def token_seachange(path, argument, ip): passed = False uri = path # Just for warnings in the exception handler # Rebuild query string in correct order... # NOTE: Use more local variables for debugging purposes. try: # Check for address if config.seachange["ip_restrict"] and argument["a"] != ip: return False # Check for expired date - SeaChange uses UTC if config.seachange["expire_date_restrict"]: if config.token_types["seachange"] == "SHA1": expire_date = calendar.timegm(argument["e"]) else: end = str(argument["e"]) year = end[:4] month = end[4:2] day = end[6:2] hour = end[8:2] minute = end[10:2] second = end[12:] expire_date = datetime.datetime(year, month, day, hour, minute, second) if datetime.datetime.utcnow() > expire_date: return False uri = str("%s?i=%s&k=%s&e=%s&a=%s" % (path, argument["i"], argument["k"], argument["e"], argument["a"])).lower() # byte_string = uri.encode('utf-8') # byte_string = bytearray(uri, 'utf-8') key = config.keys_seachange[argument["k"]] if config.token_types["seachange"] == "MD5": token = hmac(key.decode("hex"), uri, md5) else: token = hmac(key.decode("hex"), uri, sha1) hex_value = token.hexdigest() if hex_value == argument["h"]: passed = True if config.logging: if passed: return_code = config.http_response_codes["found"] msg = "%s = %s" % (hex_value, argument["h"]) else: return_code = config.http_response_codes["forbidden"] msg = "%s != %s" % (hex_value, argument["h"]) log('%s - - "TOKEN(SC) %s" %s %s "%s" "%s" "-"' % (ip, uri, return_code, 0, msg, argument)) except BaseException, e: log( '%s - - "GET %s" %s %s "%s" "%s" "-"' % (ip, uri, config.http_response_codes["forbidden"], 0, e, argument), level="WARNING", log_type="ERROR", )
def create_token(access_key, secret_key): t = str(time.time()) if sys.version > "3": token = base64.encodebytes(hmac( bytearray("%s,%s,%s" % (access_key, t, secret_key), "utf-8"), digestmod=sha1).digest())[:-1] else: token = base64.encodestring(hmac("%s,%s,%s" % (access_key, t, secret_key), digestmod=sha1).digest())[:-1] return t, token
def serialize(self, expires=None): """Serialize the secure cookie into a string. If expires is provided, the session will be automatically invalidated after expiration when you unseralize it. This provides better protection against session cookie theft. :param expires: an optional expiration date for the cookie (a :class:`datetime.datetime` object) """ if self.secret_key is None: raise RuntimeError('no secret key defined') if expires: self['_expires'] = _date_to_unix(expires) result = [] mac = hmac(self.secret_key, None, self.hash_method) for key, value in sorted(self.items()): result.append('%s=%s' % ( url_quote_plus(key), self.quote(value) )) mac.update('|' + result[-1]) return '%s?%s' % ( mac.digest().encode('base64').strip(), '&'.join(result) )
def __init__ (self, confFile): setCatch(5) confFile = path.expanduser(confFile) self.file = confFile with open(confFile) as handle: self.options = load(handle) if not 'secret' in self.options: raise Exception if 'ratelimit' in self.options: self.options['ratelimit'].setdefault('limit', 3) self.options['ratelimit'].setdefault('window', 0) self.options['ratelimit'].setdefault('counter', 0) self.options.setdefault('window', 1) self.options.setdefault('timer', 30) self.time = int(time() /30) Secret = b32decode(self.options['secret'].encode('ascii')) Drift = int(self.options['window']) self.keys = [] for SkewedTime in range(self.time-Drift,self.time+Drift+1): ByteTime = pack(">q", SkewedTime) Hash = hmac(Secret, ByteTime, sha1).digest() Offset = Hash[-1] & 0x0F ShortHash = Hash[Offset:Offset+4] Code = unpack('>L', ShortHash)[0] Code &= 0x7FFFFFFF Code %= 1000000 Code = "%06d" % Code self.keys.append(Code)
def _check_request(request_url, method = 'GET'): try: if isinstance(request_url, unicode): request_url = request_url.encode('utf8') p = urlparse.urlparse(request_url) url = p.scheme + '://' + p.netloc + p.path params = {key: value[0] for key, value in urlparse.parse_qs(p.query).items()} signature = params['oauth_signature'] del params['oauth_signature'] user_name = params['token'] secret = userinfo.user_info(user_name)['password'] customer_secret = 'lava_potion' # Join all of the params together. params_str = "&".join(["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. message = "&".join([encode(method), encode(url), encode(params_str)]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (secret, '') # Note compulsory "&". key = key.encode('utf-8') if signature == hmac(key, message, sha1).digest().encode("base64").strip(): return True else: return False except: return False
