def decrypt(self, save_content=False): if self.encryption_key is None: raise LocalConfigFileError('Cannot decrypt content, missing encryption key.') if self.config.get('content') is None: raise LocalConfigFileError('Cannot decrypt content, content is empty.') if self.is_encryptable == False: raise LocalConfigFileError('Cannot decrypt, improper configuration.') if self.config.get('is_encrypted') == False: return self.config.get('content') f = Fernet(self.encryption_key) if self.config.get('is_binary') == True: decr_content = f.decrypt(self.config.get('content')) elif self.config.get('is_binary') == False: decr_content = f.decrypt(self.config.get('content').encode('utf-8')).decode('utf-8') else: raise LocalConfigFileError('Could not tell if file is binary or text. Aborting.') if save_content == True: try: self.config['content'] = decr_content self.config['content_length'] = len(decr_content) self.config['is_encrypted'] = False except: raise return decr_content
def decrypt_creds(dbname, dbuser, dbpass, dbport): """ Decrypt DB creds. Default Creds in vars.py are decrypted and returned. :return db_name, db_user, db_pass, db_port: """ if (os.path.exists(keyfile)): authkey = open(keyfile, 'rb').read() # print(authkey) else: print ("Key File '{}' does not exist".format(keyfile)) exit(1) from cryptography.fernet import Fernet f = Fernet(authkey) byte_dbname = str.encode(dbname) byte_dbuser = str.encode(dbuser) byte_dbpass = str.encode(dbpass) byte_dbport = str.encode(dbport) db_name = (f.decrypt(byte_dbname)).decode() db_user = (f.decrypt(byte_dbuser)).decode() db_pass = (f.decrypt(byte_dbpass)).decode() db_port = (f.decrypt(byte_dbport)).decode() print("DBNAME = {} DBUSER = {} DBPASS = {} DBPORT = {}" .format(db_name, db_user, db_pass, db_port)) return (db_name, db_user, db_pass, db_port)
def get_creds(dbname, dbuser, dbpass, dbport): """ Decrypt creds. Creds are provided as arguments to this routine, decrypted and returned. :param dbname: :param dbuser: :param dbpass: :param dbport: :return db_name, db_user, db_pass, db_port: """ if (os.path.exists(keyfile)): authkey = open(keyfile, 'rb').read() # print(authkey) else: print("Key File '{}' does not exist".format(keyfile)) exit(1) from cryptography.fernet import Fernet f = Fernet(authkey) byte_dbname = str.encode(dbname) byte_dbuser = str.encode(dbuser) byte_dbpass = str.encode(dbpass) byte_dbport = str.encode(dbport) db_name = (f.decrypt(byte_dbname)).decode() db_user = (f.decrypt(byte_dbuser)).decode() db_pass = (f.decrypt(byte_dbpass)).decode() db_port = (f.decrypt(byte_dbport)).decode() # print("DBNAME = {} DBUSER = {} DBPASS = {} DBPORT = {}"\ # .format(db_name, db_user, db_pass, db_port)) return (db_name, db_user, db_pass, db_port)
def decrypt(ciphertext, key): f = Fernet(key) try: txt = f.decrypt(ciphertext).decode() except: txt = f.decrypt(bytes(ciphertext, 'utf-8')).decode() return txt
def test_generate_key(self): stdout = io.StringIO() try: keygen.main(stdout=stdout, argv=[]) except SystemExit as exc: self.assertEqual(exc.code, 0) key = stdout.getvalue() f = Fernet(key) # Make sure this doesn't raise an error about a bad key. f.decrypt(f.encrypt('whatever'.encode('utf-8')))
def decrypt(data, hello_token, salt, password): kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000, backend=backend) key = base64.urlsafe_b64encode(kdf.derive(password)) f = Fernet(key) hello = f.decrypt(hello_token) if hello != b"hello": raise Exception("incorrect password") ddata = f.decrypt(data) return ddata
def test_no_hkdf(self): """Can supply use_hkdf=False to avoid HKDF.""" k1 = Fernet.generate_key() f = fields.EncryptedTextField(key=k1, use_hkdf=False) fernet = Fernet(k1) assert fernet.decrypt(f.fernet.encrypt(b'foo')) == b'foo'
