def main(): master_key = open('{{jenkins_home}}/secrets/master.key').read() hudson_secret_key = open( '{{jenkins_home}}/secrets/hudson.util.Secret' ).read() hashed_master_key = hashlib.sha256(master_key).digest()[:16] cipher = Cipher('aes_128_ecb', hashed_master_key, '', 0) v = cipher.update(hudson_secret_key) x = v + cipher.final() assert MAGIC in x k = x[:-16] k = k[:16] token = os.urandom(16).encode('hex') plaintext = token + MAGIC cipher = Cipher('aes_128_ecb', k, '', 1) v = cipher.update(plaintext) password = base64.b64encode(v + cipher.final()) print password with open('/etc/jenkins_jobs/jenkins_jobs.ini', 'wb+') as f: f.write('\n'.join([ '[jenkins]', 'user=jenkins', 'password=%s' % hashlib.md5(token).hexdigest(), 'url=http://localhost:8080' ]))
def do_encrypt(file_name, encrypt_type): # encrypt_type: 0->decrypt, 1->encrypt algorithm = 'bf_cbc' key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" iv = "\x01\x02\x03\x04\x05\x06\x07\x08" key_as_bytes = 0 # 0->use iv, 1->not use iv algo_method = 'md5' # 'md5', 'sha1' salt = '12345678' iter_count = 1 padding = 1 if not os.path.isfile(file_name): return '' file = open(file_name, 'r') content = file.read() file.close() try: # constructor the EVP.Cipher obj cipher_obj = Cipher(algorithm, key, iv, encrypt_type, key_as_bytes, algo_method, salt, iter_count, padding) # use memory file obj out = StringIO.StringIO() out.write(cipher_obj.update(content)) out.write(cipher_obj.final()) return out.getvalue() except Exception as e: return ''
def encrypt_sn(sn): m=Cipher(alg = "aes_128_cbc", key = config['passout'], iv = '\x00' * 16, op = 1) m.set_padding(padding=7) v = m.update(sn) v = v + m.final() del m return v
def __encryptData(self, key, iv, data): data = str(data) + "\0" # <---- ---------- cipher = Cipher("aes_256_cbc", key, iv, ENC) v = cipher.update(data) v = v + cipher.final() v = base64.b64encode(v) return v
def decrypt_text(encrypted_text, key): # Porting from pyDes-based encryption (see http://git.io/htpk) # to use M2Crypto instead (see https://gist.github.com/mrluanma/917014) cipher = Cipher(alg="des_ede3_ecb", key=b"{}".format(key), op=0, iv="\0" * 16) decrypted_text = cipher.update(base64.b64decode(b"{}".format(encrypted_text))) decrypted_text += cipher.final() return decrypted_text
def decrypt(chunk, key): cipher = Cipher(alg=ALG, key=key, iv=IV, op=0, key_as_bytes=0, padding=PADDING) # 0 is decrypt cipher.set_padding(padding=m2.no_padding) v = cipher.update(chunk) v = v + cipher.final() del cipher #需要删除 return v
def encrypt_hpwd(self, clearpass): key=settings.SECRET_KEY iv=get_random_string(16) cipher=Cipher(alg='aes_256_cbc', key=key, iv=iv, op=1) v=cipher.update(clearpass) + cipher.final() del cipher return b64encode(v), iv
def decrypt(self, encryptedObject): """Given an encrypted object, decrypt it and return the plaintext value. If necessary, will retrieve the private key and bulk encryption key from the storage context associated with self.""" # Coerce JSON if necessary if type(encryptedObject) == str or type(encryptedObject) == unicode: encryptedObject = json.loads(encryptedObject) # An encrypted object has two relevant fields encryptionLabel = encryptedObject['encryption'] ciphertext = base64.decodestring(encryptedObject['ciphertext']) # Go get the keying infromation if need it if self.privateKey == None: self.fetchPrivateKey() if not encryptionLabel in self.bulkKeys: self.fetchBulkKey(encryptionLabel) # In case you were wondering, this is the same as this operation at the openssl command line: # openssl enc -d -in data -aes-256-cbc -K `cat unwrapped_symkey.16` -iv `cat iv.16` # Do the decrypt logging.debug("Decrypting data record using bulk key %s" % encryptionLabel) cipher = Cipher(alg='aes_256_cbc', key=self.bulkKeys[encryptionLabel], iv=self.bulkKeyIVs[encryptionLabel], op=0) # 0 is DEC v = cipher.update(ciphertext) v = v + cipher.final() del cipher logging.debug("Successfully decrypted data record") return v
def sym_decrypt(self, key, data): data = b64decode(data) cipher = Cipher(alg='aes_128_cbc', key=key, iv=self.IV, op=DEC) v = cipher.update(data) v = v + cipher.final() del cipher return v
