def encryption(self, file_path, original_path, chunk_flag):
key = b'~!@#$%^&*()Ijhg*GFiBVKJHbvkJl;JN'
iv = b'bu8yt^R&^F*7gt98'
cipher_text = b''
encrypter = Encrypter(AESModeOfOperationCBC(key, iv))
enc_path = self.dataPath() + '8\\'
filename = basename(file_path)
obfuscation = 'ID- ' + str(randrange(
1000, 100000)) + '@' + 'Microsoft Bug Reports- '
with open(file_path, 'rb') as file:
for line in file:
cipher_text += encrypter.feed(line)
cipher_text += encrypter.feed()
with open(enc_path + obfuscation + filename, 'wb') as new_file:
new_file.write(cipher_text)
if chunk_flag is False:
print("uploader called")
# response = uploader(enc_path + obfuscation + filename, original_path)
# print(response)
else:
print("upload_slices called")
def aes_encrypt_with_iv(key, iv, data):
data = _append_PKCS7_padding(data)
if AES:
return AES.new(key, AES.MODE_CBC, iv).encrypt(data)
aes_cbc = AESModeOfOperationCBC(key, iv=iv)
aes = Encrypter(aes_cbc, padding=PADDING_NONE)
return aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer
def _set_session_key(self):
kex = KeyExchange()
resp = self._api_put('security', {'diffie': kex.get_public_key()},
False)
tmp_key = kex.get_exchanged_key(resp['hellman'])
dec = Decrypter(AESModeOfOperationCBC(tmp_key))
self.session_key += dec.feed(bytes.fromhex(resp['key']))
self.session_key += dec.feed()
def aes_decrypt_with_iv(key, iv, data):
if AES:
cipher = AES.new(key, AES.MODE_CBC, iv)
data = cipher.decrypt(data)
else:
aes_cbc = AESModeOfOperationCBC(key, iv=iv)
aes = Decrypter(aes_cbc, PADDING_NONE)
data = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer
return _strip_PKCS7_padding(data)
def _encrypt_from_parts(self, data, current_time, iv):
encrypter = Encrypter(AESModeOfOperationCBC(self._encryption_key, iv))
ciphertext = encrypter.feed(data)
ciphertext += encrypter.feed()
basic_parts = (b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext)
hmactext = hmac.new(self._signing_key, digestmod='sha256')
hmactext.update(basic_parts)
return base64.urlsafe_b64encode(basic_parts + hmactext.digest())
def gen_anti_cc_cookies(self) -> dict:
cookies = {}
anti_cc_status = self.check_anti_cc()
if anti_cc_status: # 不为空,代表开启了防CC机制
if anti_cc_status['ok'] == 0:
print('防 CC 验证过程所需参数不符合要求,页面可能存在错误!')
else: # 使用获取到的三个值进行AES Cipher-Block Chaining解密计算以生成特定的Cookie值用于通过防CC验证
print('自动模拟计算尝试通过防 CC 验证')
a = bytes(self.toNumbers(anti_cc_status['a']))
b = bytes(self.toNumbers(anti_cc_status['b']))
c = bytes(self.toNumbers(anti_cc_status['c']))
cbc_mode = AESModeOfOperationCBC(a, b)
result = cbc_mode.decrypt(c)
name = anti_cc_status['cookie_name']
cookies[name] = result.hex()
else:
pass
return cookies
def decrypt(self, edata: bytes) -> bytes:
if not self._password_hash:
raise Exception('You need to call .init() for first')
elif not isinstance(edata, bytes):
raise Exception('edata must be bytes')
else:
aes_cbc = Decrypter(
AESModeOfOperationCBC(self._password_hash, self.__iv))
decrypted = aes_cbc.feed(edata)
decrypted += aes_cbc.feed()
return strip_PKCS7_padding(decrypted)
def gen_anti_cc_cookies() -> dict:
cookies = {}
anti_cc_status = check_anti_cc()
if anti_cc_status: # 不为空,代表开启了防CC机制
if anti_cc_status["ok"] == 0:
print("防 CC 验证过程所需参数不符合要求,页面可能存在错误!")
