def delete(args, api_client, settings=None):
from pbincli.utils import json_encode
pasteid = args.paste
token = args.token
if args.debug: print("PasteID:\t{}\nToken:\t\t{}".format(pasteid, token))
api_client.delete(json_encode({'pasteid': pasteid, 'deletetoken': token}))
def delete(args, api_client, settings=None):
from pbincli.utils import json_encode
pasteid = args.paste
token = args.token
if args.verbose: print("Used server: {}".format(api_client.getServer()))
if args.debug: print("PasteID:\t{}\nToken:\t\t{}".format(pasteid, token))
print("Requesting paste deletion…")
api_client.delete(json_encode({'pasteid': pasteid, 'deletetoken': token}))
def _encryptV1(self):
from sjcl import SJCL
from pbincli.utils import json_encode
self._data = {
'expire': self._expiration,
'formatter': self._formatter,
'burnafterreading': int(self._burnafterreading),
'opendiscussion': int(self._discussion)
}
password = self.__preparePassKey()
if self._debug: print("Password:\t{}".format(password))
# Encrypting text
cipher = SJCL().encrypt(self.__compress(self._text.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipher[k] = cipher[k].decode()
self._data['data'] = json_encode(cipher)
if self._attachment:
cipherfile = SJCL().encrypt(self.__compress(
self._attachment.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipherfile[k] = cipherfile[k].decode()
cipherfilename = SJCL().encrypt(self.__compress(
self._attachment_name.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipherfilename[k] = cipherfilename[k].decode()
self._data['attachment'] = json_encode(cipherfile)
self._data['attachmentname'] = json_encode(cipherfilename)
def delete(args, api_client):
from pbincli.utils import json_encode
pasteid = args.paste
token = args.token
if args.debug: print("PasteID:\t{}\nToken:\t\t{}".format(pasteid, token))
result = api_client.delete(json_encode({'pasteid':pasteid,'deletetoken':token}))
if args.debug: print("Response:\t{}\n".format(result))
if 'status' in result and not result['status']:
print("Paste successfully deleted!")
elif 'status' in result and result['status']:
print("Something went wrong...\nError:\t\t{}".format(result['message']))
exit(1)
else:
print("Something went wrong...\nError: Empty response.")
exit(1)
def _encryptV2(self):
from pbincli.utils import json_encode
if self._debug: print("[Enc] Preparing IV, Salt…")
iv = get_random_bytes(int(self._tag_bits / 8))
salt = get_random_bytes(self._salt_bytes)
if self._debug: print("[Enc] Deriving Key…")
key = self.__deriveKey(salt)
if self._debug: print("[Enc] Preparing aData and message…")
# prepare encryption authenticated data and message
adata = [[
b64encode(iv).decode(),
b64encode(salt).decode(), self._iteration_count, self._block_bits,
self._tag_bits, 'aes', 'gcm', self._compression
], self._formatter,
int(self._discussion),
int(self._burnafterreading)]
cipher_message = {'paste': self._text}
if self._attachment:
cipher_message['attachment'] = self._attachment
cipher_message['attachment_name'] = self._attachment_name
if self._debug: print("[Enc] Encrypting message…")
cipher = self.__initializeCipher(key, iv, adata,
int(self._tag_bits / 8))
ciphertext, tag = cipher.encrypt_and_digest(
self.__compress(json_encode(cipher_message)))
if self._debug:
print("PBKDF2 Key:\t{}\nCipherText:\t{}\nCipherTag:\t{}".format(
b64encode(key), b64encode(ciphertext), b64encode(tag)))
self._data = {
'v': 2,
'adata': adata,
'ct': b64encode(ciphertext + tag).decode(),
'meta': {
'expire': self._expiration
}
}
def _encryptV2(self):
from pbincli.utils import json_encode
iv = get_random_bytes(CIPHER_TAG_BYTES) # 16 bytes
salt = get_random_bytes(CIPHER_SALT_BYTES) # 8 bytes
key = self.__deriveKey(salt)
# prepare encryption authenticated data and message
adata = [[
b64encode(iv).decode(),
b64encode(salt).decode(), CIPHER_ITERATION_COUNT,
CIPHER_BLOCK_BITS, CIPHER_TAG_BITS, 'aes', 'gcm', self._compression
], self._formatter,
int(self._discussion),
int(self._burnafterreading)]
cipher_message = {'paste': self._text}
if self._attachment:
cipher_message['attachment'] = self._attachment
cipher_message['attachment_name'] = self._attachment_name
cipher = self.__initializeCipher(key, iv, adata)
ciphertext, tag = cipher.encrypt_and_digest(
self.__compress(json_encode(cipher_message)))
if self._debug:
print("PBKDF2 Key:\t{}\nCipherText:\t{}\nCipherTag:\t{}".format(
b64encode(key), b64encode(ciphertext), b64encode(tag)))
self._data = {
'v': 2,
'adata': adata,
'ct': b64encode(ciphertext + tag).decode(),
'meta': {
'expire': self._expiration
}
}
def getJSON(self):
if self._version == 2:
from pbincli.utils import json_encode
return json_encode(self._data).decode()
else:
return self._data
def __initializeCipher(self, key, iv, adata, tagsize):
from pbincli.utils import json_encode
cipher = AES.new(key, AES.MODE_GCM, nonce=iv, mac_len=tagsize)
cipher.update(json_encode(adata))
return cipher
def get(args, api_client, settings=None):
from pbincli.utils import check_writable, json_encode
try:
pasteid, passphrase = args.pasteinfo.split("#")
except ValueError:
PBinCLIError(
"Provided info hasn't contain valid PasteID#Passphrase string")
if not (pasteid and passphrase):
PBinCLIError("Incorrect request")
if args.debug:
print("PasteID:\t{}\nPassphrase:\t{}".format(pasteid, passphrase))
paste = Paste(args.debug)
if args.password:
paste.setPassword(args.password)
if args.debug: print("Password:\t{}".format(args.password))
result = api_client.get(pasteid)
if args.debug: print("Response:\t{}\n".format(result))
# Paste was received. Checking received status code
if not result['status']: # return code is zero
print("Paste received!")