def decryptPasswd(buf, passKey, iv = '\x00' * 16): cipher = Cipher(alg='aes_128_cbc', key=passKey, iv=iv, op=0) # 0 is decrypt cipher.set_padding(padding=7) v = cipher.update(buf) v = v + cipher.final() del cipher return v
def encryptData(key, data): iv = '\0' * 16 cipher = Cipher(alg=ALGS[len(key)], key=key, iv=iv, op=1) encoded = cipher.update(data) encoded = encoded + cipher.final() return encoded
def testhash(request): key=settings.SECRET_KEY iv=Account.objects.get(id=1).random_str data=b64decode('MTkcUSMxaxZytN4D3B7XEaPy5wNvAe0MHB1xNZeqZKo=') cipher=Cipher(alg='aes_256_cbc', key=key, iv=iv, op=0) v=cipher.update(data) + cipher.final() del cipher return HttpResponse(v)
def Decrypt(data): '使用aes_128_ecb算法对数据解密' # 将密文从16进制转为字节流 data = util.h2b(data) cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = DECRYPT_OP) buf = cipher.update(data) buf = buf + cipher.final() del cipher return buf
def encrypt(chunk, key): cipher = Cipher(alg=ALG, key=key, iv=IV, op=1, key_as_bytes=0,padding=PADDING) # 1 is encrypt # padding 有时设置为1 cipher.set_padding(padding=m2.no_padding) v = cipher.update(chunk) v = v + cipher.final() del cipher #需要删除 return v
class M2CryptoEngine: K_CIPHER = None @classmethod def init_key_cipher(cls, prikey): cls.K_CIPHER = RSA.load_key_string(prikey) def __init__(self, encrypted_header=None): if encrypted_header: self.__enc_data = encrypted_header header = self.K_CIPHER.private_decrypt(encrypted_header, RSA.pkcs1_padding) secret = header[:32] iv = header[32:] op = DEC else: secret = self._get_random(32) iv = self._get_random(16) self.__enc_data = self.K_CIPHER.public_encrypt(secret+iv, RSA.pkcs1_padding) op = ENC self.__cipher = Cipher(alg='aes_128_cbc', key=secret, iv=iv, op=op) self.__cipher.set_padding(1) def _get_random(self, cnt): while True: data = Rand.rand_bytes(cnt) if data[0] != '\x00': return data def encrypt(self, data, finalize=False): end_data = self.__cipher.update(data) if finalize: end_data += self.__cipher.final() return end_data def decrypt(self, data, finalize=False): end_data = self.__cipher.update(data) if finalize: end_data += self.__cipher.final() return end_data def get_encrypted_header(self): return self.__enc_data
def Encrypt(data): cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = ENCRYPT_OP) buf = cipher.update(data) buf = buf + cipher.final() del cipher # 将明文从字节流转为16进制 output = '' for i in buf: output += '%02X' % (ord(i)) return output
def encrypt_text(text, key): # Porting from pyDes-based encryption (see http://git.io/htxa) # to use M2Crypto instead (see https://gist.github.com/mrluanma/917014) cipher = Cipher(alg="des_ede3_ecb", key=b"{}".format(key), op=1, iv="\0" * 16) encrypted_text = cipher.update(b"{}".format(text)) encrypted_text += cipher.final() return base64.b64encode(encrypted_text)
def Encrypt(data): cipher = Cipher(alg='aes_128_ecb', key=PRIVATE_KEY, iv=iv, op=ENCRYPT_OP) buf = cipher.update(data) buf = buf + cipher.final() del cipher output = '' for i in buf: output += '%02X' % (ord(i)) return output
def AESEncrypt(cls, data): '使用aes_128_ecb算法对数据加密' cipher = Cipher(alg = 'aes_128_ecb', key = cls.privateKey, iv = cls.iv, op = ENC) txt = cipher.update(data) txt = txt + cipher.final() del cipher # 将明文从字节流转为16进制 output = '' for i in txt: output += '%02X' % (ord(i)) return output
def Decrypt(data): # 将密文从16进制转为字节流 data = util.h2b(data) cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = DECRYPT_OP) buf = cipher.update(data) buf = buf + cipher.final() del cipher return buf # print Decrypt('6C0D072989D9F7271EF1BD5AA1C830F2')
def Decrypt(data): #data = util.h2b(data) data1 = binascii.a2b_hex(data) #for i in len(data)/2: # data1 += binascii.a2b_hex() cipher = Cipher(alg='aes_128_ecb', key=PRIVATE_KEY, iv=iv, op=DECRYPT_OP) buf = cipher.update(data1) buf = buf + cipher.final() del cipher return buf
def encrypto(s): ''' 压缩加密字符串 ''' if isinstance(s, unicode): s = s.encode('utf8') s = zlib.compress(s) cipher = Cipher(alg='des_cbc', key=CRYPTO_KEY, iv=CRYPTO_IV, op=1) cipher.set_padding(padding=m2.no_padding) out = cipher.update(s) out += cipher.final() del cipher return base64.encodestring(out)
