def main():
master_key = open('{{jenkins_home}}/secrets/master.key').read()
hudson_secret_key = open(
'{{jenkins_home}}/secrets/hudson.util.Secret'
).read()
hashed_master_key = hashlib.sha256(master_key).digest()[:16]
cipher = Cipher('aes_128_ecb', hashed_master_key, '', 0)
v = cipher.update(hudson_secret_key)
x = v + cipher.final()
assert MAGIC in x
k = x[:-16]
k = k[:16]
token = os.urandom(16).encode('hex')
plaintext = token + MAGIC
cipher = Cipher('aes_128_ecb', k, '', 1)
v = cipher.update(plaintext)
password = base64.b64encode(v + cipher.final())
print password
with open('/etc/jenkins_jobs/jenkins_jobs.ini', 'wb+') as f:
f.write('\n'.join([
'[jenkins]',
'user=jenkins',
'password=%s' % hashlib.md5(token).hexdigest(),
'url=http://localhost:8080'
]))
def do_encrypt(file_name, encrypt_type): # encrypt_type: 0->decrypt, 1->encrypt
algorithm = 'bf_cbc'
key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"
iv = "\x01\x02\x03\x04\x05\x06\x07\x08"
key_as_bytes = 0 # 0->use iv, 1->not use iv
algo_method = 'md5' # 'md5', 'sha1'
salt = '12345678'
iter_count = 1
padding = 1
if not os.path.isfile(file_name):
return ''
file = open(file_name, 'r')
content = file.read()
file.close()
try:
# constructor the EVP.Cipher obj
cipher_obj = Cipher(algorithm, key, iv, encrypt_type, key_as_bytes, algo_method, salt, iter_count, padding)
# use memory file obj
out = StringIO.StringIO()
out.write(cipher_obj.update(content))
out.write(cipher_obj.final())
return out.getvalue()
except Exception as e:
return ''
def encrypt_sn(sn):
m=Cipher(alg = "aes_128_cbc", key = config['passout'], iv = '\x00' * 16, op = 1)
m.set_padding(padding=7)
v = m.update(sn)
v = v + m.final()
del m
return v
def __encryptData(self, key, iv, data):
data = str(data) + "\0" # <---- ----------
cipher = Cipher("aes_256_cbc", key, iv, ENC)
v = cipher.update(data)
v = v + cipher.final()
v = base64.b64encode(v)
return v
def decrypt_text(encrypted_text, key):
# Porting from pyDes-based encryption (see http://git.io/htpk)
# to use M2Crypto instead (see https://gist.github.com/mrluanma/917014)
cipher = Cipher(alg="des_ede3_ecb", key=b"{}".format(key), op=0, iv="\0" * 16)
decrypted_text = cipher.update(base64.b64decode(b"{}".format(encrypted_text)))
decrypted_text += cipher.final()
return decrypted_text
def decrypt(chunk, key):
cipher = Cipher(alg=ALG, key=key, iv=IV, op=0, key_as_bytes=0, padding=PADDING) # 0 is decrypt
cipher.set_padding(padding=m2.no_padding)
v = cipher.update(chunk)
v = v + cipher.final()
del cipher #需要删除
return v
def encrypt_hpwd(self, clearpass):
key=settings.SECRET_KEY
iv=get_random_string(16)
cipher=Cipher(alg='aes_256_cbc', key=key, iv=iv, op=1)
v=cipher.update(clearpass) + cipher.final()
del cipher
return b64encode(v), iv
def decrypt(self, encryptedObject):
"""Given an encrypted object, decrypt it and return the plaintext value.
If necessary, will retrieve the private key and bulk encryption key
from the storage context associated with self."""
