def aes_encryption(user_name, token): """ 加密生成信息 :param user_name: :return: """ user_info = """%s:%s""" % (user_name, token) encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(SECRET_KEY.encode(), SECRET_IV.encode())) _passwd = encrypter.feed(user_info) + encrypter.feed() return base64.b64encode(_passwd)
def aes_encrypt_with_iv(key, iv, data): assert_bytes(key, iv, data) data = append_PKCS7_padding(data) if AES: e = AES.new(key, AES.MODE_CBC, iv).encrypt(data) else: aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc, padding=pyaes.PADDING_NONE) e = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer return e
def toCypher(masterkey, password, UserKey): cyphertext = [] for c in password: cyphertext.append(ord(c) * UserKey) iv = os.urandom(16) key = makeKey(masterkey, iv) encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key, iv)) securePW = encrypter.feed(",".join(map(str, cyphertext)).encode('utf8')) securePW += encrypter.feed() return securePW, iv
def encryptResponse(self, request, decrypted, response): randomSalt = bytearray(os.urandom(16)) result = hashlib.sha256(randomSalt).digest() SaltC = bytearray(request['message']['salt']) DSaltC = bytearray(decrypted['salt']) randomStuff = bytearray(16) for i in range(0, 16): randomStuff[i] = (SaltC[i] ^ DSaltC[i] ^ randomSalt[i]) & 0xff # XorSalts XorSalts = bytearray(16) for i in range(0, 16): XorSalts[i] = (SaltC[i] ^ DSaltC[i]) & 0xff message = self.DecryptedResponse.Message() message['response'] = response message['keys'] = bytes(randomStuff) message['hash'] = result message['xorSalts'] = bytes(XorSalts) message['hwid'] = self.config['hwid'] # SaltS SaltS = bytearray(os.urandom(16)) d = pyaes.AESModeOfOperationCBC(self.key, SaltS, v6=True).decrypt(SaltS) # DSaltS DSaltS = bytearray(d) # HMacMsg HMacMsg = bytearray(16) for i in range(0, 16): HMacMsg[i] = (SaltS[i] ^ DSaltS[i]) & 0xff HMacMsg.extend(bytes(message)) # HMacKey requestTime = decrypted['request']['requestTime'] HMacKey = self.getMACKey(requestTime) HMac = hmac.new(HMacKey, bytes(HMacMsg), hashlib.sha256) digest = HMac.digest() responsedata = self.DecryptedResponse() responsedata['message'] = message responsedata['hmac'] = digest[16:] encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(self.key, SaltS, v6=True)) crypted = encrypter.feed(responsedata) + encrypter.feed() return bytes(SaltS), bytes(bytearray(crypted))
def encrypt(data: str, key: str, pad_length: int = None) -> str: """ Encrypt the given data using the given key. Tag the result so that it is clear that this is an encrypted file. """ data_as_bytes = encode_and_pad(data, pad_length) iv = os.urandom(16) encrypter = pyaes.Encrypter(aes_mode_of_operation(key, iv)) ciphertext = encrypter.feed(data_as_bytes) + encrypter.feed() return dump_ct(iv, ciphertext, hash_key(key))
def __encryptData(self, data): ciphertext = b'' # We can encrypt one line at a time, regardles of length encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(self.key_manager.master_key_key, self.key_manager.master_key_iv)) ciphertext += encrypter.feed(data) # Make a final call to flush any remaining bytes and add padding ciphertext += encrypter.feed() return ciphertext
def encrypt_bytes(self, plaintext, client): # use a random initialisation vector iv = os.urandom(16) cbc = pyaes.AESModeOfOperationCBC(client.key, iv=iv) encrypter = pyaes.Encrypter(cbc) ciphertext = encrypter.feed(plaintext) ciphertext += encrypter.feed() # prepend the initialisation vector return iv + ciphertext
def aes_encrypt_with_iv(key, iv, data): if AES: padlen = 16 - (len(data) % 16) if padlen == 0: padlen = 16 data += chr(padlen) * padlen e = AES.new(key, AES.MODE_CBC, iv).encrypt(data) return e else: aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc) e = aes.feed(data) + aes.feed() # empty aes.feed() appends pkcs padding return e
