Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > de.comp.lang.python > #5521
| Path | csiph.com!fu-berlin.de!uni-berlin.de!not-for-mail |
|---|---|
| From | Christian Baier <chrbaier@gmx.de> |
| Newsgroups | de.comp.lang.python |
| Subject | [Python-de] Crypto mit Python2-Hausmitteln?. |
| Date | Sun, 30 Jun 2019 22:38:56 +0200 |
| Lines | 78 |
| Message-ID | <mailman.67.1561927138.29664.python-de@python.org> (permalink) |
| References | <ca0c4c44-fc38-e80b-9e47-07e797ccc6ee@gmx.de> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=utf-8; format=flowed |
| Content-Transfer-Encoding | quoted-printable |
| X-Trace | news.uni-berlin.de rKk85nUzWMvC/kGREuuEBg3y5j/MRuuQ0CdGjK144YYQ== |
| Return-Path | <chrbaier@gmx.de> |
| X-Original-To | python-de@python.org |
| Delivered-To | python-de@mail.python.org |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1561927137; bh=rYd5d7PtPOn8oXI723eK81o4HIDkTHW1OzRl9xnJk+I=; h=X-UI-Sender-Class:To:From:Subject:Date; b=diN9T60rpuXX8akiPGJzLAC1sLnEMlpf6YMc8HH8oUB9wc4fmhoyuuncu62BKcduj OzgkCLj9q3g7/6Jpoalvf5+44MsuZMRDFjfVb2lllotrFLuFJhzOZIok6OPpxA2HHY +nKhjsto+Uw5u28b8YExaNHCjM6882lFhuanXx2c= |
| X-UI-Sender-Class | 01bb95c1-4bf8-414a-932a-4f6e2808ef9c |
| User-Agent | Mozilla/5.0 (X11; Linux i686; rv:60.0) Gecko/20100101 Thunderbird/60.7.1 |
| Content-Language | de-DE |
| X-Provags-ID | V03:K1:5zdBID15Zxqt22eqchAhopgncC3S5Eriy6XiLJMI8z2+4JMu9yO qY8cQPsodmxpwTRSynzVif2syttnq3r91NzG3t9wxaTCXthsrmUc4hm4OLDx03gx8esNrk0 fAMxr4fM5nzNpqqhJ8qrR7rrx++T0IWLTJBz0as7BTQKe313PPLTPwz39Kk5Wb4TAD48WHl ZEu8Buj+CpAR4/5q7A2Tw== |
| X-Spam-Flag | NO |
| X-UI-Out-Filterresults | notjunk:1;V03:K0:FCFLBe2g7tI=:7x4PbmXlOT7//7thT0ISn6 qrpAzrQAm30smIfYLmV65XJeJESWqXvlNt8ERS+mzPveqNDOwbSO7SDOYhEWwlpbg/rqkTiCV ZA95gRiIZXscf8sCqTOdnKNha8LhZvjy8gkD4GRYlcnoP06w7cq+pdZvOmHeJzAGnW737t7qK jWyeNuWEDY77ZZtsTPEP6J5Z2fQCISWLSnzZ9clV7d+ySuoiVMbXYWp5kQNPFfu//SkKn2W2p YBZa4t3xWA6vi6XPqGZYly54/YJf+FkMB30cWOgSq/VJeJVVAxDRb57qC3Nrv6P2nB5tAWkFA Ob+9ZuYClfKJT31AEoVqX1XjSRlh11vpEbPgHDaSnyOuiRYUol3i2gEbl5YN6o1MRy8cLTqhD Nexx4VW0tVz7OlogcRKKhQ5Byw7RunAZbjiCeX3SRcHhm0QSS/0YpIAHr/q7EM1a+XEH60ql9 TR8Z/TKkkpu4ljN12WPVaDcuiNyDtqWGpoku9ynWR4SCZe2QQHckFw/FvIX6wQ+nl55wnVuV5 t0cULdfE/jUxfhYYX5Sf7pYLskkBhXSFkKBY/Cb9/vtVNOkYKKvxhSvNymeic/WvJ2T5xFmcG m4JL1PcpEPXj4X2IN084lpu32210ECvEwGS97tj9wGXYX2SAMvhQJroSWpnIEMqTHFeufkdXC N4jY08p5f5dd5WIayRWSq33uWQ/Xry5sQIl0c/4eP82Jhb5iANjLA9Tdbfb8A1Pbcv5cCrST2 WYLfRecQt7gyeY2T1pPwBHp1Ro58ECPqlkq1fZ6BNF0I3JEYPah4vky7sd/qZl9y+F+qFLwHC fbXQUMqlozZm61bqNHeo+cijhv7nDI3Hx7kZEX0tgKINoMyyOSWHr/GpGOrwm6ESrLbcnvYuw YBRaY8hbwnbEETiaXayO7ekNE0ow6YappsYW/Pko5BVSv5L7EnSz/n6b8T32BlBea5nIYmDOS iGnMDZ6HWaAsyFhrWBXxMRfIVkljCApVDOAtM6K0gVtqOC95btlFshYkKEmxcJDzoyIDyrrt0 Ceu3yHxX+Zx0CcM536ot7W6DLmZ6m7a7I3NOVp4EtLyqC0xpg4d1oGncJVEfzNecoUq7hH3BP /GXQvN4a1jD57A2Roemh4yeY/LeGSlPCtKy |
| X-BeenThere | python-de@python.org |
| X-Mailman-Version | 2.1.29 |
| Precedence | list |
| List-Id | Die Deutsche Python Mailingliste <python-de.python.org> |