# Coerce JSON if necessary
if type(encryptedObject) == str or type(encryptedObject) == unicode:
encryptedObject = json.loads(encryptedObject)
# An encrypted object has two relevant fields
encryptionLabel = encryptedObject['encryption']
ciphertext = base64.decodestring(encryptedObject['ciphertext'])
# Go get the keying infromation if need it
if self.privateKey == None:
self.fetchPrivateKey()
if not encryptionLabel in self.bulkKeys:
self.fetchBulkKey(encryptionLabel)
# In case you were wondering, this is the same as this operation at the openssl command line:
# openssl enc -d -in data -aes-256-cbc -K `cat unwrapped_symkey.16` -iv `cat iv.16`
# Do the decrypt
logging.debug("Decrypting data record using bulk key %s" % encryptionLabel)
cipher = Cipher(alg='aes_256_cbc', key=self.bulkKeys[encryptionLabel], iv=self.bulkKeyIVs[encryptionLabel], op=0) # 0 is DEC
v = cipher.update(ciphertext)
v = v + cipher.final()
del cipher
logging.debug("Successfully decrypted data record")
return v
def sym_decrypt(self, key, data):
data = b64decode(data)
cipher = Cipher(alg='aes_128_cbc', key=key, iv=self.IV, op=DEC)
v = cipher.update(data)
v = v + cipher.final()
del cipher
return v
def decryptPasswd(buf, passKey, iv = '\x00' * 16):
cipher = Cipher(alg='aes_128_cbc', key=passKey, iv=iv, op=0) # 0 is decrypt
cipher.set_padding(padding=7)
v = cipher.update(buf)
v = v + cipher.final()
del cipher
return v
def encryptData(key, data):
iv = '\0' * 16
cipher = Cipher(alg=ALGS[len(key)], key=key, iv=iv, op=1)
encoded = cipher.update(data)
encoded = encoded + cipher.final()
return encoded
def testhash(request):
key=settings.SECRET_KEY
iv=Account.objects.get(id=1).random_str
data=b64decode('MTkcUSMxaxZytN4D3B7XEaPy5wNvAe0MHB1xNZeqZKo=')
cipher=Cipher(alg='aes_256_cbc', key=key, iv=iv, op=0)
v=cipher.update(data) + cipher.final()
del cipher
return HttpResponse(v)
def Decrypt(data): '使用aes_128_ecb算法对数据解密' # 将密文从16进制转为字节流 data = util.h2b(data) cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = DECRYPT_OP) buf = cipher.update(data) buf = buf + cipher.final() del cipher return buf
def encrypt(chunk, key):
cipher = Cipher(alg=ALG, key=key, iv=IV, op=1, key_as_bytes=0,padding=PADDING) # 1 is encrypt
# padding 有时设置为1
cipher.set_padding(padding=m2.no_padding)
v = cipher.update(chunk)
v = v + cipher.final()
del cipher #需要删除
return v
class M2CryptoEngine:
K_CIPHER = None
@classmethod
def init_key_cipher(cls, prikey):
cls.K_CIPHER = RSA.load_key_string(prikey)
def __init__(self, encrypted_header=None):
if encrypted_header:
self.__enc_data = encrypted_header
header = self.K_CIPHER.private_decrypt(encrypted_header, RSA.pkcs1_padding)
secret = header[:32]
iv = header[32:]
op = DEC
else:
secret = self._get_random(32)
iv = self._get_random(16)
self.__enc_data = self.K_CIPHER.public_encrypt(secret+iv, RSA.pkcs1_padding)
op = ENC
self.__cipher = Cipher(alg='aes_128_cbc', key=secret, iv=iv, op=op)
self.__cipher.set_padding(1)
def _get_random(self, cnt):
while True:
data = Rand.rand_bytes(cnt)
if data[0] != '\x00':
return data
def encrypt(self, data, finalize=False):
end_data = self.__cipher.update(data)
if finalize:
end_data += self.__cipher.final()
return end_data
def decrypt(self, data, finalize=False):
end_data = self.__cipher.update(data)
if finalize:
end_data += self.__cipher.final()
return end_data
def get_encrypted_header(self):
return self.__enc_data
def Encrypt(data):
cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = ENCRYPT_OP)
buf = cipher.update(data)
buf = buf + cipher.final()
del cipher
# 将明文从字节流转为16进制
output = ''
for i in buf:
output += '%02X' % (ord(i))
return output
def encrypt_text(text, key):
# Porting from pyDes-based encryption (see http://git.io/htxa)
# to use M2Crypto instead (see https://gist.github.com/mrluanma/917014)
cipher = Cipher(alg="des_ede3_ecb",
key=b"{}".format(key),
op=1,
iv="\0" * 16)
encrypted_text = cipher.update(b"{}".format(text))
encrypted_text += cipher.final()
return base64.b64encode(encrypted_text)
def Encrypt(data):
cipher = Cipher(alg='aes_128_ecb', key=PRIVATE_KEY, iv=iv, op=ENCRYPT_OP)
buf = cipher.update(data)
buf = buf + cipher.final()
del cipher
output = ''
for i in buf:
output += '%02X' % (ord(i))
return output