def get_signed_body(self, __url, __token=None, __meth="GET", **extra_params): service_info = self.service_info kwargs = { "oauth_consumer_key": service_info["consumer_key"], "oauth_signature_method": "HMAC-SHA1", "oauth_version": "1.0", "oauth_timestamp": int(time()), "oauth_nonce": getrandbits(64), } kwargs.update(extra_params) if self.service_key is None: self.service_key = get_service_key(self.service) if __token is not None: kwargs["oauth_token"] = __token.oauth_token key = self.service_key + encode(__token.oauth_token_secret) else: key = self.service_key message = "&".join( map( encode, [__meth.upper(), __url, "&".join("%s=%s" % (encode(k), encode(kwargs[k])) for k in sorted(kwargs))], ) ) kwargs["oauth_signature"] = hmac(key, message, sha1).digest().encode("base64")[:-1] return urlencode(dict([k, v.encode("utf-8") if isinstance(v, unicode) else v] for k, v in kwargs.items()))
def _form_signed_params(self, method, url, token='', secret='', additional_params={}): ''' Form Signed Params ''' # Add OAuth parameters. params = { 'oauth_consumer_key': self.consumer_key, 'oauth_signature_method': 'HMAC-SHA1', 'oauth_timestamp': str(int(time.time())), 'oauth_nonce': str(random.getrandbits(64)), 'oauth_version': '1.0' } params.update(additional_params) if token: params['oauth_token'] = token else: params['oauth_callback'] = self.callback_url # Create a message of the params. params_string = self._normalize_parameters(params) message = ('&'.join([ self._quote(method), self._quote(url), self._quote(params_string) ])).encode('utf-8') # Create a HMAC-SHA1 signature of the message. key = ('%s&%s' % (self.consumer_secret, secret)).encode('utf-8') signature = hmac(key, message, hashlib.sha1) params['oauth_signature'] = b64encode(signature.digest()).strip() return params
def serialize(self, expires=None): """Serialize the secure cookie into a string. If expires is provided, the session will be automatically invalidated after expiration when you unseralize it. This provides better protection against session cookie theft. """ if self.secret_key is None: raise RuntimeError('no secret key defined') if expires: if isinstance(expires, datetime): expires = expires.utctimetuple() elif isinstance(expires, (int, long, float)): expires = gmtime(expires) self['_expires'] = int(mktime(expires)) result = [] mac = hmac(self.secret_key, None, self.hash_method) for key, value in self.iteritems(): result.append('%s=%s' % ( url_quote_plus(key), pickle_quote(value) )) mac.update('|' + result[-1]) return '%s?%s' % ( mac.digest().encode('base64').strip(), '&'.join(result) )
def _token(self, plate): """Generates SHA1 token as HEX based on specified and secret key.""" plate_and_secret = '%s%s' % (plate, SECRET) plate_and_secret = bytes(plate_and_secret.encode('utf-8')) plate = plate.encode('utf-8') hmac_key = hmac(plate_and_secret, plate, sha1) return hmac_key.hexdigest()
def get_signed_body(self, __url, __token=None, __meth='GET',**extra_params): service_info = self.service_info kwargs = { 'oauth_consumer_key': service_info['consumer_key'], 'oauth_signature_method': 'HMAC-SHA1', 'oauth_version': '1.0', 'oauth_timestamp': int(time()), 'oauth_nonce': getrandbits(64), } kwargs.update(extra_params) if self.service_key is None: self.service_key = get_service_key(self.service) if __token is not None: kwargs['oauth_token'] = __token.oauth_token key = self.service_key + encode(__token.oauth_token_secret) else: key = self.service_key message = '&'.join(map(encode, [ __meth.upper(), __url, '&'.join( '%s=%s' % (encode(k), encode(kwargs[k])) for k in sorted(kwargs) ) ])) kwargs['oauth_signature'] = hmac( key, message, sha1 ).digest().encode('base64')[:-1] return urlencode(kwargs)
def __init__(self, confFile): setCatch(5) confFile = path.expanduser(confFile) self.file = confFile with open(confFile) as handle: self.options = load(handle) if not "secret" in self.options: raise Exception if "ratelimit" in self.options: self.options["ratelimit"].setdefault("limit", 3) self.options["ratelimit"].setdefault("window", 0) self.options["ratelimit"].setdefault("counter", 0) self.options.setdefault("window", 1) self.options.setdefault("timer", 30) self.time = int(time() / 30) Secret = b32decode(self.options["secret"].encode("ascii")) Drift = int(self.options["window"]) self.keys = [] for SkewedTime in range(self.time - Drift, self.time + Drift + 1): ByteTime = pack(">q", SkewedTime) Hash = hmac(Secret, ByteTime, sha1).digest() Offset = Hash[-1] & 0x0F ShortHash = Hash[Offset : Offset + 4] Code = unpack(">L", ShortHash)[0] Code &= 0x7FFFFFFF Code %= 1000000 Code = "{0:06d}".format(Code) self.keys.append(Code)
