-
Notifications
You must be signed in to change notification settings - Fork 0
/
master_password.py
57 lines (31 loc) · 1.62 KB
/
master_password.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
from hashlib import sha256
from Cryptodome.Cipher import AES
from pbkdf2 import PBKDF2
import hashlib
from base64 import b64encode, b64decode
# Enter salt here in ******* field. Enter binary string.
salt = b'.Y\x18\xcf\xe5\x044\x08'
def query_master_pwd(master_password, second_FA_location):
# Enter password hash in ******** field. Use PBKDF2 and Salt from above. Use master_password_hash_generator.py to generate a master password hash.
master_password_hash = "4065363801c47128ef36d85e13109a39bafb0528d1156ae0b063fde3b05b3fd1"
compile_factor_together = hashlib.sha256(master_password + second_FA_location).hexdigest()
if compile_factor_together == master_password_hash:
return True
def encrypt_password(password_to_encrypt, master_password_hash):
key = PBKDF2(str(master_password_hash), salt).read(32)
data_convert = str.encode(password_to_encrypt)
cipher = AES.new(key, AES.MODE_EAX)
nonce = cipher.nonce
ciphertext, tag = cipher.encrypt_and_digest(data_convert)
add_nonce = ciphertext + nonce
encoded_ciphertext = b64encode(add_nonce).decode()
return encoded_ciphertext
def decrypt_password(password_to_decrypt, master_password_hash):
if len(password_to_decrypt) % 4:
password_to_decrypt += '=' * (4 - len(password_to_decrypt) % 4)
convert = b64decode(password_to_decrypt)
key = PBKDF2(str(master_password_hash), salt).read(32)
nonce = convert[-16:]
cipher = AES.new(key, AES.MODE_EAX, nonce=nonce)
plaintext = cipher.decrypt(convert[:-16])
return plaintext