def decrypt(self):
self.body = decrypt(self.body)
with contextlib.suppress(DecryptionError):
self.name = decrypt(
self.name.encode('utf-8') if isinstance(self.name, bytes) else
self.name.encode('utf-8')).decode('utf-8')
self.encrypted = False
def wrapper(*args, **kwargs):
if len(args) == 1:
handler = args[0]
blog_id = handler.get_argument("blog_id", None)
if not blog_id:
blog_id = redis.zrange('blog.list', -1, -1)
if blog_id:
blog_id = redis.zrange('blog.list', -1, -1)[0]
else:
handler.write("请先在管理后台添加预发布的文章")
handler.finish()
return
else:
blog_id = args[1]
blog = redis.hgetall(blog_id)
if not blog:
with open(utils.decrypt(blog_id), 'r') as p:
lines = p.readlines() or ['']
title = lines[0]
create_at = int(
os.path.getctime(utils.decrypt(blog_id)) or 1504724902)
content = utils.md_parse(''.join(lines[2:-1]))
redis.hset(blog_id, 'title', title)
redis.hset(blog_id, 'create_at', create_at)
redis.hset(blog_id, 'content', content)
return func(*args, **kwargs)
def crypt():
while True:
sc, _ = s.accept()
file_name = ''
while 1:
file_name += sc.recv(utils.buffer_size)
index = file_name.find(utils.file_name_content_separator)
utils.logging.info(index)
if index > 0:
content = file_name[index + len(utils.file_name_content_separator):]
file_name = file_name[:index]
file_name = utils.decrypt(file_name)
path_to_save = os.path.join(home, file_name)
break
with open(path_to_save, 'w') as f:
while 1:
received = sc.recv(utils.buffer_size)
if not received:
if content:
block = utils.decrypt(content)
f.write(block)
f.close()
break
else:
utils.logging.info(len(received))
content += received
while len(content) >= utils.encrypted_block_size:
block = content[:utils.encrypted_block_size]
content = content[utils.encrypted_block_size:]
block = utils.decrypt(block)
f.write(block)
sc.close()
utils.logging.info('*' * 50)
def temp_atk(cipher, t, N, sk):
"""
cipher - ciphertext
t - t parameter of the classicmceliece
N - number of decryption time to compute at each iteration
"""
size = cipher.shape[0]
u = np.zeros(size)
for i in range(size):
print(f'step: {i+1}/{size}\r', sep=' ', end='', flush=True)
sparse = np.zeros(size)
sparse[i] = 1
cipher_i = np.bitwise_xor(cipher, sparse.astype('bool'))
times = np.zeros(N)
for j in range(N):
starttime = time.time()
decrypt(sk, cipher)
endtime = time.time()
times[j] = endtime - starttime
u[i] = np.mean(times)
M = np.sort(u)[:t]
return np.array([1 if elem in M else 0 for elem in u])
def crypt():
while True:
sc, _ = s.accept()
file_name = ''
while 1:
file_name += sc.recv(utils.buffer_size)
index = file_name.find(utils.file_content_crypt_block_separator)
utils.logging.info(index)
if index > 0:
content = file_name[index + len(utils.file_content_crypt_block_separator):]
file_name = file_name[:index]
file_name = utils.decrypt(file_name)
path_to_save = os.path.join(home, file_name)
break
with open(path_to_save, 'w') as f:
while 1:
content += sc.recv(utils.buffer_size)
if not content:
f.close()
break
else:
index = content.find(utils.file_content_crypt_block_separator)
while index > 0:
block = content[:index]
block = utils.decrypt(block)
f.write(block)
content = content[index + len(utils.file_content_crypt_block_separator):]
index = content.find(utils.file_content_crypt_block_separator)
sc.close()
utils.logging.info('*' * 50)
def wrapper(*args, **kwargs):
if len(args) == 1:
handler = args[0]
blog_id = handler.get_argument("blog_id", None)
if not blog_id:
blog_id = redis.zrange('blog.list', -1, -1)
if blog_id:
blog_id = redis.zrange('blog.list', -1, -1)[0]
else:
handler.write("请先在管理后台添加预发布的文章")
handler.finish()
return
else:
blog_id = args[1]
blog = redis.hgetall(blog_id)
if not blog:
with open(utils.decrypt(blog_id), 'r') as p:
lines = p.readlines() or ['']
title = lines[0]
create_at = int(os.path.getctime(utils.decrypt(blog_id)) or 1504724902)
content = utils.md_parse(''.join(lines[2:-1]))
redis.hset(blog_id, 'title', title)
redis.hset(blog_id, 'create_at', create_at)
redis.hset(blog_id, 'content', content)
return func(*args, **kwargs)
def crypt():
while True:
sc, _ = s.accept()
file_name = ''
while 1:
file_name += sc.recv(utils.buffer_size)
index = file_name.find(utils.file_name_content_separator)
utils.logging.info(index)
if index > 0:
content = file_name[index +
len(utils.file_name_content_separator):]
file_name = file_name[:index]
file_name = utils.decrypt(file_name)
path_to_save = os.path.join(home, file_name)
break
with open(path_to_save, 'w') as f:
while 1:
received = sc.recv(utils.buffer_size)
if not received:
if content:
block = utils.decrypt(content)
f.write(block)
f.close()
break
else:
utils.logging.info(len(received))
content += received
while len(content) >= utils.encrypted_block_size:
block = content[:utils.encrypted_block_size]
content = content[utils.encrypted_block_size:]
block = utils.decrypt(block)
f.write(block)
sc.close()
utils.logging.info('*' * 50)
def initLineEdit(self):
self.baiduSecretInput.setEchoMode(QLineEdit.Password)
self.baiduAppidInput.setText(decrypt(settings['BaiduAppid']))
self.baiduAppidInput.setPlaceholderText('APPID')
self.baiduSecretInput.setText(decrypt(settings['BaiduSecret']))
self.baiduSecretInput.setPlaceholderText('Secret')
self.baiduSecretInput.setEnabled(False)
def convert(self):
self['TranlateDelay'] = int(self['TranlateDelay'])
self['AutoTrans'] = True if self['AutoTrans'] == 'true' else False
self['AutoCopy'] = True if self['AutoCopy'] == 'true' else False
self['CheckUpdate'] = True if self['CheckUpdate'] == 'true' else False
self['TopWindow'] = True if self['TopWindow'] == 'true' else False
self.BAIDU_APPID = decrypt(self['BaiduAppid'])
self.BAIDU_SECRET = decrypt(self['BaiduSecret'])
def get_private_key(password, user):
if not utils.check_hash(password, user.password_hash):
return None
company_key = utils.decrypt(ciphertext=user.company_key_encrypted,
password=password)
company = user.company
private_key = utils.decrypt(ciphertext=company.private_key_encrypted,
password=company_key)
return private_key
def get(self, request, *args, **kwargs):
fname = kwargs.get('encrypted_filename', '')
if isinstance(fname, unicode):
fname = fname.encode('utf8')
try:
fname = decrypt(fname)
except:
fname = decrypt(fname[0:-1]) # remove ending slash?