def send_beaker_encrypt(validate_key, add, payload, encrypt_key): from beaker import crypto #yes we need it, will port it when we have time nonce = '12345678' #anything 8 bytes encrypt_key = crypto.generateCryptoKeys(encrypt_key, validate_key + nonce, 1) data = nonce + b64(crypto.aesEncrypt(payload, encrypt_key)) mac = hmac(validate_key, data.encode('UTF-8'), hashlib.sha1).hexdigest() s = mac + data print requests.get(add, cookies={'beaker.session.id':s})
def get_xsrf_token(self): """ Return an opaque cross-site request forgery (XSRF) token for use in forms. """ now = str(time()) digest = hmac(self.secret_key, now, sha256).hexdigest() return now + ":" + digest
def create_aes(self, self_key): if isinstance(self_key, unicode): self_key = self_key.encode('ascii') if isinstance(self.username, unicode): self.username = self.username.encode('ascii') data = hmac( self.username, self_key, sha512 ).digest() return AES.new(data[:32], AES.MODE_CBC,data[32:32])
def hello(): key = 'Valar Morghulis' file_name = request.args.get('file') sig = request.args.get('signature') if bad_compare(hmac.hmac(key, file_name), sig): return 'true' else: return 'false'
def getAccountString(self): methodstr = "method=getForwardsAccountInfo¶ms=" tonce = '%d'%(time.time() * 1000000) params = "tonce=" + tonce + "&accesskey=" + self.accesskey + "&requestmethod=post&id=1&" + methodstr hash = hmac(self.secretkey, params, hashlib.sha1).hexdigest() userpass = self.accesskey + ":" + hash; userpass = base64.b64encode(userpass) basicAuth = "%s:Basic %s"%(tonce,userpass) return basicAuth
def serialize_dictionary(dictionary, secret_key=settings.SERIALIZATION_SECRET_KEY, expires=None): secret_key = str(secret_key) if expires: dictionary['_expires'] = _date_to_unix(expires) mac = hmac(secret_key, None, sha1) result = [] for key, value in dictionary.iteritems(): result.append('%s=%s' % (url_quote_plus(key), _quote(value))) mac.update('|' + result[-1]) return '%s?%s' % (mac.digest().encode('base64').strip(),'&'.join(result))
def main(): key = 'ecbefbf6b17e47ecb9035107866380' grant_type = 'password' client_id = '8d5227e0aaaa4797a763ac64e0c3b8' source = 'com.zhihu.android' timestamp = '1425481982' message = ''.join([grant_type, client_id, source, timestamp]) signature = hmac(key, message, sha1).hexdigest() print signature
def get_sign(method, url, params, key): ar = [method, url, '&'.join('%s=%s' % (quote(k, ''), quote(params[k], '')) for k in sorted(params))] ar = map((lambda x: quote(x, '')), ar) message = '&'.join(ar) return hmac(key, message, sha1 ).digest().encode('base64')[:-1]
def unserialize(cls, string, secret_key): """Load the secure cookie from a serialized string. :param string: the cookie value to unserialize. :param secret_key: the secret key used to serialize the cookie. :return: a new :class:`SecureCookie`. """ # explicitly convert it into a bytestring because python 2.6 # no longer performs an implicit string conversion on hmac secret_key = str(secret_key) if isinstance(string, unicode): string = string.encode('utf-8', 'replace') try: base64_hash, data = string.split('?', 1) except (ValueError, IndexError): items = () else: items = {} mac = hmac(secret_key, None, cls.hash_method) for item in data.split('&'): mac.update('|' + item) if not '=' in item: items = None break key, value = item.split('=', 1) # try to make the key a string key = url_unquote_plus(key) try: key = str(key) except UnicodeError: pass items[key] = value # no parsing error and the mac looks okay, we can now # sercurely unpickle our cookie. try: client_hash = base64_hash.decode('base64') except Exception: items = client_hash = None if items is not None and safe_str_cmp(client_hash, mac.digest()): try: for key, value in items.iteritems(): items[key] = cls.unquote(value) except UnquoteError: items = () else: if '_expires' in items: if time() > items['_expires']: items = () else: del items['_expires'] else: items = () return cls(items, secret_key, False)