def decryptData(key, encoded, testforpickle=False): iv = '\0' * 16 cipher = Cipher(alg=ALGS[len(key)], key=key, iv=iv, op=0) decoded = cipher.update(encoded) decoded = decoded + cipher.final() # old format encryption seems to have 16 bytes before pickled data if testforpickle and not decoded.startswith('(dp'): return decoded[16:] return decoded
def AESDecrypt(cls, data): '使用aes_128_ecb算法对数据解密' # 将密文从16进制转为字节流 data = util.h2b(data) cipher = Cipher(alg='aes_128_ecb', key=cls.privateKey, iv=cls.iv, op=DEC) txt = cipher.update(data) txt = txt + cipher.final() del cipher return txt
def encrypt(self, message): # 1. Encrypt iv = Random.new().read(16) encrypter = Cipher(self.enc_alg, self.key_enc, iv, self.ENC_OP) c = b64encode(encrypter.update(message) + encrypter.final()) encryption = b64encode(iv) + c # b64encode(iv) size is always 24 # 2. Sign hmac = HMAC(self.key_auth, self.auth_alg) hmac.update(encryption) auth_sig = b64encode(hmac.digest()) # auth_sig size is always 28 return auth_sig + encryption
def _decrypt(self, payload, key): ''' Decrypt payload fetched from server. ''' ciphertext = payload['ciphertext'].decode('base64') iv = payload['IV'].decode('base64') # Perform the actual decryption. cipher = Cipher(alg='aes_256_cbc', key=key, iv=iv, op=0) v = cipher.update(ciphertext) v = v + cipher.final() del cipher return json.loads(v)
def aes_decrypt(mess, aes_key, size=256): if size == 128: algo = 'aes_128_cbc' elif size == 256: algo = 'aes_256_cbc' else: algo = 'aes_128_cbc' mess = b64decode(mess) cipher = Cipher(alg=algo, key=aes_key, iv=IV, op=0) o = cipher.update(mess) o = o + cipher.final() del cipher return o
def aes_html_data_decrypt(data): """ 解密Html传过来的数据 :param data: 数据Base64编码 :return: 解密后的字符串,如果为无效的字符串解密,则返回空串 """ key = '!@#$%^&*()_+|%^&' iv = '!@#$%^&*()_+|%^&' decryptor = Cipher(alg="aes_128_cbc", key=key, iv=iv, op=OP_DECRYPT, padding=0) encrypted_data = base64.b64decode(data) decrypted_data = decryptor.update(encrypted_data) decrypted_data += decryptor.final() return unpad(decrypted_data)
def aes_api_data_encrypt(data): """ 加密api数据 :param data: 字符串数据等 :return: base64数据 """ key = '!@#$%^&*()_+|%^&' iv = '!@#$%^&*()_+|%^&' pad_data = pkcs7_pad(data, 16) encryptor = Cipher(alg="aes_128_cbc", key=key, iv=iv, op=OP_ENCRYPT, padding=0) str = encryptor.update(pad_data) str = str + encryptor.final() base64str = base64.b64encode(str) return base64str
def decrypt_aes(key, text, iv='\0'*16, usebase64=False): """ aes比3des: 加解密速度快, 资源消耗低, 安全级别高 param: key: 密钥, 16个字符 note: 当key或iv不足16个字符的时候, 后面补字符'0'; 当超过16个字符的时候, 截断为前面16个字符 note: 标准Base64编码会出现字符+和/,在URL中不能作为参数,而urlsafe的base64编码,其实是把字符+和/分别变成-和_ """ key = _autofill(key) # 当使用 aes_256时候, key需要32个字符; 而使用aes_128时, key需要16个字符 iv = _autofill(iv) if usebase64: text = base64.urlsafe_b64decode( text ) cipher = Cipher(alg='aes_128_cbc', key=key, op=0, iv=iv) # aes_256_cbc, aes_256_ecb s = cipher.update(text) return s + cipher.final()
def aes_decrypt(mess,aes_key,size=256): if size == 128: algo = 'aes_128_cbc' elif size == 256: algo = 'aes_256_cbc' else: algo = 'aes_128_cbc' mess = b64decode(mess) cipher = Cipher(alg=algo,key=aes_key,iv=IV,op=0) o = cipher.update(mess) o = o + cipher.final() del cipher return o
def decrypt(self, sig_encryption): auth_sig = sig_encryption[:28] encryption = sig_encryption[28:] # 1. Verify signature hmac = HMAC(self.key_auth, self.auth_alg) hmac.update(encryption) if auth_sig != b64encode(hmac.digest()): raise EVPError("Authentication failure: " + auth_sig + " does not match " + b64encode(hmac.digest())) # 2. Decrypt iv = b64decode(encryption[:24]) ciphertext = b64decode(encryption[24:]) decrypter = Cipher(self.enc_alg, self.key_enc, iv, self.DEC_OP) return decrypter.update(ciphertext) + decrypter.final()