version = result['v'] if 'v' in result else 1
paste.setVersion(version)
if version == 2:
if args.debug:
print("Authentication data:\t{}".format(result['adata']))
paste.setHash(passphrase)
paste.loadJSON(result)
paste.decrypt()
text = paste.getText()
if args.debug: print("Decoded text size: {}\n".format(len(text)))
if len(text):
if args.debug: print("{}\n".format(text.decode()))
filename = "paste-" + pasteid + ".txt"
print("Found text in paste. Saving it to {}".format(filename))
check_writable(filename)
with open(filename, "wb") as f:
f.write(text)
f.close()
attachment, attachment_name = paste.getAttachment()
if attachment:
print("Found file, attached to paste. Saving it to {}\n".format(
attachment_name))
check_writable(attachment_name)
with open(attachment_name, "wb") as f:
f.write(attachment)
f.close()
if version == 1 and 'meta' in result and 'burnafterreading' in result[
'meta'] and result['meta']['burnafterreading']:
print("Burn afrer reading flag found. Deleting paste...")
api_client.delete(
json_encode({
'pasteid': pasteid,
'deletetoken': 'burnafterreading'
}))
elif result['status']: # return code is other then zero
PBinCLIError("Something went wrong...\nError:\t\t{}".format(
result['message']))
else: # or here no status field in response or it is empty
PBinCLIError("Something went wrong...\nError: Empty response.")
def encrypt(self, formatter, burnafterreading, discussion, expiration):
from pbincli.utils import json_encode
if self._version == 2:
iv = get_random_bytes(CIPHER_TAG_BYTES)
salt = get_random_bytes(CIPHER_SALT_BYTES)
key = self.__deriveKey(salt)
# prepare encryption authenticated data and message
adata = [[
b64encode(iv).decode(),
b64encode(salt).decode(), CIPHER_ITERATION_COUNT,
CIPHER_BLOCK_BITS, CIPHER_TAG_BITS, 'aes', 'gcm',
self._compression
], formatter,
int(burnafterreading),
int(discussion)]
cipher_message = {'paste': self._text}
if self._attachment:
cipher_message['attachment'] = self._attachment
cipher_message['attachment_name'] = self._attachment_name
cipher = self.__initializeCipher(key, iv, adata)
ciphertext, tag = cipher.encrypt_and_digest(
self.__compress(json_encode(cipher_message)))
self._data = {
'v': 2,
'adata': adata,
'ct': b64encode(ciphertext + tag).decode(),
'meta': {
'expire': expiration
}
}
else:
from hashlib import sha256
from sjcl import SJCL
self._data = {
'expire': expiration,
'formatter': formatter,
'burnafterreading': int(burnafterreading),
'opendiscussion': int(discussion)
}
if self._password:
digest = sha256(self._password.encode("UTF-8")).hexdigest()
password = b64encode(self._key) + digest.encode("UTF-8")
else:
password = b64encode(self._key)
if self._debug: print("Password:\t{}".format(password))
# Encrypting text
cipher = SJCL().encrypt(self.__compress(
self._text.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipher[k] = cipher[k].decode()
self._data['data'] = json_encode(cipher)
if self._attachment:
cipherfile = SJCL().encrypt(self.__compress(
self._attachment.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipherfile[k] = cipherfile[k].decode()
cipherfilename = SJCL().encrypt(self.__compress(
self._attachment_name.encode('utf-8')),
password,
mode='gcm')
for k in ['salt', 'iv', 'ct']:
cipherfilename[k] = cipherfilename[k].decode()
self._data['attachment'] = json_encode(cipherfile)
self._data['attachmentname'] = json_encode(cipherfilename)