def AESEncrypt(cls, data): '使用aes_128_ecb算法对数据加密' cipher = Cipher(alg = 'aes_128_ecb', key = cls.privateKey, iv = cls.iv, op = ENC) txt = cipher.update(data) txt = txt + cipher.final() del cipher # 将明文从字节流转为16进制 output = '' for i in txt: output += '%02X' % (ord(i)) return output
def Decrypt(data):
# 将密文从16进制转为字节流
data = util.h2b(data)
cipher = Cipher(alg = 'aes_128_ecb', key = PRIVATE_KEY, iv = iv, op = DECRYPT_OP)
buf = cipher.update(data)
buf = buf + cipher.final()
del cipher
return buf
# print Decrypt('6C0D072989D9F7271EF1BD5AA1C830F2')
def Decrypt(data):
#data = util.h2b(data)
data1 = binascii.a2b_hex(data)
#for i in len(data)/2:
# data1 += binascii.a2b_hex()
cipher = Cipher(alg='aes_128_ecb', key=PRIVATE_KEY, iv=iv, op=DECRYPT_OP)
buf = cipher.update(data1)
buf = buf + cipher.final()
del cipher
return buf
def encrypto(s):
''' 压缩加密字符串 '''
if isinstance(s, unicode):
s = s.encode('utf8')
s = zlib.compress(s)
cipher = Cipher(alg='des_cbc', key=CRYPTO_KEY, iv=CRYPTO_IV, op=1)
cipher.set_padding(padding=m2.no_padding)
out = cipher.update(s)
out += cipher.final()
del cipher
return base64.encodestring(out)
def decryptData(key, encoded, testforpickle=False):
iv = '\0' * 16
cipher = Cipher(alg=ALGS[len(key)], key=key, iv=iv, op=0)
decoded = cipher.update(encoded)
decoded = decoded + cipher.final()
# old format encryption seems to have 16 bytes before pickled data
if testforpickle and not decoded.startswith('(dp'):
return decoded[16:]
return decoded
def AESDecrypt(cls, data):
'使用aes_128_ecb算法对数据解密'
# 将密文从16进制转为字节流
data = util.h2b(data)
cipher = Cipher(alg='aes_128_ecb',
key=cls.privateKey,
iv=cls.iv,
op=DEC)
txt = cipher.update(data)
txt = txt + cipher.final()
del cipher
return txt
def encrypt(self, message):
# 1. Encrypt
iv = Random.new().read(16)
encrypter = Cipher(self.enc_alg, self.key_enc, iv, self.ENC_OP)
c = b64encode(encrypter.update(message) + encrypter.final())
encryption = b64encode(iv) + c # b64encode(iv) size is always 24
# 2. Sign
hmac = HMAC(self.key_auth, self.auth_alg)
hmac.update(encryption)
auth_sig = b64encode(hmac.digest()) # auth_sig size is always 28
return auth_sig + encryption
def _decrypt(self, payload, key):
''' Decrypt payload fetched from server. '''
ciphertext = payload['ciphertext'].decode('base64')
iv = payload['IV'].decode('base64')
# Perform the actual decryption.
cipher = Cipher(alg='aes_256_cbc', key=key, iv=iv, op=0)
v = cipher.update(ciphertext)
v = v + cipher.final()
del cipher
return json.loads(v)
def aes_decrypt(mess, aes_key, size=256):
if size == 128:
algo = 'aes_128_cbc'
elif size == 256:
algo = 'aes_256_cbc'
else:
algo = 'aes_128_cbc'
mess = b64decode(mess)
cipher = Cipher(alg=algo, key=aes_key, iv=IV, op=0)
o = cipher.update(mess)
o = o + cipher.final()
del cipher
return o
def aes_html_data_decrypt(data):
"""
解密Html传过来的数据
:param data: 数据Base64编码
:return: 解密后的字符串,如果为无效的字符串解密,则返回空串
"""
key = '!@#$%^&*()_+|%^&'
iv = '!@#$%^&*()_+|%^&'
decryptor = Cipher(alg="aes_128_cbc", key=key, iv=iv, op=OP_DECRYPT, padding=0)
encrypted_data = base64.b64decode(data)
decrypted_data = decryptor.update(encrypted_data)
decrypted_data += decryptor.final()
return unpad(decrypted_data)
def aes_api_data_encrypt(data):
"""
加密api数据
:param data: 字符串数据等
:return: base64数据
"""
key = '!@#$%^&*()_+|%^&'
iv = '!@#$%^&*()_+|%^&'
pad_data = pkcs7_pad(data, 16)
encryptor = Cipher(alg="aes_128_cbc", key=key, iv=iv, op=OP_ENCRYPT, padding=0)
str = encryptor.update(pad_data)
str = str + encryptor.final()
base64str = base64.b64encode(str)
return base64str
def decrypt_aes(key, text, iv='\0'*16, usebase64=False):
""" aes比3des: 加解密速度快, 资源消耗低, 安全级别高
param:
key: 密钥, 16个字符
note: 当key或iv不足16个字符的时候, 后面补字符'0'; 当超过16个字符的时候, 截断为前面16个字符
note: 标准Base64编码会出现字符+和/,在URL中不能作为参数,而urlsafe的base64编码,其实是把字符+和/分别变成-和_
"""
key = _autofill(key) # 当使用 aes_256时候, key需要32个字符; 而使用aes_128时, key需要16个字符
iv = _autofill(iv)
if usebase64:
text = base64.urlsafe_b64decode( text )
cipher = Cipher(alg='aes_128_cbc', key=key, op=0, iv=iv) # aes_256_cbc, aes_256_ecb
s = cipher.update(text)
return s + cipher.final()
def aes_decrypt(mess,aes_key,size=256):
if size == 128:
algo = 'aes_128_cbc'
elif size == 256:
algo = 'aes_256_cbc'
else:
algo = 'aes_128_cbc'
mess = b64decode(mess)