def decrypt(token, secret): """ Secret key must be 32 url-safe base64-encoded bytes or string. Returned value is a string. """ try: f = Fernet(secret) except ValueError: return None try: message = f.decrypt(token) except TypeError: message = f.decrypt(token.encode("utf-8")) return message.decode("utf-8")
def backfill_plaintext_hashes(apps, schema_editor): SecretRevision = apps.get_model('secrets', 'SecretRevision') f = Fernet(settings.TEAMVAULT_SECRET_KEY) for srev in SecretRevision.objects.all(): plaintext_data = f.decrypt(srev.encrypted_data.tobytes()) srev.plaintext_data_sha256 = sha256(plaintext_data).hexdigest() srev.save()
def sso_lander_view(group): """ Log a user into the system using a signed and encrypted get argument "token". Here a ttl of 60 seconds is life. See https://cryptography.io/en/latest/fernet/#cryptography.fernet.Fernet.decrypt. """ secret = redis_cli.get('secret:{}'.format(group)) if not secret: return 'group not found', 404 fernet = Fernet(secret) token = request.args.get('token', '').encode('utf8') try: data = fernet.decrypt(token, ttl=60) except InvalidToken: return '403: Invalid Token', 403 try: data = json.loads(data.decode('utf8')) except JSONDecodeError: return '400: problem parsing json', 400 data['referrer'] = request.referrer session.update( profile=data, group=group, ) group_key = 'info:{}'.format(group) redis_cli.lpush(group_key, '{nm} ({rt}) logged in at {dt:%Y-%m-%d %H:%M:%S}'.format(dt=datetime.now(), **data)) return redirect('/')
def FDStart(): camtab = SVSIpCamReg.query.filter_by(u_id = current_user.id).first() dkey = camtab.key bdkey=bytes(dkey) f = Fernet(bdkey) bcamurl = bytes(camtab.camurl_hash) camurl =f.decrypt(bcamurl) url=str(camurl) if camtab.FDstore == 1: cam = Cam(url) #cam.start() cam.run() emid = SVSuserReg.query.filter_by(emid=current_user.emid).first() camid = SVSIpCamReg.query.filter_by(u_id = current_user.id).first() camfaces = SVSFaceTab.query.filter_by(cam_id = camid.u_id , u_id = emid.id ).all() '''for rec in camfaces: camfacesimag=rec.Face_image #response = make_response(camfacesimag) #response.headers["Content-type"] = "image/jpeg" #response.headers['Content-Disposition'] = 'attachment; filename=img.jpg' #rec.Face_imagenew = response rec.Face_imagenew = send_file(io.BytesIO(camfacesimag),attachment_filename='logo.png',mimetype='image/png') return render_template('FaceDetect/FaceShow.html',allface = camfaces)''' else: print("I am in else none")
class FernetEngine(EncryptionDecryptionBaseEngine): """Provide Fernet encryption and decryption methods.""" def __init__(self, key): super(FernetEngine, self).__init__(key) self._initialize_engine(self._engine_key) def _update_key(self, new_key): parent = EncryptionDecryptionBaseEngine(new_key) self._initialize_engine(parent._engine_key) def _initialize_engine(self, parent_class_key): self.secret_key = base64.urlsafe_b64encode(parent_class_key) self.fernet = Fernet(self.secret_key) def encrypt(self, value): if not isinstance(value, six.string_types): value = repr(value) if isinstance(value, six.text_type): value = str(value) value = six.b(value) encrypted = self.fernet.encrypt(value) return encrypted def decrypt(self, value): if isinstance(value, six.text_type): value = str(value) decrypted = self.fernet.decrypt(value) if not isinstance(decrypted, six.string_types): decrypted = decrypted.decode('utf-8') return decrypted