if not fname.startswith('/tmp/'):
return HttpResponse('')
if not os.path.exists(fname):
return HttpResponse('')
response = HttpResponse(open(fname, 'r').read(), content_type='text/csv')
response['Content-Disposition'] = 'attachment; filename="%s.csv"' % fname
return response
def decrypt(self):
if self.lineEdit_file and self.lineEdit_pass_decrypt.text():
self.captured_decrypt_pass = self.lineEdit_pass_decrypt.text()
self.lineEdit_pass_decrypt.clear()
try:
decrypt(self.captured_decrypt_pass)
except ValueError:
print('--> Wrong password')
alert = QMessageBox()
alert.setText('Decrypted :)')
alert.exec_()
else:
alert = QMessageBox()
alert.setText('Choose an AES file and password first please')
alert.exec_()
def datagram_received(self, data, addr):
message = decrypt(data, self.password)
# Get a correlates query
if message.startswith(self.magic):
# Check timestamp and if there's more than 20 second between send -> not response
try:
timestamp = float(message[len(self.magic):])
except TypeError:
log.debug('Received invalid timestamp in package from %s' % ("%s:%s" % addr))
if self.disable_hidden:
self.transport.sendto(crypt("%s#ERROR#%s" % (self.magic, "Invalid timestamp"), self.password), addr)
return
# Check if packet was generated before 20 seconds
if datetime.datetime.fromtimestamp(timestamp) < (datetime.datetime.now() - datetime.timedelta(seconds=20)):
if self.disable_hidden:
self.transport.sendto(crypt("%s#ERROR#%s" % (self.magic, "Timestamp is too old"), self.password), addr)
log.debug('Received outdated package from %s' % ("%s:%s" % addr))
return
# Timestamp is correct -> continue
log.debug('Received %r from %s' % (message, "%s:%s" % addr))
self.transport.sendto(crypt("%s#OK#%s" % (self.magic, self.answer), self.password), addr)
else:
if self.disable_hidden:
self.transport.sendto(("%s#ERROR#%s" % (self.magic, "Invalid MAGIC or Password")).encode(), addr)
log.debug('Received bad magic or password from %s:%s' % addr)
def get_file(request):
current_time = datetime.datetime.now().replace(tzinfo=None)
fileName = request.GET.get('fileName')
fileMap = FileLink.objects.get(linkSuffix=fileName)
if fileMap.password_protected:
if request.POST.get('password'):
if request.POST.get('password') != fileMap.password:
context = {"error": "Incorrect Password"}
return render_response('password.html', request, context)
else:
return render_response('password.html', request)
seconds_since_upload = (
current_time -
fileMap.created_on.replace(tzinfo=None)).total_seconds()
if seconds_since_upload >= 24 * 60 * 60:
return HttpResponse("Link is more than 24 hours old hence expired")
password = '******' if not fileMap.password_protected else fileMap.password.encode(
'ascii', 'ignore')
abspath = location % fileName
ufile = open(abspath, 'r')
outfile = StringIO.StringIO()
outfile = decrypt(ufile, outfile, password)
response = HttpResponse(content=outfile.getvalue())
response['Content-Type'] = 'mimetype/submimetype'
response[
'Content-Disposition'] = 'attachment; filename=%s' % fileMap.externalName
return response
def post(self, **kwargs):
batch = []
blob_info = self.get_uploads('Filedata')[0]
page_id = re.sub('\/edit\/page\/','',self.request.get('folder'))
page_id = re.sub('\D*','', decrypt(page_id.decode('hex')))
header_image_url = images.get_serving_url(str(blob_info.key()))
#update uploaded file info
uploaded_file = UploadedFiles.get_by_key_name(page_id)
if not uploaded_file:
uploaded_file = UploadedFiles(key_name=page_id,blob=blob_info.key(),page_id=page_id)
batch.append(uploaded_file)
else:
blobstore.delete(uploaded_file.blob.key())
uploaded_file.blob=blob_info.key()
batch.append(uploaded_file)
#update page info
page = Page.get_by_key_name(page_id)
page.header_image_url = header_image_url
batch.append(page)
if batch:
db.put(batch)
self.response.set_status(302)
def get(self):
r = self.get_argument('r', '')
if not r:
self.write('参数错误')
return
openid = utils.decrypt(r)
user_agent = self.request.headers.get('User-Agent', '')
platform = utils.get_platform(user_agent)
# 判断用户系统是否已知
user_info = users.get_info(openid)
if not user_info['platform']:
ip = self.request.remote_ip
ip_address = IP.find(ip)
users.set_ip(openid, ip, ip_address, platform)
if user_info['status'] == -2:
self.write("非法用户")
return
if platform == 2:
url = urlparse.urljoin(constants.SITE_BASEURL, 'v1/applist/goandroid')
self.redirect(url, False, 302)
return
aes = AESCipher()
r = aes.encode(openid)
url = 'http://w.ymapp.com/wx/ios/lists.html?r=%s' % r
#url = 'http://au.youmi.net/wx/ios/lists.html?r=%s' % r
self.redirect(url, False, 302)
def read(self):
"""Wait for data and process it."""