cipher = Cipher(alg=algo,key=aes_key,iv=IV,op=0)
o = cipher.update(mess)
o = o + cipher.final()
del cipher
return o
def decrypt(self, sig_encryption):
auth_sig = sig_encryption[:28]
encryption = sig_encryption[28:]
# 1. Verify signature
hmac = HMAC(self.key_auth, self.auth_alg)
hmac.update(encryption)
if auth_sig != b64encode(hmac.digest()):
raise EVPError("Authentication failure: " +
auth_sig + " does not match " + b64encode(hmac.digest()))
# 2. Decrypt
iv = b64decode(encryption[:24])
ciphertext = b64decode(encryption[24:])
decrypter = Cipher(self.enc_alg, self.key_enc, iv, self.DEC_OP)
return decrypter.update(ciphertext) + decrypter.final()
class DecryptorVersion1(object):
def __init__(self, key, data, iv):
self.key = hashlib.sha256(key).digest()
self.data = base64.standard_b64decode(data)
self.iv = base64.standard_b64decode(iv)
self.decryptor = Cipher(alg=EncryptedDataBagItem.AES_MODE, key=self.key, iv=self.iv, op=0)
def decrypt(self):
value = self.decryptor.update(self.data) + self.decryptor.final()
del self.decryptor
# Strip all the whitespace and sequence control characters
value = value.strip(reduce(lambda x, y: "%s%s" % (x, y), EncryptedDataBagItem.Decryptors.STRIP_CHARS))
# After decryption we should get a string with JSON
try:
value = json.loads(value)
except ValueError:
raise ChefDecryptionError()
return value["json_wrapper"]
def encrypt_mode_cbc(data, key, iv):
"""
aes加密得到十进制串
:param data:
:param key:
:param iv:
:return:
"""
cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=1)
buf = cipher.update(data)
buf += cipher.final()
del cipher
# 将明文从字节流转为十进制
des_list = [int('%02X' % (ord(i)), 16) for i in buf]
# 原码转补码
in_list = [~h ^ 255 if h > 128 else h for h in des_list]
return in_list
class EncryptorVersion1(object):
VERSION = 1
def __init__(self, key, data):
self.key = hashlib.sha256(key).digest()
self.data = data
self.iv = os.urandom(8).encode("hex")
self.encryptor = Cipher(alg=EncryptedDataBagItem.AES_MODE, key=self.key, iv=self.iv, op=1)
self.encrypted_data = None
def encrypt(self):
if self.encrypted_data is None:
data = json.dumps({"json_wrapper": self.data})
self.encrypted_data = self.encryptor.update(data) + self.encryptor.final()
del self.encryptor
return self.encrypted_data
def to_dict(self):
return {
"encrypted_data": base64.standard_b64encode(self.encrypt()),
"iv": base64.standard_b64encode(self.iv),
"version": self.VERSION,
"cipher": "aes-256-cbc",
}
def m2crypto_decrypt(ciphertext, key, iv):
decipher = Cipher(alg='aes_128_cbc',
key=key,
iv=iv,
op=Encryption.DECODE)
return decipher.update(ciphertext) + decipher.final()
def split_file(file_path, chunk_output_dir, compress=True, encrypt_key=None):
"""split the file into chunks
returns a list of ClientChunk objects
compress
compress with gzip
encrypt_key
128 bit key used for AES encryption
128 bit key recommended by Schneier
https://www.schneier.com/blog/archives/2009/07/another_new_aes.html
"""
file_size = os.stat(file_path).st_size
logger.debug('original file size is %s' % file_size)
chunk_sizes = []
data_stream = ''
if encrypt_key:
esalt = encrypt_key.binary_salt
if esalt is None:
esalt = ''
assert isinstance(encrypt_key, AESKey)
# account for iv
# size should be same as key
iv = os.urandom(16)
assert len(iv) == len(encrypt_key.binary_key)
encryptor = Cipher(
CIPHER_MODE, encrypt_key.binary_key, iv, CIPHER_ENCODE
)
data_stream = data_stream + esalt + iv
if not compress:
chunk_sizes = calc_chunk_sizes(file_size + len(data_stream))
logger.debug('splitting %s into %s' % (file_path, chunk_output_dir))
logger.debug('compress: %s' % compress)
if encrypt_key:
logger.debug('encrypt: True')
f = open(file_path, 'rb')
chunks = []
chunk_prefix = 'chunk'
if compress:
compressor = zlib.compressobj(9)
chunk_prefix = 'tmp_chunk'
# figure out the size of the first chunk
if chunk_sizes:
chunk_size = chunk_sizes.pop(0)
else:
chunk_size = CHUNK_SIZE_MAX
def chunk_stream(data_stream, chunk_size, check_size=True):
# check_size is for the last bit of data that is smaller than a
# chunk when data is compressed and the data sizes are
# unpredictable.
min_size = chunk_size
if not check_size:
min_size = 1
while len(data_stream) >= min_size:
chunk_data = data_stream[:chunk_size]