def unserialize(cls, string, secret_key): """Load the secure cookie from a serialized string. :param string: the cookie value to unserialize. :param secret_key: the secret key used to serialize the cookie. :return: a new :class:`SecureCookie`. """ if isinstance(string, text_type): string = string.encode('utf-8', 'replace') if isinstance(secret_key, text_type): secret_key = secret_key.encode('utf-8', 'replace') try: base64_hash, data = string.split(b'?', 1) except (ValueError, IndexError): items = () else: items = {} mac = hmac(secret_key, None, cls.hash_method) for item in data.split(b'&'): mac.update(b'|' + item) if not b'=' in item: items = None break key, value = item.split(b'=', 1) # try to make the key a string key = url_unquote_plus(key.decode('ascii')) try: key = to_native(key) except UnicodeError: pass items[key] = value # no parsing error and the mac looks okay, we can now # sercurely unpickle our cookie. try: client_hash = base64.b64decode(base64_hash) except TypeError: items = client_hash = None if items is not None and safe_str_cmp(client_hash, mac.digest()): try: for key, value in iteritems(items): items[key] = cls.unquote(value) except UnquoteError: items = () else: if '_expires' in items: if time() > items['_expires']: items = () else: del items['_expires'] else: items = () return cls(items, secret_key, False)
def unserialize(cls, string, secret_key): """Load the secure cookie from a serialized string. :param string: the cookie value to unserialize. :param secret_key: the secret key used to serialize the cookie. :return: a new :class:`SecureCookie`. """ if isinstance(string, unicode): string = string.encode("utf-8", "replace") if isinstance(secret_key, unicode): secret_key = secret_key.encode("utf-8", "replace") try: base64_hash, data = string.split("?", 1) except (ValueError, IndexError): items = () else: items = {} mac = hmac(secret_key, None, cls.hash_method) for item in data.split("&"): mac.update("|" + item) if not "=" in item: items = None break key, value = item.split("=", 1) # try to make the key a string key = url_unquote_plus(key) try: key = str(key) except UnicodeError: pass items[key] = value # no parsing error and the mac looks okay, we can now # sercurely unpickle our cookie. try: client_hash = base64_hash.decode("base64") except Exception: items = client_hash = None if items is not None and safe_str_cmp(client_hash, mac.digest()): try: for key, value in items.iteritems(): items[key] = cls.unquote(value) except UnquoteError: items = () else: if "_expires" in items: if time() > items["_expires"]: items = () else: del items["_expires"] else: items = () return cls(items, secret_key, False)
def serialize(self, expires = None): if self.secret_key is None: raise RuntimeError('no secret key defined') if expires: self['_expires'] = _date_to_unix(expires) result = [] mac = hmac(self.secret_key, None, self.hash_method) for key, value in sorted(self.items()): result.append('%s=%s' % (url_quote_plus(key), self.quote(value))) mac.update('|' + result[-1]) return '%s?%s' % (mac.digest().encode('base64').strip(), '&'.join(result))
def __init__(self, AWSAccessKeyId, SigningKey): self.today = datetime.date.today() self.xml_blob = "" # get the datetime directly from route53 to prevent clock issues self._datetime = self.get_date_time() # now generate the correct autentication from the access keys using HMAC SHA1 self._accessKey = AWSAccessKeyId self._signingKey = SigningKey sig = hmac(self._signingKey, self._datetime, sha1).digest().encode("base64") self._auth_header = "AWS3-HTTPS AWSAccessKeyId=" + AWSAccessKeyId + ",Algorithm=HmacSHA1,Signature=" + sig
def prepare_request( self, url, token="", secret="", additional_params=None, method=urlfetch.GET, t=None, nonce=None ): """Prepare Request. Prepares an authenticated request to any OAuth protected resource. Returns the payload of the request. """ def encode(text): return urlquote(str(text), "~") params = { "oauth_consumer_key": self.consumer_key, "oauth_signature_method": "HMAC-SHA1", "oauth_timestamp": t if t else str(int(time())), "oauth_nonce": nonce if nonce else str(getrandbits(64)), "oauth_version": "1.0", } if token: params["oauth_token"] = token elif self.callback_url: params["oauth_callback"] = self.callback_url if additional_params: params.update(additional_params) for k, v in params.items(): if isinstance(v, unicode): params[k] = v.encode("utf8") # Join all of the params together. params_str = "&".join(["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. if method == urlfetch.GET: meth = "GET" elif method == urlfetch.PUT: meth = "PUT" else: meth = "POST" message = "&".join([meth, encode(url), encode(params_str)]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (self.consumer_secret, secret) # Note compulsory "&". signature = hmac(key, message, sha1) digest_base64 = signature.digest().encode("base64").strip() params["oauth_signature"] = digest_base64 # Construct the request payload and return it return urlencode(params)