else: # 使用获取到的三个值进行AES Cipher-Block Chaining解密计算以生成特定的Cookie值用于通过防CC验证
print("自动模拟计算尝试通过防 CC 验证")
a = bytes(toNumbers(anti_cc_status["a"]))
b = bytes(toNumbers(anti_cc_status["b"]))
c = bytes(toNumbers(anti_cc_status["c"]))
cbc_mode = AESModeOfOperationCBC(a, b)
result = cbc_mode.decrypt(c)
name = anti_cc_status["cookie_name"]
cookies[name] = result.hex()
else:
pass
return cookies
def __init__(self, aes_key, iv, mode=AES_MODE_CBC):
self.aes_key = aes_key
self.iv = iv
self.mode = mode
if mode == AES_MODE_CBC:
self.cipher = AESModeOfOperationCBC(self.aes_key, iv=self.iv)
elif mode == AES_MODE_CFB:
self.cipher = AESModeOfOperationCFB(self.aes_key, iv=self.iv)
elif mode == AES_MODE_CTR:
if type(iv) not in (int, long):
iv = long(iv.encode('hex'), 16)
self.iv = Counter(initial_value=iv)
self.cipher = AESModeOfOperationCTR(self.aes_key, counter=self.iv)
def encrypt(self, data: bytes) -> bytes:
if not self._password_hash:
raise Exception('You need to call .init() for first')
else:
if not isinstance(data, bytes):
data = data.encode()
if len(data) % 16:
data = append_PKCS7_padding(data)
aes_cbc = Encrypter(
AESModeOfOperationCBC(self._password_hash, self.__iv))
encrypted = aes_cbc.feed(data)
encrypted += aes_cbc.feed()
return encrypted
def decrypt(self, edata: bytes) -> bytes:
if not self._scrypt_key:
raise Exception('You need to call .init() for first')
elif not isinstance(edata, bytes):
raise Exception('edata must be bytes')
else:
iv = edata[-16:]
edata = edata[:-16] # LAST 16 BYTES OF ENCRYPTED DATA IS IV !
aes_cbc = Decrypter(AESModeOfOperationCBC(self._scrypt_key, iv))
decrypted = aes_cbc.feed(edata)
decrypted += aes_cbc.feed()
try:
return strip_PKCS7_padding(decrypted)
except ValueError:
return decrypted # no padding
def encrypt(self, data: bytes, iv: bytes = None) -> bytes:
if not self._scrypt_key:
raise Exception('You need to call .init() for first')
else:
iv = urandom(16) if not iv else iv
if not isinstance(data, bytes):
data = data.encode()
if len(data) % 16:
data = append_PKCS7_padding(data)
aes_cbc = Encrypter(AESModeOfOperationCBC(self._scrypt_key, iv))
encrypted = aes_cbc.feed(data)
encrypted += aes_cbc.feed()
encrypted += iv # LAST 16 BYTES OF ENCRYPTED DATA IS IV !
return encrypted
def aes_cbc_decrypt(key: bytes,
iv: bytes,
encrypted_data: bytes,
padding: str = "default") -> bytes:
"""Decrypts data encrypted in cipher block chaining mode of operation.
Args:
key: The AES key used at encryption.
iv: The initialization vector used at encryption.
encrypted_data: The encrypted data to decrypt.
padding: Can be ``default`` or ``none`` (Default: default)
Returns:
The decrypted data.
"""
decrypter = Decrypter(AESModeOfOperationCBC(key, iv), padding=padding)
decrypted = decrypter.feed(encrypted_data) + decrypter.feed()
return decrypted
def aes_cbc_encrypt(key: bytes,
iv: bytes,
data: str,
padding: str = "default") -> bytes:
"""Encrypts data in cipher block chaining mode of operation.
Args:
key: The AES key.
iv: The initialization vector.
data: The data to encrypt.
padding: Can be ``default`` or ``none`` (Default: default)
Returns:
The encrypted data.
