kandi background
Explore Kits

crypto-yank | clipboard crypto stealer that monitors for crypto addresses | Encryption library

 by   jacques-andre Python Version: Current License: GPL-3.0

 by   jacques-andre Python Version: Current License: GPL-3.0

Download this library from

kandi X-RAY | crypto-yank Summary

crypto-yank is a Python library typically used in Financial Services, Fintech, Security, Encryption applications. crypto-yank has no bugs, it has no vulnerabilities, it has build file available, it has a Strong Copyleft License and it has low support. You can download it from GitHub.
crypto-yank is a clipboard crypto stealer that monitors for crypto addresses and replaces them with your own.
Support
Support
Quality
Quality
Security
Security
License
License
Reuse
Reuse

kandi-support Support

  • crypto-yank has a low active ecosystem.
  • It has 51 star(s) with 9 fork(s). There are 1 watchers for this library.
  • It had no major release in the last 12 months.
  • There are 0 open issues and 1 have been closed. There are no pull requests.
  • It has a neutral sentiment in the developer community.
  • The latest version of crypto-yank is current.
crypto-yank Support
Best in #Encryption
Average in #Encryption
crypto-yank Support
Best in #Encryption
Average in #Encryption

quality kandi Quality

  • crypto-yank has 0 bugs and 1 code smells.
crypto-yank Quality
Best in #Encryption
Average in #Encryption
crypto-yank Quality
Best in #Encryption
Average in #Encryption

securitySecurity

  • crypto-yank has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
  • crypto-yank code analysis shows 0 unresolved vulnerabilities.
  • There are 0 security hotspots that need review.
crypto-yank Security
Best in #Encryption
Average in #Encryption
crypto-yank Security
Best in #Encryption
Average in #Encryption

license License

  • crypto-yank is licensed under the GPL-3.0 License. This license is Strong Copyleft.
  • Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.
crypto-yank License
Best in #Encryption
Average in #Encryption
crypto-yank License
Best in #Encryption
Average in #Encryption

buildReuse

  • crypto-yank releases are not available. You will need to build from source code and install.
  • Build file is available. You can build the component from source.
  • Installation instructions are not available. Examples and code snippets are available.
  • It has 57 lines of code, 4 functions and 2 files.
  • It has low code complexity. Code complexity directly impacts maintainability of the code.
crypto-yank Reuse
Best in #Encryption
Average in #Encryption
crypto-yank Reuse
Best in #Encryption
Average in #Encryption
Top functions reviewed by kandi - BETA

kandi has reviewed crypto-yank and discovered the below as its top functions. This is intended to give you an instant insight into crypto-yank implemented functionality, and help decide if they suit your requirements.

  • Replace cryptos .
  • Detects the user clipboard .
  • Log crypto found in user clipboard .
  • Replace user in user_clipboard

crypto-yank Key Features

crypto-yank is a clipboard crypto stealer that monitors for crypto addresses and replaces them with your own.

Community Discussions

Trending Discussions on Encryption
  • Crypto-js encryption and Python decryption using HKDF key
  • Access a .pem public key from .env file
  • iOS CryptoSwift AES Encryption to Python Decryption works - but not the inverse
  • Encrypt data in Javascript, Decrypt data in C# using private/public keys
  • How do I calculate a key check value for AES-128-CBC?
  • C# - How to Decrypt an Encrypted Private Key with Bouncy Castle
  • Problem Updating to .Net 6 - Encrypting String
  • Missing entries in user.config after decryption/encryption
  • multithreading or multiprocessing for encrypting multiple files
  • How do I correctly store encryption keys on macOS so only my executable can access them?
Trending Discussions on Encryption

QUESTION

Crypto-js encryption and Python decryption using HKDF key

Asked 2022-Mar-28 at 11:29

Based on the example provided here on how to establish a shared secret and derived key between JS (Crypto-JS) and Python, I can end up with the same shared secret and derived key on both ends.

However, when I try to encrypt as below, I cannot find a way to properly decrypt from Python. My understanding is that probably I am messing with the padding or salts and hashes.

    const payload = "hello"
    var iv = CryptoJS.enc.Utf8.parse("1020304050607080");

    var test = CryptoJS.AES.encrypt(
        payload,
        derived_key,
        {iv: iv, mode: CryptoJS.mode.CBC}
    ).toString();

    console.log(test)

Output "y+In4kriw0qy4lji6/x14g=="

Python (one of the attempts):

from Crypto.Cipher import AES
from Crypto.Util.Padding import pad,unpad

iv = "1020304050607080"

test_enc = "y+In4kriw0qy4lji6/x14g=="
enc = base64.b64decode(test_enc)

cipher = AES.new(derived_key, AES.MODE_CBC, iv.encode('utf-8'))

print(base64.b64decode(cipher.decrypt(enc)))

print(unpad(cipher.decrypt(enc),16))

Any guidance here would be greatly appreciated as I am stuck for quite some time.