| List-Unsubscribe | <https://mail.python.org/mailman/options/python-de>, <mailto:python-de-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-de/> |
| List-Post | <mailto:python-de@python.org> |
| List-Help | <mailto:python-de-request@python.org?subject=help> |
| List-Subscribe | <https://mail.python.org/mailman/listinfo/python-de>, <mailto:python-de-request@python.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <ca0c4c44-fc38-e80b-9e47-07e797ccc6ee@gmx.de> |
| Xref | csiph.com de.comp.lang.python:5521 |
Show key headers only | View raw
Hi,
gibt es hier Cryptoexperten?
Ich habe da einen Rechner, auf dem ich einen Passwortmanager für
(vorgegebene!) Passwörter brauchen könnte, aber keine fremde Software
ausführen darf, außer Python2.7-Scripte.
Und ich frage mich gerade: Ist das wirklich schon alles was ich brauche,
oder habe ich einen Denkfehler?:
---8<---
#!/usr/bin/python2
import hashlib, getpass
#dictionary pl mit { "Dienstname" : "crypted Text" }:
pl = {
'test': 'M\xa2X\xdeU-y(\\\xad\xc8YV\x1d\x18\x9d',
'Geheimnis': '>\xcdvA\t\x9c\x82\xb3\xd9\xd8eI\x1amh\xde',
}
def xor(data, service, masterpassword ):
salt = ( "g\x9b#\xaeG\xffM\x1a\xa3\t&;\xdb\xbe\xcd6\x04X"
+ "\xa9z\x03\x86\xb7K\xff\xa1\xd7uR`\xa1\x16\xc5"
+ "\x91\x02\xa7y;f\x9b\x19%\x86\xea" )
initstr = service + salt + masterpassword
# zum verlangsamen: * 1000000
h = hashlib.sha512( initstr * 1000000 )
key = h.digest()
# Passwortlaenge verschleiern, mind. 16
data = data + " " * ( 16 - len( data ) )
while len( data ) > len( key ):
h.update( initstr )
key += h.digest()
return "".join( [ chr( ord( chardata ) ^ ord( charkey ) ) for (
chardata, charkey ) in zip( data, key ) ] )
if __name__ == '__main__':
masterpassword = ""
while len( masterpassword ) < 8:
masterpassword = getpass.getpass( """Geben Sie das
Master-Passwort ein: """ )
print( "\nGespeicherte Dienste:\n" )
for service in sorted( pl ):
print( service )
checked = False
while True:
service = raw_input("\nDienst:")
cryptedpassword = pl.get( service, None )
if cryptedpassword:
print( xor( cryptedpassword, service, masterpassword ) )
else:
print( """\nDienst noch unbekannt. Bitte 2 x das zu
chiffrierende Passwort eingeben.""" )
newpassword = "********"
passw_check = "--------"
while passw_check != newpassword:
newpassword = passw_check
passw_check = getpass.getpass( "Neues Passwort:" )
if checked or masterpassword == getpass.getpass( """Geben
Sie noch mal das Master-Passwort ein: """ ):
checked = True
print( """\nDictionary pl im Quelltext erweitern mit:\n
%s: %s,\n""" % ( repr( service ), repr( xor( newpassword, service,
masterpassword ) ) ) )
--->8---
Habe hier ein schwaches Masterpasswort verwendet,
...falls jemand mein Geheimnis knacken möchte ;-)
Freue mich auf Rückmeldungen!
Gruß
Christian
Back to de.comp.lang.python | Previous | Next | Find similar
[Python-de] Crypto mit Python2-Hausmitteln?. Christian Baier <chrbaier@gmx.de> - 2019-06-30 22:38 +0200
csiph-web