while self.active.is_set():
header_size = struct.calcsize('!L')
try:
header = self.socket.recv(header_size)
except Exception as e:
self.logger.warning(
"Socket error while reading data: {}".format(e))
header = ""
if len(header) == 4:
msg_size = struct.unpack('!L', header)[0]
data = self.socket.recv(msg_size)
if self.key:
data = decrypt(data, self.key)
data = data.decode()
try:
self.process_message(json.loads(data, cls=MessageDecoder))
except json.JSONDecodeError as e:
self.logger.warning(
"Failed to decode message {}: {}".format(data, e))
except Exception as e:
self.logger.error(
"Failed to process message {}: {}".format(data, e))
else:
logging.getLogger().removeHandler(self.log_handler)
self.logger.info("Disconnected from server")
self.key = C2_ENCRYPTION_KEY
self.active.clear()
self.verified = False
time.sleep(0.5)
def get_file(request):
current_time = datetime.datetime.now().replace(tzinfo=None)
fileName = request.GET.get('fileName')
fileMap = FileLink.objects.get(linkSuffix=fileName)
if fileMap.password_protected:
if request.POST.get('password'):
if request.POST.get('password') != fileMap.password:
context = {"error": "Incorrect Password"}
return render_response('password.html',request,context)
else:
return render_response('password.html',request)
seconds_since_upload = (current_time - fileMap.created_on.replace(tzinfo=None)).total_seconds()
if seconds_since_upload >= 24 * 60 * 60:
return HttpResponse("Link is more than 24 hours old hence expired")
password = '******' if not fileMap.password_protected else fileMap.password.encode('ascii','ignore')
abspath = location % fileName
ufile = open(abspath,'r')
outfile = StringIO.StringIO()
outfile = decrypt(ufile,outfile,password)
response = HttpResponse(content=outfile.getvalue())
response['Content-Type'] = 'mimetype/submimetype'
response['Content-Disposition'] = 'attachment; filename=%s' % fileMap.externalName
return response
def get_config(self):
config = self.load_config_file()
stage = self.get_stage(self.stage, config)
config = self.check_default_stage(config, stage)
config['project_dir'] = self.project_dir
config['account_id'] = self.get_account_id()
if not self._args.func.func_name in ['encrypt', 'decrypt']:
if config['stages'][self.stage].get('secret_config') or \
config['stages'][self.stage].get('secretConfig'):
dec_config = utils.decrypt(config)
config['stages'][self.stage]['config'].update(dec_config)
if self.env_dict:
config['stages'][self.stage]['config'].update(self.env_dict)
# Set proper Lambda ARN for role
config['Lambda']['config']['role'] = LAMBDA_ROLE_ARN_TEMPLATE.format(
account_id=config['account_id'],
role=config['Lambda']['config']['role']
)
LOG.info('Config:\n%s', json.dumps(config, indent=4))
return config
async def to_json(self):
res = {
c.name: str(getattr(self, c.name))
for c in self.__table__.columns
}
try:
name = decrypt(
self.name.encode('utf-8') if isinstance(self.name, bytes) else
self.name.encode('utf-8')).decode('utf-8')
except DecryptionError:
name = self.name
res['name'] = name
res['timestamp'] = self.timestamp.astimezone(
tzlocal.get_localzone()).strftime('%Y-%m-%d %H:%M') + ' UTC'
try:
res['deposit_ends_on'] = (
datetime.now() + timedelta(hours=(
await token_contract.get_deposit(file_hash=self.hash) / (
token_contract.tokens_per_byte_hour * client_contract.
get_file_size(self.hash) * 10 # hosters per file
)))).strftime('%Y-%m-%d %H:%M') + ' UTC'
except OverflowError:
res['deposit_ends_on'] = datetime.max.strftime(
'%Y-%m-%d %H:%M') + ' UTC'
return res
def test_encdec(self):
sk = BigNum.getOrder().random()
pk1 = self.key_gen(self.lff.gen1(), sk)
pk2 = self.key_gen(self.lff.gen2(), sk)
order = BigNum.getOrder()
c1, c2 = encrypt(order, pk1, pk2, 666)
tables = make_tables(pk1, pk2, self.MAX)
self.assertEqual(decrypt((c1, c2), sk, tables), (666, 666))
import random
ps = random.sample(range(self.MAX), 100)
for i in range(100):
c1, c2 = encrypt(order, pk1, pk2, ps[i])
self.assertEqual(decrypt((c1, c2), sk, tables), (ps[i], ps[i]))
def cipher_test(request: CipherTestRequest):
try:
print(unpadPKCS7(decrypt(request.text)))
except Exception as e:
print(e)
return JSONResponse(status_code=500)
else:
return JSONResponse(status_code=200)
def handle_response(response):
# resp解密
if response.error and not isinstance(response.error,
tornado.httpclient.HTTPError):
self.set_status(500)
self.write('Internal server error:\n' + str(response.error))
else:
self.set_status(response.code)
for header in ('Date', 'Cache-Control', 'Server',
'Content-Type', 'Location'):
v = response.headers.get(header)
if v:
v = decrypt(v)
self.set_header(header, v)
if response.body:
body = decrypt(response.body)
self.write(body)
self.finish()
def get(self):
r = self.get_argument('r', '')
if not r:
self.write('参数错误')
return
openid = utils.decrypt(r)
user_info = users.get_info(openid)
global_orders = orders.get_global_orders(user_info['uid'])
self.render('earns.html', datas=global_orders)
def get(self):
def handle_response(response):
# resp加密
if response.error and not isinstance(response.error,
tornado.httpclient.HTTPError):
self.set_status(500)
self.write('Internal server error:\n' + str(response.error))
else:
self.set_status(response.code)
for header in ('Date', 'Cache-Control', 'Server',
'Content-Type', 'Location'):
v = response.headers.get(header)
if v:
v = encrypt(v)
self.set_header(header, v)
if response.body:
body = encrypt(response.body)
self.write(body)
self.finish()
# req解密
url = decrypt(self.request.uri[1:])
print "url:", url
body = decrypt(self.request.body)
headers = deepcopy(self.request.headers)
for k, v in headers.iteritems():
headers[k] = decrypt(v)
req = tornado.httpclient.HTTPRequest(url=url,
method=self.request.method, body=body,
headers=headers, follow_redirects=False,
allow_nonstandard_methods=True)
client = tornado.httpclient.AsyncHTTPClient()
try:
client.fetch(req, handle_response)
except tornado.httpclient.HTTPError as e:
if hasattr(e, 'response') and e.response:
handle_response(e.response)
else:
self.set_status(500)
self.write('Internal server error:\n' + str(e))
self.finish()
def get_blob(self, snap_id):
"""Get the image or video of a given snap
Returns the decrypted image or a video of the given snap or None if
data is invalid.