class DecryptorVersion1(object): def __init__(self, key, data, iv): self.key = hashlib.sha256(key).digest() self.data = base64.standard_b64decode(data) self.iv = base64.standard_b64decode(iv) self.decryptor = Cipher(alg=EncryptedDataBagItem.AES_MODE, key=self.key, iv=self.iv, op=0) def decrypt(self): value = self.decryptor.update(self.data) + self.decryptor.final() del self.decryptor # Strip all the whitespace and sequence control characters value = value.strip(reduce(lambda x, y: "%s%s" % (x, y), EncryptedDataBagItem.Decryptors.STRIP_CHARS)) # After decryption we should get a string with JSON try: value = json.loads(value) except ValueError: raise ChefDecryptionError() return value["json_wrapper"]
def encrypt_mode_cbc(data, key, iv): """ aes加密得到十进制串 :param data: :param key: :param iv: :return: """ cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=1) buf = cipher.update(data) buf += cipher.final() del cipher # 将明文从字节流转为十进制 des_list = [int('%02X' % (ord(i)), 16) for i in buf] # 原码转补码 in_list = [~h ^ 255 if h > 128 else h for h in des_list] return in_list
class EncryptorVersion1(object): VERSION = 1 def __init__(self, key, data): self.key = hashlib.sha256(key).digest() self.data = data self.iv = os.urandom(8).encode("hex") self.encryptor = Cipher(alg=EncryptedDataBagItem.AES_MODE, key=self.key, iv=self.iv, op=1) self.encrypted_data = None def encrypt(self): if self.encrypted_data is None: data = json.dumps({"json_wrapper": self.data}) self.encrypted_data = self.encryptor.update(data) + self.encryptor.final() del self.encryptor return self.encrypted_data def to_dict(self): return { "encrypted_data": base64.standard_b64encode(self.encrypt()), "iv": base64.standard_b64encode(self.iv), "version": self.VERSION, "cipher": "aes-256-cbc", }
def m2crypto_decrypt(ciphertext, key, iv): decipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=Encryption.DECODE) return decipher.update(ciphertext) + decipher.final()
def split_file(file_path, chunk_output_dir, compress=True, encrypt_key=None): """split the file into chunks returns a list of ClientChunk objects compress compress with gzip encrypt_key 128 bit key used for AES encryption 128 bit key recommended by Schneier https://www.schneier.com/blog/archives/2009/07/another_new_aes.html """ file_size = os.stat(file_path).st_size logger.debug('original file size is %s' % file_size) chunk_sizes = [] data_stream = '' if encrypt_key: esalt = encrypt_key.binary_salt if esalt is None: esalt = '' assert isinstance(encrypt_key, AESKey) # account for iv # size should be same as key iv = os.urandom(16) assert len(iv) == len(encrypt_key.binary_key) encryptor = Cipher( CIPHER_MODE, encrypt_key.binary_key, iv, CIPHER_ENCODE ) data_stream = data_stream + esalt + iv if not compress: chunk_sizes = calc_chunk_sizes(file_size + len(data_stream)) logger.debug('splitting %s into %s' % (file_path, chunk_output_dir)) logger.debug('compress: %s' % compress) if encrypt_key: logger.debug('encrypt: True') f = open(file_path, 'rb') chunks = [] chunk_prefix = 'chunk' if compress: compressor = zlib.compressobj(9) chunk_prefix = 'tmp_chunk' # figure out the size of the first chunk if chunk_sizes: chunk_size = chunk_sizes.pop(0) else: chunk_size = CHUNK_SIZE_MAX def chunk_stream(data_stream, chunk_size, check_size=True): # check_size is for the last bit of data that is smaller than a # chunk when data is compressed and the data sizes are # unpredictable. min_size = chunk_size if not check_size: min_size = 1 while len(data_stream) >= min_size: chunk_data = data_stream[:chunk_size] # If compressing, will have to create new chunks later. chunks.append(ClientChunk.create(chunk_data, chunk_output_dir, prefix=chunk_prefix)) data_stream = data_stream[chunk_size:] if chunk_sizes: # next chunk size may be different chunk_size = chunk_sizes.pop(0) return (data_stream, chunk_size) while f.tell() < file_size: data = f.read(CHUNK_SIZE_MAX) if compress: data = compressor.compress(data) if encrypt_key: data = encryptor.update(data) assert not encryptor.final() data_stream += data data_stream_len = len(data_stream) logger.debug('data stream length: %s' % data_stream_len) (data_stream, chunk_size) = chunk_stream(data_stream, chunk_size) # process data not chunked yet logger.debug('%s bytes left