def _generate_signature(self, method, url, oauth_params, payload, secret): """Generates a HMAC-SHA1 signature for the request.""" # Join all of the params together. combined = oauth_params.copy() combined.update(payload) params_str = "&".join(["%s=%s" % (self._encode(k), self._encode(combined[k])) for k in sorted(combined)]) # Join the entire message together per the OAuth specification. message = "&".join([self._encode(item) for item in (method, url, params_str)]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (self.consumer_secret, secret) # Note compulsory "&". signature = hmac(key, message, sha1) return signature.digest().encode("base64").strip()
def prepare_request(self, url, token='', secret='', additional_params=None, method=urlfetch.GET, t=None, nonce=None): '''Prepare Request. Prepares an authenticated request to any OAuth protected resource. Returns the payload of the request. ''' def encode(text): return urlquote(str(text), '~') params = { 'oauth_consumer_key': self.consumer_key, 'oauth_signature_method': 'HMAC-SHA1', 'oauth_timestamp': t if t else str(int(time())), 'oauth_nonce': nonce if nonce else str(getrandbits(64)), 'oauth_version': '1.0' } if token: params['oauth_token'] = token elif self.callback_url: params['oauth_callback'] = self.callback_url if additional_params: params.update(additional_params) for k,v in params.items(): if isinstance(v, unicode): params[k] = v.encode('utf8') # Join all of the params together. params_str = '&'.join(['%s=%s' % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. message = '&'.join(['GET' if method == urlfetch.GET else 'POST', encode(url), encode(params_str)]) # Create a HMAC-SHA1 signature of the message. key = '%s&%s' % (self.consumer_secret, secret) # Note compulsory '&'. signature = hmac(key, message, sha1) digest_base64 = signature.digest().encode('base64').strip() params['oauth_signature'] = digest_base64 # Construct the request payload and return it return urlencode(params)
def _sign(secret,query): try: parameters = parse_qs(query,False,True) keys = sorted(parameters) result = () for key in keys: result = result + ((key, parameters[key][0]),) url = urlencode(result) print "Signing->" + secret + url + '&' mac = hmac(secret, secret + url + '&', sha1).digest().encode('base64')[:-1] return mac; except ValueError: return 'Error'
def send(message, sock: socket): global aes_key, hmac_key ciphertext = aes.cfb_encrypt(message.encode("utf-8"), aes_key) mac = hmac.hmac(ciphertext, hmac_key) payload = mac + ciphertext sock.sendall(payload)
def getSignature(self, data, key): return "%s" % hmac(key, data, sha1).digest().encode('base64')[:-1]
def create_token(access_key, secret_key): t = str(time.time()) token = base64.encodestring(hmac("%s,%s,%s" % (access_key, t, secret_key), digestmod=sha1).digest())[:-1] return t, token
def encrypt_path( path: str, extensions: Set[str] = ENC_EXT, exclusions: Optional[Set[str]] = None) -> List[Tuple[str, str]]: """ This function convergently encrypts the file at path. If path is a directory, it recursively encrypts all files in the directory which have matching extensions. After encryption, it appends an HMAC, and renames the file to have a '.pyce' extension. It is close to: AES_256_CTR_HMAC_SHA_512 Args: path: path to convergently encrypt (file or directory) extensions: the file extensions that should be encrypted exclusions: files that should not be encrypted Returns: List of all paths and their encryption key """ if exclusions is None: exclusions = set() manifest = [] walker = walk(path) if not isfile(path) else [('', None, [path])] for root, _, files in walker: for fname in files: _, ext = splitext(fname) if ext not in extensions: continue absolute_path = join(root, fname) # Skip absolute paths if absolute_path in exclusions or root in exclusions: continue # Skip requested folders dirn = dirname(root) skip = False while dirn and dirn != '/' and not dirn.endswith(':\\'): if dirn in exclusions: skip = True break dirn = dirname(dirn) if skip: continue with open(absolute_path, 'rb+') as openf: # read data = openf.read() # hash hashv = srchash(data) key = hashv.digest() # encrypt cipher = Cipher(CIPHER(key), MODE(key[0:16]), backend=BACKEND) encryptor = cipher.encryptor() ciphertext = encryptor.update(data) # write out openf.seek(0) openf.write(ciphertext) # append HMAC openf.write(hmac(key, ciphertext, HMAC_HS).digest()) new_absolute_path, ext = splitext(absolute_path) new_absolute_path += ext + 'e' rename(absolute_path, new_absolute_path) manifest.append((new_absolute_path, hashv.hexdigest())) return manifest