def _bootstrap(secrets): """ Decrypt secrets and return a dict of secrets. """ if not secrets: logging.info('SECRETS_BOOTSTRAP not set, skipping bootstrapping.') return {} if secrets.startswith('file://'): try: with open(secrets[7:], 'r') as f: _secrets = json.load(f) except IOError: logging.error( 'Failed to load file specified in SECRETS_BOOTSTRAP.' ) return {} else: _secrets = json.loads(secrets) key = cryptolib.decrypt_datakey( base64.b64decode(_secrets['data_key']), {'type': 'bootstrap'} ) f = Fernet(key) decrypted_secrets = yaml.safe_load( f.decrypt(_secrets['secrets'].encode('utf-8')) ) logging.info('Loaded SECRETS_BOOTSTRAP.') return decrypted_secrets
def decrypt_file(file, key): """ Decrypts the file ``file``. The encrypted file is assumed to end with the ``.enc`` extension. The decrypted file is saved to the same location without the ``.enc`` extension. The permissions on the decrypted file are automatically set to 0o600. See also :func:`doctr.local.encrypt_file`. """ if not file.endswith('.enc'): raise ValueError("%s does not end with .enc" % file) fer = Fernet(key) with open(file, 'rb') as f: decrypted_file = fer.decrypt(f.read()) with open(file[:-4], 'wb') as f: f.write(decrypted_file) os.chmod(file[:-4], 0o600)
def main(): parser = argparse.ArgumentParser(description='password generator') parser.add_argument('-s', action='store_true', dest='print_short', help='generate short password') parser.add_argument('site_name', type=str, help='site name') args = parser.parse_args(sys.argv[1:]) hashed_pw = bcrypt.hashpw(passwd, default_salt) key = base64.urlsafe_b64encode(hashed_pw[-31:] + b'x') f = Fernet(key) try: salt = f.decrypt(encrypted_salt) except cryptography.fernet.InvalidToken: sys.exit('wrong password') m = hashlib.new('ripemd160') m.update(salt + args.site_name.encode('utf-8')) long_pw = base64.b64encode(m.digest(), altchars=b'9K').decode('ascii') if args.print_short: final_pw = long_pw[:15] else: final_pw = long_pw if platform.system() == 'Darwin': cmd = ['cliclick', 't:' + final_pw] subprocess.check_call(cmd) else: subprocess.check_call(['xdotool', 'type', final_pw], env={'DISPLAY': ':0', 'XAUTHORITY': '~/.Xauthority'})
def encrypt(password, plaintext): if db: print(lineno(), 'salt =', salt, 'type(salt) =', type(salt), 'len(salt) =', len(salt)) salt_list = list(salt) if db: print(lineno(), 'salt_list =', salt_list, 'len(salt_list) =', len(salt_list)) """Key derivation function. The iteration count used should be adjusted to be as high as your server can tolerate. A good default is at least 100,000 iterations which is what Django recommends in 2014.""" kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000, backend=default_backend() ) # convert password to bytes bytestring_password = bytes(password, 'utf-8') # convert plaintext to bytes plaintext_bytes = bytes(plaintext, 'utf-8') key = base64.urlsafe_b64encode(kdf.derive(bytestring_password)) f = Fernet(key) token = f.encrypt(plaintext_bytes) if db: print(lineno(), 'token = ', token) if db: print(lineno(), 'f.decrypt(token)=', f.decrypt(token)) return token # ciphertext
def get_data(self, user): if not self.current_revision: raise Http404 if not self.is_readable_by_user(user): log( _("{user} tried to access '{name}' without permission").format(name=self.name, user=user.username), actor=user, level="warn", secret=self, ) raise PermissionError( _("{user} not allowed access to '{name}' ({id})").format(id=self.id, name=self.name, user=user.username) ) f = Fernet(settings.TEAMVAULT_SECRET_KEY) log( _("{user} read '{name}'").format(name=self.name, user=user.username), actor=user, level="info", secret=self, secret_revision=self.current_revision, ) self.current_revision.accessed_by.add(user) self.current_revision.save() self.last_read = now() self.save() plaintext_data = f.decrypt(self.current_revision.encrypted_data.tobytes()) if self.content_type != Secret.CONTENT_FILE: plaintext_data = plaintext_data.decode("utf-8") return plaintext_data