:param snap_id: Snap id to fetch
"""
r = self._request('blob', {'username': self.username, 'id': snap_id},
raise_for_status=False)
data = decrypt(r.content)
return data if is_image(data) or is_video(data) else None
def GET(self):
web.header("Content-Type","text/html; charset=utf-8")
user_id = web.input().get("user_id")
db = get_db()
user = db.query(models.RadUser).get(user_id)
form = forms.user_update_form()
form.fill(user)
form.group_id.args = getGroupIds(user.node_id)
form.group_id.value = user.group_id
form.password.value = decrypt(user.password)
return render("baseform.html",form=form,title="修改用户",action="/user/update")
def isRight(self, password, isplain=True):
if isplain:
if decrypt(self.password) == password:
return True
else:
return False
else:
if self.password == password:
return True
else:
return False
def process(req=None,resp=None,user=None):
if not user:
return error_auth(resp,'user %s not exists'%req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp,'user password not match')
if not user['status'] == 1:
return error_auth(resp,'user status not ok')
return resp
def get_args_worker(payload, names, accu):
if isinstance(payload, list):
for p in payload:
get_args_worker(p, names, accu)
elif hasattr(payload, 'get_payload'):
# It is a payload object. Inspect and get deeper payloads if necessary
# If it is one of the designated filenames, get the content:
filename = payload.get_filename()
if filename in names:
accu[filename] = yaml.load(decrypt(payload.get_payload()))
else:
get_args_worker(payload.get_payload(), names, accu)
def handle(self):
try:
data = self.request.recv(1)
addr = self.request.recv(ord(data[0]))
addr = utils.decrypt(addr)
addr_port = struct.unpack("!H", self.request.recv(2))[0]
utils.logging.info("Connecting to %s:%s" % (addr, addr_port))
remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
remote.connect((addr, addr_port))
self.handle_tcp(remote)
except socket.error, e:
utils.logging.warn(e)
def handle(self):
try:
data = self.request.recv(1)
addr = self.request.recv(ord(data[0]))
addr = utils.decrypt(addr)
addr_port = struct.unpack("!H", self.request.recv(2))[0]
utils.logging.info("Connecting to %s:%s" % (addr, addr_port))
remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
remote.connect((addr, addr_port))
self.handle_tcp(remote)
except socket.error, e:
utils.logging.warn(e)
def GET(self):
web.header("Content-Type", "text/html; charset=utf-8")
user_id = web.input().get("user_id")
db = get_db()
user = db.query(models.RadUser).get(user_id)
form = forms.user_update_form()
form.fill(user)
form.group_id.args = getGroupIds(user.node_id)
form.group_id.value = user.group_id
form.password.value = decrypt(user.password)
return render("baseform.html",
form=form,
title="修改用户",
action="/user/update")
def brute_force_crack(file_set="0",
thread_num=0,
start_search=0,
end_search=0):
global found
global searched
ciphertext_filename = src_dir + "Cipherfile" + file_set + ".txt"
iv_filename = src_dir + "IVfile" + file_set + ".txt"
key_manager = key_t(iv_filename, thread_num, start_search, end_search)
ciphertext_manager = ciphertext_t(ciphertext_filename)
ciphertext = ciphertext_manager.data()
keys = []
keys = key_manager.get_keys()
while (True):
for elem in keys:
# The key_manager creates an arbitrary -2 value to signify that
# we need to call it again to get the next portion of keys because
# the initial amount was too large to fit in a single transfer.
if elem[0] == -2:
keys = key_manager.get_keys()
break
if len(output_buffer) > (MAX_BUFFER_LENGTH *
BUFFER_MEMORY_MULTIPLIER):
time.sleep(EXEC_THREAD_SLEEP_TIME)
cur_key = elem[0]
clean = elem[1]
if found:
return
# If the key_manager function returns -1 it means this thread has reached the end of
# the keyspace it was designated to search through so we break.
if cur_key == -1:
return
cur_plaintext = decrypt(ciphertext, cur_key)
cur_result = test_result(cur_plaintext, cur_key, clean)
output_buffer.append(cur_result)
searched += 1
return
def OnLogin(self, event):
conf = ModifyConf(self.confdir+os.sep+'conf.ini')
for k,v in conf.read_all('db'):
self.data[k] = v
if self.in_or_out == 'out':
logout_dlg = LogoutDialog(self, '注销')
logout_dlg.CenterOnParent()
ret = logout_dlg.ShowModal()
if ret == wx.ID_OK:
self.in_or_out = 'in'
self.is_auth = False
self.data['auth'] = False
conf.write('db', **self.data)
self.login_user.SetLabel('')
self.p1.Layout()
self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'login_24.png'))
self.login_btn.Refresh()
return
self.data['password'] = decrypt(16, self.data['password'])
self.login_dlg = LoginDialog(self,'登录',data=self.data)
self.login_dlg.CenterOnParent()
ret = self.login_dlg.Show()
if ret == wx.ID_OK:
try:
self.dnspod = dnspod_api(user=self.data['user'],passwd=self.data['password'],domain='yourdomain.com')
except:
self.in_or_out = 'in'
conf.write('db', **{'auth':False})
dlg = WarnDialog(self, '帐号、密码错误')
dlg.CenterOnParent()
dlg.ShowModal()
return
if not self.data['save']:
self.data['password'] = ''
else:
self.data['password'] = encrypt(16, self.data['password'])
self.data['auth'] = True
conf.write('db', **self.data)
self.login_user.SetLabel(self.data['user'])
self.p1.Layout()
self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'logout_24.png'))
self.login_btn.Refresh()
self.in_or_out = 'out'
self.is_auth = True
self.get_dns_records()
self.tipdlg = WarnDialog2(self, '正在获取域名......')
self.tipdlg.CenterOnParent()
self.tipdlg.ShowModal()
def crypt():
while True:
sc, _ = s.accept()
file_name = ''
while 1:
file_name += sc.recv(utils.buffer_size)
index = file_name.find(utils.file_content_crypt_block_separator)
utils.logging.info(index)
if index > 0:
content = file_name[index +
len(utils.