over' % len(data_stream)) if compress: # may have compressed data left. flushed_data = compressor.flush() if flushed_data: logger.debug( 'another %s bytes of flushed data' % len(flushed_data)) if encrypt_key: flushed_data = encryptor.update(flushed_data) assert not encryptor.final() data_stream += flushed_data if data_stream: (data_stream, chunk_size) = chunk_stream(data_stream, chunk_size, False) assert not chunk_sizes f.close() # finished initial data chunking. new_size = sum((c.size - 4) for c in chunks) if not compress: emsg = ('original size was %s. expected new size to be ' '%s, but it is %s') expected_size = file_size if encrypt_key: expected_size = file_size + len(esalt) + len(iv) emsg = emsg % (file_size, expected_size, new_size) assert expected_size == new_size, emsg else: # must reorganize the chunks. new_chunks = [] chunk_sizes = calc_chunk_sizes(new_size) # just replace the old chunk with the new one. data_stream = '' for chunk_size in chunk_sizes: # read the old chunks until there is enough to write. while len(data_stream) < chunk_size: old_chunk = chunks.pop(0) data_stream += old_chunk.read(raw=True)[:-4] # free up the space os.unlink(old_chunk.file_path) # small files will not fill a chunk if not chunks: break chunk_data = data_stream[:chunk_size] new_chunks.append(ClientChunk.create(chunk_data, chunk_output_dir)) data_stream = data_stream[chunk_size:] chunks = new_chunks # There should not be anything left over. assert not data_stream # size for comparison size_ratio = 1.0 * new_size / file_size logger.debug('new size (combined chunks) is %s bytes' % new_size) logger.debug('size ratio is %f' % size_ratio) logger.debug('split file into %s chunks' % len(chunks)) return chunks
def m2crypto_encrypt(message, key, iv): cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=Encryption.ENCODE) return (cipher.update(message) + cipher.final(), iv)
def get_video_link_from_iframe(self, url, mainurl): playlist_domain = 'streamblast.cc' playlist_domain2 = 'buchome.com' usr_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36' headers = {"User-Agent": usr_agent, "Referer": mainurl} request = urllib2.Request(url, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() src_urljs = "http://" + playlist_domain2 + response.split( '<script src="')[-1].split('"></script>')[0] video_token = response.split("video_token: '")[-1].split("',")[0] partner_id = response.split("partner_id: ")[-1].split(",")[0] domain_id = response.split("domain_id: ")[-1].split(",")[0] ref = re.compile('ref: \'(.+?)\'').findall(response)[0] headers = {"User-Agent": usr_agent, "Referer": url} request = urllib2.Request(src_urljs, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() subtitles = None if 'subtitles: {"master_vtt":"' in response: subtitles = response.split('subtitles: {"master_vtt":"')[-1].split( '"')[0] values = {} attrs = {} attrs['purl'] = "/vs" values["ref"] = ref raw_passkey = None raw_ivkey = None if not os.path.isfile(self.keyfile): self.getkeys_value() with open(self.keyfile, 'r') as keys_file: for line in keys_file: if "value1" in line: raw_passkey = line.split("value1=")[1].strip() if "value2" in line: raw_ivkey = line.split("value2=")[1] break passkey = unhexlify(raw_passkey) ivkey = unhexlify(raw_ivkey) msg = '{"a":%s,"b":"%s","c":true,"e":"%s","f":"%s"}' % ( partner_id, domain_id, video_token, usr_agent) cipher = Cipher(alg='aes_256_cbc', key=passkey, iv=ivkey, op=1) ciphertext = cipher.update(msg) + cipher.final() values['q'] = b64encode(ciphertext) headers = { "Host": playlist_domain2, "Origin": "http://" + playlist_domain2, "User-Agent": usr_agent, "Referer": "http://" + playlist_domain2 + "/video/" + video_token + "/iframe", "X-Requested-With": "XMLHttpRequest" } request = urllib2.Request('http://' + playlist_domain2 + attrs["purl"], urllib.urlencode(values), headers) request.get_method = lambda: 'POST' response = urllib2.urlopen(request).read() data = json.loads(response.decode('unicode-escape')) playlisturl = data['m3u8'] headers = { "Host": playlist_domain, "Origin": "http://" + playlist_domain2, "User-Agent": usr_agent } request = urllib2.Request(playlisturl, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() urls = re.compile("http:\/\/.*?\n").findall(response) manifest_links = {} for i, url in enumerate(urls): manifest_links[QUALITY_TYPES[i]] = url.replace("\n", "") return manifest_links, subtitles
