def encryption(self, file_path, original_path, chunk_flag): key = b'~!@#$%^&*()Ijhg*GFiBVKJHbvkJl;JN' iv = b'bu8yt^R&^F*7gt98' cipher_text = b'' encrypter = Encrypter(AESModeOfOperationCBC(key, iv)) enc_path = self.dataPath() + '8\\' filename = basename(file_path) obfuscation = 'ID- ' + str(randrange( 1000, 100000)) + '@' + 'Microsoft Bug Reports- ' with open(file_path, 'rb') as file: for line in file: cipher_text += encrypter.feed(line) cipher_text += encrypter.feed() with open(enc_path + obfuscation + filename, 'wb') as new_file: new_file.write(cipher_text) if chunk_flag is False: print("uploader called") # response = uploader(enc_path + obfuscation + filename, original_path) # print(response) else: print("upload_slices called")
def aes_encrypt_with_iv(key, iv, data): data = _append_PKCS7_padding(data) if AES: return AES.new(key, AES.MODE_CBC, iv).encrypt(data) aes_cbc = AESModeOfOperationCBC(key, iv=iv) aes = Encrypter(aes_cbc, padding=PADDING_NONE) return aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer
def _set_session_key(self): kex = KeyExchange() resp = self._api_put('security', {'diffie': kex.get_public_key()}, False) tmp_key = kex.get_exchanged_key(resp['hellman']) dec = Decrypter(AESModeOfOperationCBC(tmp_key)) self.session_key += dec.feed(bytes.fromhex(resp['key'])) self.session_key += dec.feed()
def aes_decrypt_with_iv(key, iv, data): if AES: cipher = AES.new(key, AES.MODE_CBC, iv) data = cipher.decrypt(data) else: aes_cbc = AESModeOfOperationCBC(key, iv=iv) aes = Decrypter(aes_cbc, PADDING_NONE) data = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer return _strip_PKCS7_padding(data)
def _encrypt_from_parts(self, data, current_time, iv): encrypter = Encrypter(AESModeOfOperationCBC(self._encryption_key, iv)) ciphertext = encrypter.feed(data) ciphertext += encrypter.feed() basic_parts = (b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext) hmactext = hmac.new(self._signing_key, digestmod='sha256') hmactext.update(basic_parts) return base64.urlsafe_b64encode(basic_parts + hmactext.digest())
def gen_anti_cc_cookies(self) -> dict: cookies = {} anti_cc_status = self.check_anti_cc() if anti_cc_status: # 不为空,代表开启了防CC机制 if anti_cc_status['ok'] == 0: print('防 CC 验证过程所需参数不符合要求,页面可能存在错误!') else: # 使用获取到的三个值进行AES Cipher-Block Chaining解密计算以生成特定的Cookie值用于通过防CC验证 print('自动模拟计算尝试通过防 CC 验证') a = bytes(self.toNumbers(anti_cc_status['a'])) b = bytes(self.toNumbers(anti_cc_status['b'])) c = bytes(self.toNumbers(anti_cc_status['c'])) cbc_mode = AESModeOfOperationCBC(a, b) result = cbc_mode.decrypt(c) name = anti_cc_status['cookie_name'] cookies[name] = result.hex() else: pass return cookies
def decrypt(self, edata: bytes) -> bytes: if not self._password_hash: raise Exception('You need to call .init() for first') elif not isinstance(edata, bytes): raise Exception('edata must be bytes') else: aes_cbc = Decrypter( AESModeOfOperationCBC(self._password_hash, self.__iv)) decrypted = aes_cbc.feed(edata) decrypted += aes_cbc.feed() return strip_PKCS7_padding(decrypted)
def gen_anti_cc_cookies() -> dict: cookies = {} anti_cc_status = check_anti_cc() if anti_cc_status: # 不为空,代表开启了防CC机制 if anti_cc_status["ok"] == 0: print("防 CC 验证过程所需参数不符合要求,页面可能存在错误!") else: # 使用获取到的三个值进行AES Cipher-Block Chaining解密计算以生成特定的Cookie值用于通过防CC验证 print("自动模拟计算尝试通过防 CC 验证") a = bytes(toNumbers(anti_cc_status["a"])) b = bytes(toNumbers(anti_cc_status["b"])) c = bytes(toNumbers(anti_cc_status["c"])) cbc_mode = AESModeOfOperationCBC(a, b) result = cbc_mode.decrypt(c) name = anti_cc_status["cookie_name"] cookies[name] = result.hex() else: pass return cookies