def decode_token(token, secret_key, salt, max_age_in_seconds=ONE_DAY_IN_SECONDS): fernet = Fernet(to_bytes(secret_key)) cleartext = fernet.decrypt(token, ttl=max_age_in_seconds) token_salt, json_data = cleartext.split(b'\0', 1) if token_salt != to_bytes(salt): raise InvalidToken('bad token') return json.loads(json_data.decode('utf-8'))
def addcrypted2(): package = flask.request.form.get( "package", flask.request.form.get("source", flask.request.form.get("referer")) ) crypted = flask.request.form["crypted"] jk = flask.request.form["jk"] crypted = standard_b64decode(unquote(crypted.replace(" ", "+"))) jk = js2py.eval_js(f"{jk} f()") try: key = bytes.fromhex(jk) except Exception: return "Could not decrypt key", 500 obj = Fernet(key) urls = obj.decrypt(crypted).replace("\x00", "").replace("\r", "").split("\n") urls = [url for url in urls if url.strip()] api = flask.current_app.config["PYLOAD_API"] try: if package: api.add_package(package, urls, 0) else: api.generate_and_add_packages(urls, 0) except Exception: return "failed can't add", 500 else: return "success\r\n"
def get_viewcams(): page = request.args.get('page', 1, type=int) email = SVSuserReg.query.filter_by(emid=g.current_user.emid).first() pagination = SVSIpCamReg.query.filter_by( u_id = email.id ).order_by(SVSIpCamReg.camregdate.desc()).paginate(page, per_page=current_app.config['SVS_PAGE_PHOTO'],error_out=False) regcams = pagination.items for cams in regcams: camkey = cams.key bcamskey = bytes(camkey) camurlhash = cams.camurl_hash bcamurlhash = bytes(camurlhash) f = Fernet(bcamskey) finalurl = f.decrypt(bcamurlhash) cams.camurl_hash = finalurl prev = None if pagination.has_prev: prev = url_for('api_5.get_viewcams', page=page-1, _external=True) next = None if pagination.has_next: next = url_for('api_5.get_viewcams', page=page+1, _external=True) return jsonify({ 'posts': [post.to_json() for post in regcams], 'prev': prev, 'next': next, 'count': pagination.total })
def encrypted_read(file, key): """ Read an encrypted file. Parameters ---------- file : str key : str Returns ------- d : bytes The decrypted data. """ logging.info("opening encrypted file `{}`".format(file)) with open(file, 'rb') as openf: data = openf.read() f = Fernet(key) # return io.BytesIO(f.decrypt(data)) # return f.decrypt(data) logging.debug("decrypting...") try: d = f.decrypt(data) logging.debug("decryption complete") except InvalidToken: logging.exception("Key Mismatch with file! Unable to decrypt!") raise return d
def test_formatter(self): for prefix in ['±±±', 'abc']: with LogCapture() as lc: data = '{}{}'.format(prefix, uuid4().hex) key = genkey() fernet = Fernet(key) level = logging.INFO format = '%(levelname)s - %(message)s' formatter = EncryptedLogFormatter(key, format) handler = logging.StreamHandler() handler.setFormatter(formatter) logger = logging.getLogger('') logger.addHandler(handler) logger.setLevel(level) logger.info(data) encrypted = list(lc.records)[0].msg encrypted = encrypted.split(log_prefix)[1] decrypted = fernet.decrypt(encrypted.encode('utf8')).decode('utf8') self.assertEquals(data, decrypted)