# If compressing, will have to create new chunks later.
chunks.append(ClientChunk.create(chunk_data, chunk_output_dir,
prefix=chunk_prefix))
data_stream = data_stream[chunk_size:]
if chunk_sizes:
# next chunk size may be different
chunk_size = chunk_sizes.pop(0)
return (data_stream, chunk_size)
while f.tell() < file_size:
data = f.read(CHUNK_SIZE_MAX)
if compress:
data = compressor.compress(data)
if encrypt_key:
data = encryptor.update(data)
assert not encryptor.final()
data_stream += data
data_stream_len = len(data_stream)
logger.debug('data stream length: %s' % data_stream_len)
(data_stream, chunk_size) = chunk_stream(data_stream, chunk_size)
# process data not chunked yet
logger.debug('%s bytes left over' % len(data_stream))
if compress:
# may have compressed data left.
flushed_data = compressor.flush()
if flushed_data:
logger.debug(
'another %s bytes of flushed data' % len(flushed_data))
if encrypt_key:
flushed_data = encryptor.update(flushed_data)
assert not encryptor.final()
data_stream += flushed_data
if data_stream:
(data_stream, chunk_size) = chunk_stream(data_stream, chunk_size,
False)
assert not chunk_sizes
f.close()
# finished initial data chunking.
new_size = sum((c.size - 4) for c in chunks)
if not compress:
emsg = ('original size was %s. expected new size to be '
'%s, but it is %s')
expected_size = file_size
if encrypt_key:
expected_size = file_size + len(esalt) + len(iv)
emsg = emsg % (file_size, expected_size, new_size)
assert expected_size == new_size, emsg
else:
# must reorganize the chunks.
new_chunks = []
chunk_sizes = calc_chunk_sizes(new_size)
# just replace the old chunk with the new one.
data_stream = ''
for chunk_size in chunk_sizes:
# read the old chunks until there is enough to write.
while len(data_stream) < chunk_size:
old_chunk = chunks.pop(0)
data_stream += old_chunk.read(raw=True)[:-4]
# free up the space
os.unlink(old_chunk.file_path)
# small files will not fill a chunk
if not chunks:
break
chunk_data = data_stream[:chunk_size]
new_chunks.append(ClientChunk.create(chunk_data, chunk_output_dir))
data_stream = data_stream[chunk_size:]
chunks = new_chunks
# There should not be anything left over.
assert not data_stream
# size for comparison
size_ratio = 1.0 * new_size / file_size
logger.debug('new size (combined chunks) is %s bytes' % new_size)
logger.debug('size ratio is %f' % size_ratio)
logger.debug('split file into %s chunks' % len(chunks))
return chunks
def m2crypto_encrypt(message, key, iv):
cipher = Cipher(alg='aes_128_cbc',
key=key,
iv=iv,
op=Encryption.ENCODE)
return (cipher.update(message) + cipher.final(), iv)
def get_video_link_from_iframe(self, url, mainurl):
playlist_domain = 'streamblast.cc'
playlist_domain2 = 'buchome.com'
usr_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36'
headers = {"User-Agent": usr_agent, "Referer": mainurl}
request = urllib2.Request(url, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
src_urljs = "http://" + playlist_domain2 + response.split(
'<script src="')[-1].split('"></script>')[0]
video_token = response.split("video_token: '")[-1].split("',")[0]
partner_id = response.split("partner_id: ")[-1].split(",")[0]
domain_id = response.split("domain_id: ")[-1].split(",")[0]
ref = re.compile('ref: \'(.+?)\'').findall(response)[0]
headers = {"User-Agent": usr_agent, "Referer": url}
request = urllib2.Request(src_urljs, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
subtitles = None
if 'subtitles: {"master_vtt":"' in response:
subtitles = response.split('subtitles: {"master_vtt":"')[-1].split(
'"')[0]
values = {}
attrs = {}
attrs['purl'] = "/vs"
values["ref"] = ref
raw_passkey = None
raw_ivkey = None
if not os.path.isfile(self.keyfile):
self.getkeys_value()
with open(self.keyfile, 'r') as keys_file:
for line in keys_file:
if "value1" in line:
raw_passkey = line.split("value1=")[1].strip()
if "value2" in line:
raw_ivkey = line.split("value2=")[1]
break
passkey = unhexlify(raw_passkey)
ivkey = unhexlify(raw_ivkey)
msg = '{"a":%s,"b":"%s","c":true,"e":"%s","f":"%s"}' % (
partner_id, domain_id, video_token, usr_agent)
cipher = Cipher(alg='aes_256_cbc', key=passkey, iv=ivkey, op=1)
ciphertext = cipher.update(msg) + cipher.final()
values['q'] = b64encode(ciphertext)
headers = {
"Host": playlist_domain2,
"Origin": "http://" + playlist_domain2,
"User-Agent": usr_agent,
"Referer":
"http://" + playlist_domain2 + "/video/" + video_token + "/iframe",
"X-Requested-With": "XMLHttpRequest"
}
request = urllib2.Request('http://' + playlist_domain2 + attrs["purl"],
urllib.urlencode(values), headers)
request.get_method = lambda: 'POST'
response = urllib2.urlopen(request).read()
data = json.loads(response.decode('unicode-escape'))
playlisturl = data['m3u8']
headers = {
"Host": playlist_domain,
"Origin": "http://" + playlist_domain2,
"User-Agent": usr_agent
}
request = urllib2.Request(playlisturl, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
urls = re.compile("http:\/\/.*?\n").findall(response)
manifest_links = {}
for i, url in enumerate(urls):
manifest_links[QUALITY_TYPES[i]] = url.replace("\n", "")
return manifest_links, subtitles
def combine_chunks(chunks, output_path, decompress=False, encrypt_key=None):
"""rebuild the original file from chunks
"""
msg = 'combining %s chunks' % len(chunks)
logger.info(msg)
salt_length = 0
key_length = 0
if encrypt_key:
if encrypt_key.binary_salt:
salt_length = len(encrypt_key.binary_salt)
assert salt_length == 16, salt_length
key_length = len(encrypt_key.binary_key)
assert key_length == 16, key_length
f = open(output_path, 'wb')
if decompress:
decompressor = zlib.decompressobj()
if encrypt_key:
# salt, then iv
iv = chunks[0].read(byte_range=[salt_length, salt_length + key_length])
decryptor = Cipher(
CIPHER_MODE, encrypt_key.binary_key, iv, CIPHER_DECODE
)
# sort out any parity chunks
parity_chunks = []
while chunks[-1].parity:
parity_chunks.insert(0, chunks.pop())
if parity_chunks and has_par2():
cwd1 = os.getcwd()
os.chdir(os.path.dirname(parity_chunks[0].file_path))