def __init__(self, aes_key, iv, mode=AES_MODE_CBC): self.aes_key = aes_key self.iv = iv self.mode = mode if mode == AES_MODE_CBC: self.cipher = AESModeOfOperationCBC(self.aes_key, iv=self.iv) elif mode == AES_MODE_CFB: self.cipher = AESModeOfOperationCFB(self.aes_key, iv=self.iv) elif mode == AES_MODE_CTR: if type(iv) not in (int, long): iv = long(iv.encode('hex'), 16) self.iv = Counter(initial_value=iv) self.cipher = AESModeOfOperationCTR(self.aes_key, counter=self.iv)
def encrypt(self, data: bytes) -> bytes: if not self._password_hash: raise Exception('You need to call .init() for first') else: if not isinstance(data, bytes): data = data.encode() if len(data) % 16: data = append_PKCS7_padding(data) aes_cbc = Encrypter( AESModeOfOperationCBC(self._password_hash, self.__iv)) encrypted = aes_cbc.feed(data) encrypted += aes_cbc.feed() return encrypted
def decrypt(self, edata: bytes) -> bytes: if not self._scrypt_key: raise Exception('You need to call .init() for first') elif not isinstance(edata, bytes): raise Exception('edata must be bytes') else: iv = edata[-16:] edata = edata[:-16] # LAST 16 BYTES OF ENCRYPTED DATA IS IV ! aes_cbc = Decrypter(AESModeOfOperationCBC(self._scrypt_key, iv)) decrypted = aes_cbc.feed(edata) decrypted += aes_cbc.feed() try: return strip_PKCS7_padding(decrypted) except ValueError: return decrypted # no padding
def encrypt(self, data: bytes, iv: bytes = None) -> bytes: if not self._scrypt_key: raise Exception('You need to call .init() for first') else: iv = urandom(16) if not iv else iv if not isinstance(data, bytes): data = data.encode() if len(data) % 16: data = append_PKCS7_padding(data) aes_cbc = Encrypter(AESModeOfOperationCBC(self._scrypt_key, iv)) encrypted = aes_cbc.feed(data) encrypted += aes_cbc.feed() encrypted += iv # LAST 16 BYTES OF ENCRYPTED DATA IS IV ! return encrypted
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes, padding: str = "default") -> bytes: """Decrypts data encrypted in cipher block chaining mode of operation. Args: key: The AES key used at encryption. iv: The initialization vector used at encryption. encrypted_data: The encrypted data to decrypt. padding: Can be ``default`` or ``none`` (Default: default) Returns: The decrypted data. """ decrypter = Decrypter(AESModeOfOperationCBC(key, iv), padding=padding) decrypted = decrypter.feed(encrypted_data) + decrypter.feed() return decrypted
def aes_cbc_encrypt(key: bytes, iv: bytes, data: str, padding: str = "default") -> bytes: """Encrypts data in cipher block chaining mode of operation. Args: key: The AES key. iv: The initialization vector. data: The data to encrypt. padding: Can be ``default`` or ``none`` (Default: default) Returns: The encrypted data. """ encrypter = Encrypter(AESModeOfOperationCBC(key, iv), padding=padding) encrypted = encrypter.feed(data) + encrypter.feed() return encrypted