def encodePDF(key, objectNumber, generationNumber, string, revision=None): "Encodes a string or stream" revision = checkRevision(revision) #print 'encodePDF (%s, %d, %d, %s)' % (hexText(key), objectNumber, generationNumber, string) # extend 3 bytes of the object Number, low byte first if revision in (2, 3): newkey = key n = objectNumber for i in range(3): newkey += int2Byte(n & 0xff) n = n >> 8 # extend 2 bytes of the generationNumber n = generationNumber for i in range(2): newkey += int2Byte(n & 0xff) n = n >> 8 md5output = md5(newkey).digest() if revision == 2: key = md5output[:10] elif revision == 3: key = md5output #all 16 bytes from reportlab.lib.arciv import ArcIV encrypted = ArcIV(key).encode(string) #print 'encrypted=', hexText(encrypted) elif revision == 5: iv = os_urandom(16) encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key, iv=iv)) # pkcs7 style padding so that the size of the encrypted block is multiple of 16 string_len = len(string) padding = "" padding_len = (16 - (string_len % 16)) if string_len > 16 else (16 - string_len) if padding_len > 0: padding = chr(padding_len) * padding_len if isinstance(string, str): string = (string + padding).encode("utf-8") else: string += asBytes(padding) encrypted = iv + encrypter.feed(string) encrypted += encrypter.feed() if DEBUG: print('encodePDF(%s,%s,%s,%s,%s)==>%s' % tuple([ hexText(str(x)) for x in (key, objectNumber, generationNumber, string, revision, encrypted) ])) return encrypted
def encryptResponse(self, request, decrypted, response): randomSalt = bytearray(os.urandom(16)) result = hashlib.sha256(bytes(randomSalt)).digest() SaltC = bytearray(request['message']['salt']) XorSalts = bytearray(pyaes.AES(self.key, v6=self.v6).decrypt(SaltC)) randomStuff = bytearray(16) for i in range(0, 16): randomStuff[i] = (XorSalts[i] ^ randomSalt[i]) & 0xff message = self.DecryptedResponse.Message() message['response'] = response message['keys'] = bytes(randomStuff) message['hash'] = result message['xorSalts'] = bytes(XorSalts) message['hwid'] = self.config['hwid'] # SaltS SaltS = bytearray(os.urandom(16)) d = pyaes.AESModeOfOperationCBC(self.key, SaltS, v6=True).decrypt(SaltS) # DSaltS DSaltS = bytearray(d) # HMacMsg HMacMsg = bytearray(16) for i in range(0, 16): HMacMsg[i] = (SaltS[i] ^ DSaltS[i]) & 0xff HMacMsg.extend(message.__bytes__()) # HMacKey requestTime = decrypted['requestTime'] HMacKey = self.getMACKey(requestTime) if hasattr(hashlib.sha256(), 'digest_size'): HMac = hmac.new(HMacKey, bytes(HMacMsg), hashlib.sha256) else: # micropython defaultly use uhashlib, which has no digest_size HMac = hmac.new(HMacKey, bytes(HMacMsg), hashlib._sha256.sha256) digest = HMac.digest() responsedata = self.DecryptedResponse() responsedata['message'] = message responsedata['hmac'] = digest[16:] encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(self.key, SaltS, v6=True)) crypted = encrypter.feed(responsedata.__bytes__()) + encrypter.feed() return bytes(SaltS), bytes(bytearray(crypted))
def aes_encrypt_with_iv(key, iv, data): #mode = aes.AESModeOfOperation.modeOfOperation["CBC"] #key = map(ord, key) #iv = map(ord, iv) #data = aes.append_PKCS7_padding(data) #keysize = len(key) #assert keysize in aes.AES.keySize.values(), 'invalid key size: %s' % keysize #moo = aes.AESModeOfOperation() #(mode, length, ciph) = moo.encrypt(data, mode, key, keysize, iv) #return ''.join(map(chr, ciph)) aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc) e = aes.feed(data) + aes.feed() # empty aes.feed() appends pkcs padding return e