# The files have to end in .par2 to work.
for parity_chunk in parity_chunks:
new_name = '%s.%s' % (parity_chunk.filename, 'par2')
os.rename(parity_chunk.filename, new_name)
parity_chunk.file_path = os.path.join(
os.path.dirname(parity_chunk.file_path), new_name)
# It won't recognize them by name, so put them on the command line.
par2_repair([p.filename for p in parity_chunks])
os.chdir(cwd1)
for (i, chunk) in enumerate(chunks):
chunk.verify_checksum()
if i == 0 and encrypt_key:
chunk_size = chunk.size
if encrypt_key.binary_salt:
# strip salt and IV
data = chunk.read(
byte_range=[len(encrypt_key.binary_key) + \
len(encrypt_key.binary_salt),
chunk.size-4]
)
else:
# skip the IV
data = chunk.read(
byte_range=[len(encrypt_key.binary_key), chunk.size-4]
)
else:
data = chunk.read()
if encrypt_key:
data = decryptor.update(data)
assert not decryptor.final()
if decompress:
data = decompressor.decompress(data)
assert not decompressor.unused_data
f.write(data)
f.close()
logger.debug('file size is %s' % os.stat(output_path).st_size)
def m2crypto_decrypt(ciphertext, key, iv):
decipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=Encryption.DECODE)
return decipher.update(ciphertext) + decipher.final()
def fetchPrivateKey(self):
"""Fetch the private key for the user and storage context
provided to this object, and decrypt the private key
by using my passphrase. Store the private key in internal
storage for later use."""
# Retrieve encrypted private key from the server
logging.debug("Fetching encrypted private key from server")
privKeyObj = self.ctx.get_item("keys", "privkey")
payload = json.loads(privKeyObj['payload'])
self.privKeySalt = base64.decodestring(payload['salt'])
self.privKeyIV = base64.decodestring(payload['iv'])
self.pubKeyURI = payload['publicKeyUri']
data64 = payload['keyData']
encryptedKey = base64.decodestring(data64)
# Now decrypt it by generating a key with the passphrase
# and performing an AES-256-CBC decrypt.
logging.debug("Decrypting encrypted private key")
passKey = PBKDF2(self.passphrase, self.privKeySalt,
iterations=4096).read(32)
cipher = Cipher(alg='aes_256_cbc',
key=passKey,
iv=self.privKeyIV,
op=0) # 0 is DEC
cipher.set_padding(padding=1)
v = cipher.update(encryptedKey)
v = v + cipher.final()
del cipher
decryptedKey = v
# Result is an NSS-wrapped key.
# We have to do some manual ASN.1 parsing here, which is unfortunate.
# 1. Make sure offset 22 is an OCTET tag; if this is not right, the decrypt
# has gone off the rails.
if ord(decryptedKey[22]) != 4:
logging.debug(
"Binary layout of decrypted private key is incorrect; probably the passphrase was incorrect."
)
raise ValueError("Unable to decrypt key: wrong passphrase?")