def unlock(path=None): """ Decrypts all of the files in a given directory with provided password. This is most commonly used during the startup sequence of Lemur allowing it to go from source code to something that can communicate with external services. Path defaults ~/.lemur/keys :param: path """ key = prompt_pass("[!] Please enter the encryption password") if not path: path = os.path.expanduser('~/.lemur/keys') dest_dir = os.path.join(path, "decrypted") source_dir = os.path.join(path, "encrypted") if not os.path.exists(dest_dir): sys.stdout.write("[+] Creating decryption directory: {0}\n".format(dest_dir)) os.makedirs(dest_dir) for root, dirs, files in os.walk(source_dir): for f in files: source = os.path.join(source_dir, f) dest = os.path.join(dest_dir, ".".join(f.split(".")[:-1])) with open(source, 'rb') as in_file, open(dest, 'wb') as out_file: f = Fernet(key) data = f.decrypt(in_file.read()) out_file.write(data) sys.stdout.write("[+] Writing file: {0} Source: {1}\n".format(dest, source)) sys.stdout.write("[+] Keys have been unencrypted!\n")
def test_verify(self, secret, now, src, ttl_sec, token, backend, monkeypatch): f = Fernet(secret.encode("ascii"), backend=backend) current_time = calendar.timegm(iso8601.parse_date(now).utctimetuple()) monkeypatch.setattr(time, "time", lambda: current_time) payload = f.decrypt(token.encode("ascii"), ttl=ttl_sec) assert payload == src.encode("ascii")
def decrypt(self, password): """ Return the plain text token after decrypting it using the password. """ fernet = Fernet(crypto.derive_fernet_key(password, self.salt)) return encoding.force_str( fernet.decrypt(encoding.force_bytes(self.encrypted)))
def decrypt(data, symmetric_key=None, private_key=None): """ Decrypts data with symmetric key or public key. """ if symmetric_key: try: fernet = Fernet(symmetric_key) return fernet.decrypt(data) except InvalidToken: raise errors.AuthenticationError( message=_('Invalid credentials')) elif private_key: try: private_key_obj = load_pem_private_key( data=private_key, password=None, backend=default_backend() ) return private_key_obj.decrypt( data, padding.OAEP( mgf=padding.MGF1(algorithm=hashes.SHA1()), algorithm=hashes.SHA1(), label=None ) ) except ValueError: raise errors.AuthenticationError( message=_('Invalid credentials'))
def sql_call(): print("Connecting to Database and Running Query") host = "emaildata.cqlai0yteoyb.us-east-1.redshift.amazonaws.com" port = 5439 database = "eds" user = "******" f = open('eds_key.txt', r) key = f.read() f.close() f = open('eds_password.txt', r) cipher_text = f.read() f.close() cipher_suite = Fernet(key) password = cipher_suite.decrypt(cipher_text) conn = psychopg2.connect(database=database, user=user, host=host, port=port, password=password, sslmode='allow') cur = con.cursor(name = "conquer") query = "SELECT * FROM email WHERE from_domain = 'googlemail.com' AND message_time >= CURRENT_DATE -10 LIMIT 3" print(query) cur.execute(query) resultsTable = cur.fetchmany(10) for row in resultsTable: print(row) conn.close()
def get_oracle_password(): """ Return my oracle password Uses cryptography.fernet to unencrypt password. """ key = get_key() # read password try: f2 = open(password_dir+password_file, 'rb') except IOError as e: if e.strerror == 'No such file or directory': print("Could not find password file") sys.exit() else: raise e token=f2.read() f2.close() # decript password f = Fernet(key) password = f.decrypt(token).decode('utf-8') return password
def getReaction(rid): ''' Lookup a reaction via either rethinkdb or redis ''' # Pull from redis first cache = lookupRedis("reaction", rid) # Resolve issues form race condition during editing of reactions if "lastrun" in cache: if cache['lastrun'] is None or cache['lastrun'] is "None": # Reset lastrun to 0 if it is not present or set to None cache['lastrun'] = 0 else: cache['lastrun'] = 0 # Pull from RethinkDB second try: results = r.table('reactions').get(rid).run(rdb_server) if results['lastrun'] is None: results['lastrun'] = 0 results['cacheonly'] = False if