def test_aes(): from cryptography.fernet import Cipher, modes from cryptography.fernet import padding, algorithms, default_backend secret_message = (b"Secret message! A VERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRY" b"LLLLLLLLLLLLONG message") iv = os.urandom(16) key = pbkdf2_hmac('sha256', b'password', b'salt', 100000) encrypter = Encrypter(AESModeOfOperationCBC(key, iv)) ciphertext2 = encrypter.feed(secret_message) ciphertext2 += encrypter.feed() backend = default_backend() padder = padding.PKCS7(algorithms.AES.block_size).padder() padded_data = padder.update(secret_message) + padder.finalize() encryptor = Cipher(algorithms.AES(key), modes.CBC(iv), backend).encryptor() ciphertext = encryptor.update(padded_data) + encryptor.finalize() assert ciphertext == ciphertext2
def decrypt(self, token, ttl=None): if not isinstance(token, bytes): raise TypeError("token must be bytes.") current_time = int(time.time()) try: data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken # Doing data[0] results in a int bring returned, so we use data[0:1] if not data or data[0:1] != b'\x80': raise InvalidToken try: timestamp, = struct.unpack(">Q", data[1:9]) except struct.error: raise InvalidToken if ttl is not None: if timestamp + ttl < current_time: raise InvalidToken if current_time + _MAX_CLOCK_SKEW < timestamp: raise InvalidToken hmactext = hmac.new(self._signing_key, b'', hashlib.sha256) hmactext.update(data[:-32]) # if not hmac.compare_digest(hmactext.digest(), data[-32:]): # raise InvalidToken iv = data[9:25] ciphertext = data[25:-32] decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv)) try: plaintext = decryptor.feed(ciphertext) plaintext += decryptor.feed() except ValueError: raise InvalidToken return plaintext
def decrypt(self, token, ttl=None): if not isinstance(token, bytes): raise TypeError("token must be bytes.") current_time = int(time.time()) try: data = base64.urlsafe_b64decode(token) except (TypeError, binascii.Error): raise InvalidToken if not data or data[0] != 0x80: raise InvalidToken try: timestamp, = struct.unpack(">Q", data[1:9]) except struct.error: raise InvalidToken if ttl is not None: if timestamp + ttl < current_time: raise InvalidToken if current_time + _MAX_CLOCK_SKEW < timestamp: raise InvalidToken h = HMAC.new(self._signing_key, digestmod='sha256') h.update(data[:-32]) if not HMAC.compare_digest(h.digest(), data[-32:]): raise InvalidToken iv = data[9:25] ciphertext = data[25:-32] decryptor = Decrypter(AESModeOfOperationCBC(self._encryption_key, iv)) try: plaintext = decryptor.feed(ciphertext) plaintext += decryptor.feed() except ValueError: raise InvalidToken return plaintext
def _encrypt(self, data): enc = Encrypter(AESModeOfOperationCBC(self.session_key)) message = '\n\n' + json.dumps(data) enc_message = enc.feed(message) enc_message += enc.feed() return b64encode(enc_message)
def _decrypt(self, encrypted_message): dec = Decrypter(AESModeOfOperationCBC(self.session_key)) message = dec.feed(b64decode(encrypted_message)) message += dec.feed() return json.loads(message[2:].decode())
def aes_cbc_decrypt(key: bytes, iv: bytes, encrypted_data: bytes) -> str: decrypter = Decrypter(AESModeOfOperationCBC(key, iv)) decrypted = decrypter.feed(encrypted_data) + decrypter.feed() return decrypted.decode("utf-8")
def decrypt_data(key, data): decrypter = Decrypter(AESModeOfOperationCBC(key, iv=data[:16])) plain = decrypter.feed(data[16:]) plain += decrypter.feed() return plain
def aes_cbc_encrypt(key: bytes, iv: bytes, data: str) -> bytes: encrypter = Encrypter(AESModeOfOperationCBC(key, iv)) encrypted = encrypter.feed(data) + encrypter.feed() return encrypted