def combine_chunks(chunks, output_path, decompress=False, encrypt_key=None): """rebuild the original file from chunks """ msg = 'combining %s chunks' % len(chunks) logger.info(msg) salt_length = 0 key_length = 0 if encrypt_key: if encrypt_key.binary_salt: salt_length = len(encrypt_key.binary_salt) assert salt_length == 16, salt_length key_length = len(encrypt_key.binary_key) assert key_length == 16, key_length f = open(output_path, 'wb') if decompress: decompressor = zlib.decompressobj() if encrypt_key: # salt, then iv iv = chunks[0].read(byte_range=[salt_length, salt_length + key_length]) decryptor = Cipher( CIPHER_MODE, encrypt_key.binary_key, iv, CIPHER_DECODE ) # sort out any parity chunks parity_chunks = [] while chunks[-1].parity: parity_chunks.insert(0, chunks.pop()) if parity_chunks and has_par2(): cwd1 = os.getcwd() os.chdir(os.path.dirname(parity_chunks[0].file_path)) # The files have to end in .par2 to work. for parity_chunk in parity_chunks: new_name = '%s.%s' % (parity_chunk.filename, 'par2') os.rename(parity_chunk.filename, new_name) parity_chunk.file_path = os.path.join( os.path.dirname(parity_chunk.file_path), new_name) # It won't recognize them by name, so put them on the command line. par2_repair([p.filename for p in parity_chunks]) os.chdir(cwd1) for (i, chunk) in enumerate(chunks): chunk.verify_checksum() if i == 0 and encrypt_key: chunk_size = chunk.size if encrypt_key.binary_salt: # strip salt and IV data = chunk.read( byte_range=[len(encrypt_key.binary_key) + \ len(encrypt_key.binary_salt), chunk.size-4] ) else: # skip the IV data = chunk.read( byte_range=[len(encrypt_key.binary_key), chunk.size-4] ) else: data = chunk.read() if encrypt_key: data = decryptor.update(data) assert not decryptor.final() if decompress: data = decompressor.decompress(data) assert not decompressor.unused_data f.write(data) f.close() logger.debug('file size is %s' % os.stat(output_path).st_size)
def fetchPrivateKey(self): """Fetch the private key for the user and storage context provided to this object, and decrypt the private key by using my passphrase. Store the private key in internal storage for later use.""" # Retrieve encrypted private key from the server logging.debug("Fetching encrypted private key from server") privKeyObj = self.ctx.get_item("keys", "privkey") payload = json.loads(privKeyObj['payload']) self.privKeySalt = base64.decodestring(payload['salt']) self.privKeyIV = base64.decodestring(payload['iv']) self.pubKeyURI = payload['publicKeyUri'] data64 = payload['keyData'] encryptedKey = base64.decodestring(data64) # Now decrypt it by generating a key with the passphrase # and performing an AES-256-CBC decrypt. logging.debug("Decrypting encrypted private key") passKey = PBKDF2(self.passphrase, self.privKeySalt, iterations=4096).read(32) cipher = Cipher(alg='aes_256_cbc', key=passKey, iv=self.privKeyIV, op=0) # 0 is DEC cipher.set_padding(padding=1) v = cipher.update(encryptedKey) v = v + cipher.final() del cipher decryptedKey = v # Result is an NSS-wrapped key. # We have to do some manual ASN.1 parsing here, which is unfortunate. # 1. Make sure offset 22 is an OCTET tag; if this is not right, the decrypt # has gone off the rails. if ord(decryptedKey[22]) != 4: logging.debug( "Binary layout of decrypted private key is incorrect; probably the passphrase was incorrect." ) raise ValueError("Unable to decrypt key: wrong passphrase?") # 2. Get the length of the raw key, by interpreting the length bytes offset = 23 rawKeyLength = ord(decryptedKey[offset]) det = rawKeyLength & 0x80 if det == 0: # 1-byte length offset += 1 rawKeyLength = rawKeyLength & 0x7f else: # multi-byte length bytes = rawKeyLength & 0x7f offset += 1 rawKeyLength = 0 while bytes > 0: rawKeyLength *= 256 rawKeyLength += ord(decryptedKey[offset]) offset += 1 bytes -= 1 # 3. Sanity check if offset + rawKeyLength > len(decryptedKey): rawKeyLength = len(decryptedKey) - offset # 4. Extract actual key privateKey = decryptedKey[offset:offset + rawKeyLength] # And we're done. self.privateKey = privateKey logging.debug("Successfully decrypted private key")