(I have encryption working using a password, but struggling with HKDF).

EDIT:

Here is the full Python code:

from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization
import base64


from Crypto.Cipher import AES
from Crypto.Util.Padding import pad,unpad


def deriveKey():

  server_pkcs8 = b'''-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBReGpDVmoVTzxNbJx6
aL4L9z1EdB91eonAmAw7mKDocLfCJITXZPUAmM46c6AipTmhZANiAAR3t96P0ZhU
jtW3rHkHpeGu4e+YT+ufMiMeanE/w8p+d9aCslvIbZyBBzeZ/266yqTUUoiYDzqv
Hb5q8rz7vEgr3DG4XfHYpCqfE2nttQGK3emHKGnvY239AteZkdwMpcs=
-----END PRIVATE KEY-----'''

  client_x509 = b'''-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEm0xeyy3nVnYpOpx/CV/FnlNEdWUZaqtB
AGf7flKxXEjmlSUjseYzCd566sLpNg56Gw6hcFx+rWTLGR4eDRWfmwlXhyUasuEg
mb0BQf8XJLBdvadb9eFx2CP1yjBsiy8e
-----END PUBLIC KEY-----'''

  client_public_key = serialization.load_pem_public_key(client_x509)
  server_private_key = serialization.load_pem_private_key(server_pkcs8, password=None)
  shared_secret = server_private_key.exchange(ec.ECDH(), client_public_key)
  print('Shared secret: ' + base64.b64encode(shared_secret).decode('utf8')) # Shared secret: xbU6oDHMTYj3O71liM5KEJof3/0P4HlHJ28k7qtdqU/36llCizIlOWXtj8v+IngF

  salt_bytes = "12345678".encode('utf-8')
  info_bytes = "abc".encode('utf-8')

  derived_key = HKDF(
    algorithm=hashes.SHA256(),
    length=32,
    salt=salt_bytes,
    info=info_bytes,
  ).derive(shared_secret)
  print('Derived key:   ' + base64.b64encode(derived_key).decode('utf8'))
  return derived_key

derived_key = deriveKey()
iv = "1020304050607080"

test_enc = "y+In4kriw0qy4lji6/x14g=="
enc = base64.b64decode(test_enc)

cipher = AES.new(derived_key, AES.MODE_CBC, iv.encode('utf-8'))

print(base64.b64decode(cipher.decrypt(enc)))

print(unpad(cipher.decrypt(enc),16))

ANSWER

Answered 2022-Mar-28 at 11:29

The issue is that the key is not passed correctly in the CryptoJS code.


The posted Python code generates LefjQ2pEXmiy/nNZvEJ43i8hJuaAnzbA1Cbn1hOuAgA= as Base64-encoded key. This must be imported in the CryptoJS code using the Base64 encoder:

const payload = "hello"
var derived_key = CryptoJS.enc.Base64.parse("LefjQ2pEXmiy/nNZvEJ43i8hJuaAnzbA1Cbn1hOuAgA=")
var iv = CryptoJS.enc.Utf8.parse("1020304050607080");
var test = CryptoJS.AES.encrypt(payload, derived_key, {iv: iv, mode: CryptoJS.mode.CBC}).toString();
document.getElementById("ct").innerHTML = test; // bLdmGA+HLLyFEVtBEuCzVg==
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>
<p style="font-family:'Courier New', monospace;" id="ct"></p>

The hereby generated ciphertext bLdmGA+HLLyFEVtBEuCzVg== can be decrypted with the Python code:

from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
import base64

test_enc = "bLdmGA+HLLyFEVtBEuCzVg=="
enc = base64.b64decode(test_enc)
derived_key = base64.b64decode("LefjQ2pEXmiy/nNZvEJ43i8hJuaAnzbA1Cbn1hOuAgA=")
iv = "1020304050607080"
cipher = AES.new(derived_key, AES.MODE_CBC, iv.encode('utf-8'))
print(unpad(cipher.decrypt(enc),16)) # b'hello'

Note that for security reasons, a static IV should not be used so that key/IV pairs are not repeated.

Source https://stackoverflow.com/questions/71632056

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install crypto-yank

You can download it from GitHub.
You can use crypto-yank like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.

Support

More on the way....

DOWNLOAD this Library from

Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

Share this Page

share link
Compare Encryption Libraries with Highest Support
Compare Encryption Libraries with Permissive License
Compare Encryption Libraries with Highest Reuse
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

  • © 2022 Open Weaver Inc.