# 2. Get the length of the raw key, by interpreting the length bytes
offset = 23
rawKeyLength = ord(decryptedKey[offset])
det = rawKeyLength & 0x80
if det == 0: # 1-byte length
offset += 1
rawKeyLength = rawKeyLength & 0x7f
else: # multi-byte length
bytes = rawKeyLength & 0x7f
offset += 1
rawKeyLength = 0
while bytes > 0:
rawKeyLength *= 256
rawKeyLength += ord(decryptedKey[offset])
offset += 1
bytes -= 1
# 3. Sanity check
if offset + rawKeyLength > len(decryptedKey):
rawKeyLength = len(decryptedKey) - offset
# 4. Extract actual key
privateKey = decryptedKey[offset:offset + rawKeyLength]
# And we're done.
self.privateKey = privateKey
logging.debug("Successfully decrypted private key")
def cipher_decrypt(self, ciphertext, key, IV):
cipher = Cipher(alg='aes_256_cbc', key=key, iv=IV, op=0)
v = cipher.update(ciphertext)
v = v + cipher.final()
del cipher
return json.loads(v)
def m2crypto_encrypt(message, key, iv):
cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=Encryption.ENCODE)
return (cipher.update(message) + cipher.final(), iv)
def cipher_decrypt(self, ciphertext, key, IV):
cipher = Cipher(alg='aes_256_cbc', key=key, iv=IV, op=0)
v = cipher.update(ciphertext)
v = v + cipher.final()
del cipher
return json.loads(v)
from M2Crypto.EVP import Cipher
from base64 import b64encode, b64decode
key = b64decode('H5jOqyCXcO+odcJFhT7Odh+Yzqsgl3Dv')
iv = b64decode('AAoKCgoCAqo=')
ciphertext = '5458d715704493d8e6b9bd38f8b6be0e'.decode('hex')
decipher = Cipher(alg='des_ede3_cbc', key=key, op=0, iv=iv)
plaintext = decipher.update(ciphertext)
plaintext += decipher.final()
print plaintext
def decrypt_3des(key, text):
decryptor = Cipher(alg='des_ede3_cbc', key=key, op=0, iv='01234567')
s = decryptor.update(text)
return s + decryptor.final()
def encrypt_3des(key, text):
# encryptor = Cipher(alg='des_ede3_ecb', key=key, op=1, iv='\0'*16)
encryptor = Cipher(alg='des_ede3_cbc', key=key, op=1, iv='01234567')
s = encryptor.update(text)
return s + encryptor.final()
def m2crypto_decrypt(key, iv, data):
cipher = Cipher(alg='aes_128_cbc', key=key, iv=iv, op=DEC)
v = cipher.update(data)
v = v + cipher.final()
return v
def get_video_link_from_iframe(self, url, mainurl):
playlist_domain = 'streamblast.cc'
playlist_domain2 = 'liquinota.com'
usr_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36'
headers = {"User-Agent": usr_agent, "Referer": mainurl}
request = urllib2.Request(url, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
src_urljs = "http://" + playlist_domain2 + response.split(
'<script src="')[-1].split('"></script>')[0]
video_token = response.split("video_token: '")[-1].split("',")[0]
partner_id = response.split("partner_id: ")[-1].split(",")[0]
domain_id = response.split("domain_id: ")[-1].split(",")[0]
headers = {"User-Agent": usr_agent, "Referer": url}
request = urllib2.Request(src_urljs, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
values = {}
attrs = {}
attrs['purl'] = "/vs"
passkey = unhexlify(
'19f15a0031b8548acfa8da1f2cdf7f73179ac13f3c4938c8bad5a1c93dd8fe06')
ivkey = unhexlify('79e4add175162a762071a11fe45d249f')
msg = '{"a":%s,"b":"%s","c":true,"e":"%s","f":"%s"}' % (
partner_id, domain_id, video_token, usr_agent)
cipher = Cipher(alg='aes_256_cbc', key=passkey, iv=ivkey, op=1)
ciphertext = cipher.update(msg) + cipher.final()
values['q'] = b64encode(ciphertext)
subtitles = None
if 'subtitles: {"master_vtt":"' in response:
subtitles = response.split('subtitles: {"master_vtt":"')[-1].split(
'"')[0]
headers = {
"Host": playlist_domain2,
"Origin": "http://" + playlist_domain2,
"User-Agent": usr_agent,
"Referer":
"http://" + playlist_domain2 + "/video/" + video_token + "/iframe",
"X-Requested-With": "XMLHttpRequest"
}
request = urllib2.Request('http://' + playlist_domain2 + attrs["purl"],
urllib.urlencode(values), headers)
request.get_method = lambda: 'POST'
response = urllib2.urlopen(request).read()
data = json.loads(response.decode('unicode-escape'))
playlisturl = data['m3u8']
headers = {
"Host": playlist_domain,
"Origin": "http://" + playlist_domain2,
"User-Agent": usr_agent
}
request = urllib2.Request(playlisturl, "", headers)
request.get_method = lambda: 'GET'
response = urllib2.urlopen(request).read()
urls = re.compile("http:\/\/.*?\n").findall(response)
manifest_links = {}
for i, url in enumerate(urls):
manifest_links[QUALITY_TYPES[i]] = url.replace("\n", "")
return manifest_links, subtitles
def decrypt_3des(key, text):
decryptor = Cipher(alg='des_ede3_ecb', key=key, op=0, iv='\0'*16)
s= decryptor.update(text)
return s + decryptor.final()
def encrypt(self, plaintextData, encryptionLabel=None):
"""Given a plaintext object, encrypt it and return the ciphertext value."""