def cipher_decrypt(self, ciphertext, key, IV): cipher = Cipher(alg='aes_256_cbc', key=key, iv=IV, op=0) v = cipher.update(ciphertext) v = v + cipher.final() del cipher return json.loads(v)
from M2Crypto.EVP import Cipher from base64 import b64encode, b64decode key = b64decode('H5jOqyCXcO+odcJFhT7Odh+Yzqsgl3Dv') iv = b64decode('AAoKCgoCAqo=') ciphertext = '5458d715704493d8e6b9bd38f8b6be0e'.decode('hex') decipher = Cipher(alg='des_ede3_cbc', key=key, op=0, iv=iv) plaintext = decipher.update(ciphertext) plaintext += decipher.final() print plaintext
def decrypt_3des(key, text): decryptor = Cipher(alg='des_ede3_cbc', key=key, op=0, iv='01234567') s = decryptor.update(text) return s + decryptor.final()
def encrypt_3des(key, text): # encryptor = Cipher(alg='des_ede3_ecb', key=key, op=1, iv='\0'*16) encryptor = Cipher(alg='des_ede3_cbc', key=key, op=1, iv='01234567') s = encryptor.update(text) return s + encryptor.final()
def m2crypto_decrypt(key, iv, data): cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=DEC) v = cipher.update(data) v = v + cipher.final() return v
def get_video_link_from_iframe(self, url, mainurl): playlist_domain = 'streamblast.cc' playlist_domain2 = 'liquinota.com' usr_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36' headers = {"User-Agent": usr_agent, "Referer": mainurl} request = urllib2.Request(url, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() src_urljs = "http://" + playlist_domain2 + response.split( '<script src="')[-1].split('"></script>')[0] video_token = response.split("video_token: '")[-1].split("',")[0] partner_id = response.split("partner_id: ")[-1].split(",")[0] domain_id = response.split("domain_id: ")[-1].split(",")[0] headers = {"User-Agent": usr_agent, "Referer": url} request = urllib2.Request(src_urljs, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() values = {} attrs = {} attrs['purl'] = "/vs" passkey = unhexlify( '19f15a0031b8548acfa8da1f2cdf7f73179ac13f3c4938c8bad5a1c93dd8fe06') ivkey = unhexlify('79e4add175162a762071a11fe45d249f') msg = '{"a":%s,"b":"%s","c":true,"e":"%s","f":"%s"}' % ( partner_id, domain_id, video_token, usr_agent) cipher = Cipher(alg='aes_256_cbc', key=passkey, iv=ivkey, op=1) ciphertext = cipher.update(msg) + cipher.final() values['q'] = b64encode(ciphertext) subtitles = None if 'subtitles: {"master_vtt":"' in response: subtitles = response.split('subtitles: {"master_vtt":"')[-1].split( '"')[0] headers = { "Host": playlist_domain2, "Origin": "http://" + playlist_domain2, "User-Agent": usr_agent, "Referer": "http://" + playlist_domain2 + "/video/" + video_token + "/iframe", "X-Requested-With": "XMLHttpRequest" } request = urllib2.Request('http://' + playlist_domain2 + attrs["purl"], urllib.urlencode(values), headers) request.get_method = lambda: 'POST' response = urllib2.urlopen(request).read() data = json.loads(response.decode('unicode-escape')) playlisturl = data['m3u8'] headers = { "Host": playlist_domain, "Origin": "http://" + playlist_domain2, "User-Agent": usr_agent } request = urllib2.Request(playlisturl, "", headers) request.get_method = lambda: 'GET' response = urllib2.urlopen(request).read() urls = re.compile("http:\/\/.*?\n").findall(response) manifest_links = {} for i, url in enumerate(urls): manifest_links[QUALITY_TYPES[i]] = url.replace("\n", "") return manifest_links, subtitles
def decrypt_3des(key, text): decryptor = Cipher(alg='des_ede3_ecb', key=key, op=0, iv='\0'*16) s= decryptor.update(text) return s + decryptor.final()