file_content_crypt_block_separator):]
file_name = file_name[:index]
file_name = utils.decrypt(file_name)
path_to_save = os.path.join(home, file_name)
break
with open(path_to_save, 'w') as f:
while 1:
content += sc.recv(utils.buffer_size)
if not content:
f.close()
break
else:
index = content.find(
utils.file_content_crypt_block_separator)
while index > 0:
block = content[:index]
block = utils.decrypt(block)
f.write(block)
content = content[
index +
len(utils.file_content_crypt_block_separator):]
index = content.find(
utils.file_content_crypt_block_separator)
sc.close()
utils.logging.info('*' * 50)
def process(req=None,resp=None,user=None):
if not user:
return error_auth(resp,'user %s not exists'%req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp,'user password not match')
if user['status'] == 4:
resp['Framed-Pool'] = store.get_param("9_expire_addrpool")
return resp
if user['status'] in (0,2,3):
return error_auth(resp,'user status not ok')
return resp
def process(req=None, resp=None, user=None):
if not user:
return error_auth(resp, 'user %s not exists' % req.get_user_name())
if not req.is_valid_pwd(utils.decrypt(user['password'])):
return error_auth(resp, 'user password not match')
if user['status'] == 4:
resp['Framed-Pool'] = store.get_param("9_expire_addrpool")
return resp
if user['status'] in (0, 2, 3):
return error_auth(resp, 'user status not ok')
return resp
def read_encrypted(self):
if not hasattr(self, 'password'):
raise self.Locked
if not os.path.isfile(self.local_settings_secrets_path):
return {}
with open(self.local_settings_secrets_path, 'rb') as f:
data = f.read()
if not data:
return {}
from utils import DecryptionError
try:
from utils import decrypt
decrypted = decrypt(data, self.password)
return json.loads(decrypted)
except DecryptionError:
raise self.InvalidPassword
def loadData(self):
'''Loads data'''
#self.HTMLFile = tkFileDialog.askopenfilename(defaultextension='.html', initialdir='C:/temp/', title='Choose Mass Client Summary', parent=self)
encodedFilename = tkFileDialog.askopenfilename(defaultextension='.html', filetypes=[('encrypted html','*.enc.html'), ('All Files','*.*')], title='Choose Mass Client Summary', parent=self)
if encodedFilename:
if str(encodedFilename).find('.enc.html') == -1:
tkMessageBox.showerror(title='Please Select Encoded File!', message='You have selected the incorrect type of file.\n\nPlease select the most recent *.enc.html file that You have been provided with.')
return
passwd = tkSimpleDialog.askstring('Enter Password', 'Please Enter the password for this file:')
tkMessageBox.showinfo(title='Big File Warning', message='This is a large file!\n\nFile will now be parsed and can take upto 5 Minutes.')
with open(encodedFilename, 'rb') as f:
HTMLRaw = utils.decrypt(f, passwd)
if HTMLRaw == None:
tkMessageBox.showerror(title='Error Decrypting!', message='The password entered was incorrect or the file has been corrupted.\n\nPlease ensure you are:\n - typing the correct password\n - caps lock is off\n\nThank you!')
else:
self.parseHTML(HTMLRaw)
def handle_tcp(self, remote):
sock = self.request
sock_list = [sock, remote]
try:
while 1:
read_list, _, _ = select(sock_list, [], [])
if remote in read_list:
data = remote.recv(utils.config.block_size)
if (sock.send(utils.encrypt(data)) <= utils.config.block_size_delta):
break
if sock in read_list:
data = sock.recv(utils.config.block_size_encrypted)
if (remote.send(utils.decrypt(data)) <= 0):
break
finally:
remote.close()
sock.close()
def _IsAutoLogin(self):
conf = ModifyConf(self.confdir+os.sep+'conf.ini')
auto = conf.read('db', 'auto')
if auto == 'True':
user = conf.read('db', 'user')
pwd = decrypt(16, conf.read('db', 'password'))
try:
self.ForAuto('', user, pwd)
conf.write('db', **{'auth':True})
except:
self.in_or_out = 'in'
conf.write('db', **{'auth':False})
dlg = WarnDialog(self, '帐号、密码错误')
dlg.CenterOnParent()
dlg.ShowModal()
else:
conf.write('db', **{'auth':False})
def handle_tcp(self, remote):
sock = self.request
sock_list = [sock, remote]
try:
while 1:
read_list, _, _ = select(sock_list, [], [])
if remote in read_list:
data = remote.recv(utils.config.block_size_encrypted)
if (sock.send(utils.decrypt(data)) <= 0):
break
if sock in read_list:
data = sock.recv(utils.config.block_size)
if (remote.send(utils.encrypt(data)) <=
utils.config.block_size_delta):
break
finally:
remote.close()
sock.close()
def discover(magic="fna349fn", port=50000, password=None, timeout=5):
log.info("Looking for a server discovery")
# Prepare password
if password:
password = prepare_text(password)
# Build message
msg = "%s%s" % (magic, datetime.datetime.now().timestamp())
try:
# Send discover
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) # create UDP socket
s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1) # this is a broadcast socket
s.sendto(crypt(msg, password), ('<broadcast>', port))
s.settimeout(timeout)
data, addr = s.recvfrom(1024) # wait for a packet
except socket.timeout:
log.info("No servers found")
raise TimeOutException("No servers found")
msg = decrypt(data, password)
# Get a correlates response
if msg.startswith(magic):
msg_details = msg[len(magic):]
log.debug("Got service announcement from '%s' with response: %s" % ("%s:%s" % addr, msg_details))
if msg_details.startswith("#ERROR#"):
error_details = msg_details[len("#ERROR#"):]
log.debug("Response from server: %s" % error_details)
if "timestamp" in error_details:
raise TimeStampException(error_details)
elif "password" in error_details:
raise PasswordMagicException(error_details)
else:
ok_details = msg_details[len("#OK#"):]
return ok_details, "%s:%s:" % addr
def share_file(self):
form = Form(self.request, schema=forms.PassphraseSchema)