logging.debug("encrypt()")
logging.debug("plaintext:\n" + pprint.pformat(plaintextData))
crypt_key = None
hmac_key = None
if encryptionLabel == None:
logging.debug("Encrypting data record using sync key")
# Go get the keying infromation if need it
if self.privateKey == None:
self.fetchPrivateKey()
crypt_key = self.privateKey
hmac_key = self.privateHmac
else:
logging.debug("Encrypting data record using bulk key %s" %
encryptionLabel)
# Go get the keying infromation if need it
if encryptionLabel not in self.bulkKeys:
self.fetchBulkKey(encryptionLabel)
crypt_key = self.bulkKeys[encryptionLabel]
hmac_key = self.bulkKeyHmacs[encryptionLabel]
encryptedData = None
if isinstance(plaintextData, list):
# Encrypt collection
encryptedData = []
for item in plaintextData:
# Note recursive call
encryptedData.append({
u'id':
unicode(item['id']),
u'payload':
json.dumps(self.encrypt(item['payload'], encryptionLabel),
ensure_ascii=False)
})
else:
# Encrypt item
if type(plaintextData) != str and (plaintextData) != unicode:
plaintextData = json.dumps(plaintextData, ensure_ascii=False)
#logging.debug("payload: %s, crypt key: %s, crypt hmac: %s" % (plaintextData, binascii.hexlify(crypt_key), binascii.hexlify(hmac_key)))
# Encrypt object
iv = os.urandom(16)
cipher = Cipher(alg='aes_256_cbc',
key=crypt_key,
iv=iv,
op=M2Crypto_Encrypt)
encryptedData = cipher.update(plaintextData) + cipher.final()
del cipher
#format for Weave storage, i.e. base64 unicode
ciphertext = unicode(base64.b64encode(encryptedData))
ivtext = unicode(base64.b64encode(iv))
hmactext = unicode(
binascii.hexlify(
hmac.new(hmac_key,
msg=ciphertext,
digestmod=hashlib.sha256).digest()))
encryptedData = {
u'ciphertext': ciphertext,
u'IV': ivtext,
u'hmac': hmactext
}
logging.debug("Successfully encrypted v5 data record")
return encryptedData
def decrypt_3des(key, text, usebase64=False):
if usebase64:
text = base64.b64decode( text )
cipher = Cipher(alg='des_ede3_ecb', key=key, op=0, iv='\0'*16)
s = cipher.update(text)
return s + cipher.final()
def encrypt_3des(key, text):
encryptor = Cipher(alg='des_ede3_ecb', key=key, op=1, iv='\0'*16)
s = encryptor.update(text)
return s+ encryptor.final()
def decrypt(self, encryptedObject, encryptionLabel=None):
"""Given an encrypted object, decrypt it and return the plaintext value.
If necessary, will retrieve the private key and bulk encryption key
from the storage context associated with self."""
logging.debug("decrypt()")
# Coerce JSON if necessary
if type(encryptedObject) == str or type(encryptedObject) == unicode:
encryptedObject = json.loads(encryptedObject)
v = None
# An encrypted object has three relevant fields
ciphertext = base64.decodestring(encryptedObject['ciphertext'])
iv = base64.decodestring(encryptedObject['IV'])
cipher_hmac = encryptedObject['hmac'].encode('ascii')
crypt_key = None
crypt_hmac = None
if encryptionLabel == None:
logging.debug("Decrypting data record using sync key")
# Go get the keying infromation if need it
if self.privateKey == None:
self.fetchPrivateKey()
crypt_key = self.privateKey
crypt_hmac = self.privateHmac
else:
logging.debug("Decrypting data record using bulk key %s" %
encryptionLabel)
# Go get the keying infromation if need it
if encryptionLabel not in self.bulkKeys:
self.fetchBulkKey(encryptionLabel)
crypt_key = self.bulkKeys[encryptionLabel]
crypt_hmac = self.bulkKeyHmacs[encryptionLabel]
#logging.debug("payload: %s, crypt key: %s, crypt hmac: %s" % (encryptedObject, binascii.hexlify(crypt_key), binascii.hexlify(crypt_hmac)))
# HMAC verification is done against base64 encoded ciphertext
local_hmac = hmac.new(crypt_hmac,
msg=encryptedObject['ciphertext'],
digestmod=hashlib.sha256).digest()
local_hmac = binascii.hexlify(local_hmac)
if local_hmac != cipher_hmac:
raise WeaveException("HMAC verification failed!")
# In case you were wondering, this is the same as this operation at the openssl command line:
# openssl enc -d -in data -aes-256-cbc -K `cat unwrapped_symkey.16` -iv `cat iv.16`
# Do the decrypt
cipher = Cipher(alg='aes_256_cbc',
key=crypt_key,
iv=iv,
op=M2Crypto_Decrypt)
v = cipher.update(ciphertext)
v = v + cipher.final()
del cipher
logging.debug("Successfully decrypted v5 data record")
return v