def encrypt(self, plaintextData, encryptionLabel=None): """Given a plaintext object, encrypt it and return the ciphertext value.""" logging.debug("encrypt()") logging.debug("plaintext:\n" + pprint.pformat(plaintextData)) crypt_key = None hmac_key = None if encryptionLabel == None: logging.debug("Encrypting data record using sync key") # Go get the keying infromation if need it if self.privateKey == None: self.fetchPrivateKey() crypt_key = self.privateKey hmac_key = self.privateHmac else: logging.debug("Encrypting data record using bulk key %s" % encryptionLabel) # Go get the keying infromation if need it if encryptionLabel not in self.bulkKeys: self.fetchBulkKey(encryptionLabel) crypt_key = self.bulkKeys[encryptionLabel] hmac_key = self.bulkKeyHmacs[encryptionLabel] encryptedData = None if isinstance(plaintextData, list): # Encrypt collection encryptedData = [] for item in plaintextData: # Note recursive call encryptedData.append({ u'id': unicode(item['id']), u'payload': json.dumps(self.encrypt(item['payload'], encryptionLabel), ensure_ascii=False) }) else: # Encrypt item if type(plaintextData) != str and (plaintextData) != unicode: plaintextData = json.dumps(plaintextData, ensure_ascii=False) #logging.debug("payload: %s, crypt key: %s, crypt hmac: %s" % (plaintextData, binascii.hexlify(crypt_key), binascii.hexlify(hmac_key))) # Encrypt object iv = os.urandom(16) cipher = Cipher(alg='aes_256_cbc', key=crypt_key, iv=iv, op=M2Crypto_Encrypt) encryptedData = cipher.update(plaintextData) + cipher.final() del cipher #format for Weave storage, i.e. base64 unicode ciphertext = unicode(base64.b64encode(encryptedData)) ivtext = unicode(base64.b64encode(iv)) hmactext = unicode( binascii.hexlify( hmac.new(hmac_key, msg=ciphertext, digestmod=hashlib.sha256).digest())) encryptedData = { u'ciphertext': ciphertext, u'IV': ivtext, u'hmac': hmactext } logging.debug("Successfully encrypted v5 data record") return encryptedData
def decrypt_3des(key, text, usebase64=False): if usebase64: text = base64.b64decode( text ) cipher = Cipher(alg='des_ede3_ecb', key=key, op=0, iv='\0'*16) s = cipher.update(text) return s + cipher.final()
def encrypt_3des(key, text): encryptor = Cipher(alg='des_ede3_ecb', key=key, op=1, iv='\0'*16) s = encryptor.update(text) return s+ encryptor.final()
def decrypt(self, encryptedObject, encryptionLabel=None): """Given an encrypted object, decrypt it and return the plaintext value. If necessary, will retrieve the private key and bulk encryption key from the storage context associated with self.""" logging.debug("decrypt()") # Coerce JSON if necessary if type(encryptedObject) == str or type(encryptedObject) == unicode: encryptedObject = json.loads(encryptedObject) v = None # An encrypted object has three relevant fields ciphertext = base64.decodestring(encryptedObject['ciphertext']) iv = base64.decodestring(encryptedObject['IV']) cipher_hmac = encryptedObject['hmac'].encode('ascii') crypt_key = None crypt_hmac = None if encryptionLabel == None: logging.debug("Decrypting data record using sync key") # Go get the keying infromation if need it if self.privateKey == None: self.fetchPrivateKey() crypt_key = self.privateKey crypt_hmac = self.privateHmac else: logging.debug("Decrypting data record using bulk key %s" % encryptionLabel) # Go get the keying infromation if need it if encryptionLabel not in self.bulkKeys: self.fetchBulkKey(encryptionLabel) crypt_key = self.bulkKeys[encryptionLabel] crypt_hmac = self.bulkKeyHmacs[encryptionLabel] #logging.debug("payload: %s, crypt key: %s, crypt hmac: %s" % (encryptedObject, binascii.hexlify(crypt_key), binascii.hexlify(crypt_hmac))) # HMAC verification is done against base64 encoded ciphertext local_hmac = hmac.new(crypt_hmac, msg=encryptedObject['ciphertext'], digestmod=hashlib.sha256).digest() local_hmac = binascii.hexlify(local_hmac) if local_hmac != cipher_hmac: raise WeaveException("HMAC verification failed!") # In case you were wondering, this is the same as this operation at the openssl command line: # openssl enc -d -in data -aes-256-cbc -K `cat unwrapped_symkey.16` -iv `cat iv.16` # Do the decrypt cipher = Cipher(alg='aes_256_cbc', key=crypt_key, iv=iv, op=M2Crypto_Decrypt) v = cipher.update(ciphertext) v = v + cipher.final() del cipher logging.debug("Successfully decrypted v5 data record") return v