int(cache['trigger']) > results['trigger']: results['trigger'] = int(cache['trigger']) if float(cache['lastrun']) > float(results['lastrun']): results['lastrun'] = float(cache['lastrun']) if "encrypted" in results: if results['encrypted'] is True: crypto = Fernet(config['crypto_key']) results['data'] = json.loads(crypto.decrypt(bytes(results['data']))) except (RqlDriverError, RqlRuntimeError, socket.error) as e: results = cache results['cacheonly'] = True logger.critical("RethinkDB is unaccessible, reaction %s was pulled from cache" % rid) logger.critical("RethinkDB Error: %s" % e.message) return results
def editcams(id): camedit = SVSIpCamReg.query.get_or_404(id) form = Camedit() if form.validate_on_submit(): camedit.sitename = form.sitename.data fkey = Fernet.generate_key() f = Fernet(fkey) ecamurl = f.encrypt(bytes(form.camurl.data)) camedit.key = fkey camedit.camurl_hash = ecamurl camedit.sview = form.sitevis.data camedit.FDstore = form.FDStore.data db.session.add(camedit) flash("Your Camera has been updated") return redirect(url_for(".listallcams")) form.sitename.data = camedit.sitename dkey = camedit.key bdkey = bytes(dkey) f = Fernet(bdkey) bcamurl = bytes(camedit.camurl_hash) camurl = f.decrypt(bcamurl) form.camurl.data = camurl form.sitevis.data = camedit.sview form.FDStore.data = str(camedit.FDstore) return render_template("cam/editcam.html", form=form)
def decryptGoods(message, key): fernet_key = Fernet(key.encode()) return str(fernet_key.decrypt(message[2:-1].encode()))[2:-1]
def main(): if len(sys.argv) != 3: sys.exit("Usage: otexta \"Question\" \"ip_address_server\"") question = sys.argv[1] print("Question Asked: ", question) host = sys.argv[2] # Should port be a command line argument? port = 5000 print("Server IP Address: ", host) size = 1024 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: s.connect((host, port)) except ConnectionRefusedError: sys.exit('Error: Invalid IP Address or Port. ') fernet_key = Fernet.generate_key() print("Encryption Key: ", fernet_key) f = Fernet(fernet_key) encrypted_question = f.encrypt(str(question).encode('utf-8')) print("Encrypted Question: ", encrypted_question) # compute MD5 Hash (Checksum) questionchecksum = checksum(encrypted_question) print("MD5 Hash: ", questionchecksum) # Create a question payload questionpayload = (fernet_key, encrypted_question, questionchecksum, host) print("Question Payload: ", questionpayload) # Pickle the tuple to a string questionpayloadstring = pickle.dumps(questionpayload) print("Question Payload String: ", questionpayloadstring) # Send the question s.send(questionpayloadstring) # Wait for a Response data = s.recv(size) if data: response = pickle.loads(data) if len(response) != 2: print('Invalid response payload.') s.close() print("Response: ", response) computed_response_checksum = checksum(response[0]) print("Computed Checksum: ", computed_response_checksum) decrypted_response = f.decrypt(response[0]) print("Decrypted response: ", decrypted_response) # Compare computed MD5 Hash with received hash if computed_response_checksum != response[1]: print('Invalid response checksum.') s.close() print("Response payload checksum OK.\n") response_text = decrypted_response print('Result: ', response_text) s.close()