def aes_encrypt_with_iv(key: bytes, iv: bytes, data: bytes) -> bytes: assert_bytes(key, iv, data) data = append_PKCS7_padding(data) if HAS_CRYPTODOME: e = CD_AES.new(key, CD_AES.MODE_CBC, iv).encrypt(data) elif HAS_CRYPTOGRAPHY: cipher = CG_Cipher(CG_algorithms.AES(key), CG_modes.CBC(iv), backend=CG_default_backend()) encryptor = cipher.encryptor() e = encryptor.update(data) + encryptor.finalize() else: aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc, padding=pyaes.PADDING_NONE) e = aes.feed(data) + aes.feed() # empty aes.feed() flushes buffer return e
def get_access_attrs(content, url): values = {} attrs = {} mw_pid = re.compile(r"partner_id:\s*(\w*),").findall(content)[0] p_domain_id = re.compile(r"domain_id:\s*(\w*),").findall(content)[0] _mw_adb = False video_token = re.compile(r"video_token:\s*\S?\'([0-9a-f]*)\S?\'").findall( content)[0] js_path = re.compile(r'script src=\"(.*)\"').findall(content)[0] headers = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36", } request = urllib2.Request("http://" + url.split('/')[2] + js_path, "", headers) request.get_method = lambda: 'GET' js_page = urllib2.urlopen(request).read() e_value = "19f15a0031b8548acfa8da1f2cdf7f73179ac13f3c4938c8bad5a1c93dd8fe06" n_value = "79e4add175162a762071a11fe45d249f" t = EncryptedData() t.a = mw_pid t.b = p_domain_id t.c = _mw_adb #t.d = window_value t.e = video_token t.f = USER_AGENT json_string = t.to_json() encrypt_mode = pyaes.AESModeOfOperationCBC(binascii.a2b_hex(e_value), binascii.a2b_hex(n_value)) encrypter = pyaes.Encrypter(encrypt_mode) encrypted = '' encrypted += encrypter.feed(json_string) encrypted += encrypter.feed() attrs['purl'] = "http://" + url.split('/')[2] + "/vs" values["q"] = base64.standard_b64encode(encrypted) xbmc.log("param=" + repr(values) + " " + repr(attrs)) return values, attrs
def request_info(self): try: self.infopackage_all = self.infopackage_pre + str( self.m_counter) + self.infopackage_end Domoticz.Debug('Infopackage= ' + self.infopackage_all) encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(self.m_key, self.m_iv)) encrypted = encrypter.feed(self.infopackage_all) encrypted += encrypter.feed() Domoticz.Debug('Encrypted=' + str(encrypted)) # Add package header self.packagelength = len(encrypted) + 32 Domoticz.Debug('Package Length = ' + str(self.packagelength)) self.header = self.magicnumber self.header += struct.pack('>h', self.packagelength) self.header += self.unknown1 self.header += self.deviceid #Device ID self.header += self.stamp self.headertemp = self.header self.headertemp += self.token self.headertemp += encrypted self.header += self.md5(self.headertemp) self.header += encrypted Domoticz.Debug('Header= ' + str(self.header)) self.s.sendto(self.header, (self.host, self.port)) # receive data from client (data, addr) d = self.s.recvfrom(1024) reply = d[0] addr = d[1] decrypter = pyaes.Decrypter( pyaes.AESModeOfOperationCBC(self.m_key, self.m_iv)) decrypted = decrypter.feed(reply[32:]) # Again, make a final call to flush any remaining bytes and strip padding decrypted += decrypter.feed() Domoticz.Debug('Response= ' + str(decrypted)) except socket.error as msg: Domoticz.Debug('Error Code : ' + str(msg[0]) + ' Message ' + msg[1]) return decrypted.decode('utf-8')
def encrypt_msg(self, msg): """Encrypt message. :param msg: the original message. :type msg: bytes :returns: the encrypted message. :rtype: bytes """ aes = pyaes.AESModeOfOperationCBC(pad_msg16(self.aes_cbc_key)[:32], iv=pad_msg16(self.aes_cbc_iv)[:16]) encrypter = pyaes.Encrypter(aes) cipher = encrypter.feed(msg) cipher += encrypter.feed() return cipher
def get_encrypted_data(data, aesKeyFile): with open(aesKeyFile, 'r') as file: key = file.read().replace('\n', '') iv = "InitializationVe" ciphertext = '' # We can encrypt one line at a time, regardles of length encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key, iv)) ciphertext += encrypter.feed(data) # Make a final call to flush any remaining bytes and add padding ciphertext += encrypter.feed() return ciphertext