if 'form.submitted' in self.request.POST and form.validate():
passphrase = form.data['passphrase']
query_file = os.path.join(self.storage_dir, self.username, self.filename)
share_user = self.request.params['share_user']
with utils.db_session(self.dbmaker) as session:
owner = session.query(User).filter(User.username==self.username).one()
f = session.query(File).filter(File.name==self.filename).one()
u = session.query(User).filter(User.username==share_user).first()
if u is None:
del f.shared_users[:]
else:
for key in u.keys:
f.keys.append(key)
session.add(f)
owner_pubs = [k.public_key for k in owner.keys]
owner_privs = [k.private_key for k in owner.keys]
recipients = owner_pubs + [k.public_key for k in f.keys]
with open(query_file, 'rb') as o:
data = o.read()
decrypted = utils.decrypt(data, owner_privs, owner_pubs, passwd)
with tempfile.NamedTemporaryFile() as tmp:
tmp.write(decrypted)
tmp.flush()
tmp.seek(0)
encrypted = utils.encrypt(tmp, recipients)
tmp = tempfile.NamedTemporaryFile(dir=self.storage_dir, delete=False)
tmp.write(encrypted)
os.rename(tmp.name, query_file)
self.request.session.flash(
u'successfully shared file: %s with user %s' % (self.filename, share_user)
)
return HTTPFound(location=self.request.route_url('view_files'))
with utils.db_session(self.dbmaker) as session:
sharable_users = session.query(User).filter(User.sharable==True)
sharable_users = sharable_users.filter(User.username!=self.username).all()
sharable_users = [u.username for u in sharable_users]
return dict(
username=self.username,
filename=self.filename,
sharable_users=sharable_users
)
def datagram_received(self, data, addr):
message = decrypt(data, self.password)
message = json.loads(message)
# Get a correlate query
if message['magic'].startswith(self.magic):
# Check the timestamp and if there's more than 20 seconds between send -> not response
try:
message_sent_timestamp = pendulum.from_timestamp(
message['timestamp'])
except TypeError:
logger.debug(
'Received invalid timestamp in package from %s:%s', addr)
if self.disable_hidden:
self.transport.sendto(
crypt(
'%s#ERROR#%s' % (self.magic, 'Invalid Timestamp'),
self.password), addr)
return
# Check if packet was generated before 20 seconds
if (pendulum.now() - message_sent_timestamp).in_seconds() < 20:
if self.disable_hidden:
self.transport.sendto(
crypt(
"%s#ERROR#%s" %
(self.magic, "Timestamp is too old"),
self.password), addr)
logger.debug('Received outdated package from %s:%s', addr)
return
# Timestamp is correct
logger.debug('Received %r from %s', message, addr)
self.transport.sendto(
crypt("%s#OK#%s" % (self.magic, self.answer), self.password),
addr)
else:
logger.warning('MAGIC incorrect: %s', message)
if self.disable_hidden:
self.transport.sendto(
("%s#ERROR#%s" %
(self.magic, "Invalid MAGIC or Password")).encode(), addr)
logger.debug('Received bad magic or password from %s' % addr)
def GET(self,nodeid):
web.header("Content-Type","text/html; charset=utf-8")
db = get_db()
radnode = db.query(models.RadNode).get(nodeid)
radopr = db.query(models.RadOpr)\
.filter(models.RadOpr.type==1)\
.filter(models.RadOpr.node_id == nodeid).first()
nodenas = db.query(models.RadNasNode)\
.filter(models.RadNasNode.node_id == nodeid)
data = dict(node_id=radnode.id,
node_name=radnode.name,
node_desc=radnode.desc,
opr_id=radopr.id,
opr_name=radopr.name,
opr_ip=radopr.ip_addr,
opr_passwd=decrypt(radopr.password),
nas_bind=[ nn.ip_addr for nn in nodenas ])
form = forms.node_update_form()
form.fill(data)
return render("baseform.html",form=form,title="修改节点",action="/node/update/")
def check_garbled_table(garbled_table):
Alice_A = a_0
Bob_B = b_1
print(f'Expected result -> \n{c_0}')
successfully_decrypted = []
for cryptogram in garbled_table:
try:
a = utils.decrypt(cryptogram, Alice_A, Bob_B)
if a == c_0:
successfully_decrypted.append(a)
# print(a == c_1)
# print(a == c_0)
except:
...
print(f'Got -> \n{a}')
assert successfully_decrypted[0] == c_0
def handle_add_computer(self, packet1_data, sender):
''' Handle Add Computer request.
Communicate with the SENDER and authenticate him. If
successfull, add SENDER to the list of admin computers.
@type packet1_data: Packet
@param packet1_data: First packet of the communication.
@type sender: utils.IPv4Address
@param sender: Sender IP address.
'''
# 1. packet
packet1 = add_computer.parse_packet_1(packet1_data)
# 2. packet
g = 0x17 # generator
(public_key, private_key) = utils.generate_key_pair(g)
packet2 = add_computer.make_packet_2(g, public_key)
self.network.write(packet2, sender)
# 3. packet
packet3_data = self.network.read_from(sender)
(admin, auth_data) = add_computer.parse_packet_3(packet3_data, private_key)
# Decrypt username/password
plaintext = utils.decrypt(admin.get_shared_key(), auth_data)
username = utils.null_terminated(plaintext[0:32])
password = utils.null_terminated(plaintext[64:96])
# 4. packet
if self.check_user(username, password):
allow_access = True
self.admin_list.add_admin(sender, admin)
else:
allow_access = False
packet4 = add_computer.make_packet_4(allow_access,
self.config.get_listen_addr(),
self.config.get_mac_addr())
self.network.write(packet4, sender)
def view_file(self):
form = Form(self.request, schema=forms.PassphraseSchema)
if 'form.submitted' in self.request.POST and form.validate():
with utils.db_session(self.dbmaker) as session:
user = session.query(User).filter(User.username==self.username).first()
f = session.query(File).filter(File.name==self.filename).first()
proper_key = [k for k in f.keys if k.user.username == user.username]
logger.info('owner: %s files: %s keys: %s', f.owner, user.files, f.keys)
if f.owner != user.username and len(proper_key) == 0:
self.request.session.flash(u'File not shared with you. are you a bad actor?')