def userConnection(self): global Users try: while True: with socket.socket( socket.AF_INET, socket.SOCK_STREAM ) as s: # Run socket to receive messages from user on their ports s.bind((HOST, self.RequestPORT)) s.listen(1) conn, addr = s.accept() with conn: data = conn.recv(2048) text = str(data.decode( "utf-8")) # decode received from bytes to string f = Fernet(base64.urlsafe_b64encode(self.derived_key) ) # decrypt message using the user's key text = f.decrypt(data).decode("utf-8") if "Authenticate" in text: #User wants to authenticate. Let's see if they are legit result, self.user = checkUser(self) if (result): self.authenticated = True if self.user not in Users: Users.append( self.user ) # If this isn't a duplicate, add them to the users list if "Send USB" in text and self.authenticated: # User needs to verify their device serial number SNs = receiveAndDecrypt(HOST, self.ClientToServerPORT, self.derived_key) self.verifiedUSB = checkSNMatch(self, SNs, adminKey) if (self.verifiedUSB): self.files, self.keys = readFileDB( self.user + 'files.txt', self.user + 'keys.txt.enc', adminKey) # Send number of files this user manages and then each file name sendEncryptedData(str(len(self.files)), HOST, self.ServerToClientPORT, self.derived_key) for i in self.files: sendEncryptedData(str(i), HOST, self.ServerToClientPORT, self.derived_key) if "Decrypt Request" in text and self.authenticated: # User wants to decrypt some files if (self.verifiedUSB): self.files, self.keys = readFileDB( self.user + 'files.txt', self.user + 'keys.txt.enc', adminKey) receiveDecryptionRequest(self, HOST) else: print( "User not authenticated but they tried to decrypt files" ) if "Remove Files" in text and self.authenticated: # User wants to remove some files from being tracked numFiles = int( receiveAndDecrypt( HOST, self.ClientToServerPORT, self.derived_key).decode("utf-8")) for i in range(numFiles): file = receiveAndDecrypt( HOST, self.ClientToServerPORT, self.derived_key).decode("utf-8") if file in self.files: idx = self.files.index(file) del self.files[idx] del self.keys[idx] updateFileDB(self.files, self.keys, self.user, adminKey) else: print("File not found: ", file) if "Encrypt" in text and self.authenticated: # User wants to encrypt some files if (self.verifiedUSB): # print("Received Encryption Message") newFiles, newKeys = receiveEncryptionRequest( HOST, self.ClientToServerPORT, self.ServerToClientPORT, self.derived_key) for i in range(len(newFiles)): try: idx = self.files.index(newFiles[i]) self.keys[idx] = newKeys[i] except ValueError: self.files.append(newFiles[i]) self.keys.append(newKeys[i]) updateFileDB(self.files, self.keys, self.user, adminKey) else: print( "User not authenticated but they tried to encrypt files" ) if "changePW" in text and self.authenticated: #User wants to change their password. This is handled in the GUI thread so add messages to queues toGUIQueue.put("changePW") toGUIQueue.put(self.user) toGUIQueue.put(self) except KeyboardInterrupt: return
def get(self, identity): root = current_app.config['PROJECT_ROOT'] key_path = f'{root}/secret.key' with open(key_path, 'rb') as key_file: key = key_file.read() f = Fernet(key) data = json.loads(get_jwt_identity()) uid = data['uid'] domain = data['domain'] username = f'{uid}@{domain}' password = f.decrypt(data['password'].encode()).decode('utf-8') try: imap = imaplib.IMAP4_SSL(host, port) except gaierror: abort(404, message=f'Host {host} not found!') try: resp, data = imap.login(username, password) except imaplib.IMAP4.error: abort(403, message='Login failed!') mails = [] if resp == 'OK': resp, messages = imap.select(identity) if resp == 'OK': message_number = int(messages[0]) minimum = max(message_number - 10, 0) for index in range(message_number, minimum, -1): resp, data = imap.fetch(str(index), '(RFC822)') for response in data: if isinstance(response, tuple): message = email.message_from_bytes(response[1]) subject = decode_header(message['Subject'])[0][0] fromAddr = decode_header(message['From'])[0][0] rawto = message['To'] or '' to = decode_header(rawto)[0][0] if isinstance(subject, bytes): subject = subject.decode() mail = { 'subject': subject, 'fromAddr': fromAddr, 'to': to, } if message.is_multipart(): mail['message'] = '' for part in message.walk(): content_type = part.get_content_type() content_disposition = str( part.get('Content-Disposition')) try: body = part.get_payload( decode=True).decode() except: pass if content_type == 'text/plain': if 'attachment' not in content_disposition: mail['message'] += body else: content_type = message.get_content_type() payload = message.get_payload(decode=True) body = payload.decode('utf-8', 'ignore') mail['message'] = body mails.append(mail) return { 'mails': mails, 'name': identity, }
def decrypt(message): encoded = message.encode() f = Fernet(key) decrypted = f.decrypt(encoded) return decrypted.decode()
# Fichier de test pour chiffré et déchiffré from cryptography.fernet import Fernet print("Quelle est votre message ?") i = input() key = Fernet.generate_key() f = Fernet(key) final_key = key.decode() j = i.encode() token = f.encrypt(bytes(j)) print("Message chiffré : ", token) print("Message déchiffré : ", f.decrypt(token)) print("La clé ressemble à : ", final_key)
from cryptography.fernet import Fernet key = "m8WrcrKNKa81MAz0XpPukZzK4Aawm18QTPT6XLYGlMs=" Encrypt = "gAAAAABfxmSz0bC7OG6jP3zBCzgnP6ypK_z1VbUj3hs9dQBvLHrkI3Lh_iLfUINli8evK8cJOXJf5MeX8R_AXdohY5ht_gNWZQ==" f = Fernet(key) Decrypt = f.decrypt(Encrypt) print(Decrypt)
response = [] for i in range(6): response.append(key_kds.decrypt(enc_response[i])) if (i < 3): response[i] = response[i].decode() if nonce == int(response[0]): session_key = Fernet(response[1]) keys[file_name] = session_key file_location = (ip, int(response[2])) message_to_file = pickle.dumps([response[3], response[4], response[5]]) client.sendto(message_to_file, file_location) file_reply = client.recvfrom(4096) file_reply = file_reply[0] dec_nonce = session_key.decrypt(file_reply) dec_nonce = dec_nonce.decode() dec_nonce = int(dec_nonce) - 1 enc_nonce = session_key.encrypt(str(dec_nonce).encode()) client.sendto(enc_nonce, file_location) verified = client.recvfrom(4096) verified = verified[0].decode() want_continue = 'y' actions = ["pwd", "ls", "cp", "cat", "add"] if (verified == '1'): print(file_name + " has verified you") print("You can perform these actions :") print("\tpwd - List present working directory of a file") print("\tls - list the contents of a file server") print("\tcp - copy one file from one server to the other ") print("\tcat - display contents of a file (read file)")
def _decrypt_text(self, cipher_text): cipher_suite = Fernet(self.encrypt_key) plain_text = cipher_suite.decrypt(cipher_text) return plain_text
try: encrypted = f.encrypt(message) print("Proccessing", end="") wait() print(termcolor.colored("Encryption Successfull!", "green")) print(termcolor.colored("Your Encrypted code ", "yellow"), termcolor.colored("{", "cyan"), encrypted.decode(), termcolor.colored("}", "cyan")) line() except InvalidToken as e: print(termcolor.colored("invalid key- Encryption Unsuccessfull", "red")) line() elif choice == 2: file = open('key.key', 'rb') key = file.read() file.close() message1 = input("your code: ").encode() message2 = bytes(message1) f = Fernet(key) try: decrypted = f.decrypt(message2) print("Proccessing", end="") wait() print(termcolor.colored("Decryption Successfull!", "green")) print(termcolor.colored("Your Decrypted code ", "yellow"), termcolor.colored("{", "cyan"), decrypted.decode(), termcolor.colored("}", "cyan")) line() except InvalidToken as e: print(termcolor.colored("invalid key- Decryption Unsuccessfull!", "red")) line() continue