def encrypt_py(plain_text, key): if plain_text: try: scraper_key = hashlib.sha256(key).digest() IV = '\0' * 16 decrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(scraper_key, IV)) cipher_text = decrypter.feed(plain_text) cipher_text += decrypter.feed() except Exception as e: log_utils.log_warning('Exception during Py Encrypt: %s' % (e)) cipher_text = '' else: cipher_text = '' return cipher_text
def generateRequest(self, requestBase): salt = os.urandom(16) message = self.RequestV5.Message() message['salt'] = salt encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(self.key, salt, v6=self.v6)) message['encrypted'] = encrypter.feed(requestBase) + encrypter.feed() request = self.RequestV5() request['versionMinor'] = requestBase['versionMinor'] request['versionMajor'] = requestBase['versionMajor'] request['message'] = message if self.config['debug']: print("Request V%d Data: %s" % (self.ver, request.dump())) print("Request V%d: %s" % (self.ver, binascii.b2a_hex(bytes(request)))) return request
def _hex_password(self, password, device_id): nickname = self._format_id(settings.get('device_name')) log.debug('Device nickname: {}'.format(nickname)) payload = { 'deviceId': device_id, 'nickName': nickname, 'format': 'json', 'appID': 'GO2', 'accountType': 'foxtel', 'plt': PLT_DEVICE, } secret = self._session.post( '/auth.class.api.php/prelogin/{site_id}'.format( site_id=VOD_SITEID), data=payload).json()['secret'] log.debug('Pass Secret: {}{}'.format(secret[:5], 'x' * len(secret[5:]))) try: #python3 iv = bytes.fromhex(AES_IV) except AttributeError: #python2 iv = str(bytearray.fromhex(AES_IV)) encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(secret.encode('utf8'), iv)) ciphertext = encrypter.feed(password) ciphertext += encrypter.feed() try: #python3 hex_password = ciphertext.hex() except AttributeError: #python2 hex_password = ciphertext.encode('hex') log.debug('Hex password: {}{}'.format(hex_password[:5], 'x' * len(hex_password[5:]))) return hex_password
def approve_tx(self, btn): letter = self.listener.postbox.pop() keyhash = letter[0] challenge = letter[1] #compute response to challenge and send back... reply = challenge + ":" if (btn.text == APPROVE_TX): secret_2FA = bytes.fromhex( self.myfactors.datastore.get(keyhash)['secret_2FA']) mac = hmac.new(secret_2FA, bytes.fromhex(challenge), sha1) reply += mac.hexdigest() self.display = "Action approved!" self.label_logs += "Action approved" + "\n" + LOG_SEP Logger.info("Satochip: APPROVED action with hash: " + challenge + " on " + str(datetime.now())) else: reply += "00" * 20 self.display = "Tx rejected!" self.label_logs += "Tx rejected" + "\n" + LOG_SEP Logger.info("Satochip: REJECTED tx with hash: " + challenge + " on " + str(datetime.now())) Logger.debug("Satochip: Challenge-response: " + reply) replyhash = self.myfactors.datastore.get(keyhash)['idreply_2FA'] # pad & encrypt reply key_2FA = bytes.fromhex( self.myfactors.datastore.get(keyhash)['key_2FA']) iv = urandom(16) Logger.debug("Satochip: IV hex: " + iv.hex()) plaintext = reply.encode("utf-8") encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key_2FA, iv)) ciphertext = encrypter.feed(plaintext) ciphertext += encrypter.feed() ciphertext = iv + ciphertext reply_encrypt = base64.b64encode(ciphertext).decode('ascii') Logger.debug("Satochip: Reply_encrypt: " + reply_encrypt) # send reply to server Logger.debug("Satochip: Sent response to: " + replyhash) server.put(replyhash, reply_encrypt) self.listener.clear(keyhash) self.btn_disabled = True