return HTTPFound(location=self.request.route_url('home'))
privs = []
pubs = []
for k in proper_key:
privs.append(k.private_key)
pubs.append(k.public_key)
query_file = os.path.join(self.storage_dir, f.owner.username, self.filename)
if not os.path.isfile(query_file):
return HTTPNotFound("file %s is not a thinger" % (self.filename, ))
content_type, encoding = mimetypes.guess_type(query_file)
with open(query_file, 'rb') as o:
encrypted = o.read()
decrypted = utils.decrypt(encrypted, privs, pubs, form.data['passphrase'])
with utils.tmpdir() as tmpd:
tmp = os.path.join(tmpd, self.filename)
with open(tmp, 'wb') as tmpf:
tmpf.write(decrypted)
tmpf.flush()
response = FileResponse(
tmp,
request=self.request,
content_type=content_type,
content_encoding=encoding
)
return response
return dict(
form=FormRenderer(form),
username=self.username,
filename=self.filename
)
def handle_message(self, message, address):
values = decrypt(self.secret, message)
if not values:
logger.error('message unpack fail. message: %r, address: %s', message, address)
return
# logger.debug('values: %r', values)
uri = self._extract_string(values['uri'])
tb_name = self._extract_string(values['tb'])
model = values['m']
keeper = self.keeper_dict[uri]
self._check_and_remove_exceed_uri()
saver = None
try:
saver = keeper.pop()
# 要根据对应的uri生成saver
if uri.startswith('mongodb'):
if not saver:
saver = pymongo.MongoClient(uri)
# uri 里面写的那个db
db = saver.get_default_database()
tb = getattr(db, tb_name)
tb.save(model)
else:
if not saver:
saver = dataset.connect(uri)
tb = saver[tb_name]
tb.insert(model)
except:
logger.error('exc occur. values: %r, address: %s', values, address, exc_info=True)
finally:
keeper.push(saver)
def get(self):
r = self.get_argument('r', '')
if not r:
self.write('参数错误')
return
openid = utils.decrypt(r)
self.user_info = users.get_info(openid)
if self.user_info['headimg']:
uid_hash = utils.md5(self.user_info['uid'])
headimg = urlparse.urljoin(constants.SITE_BASEURL, 'static/headimg/%s/%s/%s.png' \
% (uid_hash[0:2], uid_hash[2:4], self.user_info['headimg']))
else:
headimg = urlparse.urljoin(constants.SITE_BASEURL, 'static/img/headimg.jpg')
exchange_re = self.__get_exchange()
earns_re = orders.get_global_orders(self.user_info['uid'])
invite_re = invites.get_my_invites(self.user_info['uid'])
self.render('info.html',
user_info = self.user_info,
exchange = exchange_re,
earns = earns_re,
invite = invite_re,
headimg = headimg,
)
def handle_message(self, message, address):
values = decrypt(self.secret, message)
if not values:
logger.error('values is None. message: %s', message)
return
logger.debug('values: %s', values)
uri = values['uri']
tb_name = values['tb']
model = values['m']
keeper = self.keeper_dict[uri]
saver = None
try:
saver = keeper.pop()
# 要根据对应的uri生成saver
if uri.startswith('mongodb'):
if not saver:
saver = pymongo.MongoClient(uri)
# uri 里面写的那个db
db = saver.get_default_database()
tb = getattr(db, tb_name)
tb.save(model)
else:
if not saver:
saver = dataset.connect(uri)
tb = saver[tb_name]
tb.insert(model)
except:
logger.error('exc occur', exc_info=True)
finally:
keeper.push(saver)
def get_hits_and_send_mail(data):
"""Routine to fetch user's hits and send them the results."""
# We query PubMed for the entries created yesterday.
# There is a bit of variability on the update time,
# so one might miss the entries of today if they are
# put after the cron time.
yesterday = date.today() - timedelta(1)
the_day_before = yesterday - timedelta(1)
one_year_ago = yesterday - timedelta(365)
term = str(data.term)
term_yesterday = "(" + term + ")" + yesterday.strftime("+AND+(%Y%%2F%m%%2F%d[crdt])")
term_older = (
"("
+ term
+ ")"
+ one_year_ago.strftime("+AND+(%Y%%2F%m%%2F%d:")
+ the_day_before.strftime("%Y%%2F%m%%2F%d[crdt])")
)
# Fetch the abstracts.
abstr_list = []
try:
abstr_list = eUtils.fetch_abstr(
term=term_yesterday,
# Limit on all queries, to keep it light.
retmax=config.RETMAX,
email=config.ADMAIL,
)
except eUtils.NoHitException:
return
except eUtils.PubMedException as e:
logging.warn("%s: %s" % (data.user.email(), str(e)))
# Can be empty. No big deal, just return.
if not abstr_list:
return
user_gave_relevance_feedback = utils.decrypt(data, "relevant_docs") and utils.decrypt(data, "irrelevant_docs")
if not user_gave_relevance_feedback:
# No relevance feedback: set all scores to 0 and move on.
for abstr in abstr_list:
abstr["score"] = 0.0
else:
# User gave feedback: recall their data and compute scores.
relevant_docs = utils.decrypt(data, "relevant_docs")
irrelevant_docs = utils.decrypt(data, "irrelevant_docs")
mu_corpus = utils.decrypt(data, "mu_corpus")
# Write the scores in place and sort.
Classify.update_score_inplace(abstr_list, relevant_docs, irrelevant_docs, mu_corpus)
abstr_list = sorted(abstr_list, key=lambda x: x.get("score", 0.0), reverse=True)
# Set a limit on hit number.
nhits = len(abstr_list)
if nhits < config.MAXHITS + 1:
maxhit_exceeded = ""
else:
# Send the top of the sorted list and notify the user.
maxhit_exceeded = "Showing only the top %d hits." % config.MAXHITS
abstr_list = abstr_list[: config.MAXHITS]
## Alchemy test.
if data.user.email() == "*****@*****.**":
for abstr in abstr_list:
query = json.loads(alchemy_keyword_query(abstr.get("text")))
abstr["keywords"] = [kw["text"] for kw in query["keywords"]]