def _get_uitdatabank_events_v2(city_app_profile, page, pagelength): def encode(text): return urlquote(str(text), "~") secret = city_app_profile.uitdatabank_secret.encode("utf8") key = city_app_profile.uitdatabank_key.encode("utf8") cities = [c.encode("utf8") for c in city_app_profile.uitdatabank_regions] url = "https://www.uitid.be/uitid/rest/searchv2/search" headers = {} params = { "oauth_consumer_key": key, "oauth_timestamp": str(int(time.time())), "oauth_nonce": str(getrandbits(64)), "oauth_signature_method": "HMAC-SHA1", "oauth_version": "1.0", } url_params = {"q": " OR ".join(["city:%s" % city for city in cities]), "rows": pagelength, "start": (page - 1) * pagelength, "datetype": "next3months", "group": "event"} params.update(url_params) for k, v in params.items(): if isinstance(v, unicode): params[k] = v.encode('utf8') params_str = "&".join(["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) base_string = "&".join(["GET", encode(url), encode(params_str)]) signature = hmac("%s&" % secret, base_string, sha1) digest_base64 = signature.digest().encode("base64").strip() params["oauth_signature"] = encode(digest_base64) headers['Accept'] = "application/json" headers['Authorization'] = 'OAuth oauth_consumer_key="%s",oauth_signature_method="%s",oauth_timestamp="%s",oauth_nonce="%s",oauth_version="1.0",oauth_signature="%s"' % ( encode(params['oauth_consumer_key']), encode(params['oauth_signature_method']), encode(params['oauth_timestamp']), encode(params['oauth_nonce']), params["oauth_signature"]) data = urllib.urlencode(url_params) url = "%s?%s" % (url, data) logging.debug(url); result = urlfetch.fetch(url, headers=headers, deadline=30) if result.status_code != 200: return False, "Make sure your credentials are correct." r = json.loads(result.content)["rootObject"] if "error" in r[0]: return False, r[0]["error"] event_count = r[0]["Long"] if event_count == 0: if page != 1: return True, [] return False, "0 upcoming events. Make sure your region is correct." return True, [e["event"] for e in r[1:]]
#coding: utf-8 import socket import random, math from hashlib import sha1 from hmac import new as hmac generateHash = lambda (placa): hmac("shienshenlhq", placa, sha1).digest( ).encode('hex') rLong = -38.6791411 rLat = -3.6770324 pacote = lambda ( placa ): 'POST /sinesp-cidadao/ConsultaPlacaNovo27032014 HTTP/1.1\nHost: sinespcidadao.sinesp.gov.br\nContent-Length: %d\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nAccept: text/plain, */*; q=0.01\nx-wap-profile: http://wap.samsungmobile.com/uaprof/GT-S7562.xml\nUser-Agent: Mozilla/5.0 (Linux; U; Android 4.1.4; pt-br; GT-S1162L Build/IMM76I) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30\nAccept-Encoding: gzip,deflate\nAccept-Language: pt-BR, en-US\nAccept-Charset: utf-8, iso-8859-1, utf-16, gb2312, gbk, *;q=0.7\n\n%s' % ( len(payload(placa)), payload(placa)) payload = lambda ( placa ): '<?xl version="1.0" encoding="utf-8" standalone="yes" ?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ><soap:Header><dispositivo>GT-S1312L</dispositivo><nomeSO>Android</nomeSO><versaoAplicativo>1.1.1</versaoAplicativo><versaoSO>4.1.4</versaoSO><aplicativo>aplicativo</aplicativo><ip>177.206.169.90</ip><token>%s</token><latitude>%s</latitude><longitude>%s</longitude></soap:Header><soap:Body><webs:getStatus xmlns:webs="http://soap.ws.placa.service.sinesp.serpro.gov.br/"><placa>%s</placa></webs:getStatus></soap:Body></soap:Envelope>' % ( generateHash(placa), rLat, rLong, placa) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("sinespcidadao.sinesp.gov.br", 80)) pack = pacote('faa4716') s.send(pacote('faa1716')) print s.recv(1024) print pack s.close()
def create_aes(self, self_key): data = hmac(self.username, self_key, sha512).digest() return AES.new(data[:32], AES.MODE_CBC, data[32:32])
def get_signature(*args): s = bytes("AWS4" + g['AWS_SECRET_ACCESS_KEY']) for arg in args: s = hmac(s, bytes(arg), digestmod=sha256).digest() return str(hexlify(s))
def _call_explicitly(self, path, oauth_token=None, oauth_secret=None, oauth_callback=None, is_post=False, raw_response=False, return_rpc=False, **kwargs): params = { 'oauth_consumer_key': self._key, 'oauth_nonce': hexlify(urandom(18)), 'oauth_signature_method': 'HMAC-SHA1', 'oauth_timestamp': str(int(time())), 'oauth_version': '1.0' } key = self._secret + '&' if oauth_token: params['oauth_token'] = oauth_token key += encode(oauth_secret) elif oauth_callback: params['oauth_callback'] = oauth_callback params.update(kwargs) if not (path.startswith('https://') or path.startswith('http://')): path = self.api_base_url + path + ".json" if not is_post: is_post = path in self.post_methods if not is_post: spath = path.split('/') npath = '' while spath: if npath: npath += '/' + spath.pop(0) else: npath = spath.pop(0) if npath in self.post_methods: is_post = True break if is_post: meth = POST meth_str = 'POST' else: meth = GET meth_str = 'GET' message = '&'.join([ meth_str, encode(path), encode('&'.join('%s=%s' % (k, encode(params[k])) for k in sorted(params))) ]) params['oauth_signature'] = hmac(key, message, sha1).digest().encode('base64')[:-1] auth = ', '.join('%s="%s"' % (k, encode(params[k])) for k in sorted(params) if k not in kwargs) headers = {'Authorization': 'OAuth %s' % auth} if is_post: payload = urlencode(kwargs) else: path += '?' + urlencode(kwargs) payload = None if return_rpc: rpc = create_rpc(self.deadline) make_fetch_call(rpc, path, payload, meth, headers, validate_certificate=True) return rpc resp = fetch(path, payload, meth, headers, deadline=self.deadline, validate_certificate=True) if raw_response: return resp return decode_json(resp)
def unserialize(cls, string, secret_key): """Load the secure cookie from a serialized string. :param string: The cookie value to unserialize. :param secret_key: The secret key used to serialize the cookie. :return: A new :class:`SecureCookie`. """ if isinstance(string, str): string = string.encode("utf-8", "replace") if isinstance(secret_key, str): secret_key = secret_key.encode("utf-8", "replace") try: base64_hash, data = string.split(b"?", 1) except (ValueError, IndexError): items = () else: items = {} mac = hmac(secret_key, None, cls.hash_method) for item in data.split(b"&"): mac.update(b"|" + item) if b"=" not in item: items = None break key, value = item.split(b"=", 1) # try to make the key a string key = url_unquote_plus(key.decode("ascii")) try: key = to_native(key) except UnicodeError: pass items[key] = value # no parsing error and the mac looks okay, we can now # load the cookie. try: client_hash = base64.b64decode(base64_hash) except TypeError: items = client_hash = None if items is not None and safe_str_cmp(client_hash, mac.digest()): try: for key, value in items.items(): items[key] = cls.unquote(value) except UnquoteError: items = () else: if "_expires" in items: if time() > items["_expires"]: items = () else: del items["_expires"] else: items = () return cls(items, secret_key, False)
reponame = "myrepo" repourl = "myrepourl" repotype = "git" repousername = "" repopassword = "" reposource = "" repobranch = "master" message = "pub=%s&reponame=%s&repourl=%s&repotype=%s&repousername=%s&repopassword=%s&reposource=%s&repobranch=%s" % ( urllib.quote_plus(publickey), urllib.quote_plus(reponame), urllib.quote_plus(repourl), urllib.quote_plus(repotype), urllib.quote_plus(repousername), urllib.quote_plus(repopassword), urllib.quote_plus(reposource), urllib.quote_plus(repobranch)) sig = hmac(privatekey, message, sha512).hexdigest() url = "http://localhost:8080/api/repo/add/?sig=%s&%s&hmac=sha512" % ( urllib.quote_plus(sig), message) data = urllib2.urlopen(url) data = data.read() data = json.loads(data) print data['sucessful'], data['message'] ################################################################ message = "pub=%s" % (urllib.quote_plus(publickey)) sig = hmac(privatekey, message, sha512).hexdigest()
def _sign_cookie(value: str) -> str: mac = hmac(cookie_key, msg=None, digestmod=sha256) mac.update(value.encode('utf-8')) b64 = base64.b64encode(mac.digest()) replaced = b64.decode('utf-8').rstrip('=') return quote('s:' + value + '.' + replaced, safe='')
def prepare_request(self, url, token="", secret="", additional_params=None, method=urlfetch.GET, t=None, nonce=None): """Prepare Request. Prepares an authenticated request to any OAuth protected resource. Returns the payload of the request. """ def encode(text): return urlquote(str(text), "~") params = { "oauth_consumer_key": self.consumer_key, "oauth_signature_method": "HMAC-SHA1", "oauth_timestamp": t if t else str(int(time())), "oauth_nonce": nonce if nonce else str(getrandbits(64)), "oauth_version": "1.0" } if token: params["oauth_token"] = token elif self.callback_url: params["oauth_callback"] = self.callback_url if additional_params: params.update(additional_params) for k, v in params.items(): if isinstance(v, unicode): params[k] = v.encode('utf8') # Join all of the params together. params_str = "&".join( ["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. message = "&".join([ "GET" if method == urlfetch.GET else "PUT", encode(url), encode(params_str) ]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (encode(self.consumer_secret), encode(secret) ) # Note compulsory "&". signature = hmac(key, message, sha1) digest_base64 = signature.digest().encode("base64").strip() params["oauth_signature"] = digest_base64 oauth_params = { "realm": "", "oauth_consumer_key": params["oauth_consumer_key"], "oauth_nonce": params["oauth_nonce"], "oauth_signature": params["oauth_signature"], "oauth_signature_method": params["oauth_signature_method"], "oauth_timestamp": params["oauth_timestamp"], "oauth_version": "1.0", } if "oauth_token" in params: oauth_params["oauth_token"] = params["oauth_token"] elif "oauth_callback" in params: oauth_params["oauth_callback"] = params["oauth_callback"] oauth_headers = [] for (k, v) in oauth_params.items(): oauth_headers.append('%s="%s"' % (k, encode(v))) authorization = "OAuth %s" % ",".join(oauth_headers) if additional_params: for k, v in additional_params.items(): if isinstance(v, unicode): additional_params[k] = v.encode('utf8') else: additional_params = {} # Construct the request payload and return it return (urlencode(params), urlencode(additional_params), authorization)
from sha256_new1 import sha_256 from hashlib import sha256 from hmac import hmac def generate_aes_key(key): h = sha256(key) res = h.digest()[:16] return res if __name__ == "__main__": h1 = sha_256('algebra') print(h1) print('--------------------------') h = hmac(b"love", b"We are running out of time", sha256) print(h.hexx()) print('--------------------------') aes_gen = generate_aes_key(b"cryptography") print(8 * len(aes_gen), aes_gen)
def _hmac_sha1_base64(self, key, message): return base64.b64encode(hmac(key, message, sha1).digest())
def make_request(self, url, token="", secret="", additional_params=None, protected=False): """Make Request. Make an authenticated request to any OAuth protected resource. At present only GET requests are supported. If protected is equal to True, the Authorization: OAuth header will be set. A urlfetch response object is returned. """ def encode(text): return urlquote(str(text), "") params = { "oauth_consumer_key": self.consumer_key, "oauth_signature_method": "HMAC-SHA1", "oauth_timestamp": str(int(time())), "oauth_nonce": str(getrandbits(64)), "oauth_version": "1.0" } if token: params["oauth_token"] = token elif self.callback_url: params["oauth_callback"] = self.callback_url if additional_params: params.update(additional_params) # Join all of the params together. params_str = "&".join(["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. message = "&".join(["GET", encode(url), encode(params_str)]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (self.consumer_secret, secret) # Note compulsory "&". signature = hmac(key, message, sha1) digest_base64 = signature.digest().encode("base64").strip() params["oauth_signature"] = digest_base64 # Construct and fetch the URL and return the result object. url = "%s?%s" % (url, urlencode(params)) headers = {} headers["User-Agent"] = "Where Do You Go/6.0 +http://www.wheredoyougo.net/" #TODO this doesn't really belong here, find a better place for it if protected: headers["Authorization"] = "OAuth" return urlfetch.fetch(url, headers=headers)
def make_request(self, url, token="", secret="", additional_params={}, protected=False, method=urlfetch.GET): """Make Request. Make an authenticated request to any OAuth protected resource. At present only GET requests are supported. If protected is equal to True, the Authorization: OAuth header will be set. A urlfetch response object is returned. """ def encode(text): return urlquote(str(text), "") params = { "oauth_consumer_key": self.consumer_key, "oauth_signature_method": "HMAC-SHA1", "oauth_timestamp": str(int(time())), "oauth_nonce": str(getrandbits(64)), "oauth_version": "1.0" } if token: params["oauth_token"] = token elif self.callback_url: params["oauth_callback"] = self.callback_url params.update(additional_params) # Join all of the params together. params_str = "&".join(["%s=%s" % (encode(k), encode(params[k])) for k in sorted(params)]) # Join the entire message together per the OAuth specification. message = "&".join(["GET" if method == urlfetch.GET else "POST", encode(url), encode(params_str)]) # Create a HMAC-SHA1 signature of the message. key = "%s&%s" % (self.consumer_secret, secret) # Note compulsory "&". signature = hmac(key, message, sha1) digest_base64 = signature.digest().encode("base64").strip() params["oauth_signature"] = digest_base64 # Construct and fetch the URL and return the result object. url = "%s?%s" % (url, urlencode(params)) headers = {"Authorization": "OAuth"} if protected else {} payload = urlencode(params) if method == urlfetch.POST else None return urlfetch.fetch(url, method=method, headers=headers, payload=payload)