def encryptResponse(self, request, decrypted, response): randomSalt = bytearray(os.urandom(16)) result = hashlib.sha256(bytes(randomSalt)).digest() iv = bytearray(request['message']['salt']) XorSalts = pyaes.AES(self.key, v6=self.v6).decrypt(iv) randomStuff = bytearray(16) for i in range(0,16): randomStuff[i] = (bytearray(XorSalts)[i] ^ randomSalt[i]) & 0xff responsedata = self.DecryptedResponse() responsedata['response'] = response responsedata['keys'] = bytes(randomStuff) responsedata['hash'] = result encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(self.key, iv, v6=self.v6)) crypted = encrypter.feed(responsedata.__bytes__()) + encrypter.feed() return bytes(iv), crypted
def encrypt(message, pubkey, pad_to_length=None): """ pad_to_length must be a multiple of 16, and equal to or larger than len(message)+4. Default is to choose the smallest possible value. If the `pubkey` is not a valid point, raises EncryptionFailed. """ try: pubpoint = ser_to_point(pubkey) except: raise EncryptionFailed nonce_sec = ecdsa.util.randrange(order) nonce_pub = point_to_ser(nonce_sec * G, comp=True) key = hashlib.sha256(point_to_ser(nonce_sec * pubpoint, comp=True)).digest() plaintext = len(message).to_bytes(4, 'big') + message if pad_to_length is None: plaintext += b'\0' * (-len(plaintext) % 16) else: if pad_to_length % 16 != 0: raise ValueError(f'{pad_to_length} not multiple of 16') need = pad_to_length - len(plaintext) if need < 0: raise ValueError(f'{pad_to_length} < {len(plaintext)}') plaintext += b'\0' * need iv = b'\0' * 16 if AES: ciphertext = AES.new(key, AES.MODE_CBC, iv).encrypt(plaintext) else: aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc, padding=pyaes.PADDING_NONE) ciphertext = aes.feed( plaintext) + aes.feed() # empty aes.feed() flushes buffer mac = hmacdigest(key, ciphertext, 'sha256')[:16] return nonce_pub + ciphertext + mac
def encrypt(self, data): encrypter = pyaes.Encrypter(self.mode, pyaes.PADDING_NONE) return encrypter.feed(data) + encrypter.feed()
def aes_encrypt(key, data, iv): encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key, iv=iv)) enc_data = encrypter.feed(data) enc_data += encrypter.feed() return enc_data
def aes_encrypt_with_iv(key, iv, data): aes_cbc = pyaes.AESModeOfOperationCBC(key, iv=iv) aes = pyaes.Encrypter(aes_cbc) e = aes.feed(data) + aes.feed() # empty aes.feed() appends pkcs padding return e
def login(self, username=None, password=None): # Modified from: # https://github.com/retrospect-addon/plugin.video.retrospect/blob/master/channels/channel.se/sbs/chn_sbs.py # Local import to not slow down any other stuff import binascii try: # If running on Leia import pyaes except: # If running on Pre-Leia from resources.lib import pyaes import random now = int(time.time()) b64_now = binascii.b2a_base64(str(now).encode()).decode().strip() user_agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 " \ "(KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" window_id = "{}|{}".format( binascii.hexlify(os.urandom(16)).decode(), binascii.hexlify(os.urandom(16)).decode()) fe = [ "DNT:unknown", "L:en-US", "D:24", "PR:1", "S:1920,975", "AS:1920,935", "TO:-120", "SS:true", "LS:true", "IDB:true", "B:false", "ODB:true", "CPUC:unknown", "PK:Win32", "CFP:990181251", "FR:false", "FOS:false", "FB:false", "JSF:Arial", "P:Chrome PDF Plugin", "T:0,false,false", "H:4", "SWF:false" ] fs_murmur_hash = '48bf49e1796939175b0406859d00baec' data = [ { "key": "api_type", "value": "js" }, { "key": "p", "value": 1 }, # constant { "key": "f", "value": self.device_id }, # browser instance ID { "key": "n", "value": b64_now }, # base64 encoding of time.now() { "key": "wh", "value": window_id }, # WindowHandle ID { "key": "fe", "value": fe }, # browser properties { "key": "ife_hash", "value": fs_murmur_hash }, # hash of browser properties { "key": "cs", "value": 1 }, # canvas supported 0/1 { "key": "jsbd", "value": "{\"HL\":41,\"NCE\":true,\"DMTO\":1,\"DOTO\":1}" } ] data_value = json.dumps(data) stamp = now - (now % (60 * 60 * 6)) key_password = "******".format(user_agent, stamp) salt_bytes = os.urandom(8) key_iv = self.