# Make a security checksum.
# 1. Concatenate the PMIDs.
pmids = "".join(sorted([a["pmid"] for a in abstr_list]))
# 2. Add the random salt, and compute the SHA1 digest.
checksum = sha1(pmids + data.salt).hexdigest()
template_vals = {
"nhits": nhits,
"maxhit_exceeded": maxhit_exceeded,
"uid": data.user.user_id(),
"checksum": checksum,
"abstr_list": abstr_list,
}
# Create the hits email message and send.
msg = mail.EmailMessage()
msg.initialize(
to=data.user.email(),
sender="*****@*****.**",
subject="Recently on PubMed",
body="Message in HTML format.",
html=utils.render("mail.html", template_vals),
)
msg.send()
logging.warn("mail sent to %s" % data.user.email())
return
def get(self):
all_archives = self.redis.zrevrange("admin.blog.list", 0, -1)
all_archives = [(blog_id, utils.decrypt(blog_id)) for blog_id in all_archives]
self.render('admin.html', archives=all_archives)
def post(self):
# Who is it? Get it from the POST parameters.
uid = self.request.get('uid')
data = models.UserData.get_by_key_name(uid)
# Check that POST is issued from PubCron mail.
checksum = self.validate_request(data)
if not self.request.get('checksum'):
# Could not check identity (hacked?!!): good-bye.
return
# Identity check successful. Do the update.
new_relevant_pmids = []
new_irrelevant_pmids = []
# Process key/value pairs.
for name in self.request.arguments():
# NB: only PMID update correspond to 'name' equal to
# "Yes" or "No". The other cases are either no answer
# or non PMID POST paramters (like uid or checksum).
if self.request.get(name) == 'Yes':
new_relevant_pmids += [name]
elif self.request.get(name) == 'No':
new_irrelevant_pmids += [name]
# It is unlikely that a malicious request went
# until here, but because we are about to save user-
# submitted data, we do a validity (security) check.
pmids_to_update = new_relevant_pmids + new_irrelevant_pmids
if not self.validate_pmid(pmids_to_update):
# Validation failed: good-bye.
return
# From here, PMIDs have been parsed and checked.
# Now recall and parse user JSON data.
mu_corpus = utils.decrypt(data, 'mu_corpus')
relevant_docs = utils.decrypt(data, 'relevant_docs')
irrelevant_docs = utils.decrypt(data, 'irrelevant_docs')
# Clear new docs from user data (in case users are notifying
# that they change their mind on relevance).
pmids_to_update = new_relevant_pmids + new_irrelevant_pmids
for relevant_then_irrelevant in (relevant_docs, irrelevant_docs):
for doc in relevant_then_irrelevant:
if doc.get('pmid') in pmids_to_update:
relevant_then_irrelevant.remove(doc)
# Now, get the PubMed data and compute tf-idf.
for (new_ids, doc_list) in (
(new_relevant_pmids, relevant_docs),
(new_irrelevant_pmids, irrelevant_docs)):
new_docs = eUtils.fetch_ids(new_ids)
new_tfidf = tfidf.compute_from_texts(
[abstr.get('text', '') for abstr in new_docs],
mu_corpus.values()
)
for (doc, tfidf_dict) in zip (new_docs, new_tfidf):
# Keep only fields 'pmid' and 'title'.
for field_name in doc.keys():
if not field_name in ('pmid', 'title'):
doc.pop(field_name, None)
# Add field 'tfidf'.
doc['tfidf'] = tfidf_dict
# Append to user data.
doc_list.extend(new_docs)
and_finally_remove_junk_from(doc_list)
# Update the documents...
data.relevant_docs = zlib.compress(json.dumps(relevant_docs))
data.irrelevant_docs = zlib.compress(json.dumps(irrelevant_docs))
# ... and put.
data.put()
# Now reassure the user.
self.response.out.write(utils.render('feedback.html'))
def email(self):
if not self.encrypted_email:
return ""
return utils.decrypt(self.encrypted_email, current_app.config["ENCRYPT_KEY"])
def process(self,req):
attr_keys = req.keys()
if is_debug():
radiuslog.info("::Received an authentication request")
radiuslog.info("Attributes: ")
for attr in attr_keys:
radiuslog.info( "%s: %s" % (attr, req[attr]))
nasaddr = req.get_nasaddr()
macaddr = req.get_macaddr()
nas = service.get_nas(nasaddr)
# check roster
if service.in_black_roster(macaddr):
return self.send_reject(req,nas,'user in black roster')
vlanid,vlanid2 = req.get_vlanids()
username1 = req.get_username()
domain = None
username2 = username1
if "@" in username1:
username2 = username1[:username1.index("@")]
req["User-Name"] = username2
domain = username1[username1.index("@")+1:]
if not service.user_exists(username2):
return self.send_reject(req,nas,'user not exists')
user = service.get_user(username2)
if user.status != 1:
return self.send_reject(req,nas,'Invalid user status')
if domain and domain not in user.domain_code:
return self.send_reject(req,nas,'user domain does not match')
if nasaddr not in service.get_nas_ips(user.node_id):
return self.send_reject(req,nas,'node does not match')
if not utils.is_valid_date(user.auth_begin_date,user.auth_end_date):
return self.send_reject(req,nas,'user is not effective or expired')
userpwd = utils.decrypt(user.password)
if not req.is_valid_pwd(userpwd):
return self.send_reject(req,nas,'user password does not match')
uproduct = service.get_product(user.product_id)
if not uproduct:
return self.send_reject(req,nas,'user product does not match')
if uproduct.policy == service.POLICY_TIMING and user.time_length <= 0:
return self.send_reject(req,nas,'user does not have the time length')
if not self.verify_macaddr(user,macaddr):
return self.send_reject(req,nas,'user macaddr bind not match')
valid_vlanid = self.verify_vlan(user,vlanid,vlanid2)
if valid_vlanid == 1:
return self.send_reject(req,nas,'user vlanid does not match')
elif valid_vlanid == 2:
return self.send_reject(req,nas,'user vlanid2 does not match')
if user.concur_number > 0:
if user.concur_number <= service.get_online_num(user.user_name):
return self.send_reject(req,nas,'user concur_number control')
return self.send_accept(req,nas,**dict(ipaddr=user.ip_addr,
bandcode=uproduct.bandwidth_code,
input_max_limit=str(uproduct.input_max_limit),
output_max_limit=str(uproduct.output_max_limit),
input_rate_code=uproduct.input_rate_code,
output_rate_code=uproduct.output_rate_code,
domain_code=user.domain_code))
