security: fix insecure PRNG, pickle RCE, path traversal, and hardcoded secrets

[30678678]

Summary

Security audit across the codebase. Ten files changed across five vulnerability classes.

---

1. Insecure PRNG in cryptographic code (S311)

random (Mersenne Twister) is not a CSPRNG — its 19,937-bit state is fully reconstructable after ~624 observed outputs, making generated keys predictable.

ciphers/rabin_miller.py

• import random → import secrets
• Witness selection: secrets.randbelow(num - 3) + 2 (range [2, num-2])
• Round count: 5 → 40 (false-positive probability ≤ 4⁻⁴⁰ ≈ 8.3e-25, per NIST SP 800-89)
• Prime generation: secrets.randbits(keysize) | (1 << (keysize - 1)) (OS entropy, guaranteed bit-length)
• Guard added: num < 5 raises ValueError to prevent secrets.randbelow(0) crash

ciphers/rsa_key_generator.py

• import random → import secrets
• Public exponent e: secrets.randbits(key_size) | (1 << (key_size - 1))
• Removed random.seed(0) doctest; replaced with property-based assertions

ciphers/elgamal_key_generator.py

• import random → import secrets
• Private key d: secrets.randbelow(p - 3) + 3
• Bug fix: primitive_root() had a dead filter — pow(g, p_val, p_val) == 1 is always False by Fermat's Little Theorem (gᵖ ≡ g mod p). Replaced with the correct Legendre symbol check: pow(g, (p-1)//2, p) == 1 rejects quadratic residues, ensuring the returned g has order p-1

ciphers/onepad_cipher.py

• import random → import secrets
• Key generation: secrets.randbelow(300) + 1
• Seed-dependent doctests replaced with structural assertions

---

2. Unsafe pickle deserialization — arbitrary code execution on load

neural_network/convolution_neural_network.py

• pickle removed entirely
• save_model(path) now writes a directory containing:
  • config.json — hyperparameters (human-readable, no execution risk)
  • weights.npz — weight arrays via np.savez (numpy's safe binary format)
• read_model(path) loads both files
• Breaking change: existing .pkl model files must be re-trained and re-saved

---

3. Path traversal via unsanitised query string

web_programming/download_images_from_google_query.py

• Query string sanitised with re.sub(r"[^\w\s-]", "_", query) before use as directory name
• Path.resolve() boundary check raises ValueError if destination escapes cwd
• pathlib.Path used for all path construction

---

4. Hardcoded secret key and plaintext HTTP

web_programming/recaptcha_verification.py

• secret_key = "secretKey" → os.environ.get("RECAPTCHA_SECRET_KEY", "")

web_programming/current_weather.py

• WEATHERSTACK_URL_BASE was http://, now https://

---

5. Security validation via assert (bypassed with python -O)

assert statements are silently removed when Python runs with -O/-OO or PYTHONOPTIMIZE=1, making all input validation bypassable.

ciphers/xor_cipher.py — 12 assert isinstance calls across 6 methods → raise TypeError

ciphers/base64_cipher.py — 3 assert calls → raise TypeError / raise ValueError

[algorithms-keeper]

Closing this pull request as invalid

@30678678, this pull request is being closed as none of the checkboxes have been marked. It is important that you go through the checklist and mark the ones relevant to this pull request. Please read the Contributing guidelines.

If you're facing any problem on how to mark a checkbox, please read the following instructions:

• Read a point one at a time and think if it is relevant to the pull request or not.
• If it is, then mark it by putting a x between the square bracket like so: [x]

NOTE: Only [x] is supported so if you have put any other letter or symbol between the brackets, that will be marked as invalid. If that is the case then please open a new pull request with the appropriate changes.