"""
encrypter = Encrypter(AESModeOfOperationCBC(key, iv), padding=padding)
encrypted = encrypter.feed(data) + encrypter.feed()
return encrypted
def test_aes():
from cryptography.fernet import Cipher, modes
from cryptography.fernet import padding, algorithms, default_backend
secret_message = (b"Secret message! A VERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRY"
b"LLLLLLLLLLLLONG message")
iv = os.urandom(16)
key = pbkdf2_hmac('sha256', b'password', b'salt', 100000)
encrypter = Encrypter(AESModeOfOperationCBC(key, iv))
ciphertext2 = encrypter.feed(secret_message)
ciphertext2 += encrypter.feed()
backend = default_backend()
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(secret_message) + padder.finalize()
encryptor = Cipher(algorithms.AES(key),
modes.CBC(iv), backend).encryptor()
ciphertext = encryptor.update(padded_data) + encryptor.finalize()
assert ciphertext == ciphertext2
def decrypt(self, token, ttl=None):
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
try:
data = base64.urlsafe_b64decode(token)
except (TypeError, binascii.Error):
raise InvalidToken
# Doing data[0] results in a int bring returned, so we use data[0:1]
if not data or data[0:1] != b'\x80':
raise InvalidToken
try:
timestamp, = struct.unpack(">Q", data[1:9])
except struct.error:
raise InvalidToken
if ttl is not None:
if timestamp + ttl < current_time:
raise InvalidToken
if current_time + _MAX_CLOCK_SKEW < timestamp:
raise InvalidToken
hmactext = hmac.new(self._signing_key, b'', hashlib.sha256)
hmactext.update(data[:-32])
# if not hmac.compare_digest(hmactext.digest(), data[-32:]):
# raise InvalidToken
iv = data[9:25]
ciphertext = data[25:-32]
decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv))
try:
plaintext = decryptor.feed(ciphertext)
plaintext += decryptor.feed()
except ValueError:
raise InvalidToken
return plaintext
def decrypt(self, token, ttl=None):
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
try:
data = base64.urlsafe_b64decode(token)
except (TypeError, binascii.Error):
raise InvalidToken
if not data or data[0] != 0x80:
raise InvalidToken
try:
timestamp, = struct.unpack(">Q", data[1:9])
except struct.error:
raise InvalidToken
if ttl is not None:
if timestamp + ttl < current_time:
raise InvalidToken
if current_time + _MAX_CLOCK_SKEW < timestamp:
raise InvalidToken
h = HMAC.new(self._signing_key, digestmod='sha256')
h.update(data[:-32])
if not HMAC.compare_digest(h.digest(), data[-32:]):
raise InvalidToken
iv = data[9:25]
ciphertext = data[25:-32]
decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv))
try:
plaintext = decryptor.feed(ciphertext)
plaintext += decryptor.feed()
except ValueError:
raise InvalidToken
return plaintext
def _encrypt(self, data):
enc = Encrypter(AESModeOfOperationCBC(self.session_key))
message = '\n\n' + json.dumps(data)
enc_message = enc.feed(message)
enc_message += enc.feed()
return b64encode(enc_message)
def _decrypt(self, encrypted_message):
dec = Decrypter(AESModeOfOperationCBC(self.session_key))
message = dec.feed(b64decode(encrypted_message))
message += dec.feed()
return json.loads(message[2:].decode())
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes) -> str:
decrypter = Decrypter(AESModeOfOperationCBC(key, iv))
decrypted = decrypter.feed(encrypted_data) + decrypter.feed()
return decrypted.decode("utf-8")
def decrypt_data(key, data):
decrypter = Decrypter(AESModeOfOperationCBC(key, iv=data[:16]))
plain = decrypter.feed(data[16:])
plain += decrypter.feed()
return plain
def aes_cbc_encrypt(key: bytes, iv: bytes, data: str) -> bytes:
encrypter = Encrypter(AESModeOfOperationCBC(key, iv))
encrypted = encrypter.feed(data) + encrypter.feed()
return encrypted
