pw,content,command):
  130. print(content)
  131. if command=="reg_acct":
  132. return True in [user[0]==un or user[2]==dn for user in content[2:]]
  133. elif command=="del_acct" or command=="chg_acct":
  134. return True in [user[0]==un and user[1]==pw and user[2]==dn for user in content[2:]]
  135. else:
  136. unpw=[(user[0],user[1]) for user in content[2:] if user[2]==dn]
  137. if unpw==[]:
  138. return False
  139. else:
  140. return unpw[0][0],unpw[0][1]
  141.  
  142. def re_encrypt(key,content):
  143. pff=open("passwd_file","wb")
  144. IV,num=rand.bytes(8),pack("I",content[0])
  145. encrypt,users_list=num+IV,[num,IV]
  146. cipher=initialize_cipher(IV,key)
  147. for i in range(content[0]):
  148. user=content[2+i]
  149. un,pw,dn = cipher.encrypt(user[0]),cipher.encrypt(user[1]),cipher.encrypt(user[2])
  150. unlen,pwlen,dnlen=pack('I',len(un)),pack('I',len(pw)),pack('I',len(dn))
  151. encrypt+=unlen+un+pwlen+pw+dnlen+dn
  152. users_list+=[unlen,un,pwlen,pw,dnlen,dn]
  153. print (users_list)
  154. root=MHT_construct(users_list,SHA512.new())
  155. print (root)
  156. pff.write(root+encrypt)
  157. pff.close()
  158. return [root]+users_list
  159.  
  160. def MHT_construct(nodes,h):
  161. if len(nodes)==1:
  162. return nodes[0]
  163. L=[]
  164. for i in range(len(nodes)//2):
  165. h.update(nodes[i*2]+nodes[i*2+1])
  166. L.append(h.digest())
  167. if len(nodes)%2==0:
  168. return MHT_construct(L,h)
  169. else:
  170. L.append(nodes[-1])
  171. return MHT_construct(L,h)
  172.  
  173. def check_integrity(content,words,len_inconsist=False):
  174. if len_inconsist:
  175. print(words)
  176. exit()
  177. if content!=[]:
  178. if not content[0]==MHT_construct(content[1:],SHA512.new()):
  179. print(words)
  180. exit()
  181. else:
  182. return True
  183.  
  184. def reg_acct(key,content):
  185. un,pw,dn=user_input()
  186. if check_exist(un,dn,pw,content[0],"reg_acct"):
  187. return False
  188. content[0].append([un,pw,dn])
  189. content[0][0]+=1
  190. byte=re_encrypt(key,content[0])
  191. content[0][1]=byte[2]
  192. return [content[0],byte]
  193.  
  194. def del_acct(key,content):
  195. un,pw,dn=user_input()
  196. if not check_exist(un,dn,pw,content[0],"del_acct"):
  197. return False
  198. content[0].remove([un,pw,dn])
  199. content[0][0]=content[0][0]-1
  200. byte=re_encrypt(key,content[0])
  201. content[0][1]=byte[2]
  202. return [content[0],byte]
  203.  
  204. def chg_acct(key,content):
  205. un,pw,dn=user_input("all")
  206. if not check_exist(un,dn,pw,content[0],"chg_acct"):
  207. return False
  208. _,newpw,_=user_input("chg_acct")
  209. content[0].remove([un,pw,dn])
  210. content[0].append([un,newpw,dn])
  211. byte=re_encrypt(key,content[0])
  212. content[0][1]=byte[2]
  213. return [content[0],byte]
  214.  
  215. def get_pw(key,content):
  216. un,pw,dn=user_input("get_pw")
  217. result=check_exist(un,dn,pw,content,"get_pw")
  218. if result==False:
  219. print("USER ACCOUNT DOES NOT EXIST!\n")
  220. else:
  221. un,pw=result
  222. print("username "+un+" password "+pw+"\n")
  223.  
  224. def get_key(mpw):
  225. return KDF.PBKDF2(mpw,b"mulalamulala",dkLen=32)
  226.  
  227. def user_cmd(key,content):
  228. print(content[0])
  229. cmd=input("\nPlease enter an input command below:\n0.exit\n1.check integrity\n2.register account\n3.delete account\n4.change account:\n5.get password\n")
  230. if cmd not in "012345":
  231. print("Enter a legal number of user commands!\n")
  232. user_cmd(key,content)
  233. else:
  234. if cmd=='1':
  235. content=extract(key,"FAILED!\n")
  236. check_integrity(content[1],"FAILED!\n")
  237. print("PASSED!\n")
  238. elif cmd=='2':
  239. result=reg_acct(key,content)
  240. if result==False:
  241. print("\nUSER ACCOUNT ALREADY EXISTS!")
  242. else:
  243. content=result
  244. elif cmd=='3':
  245. result=del_acct(key,content)
  246. if result==False:
  247. print("USER ACCOUNT DOES NOT EXIST!\n")
  248. else:
  249. content=result
  250. elif cmd=='4':
  251. result=chg_acct(key,content)
  252. if result==False:
  253. print("USER ACCOUNT DOES NOT EXIST!\n")
  254. else:
  255. content=result
  256. elif cmd=='5':
  257. get_pw(key,content[0])
  258. else:
  259. exit()
  260. user_cmd(key,content)
  261.  
  262. main()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!