__evp_kdf(key_password.encode(), salt_bytes, key_size=8, iv_size=4, iterations=1, hash_algorithm="md5") key = key_iv["key"] iv = key_iv["iv"] encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key, iv)) encrypted = encrypter.feed(data_value) # Again, make a final call to flush any remaining bytes and strip padding encrypted += encrypter.feed() salt_hex = binascii.hexlify(salt_bytes) iv_hex = binascii.hexlify(iv) encrypted_b64 = binascii.b2a_base64(encrypted) bda = { "ct": encrypted_b64.decode(), "iv": iv_hex.decode(), "s": salt_hex.decode() } bda_str = json.dumps(bda) bda_base64 = binascii.b2a_base64(bda_str.encode()) req_dict = { "bda": bda_base64.decode(), "public_key": "FE296399-FDEA-2EA2-8CD5-50F6E3157ECA", "site": "https://client-api.arkoselabs.com", "userbrowser": user_agent, "simulate_rate_limit": "0", "simulated": "0", "rnd": "{}".format(random.random()) } req_data = "" for k, v in req_dict.items(): req_data = "{}{}={}&".format(req_data, k, self.url_encode(v)) req_data = req_data.rstrip("&") arkose_headers = {"user-agent": user_agent} arkose_data = self.make_request( 'https://client-api.arkoselabs.com/fc/gt2/public_key/FE296399-FDEA-2EA2-8CD5-50F6E3157ECA', 'get', params=req_data, headers=arkose_headers) arkose_json = json.loads(arkose_data) arkose_token = arkose_json.get("token") if "rid=" not in arkose_token: self.log("Error logging in. Invalid Arkose token.") self.log(arkose_token) raise self.DplayError('Error logging in. Invalid Arkose token.') self.log("Succesfully required a login token from Arkose.") # Get new token self.get_token() discoveryplus_username = username discoveryplus_password = password creds = { "credentials": { "username": discoveryplus_username, "password": discoveryplus_password } } headers = { "x-disco-arkose-token": arkose_token, "x-disco-arkose-sitekey": "FE296399-FDEA-2EA2-8CD5-50F6E3157ECA", "Origin": "https://www.{site_url}".format(site_url=self.site_url), "x-disco-client": "WEB:10.16.0:AUTH_DPLAY_V1:4.0.1-rc2-gi1", # is not specified a captcha is required # "Sec-Fetch-Site": "same-site", # "Sec-Fetch-Mode": "cors", # "Sec-Fetch-Dest": "empty", "Referer": "https://www.{site_url}/myaccount/login".format( site_url=self.site_url), "User-Agent": user_agent } login_url = '{api_url}/login'.format(api_url=self.api_url) return self.make_request(login_url, 'post', payload=json.dumps(creds), headers=headers)
def prepare(self, document, overrideID=None): # get ready to do encryption if DEBUG: print('StandardEncryption.prepare(...) - revision %d' % self.revision) if self.prepared: raise ValueError("encryption already prepared!") # get the unescaped string value of the document id (first array element). # we allow one to be passed in instead to permit reproducible tests # of our algorithm, but in real life overrideID will always be None if overrideID: internalID = overrideID else: externalID = document.ID() # initialize it... internalID = document.signature.digest() #AR debugging if CLOBBERID: internalID = "xxxxxxxxxxxxxxxx" if DEBUG: print('userPassword = %r' % self.userPassword) print('ownerPassword = %r' % self.ownerPassword) print('internalID = %r' % internalID) self.P = int(self.permissionBits() - 2**31) if CLOBBERPERMISSIONS: self.P = -44 # AR hack if DEBUG: print("self.P = %s" % repr(self.P)) if self.revision == 5: # Init vectro for AES cipher (should be 16 bytes null array) iv = b'\x00' * 16 # Random User salts uvs = os_urandom(8) uks = os_urandom(8) # the main encryption key self.key = asBytes(os_urandom(32)) if DEBUG: print("uvs (hex) = %s" % hexText(uvs)) print("uks (hex) = %s" % hexText(uks)) print("self.key (hex) = %s" % hexText(self.key)) # Calculate the sha-256 hash of the User password (U) md = sha256(asBytes(self.userPassword[:127]) + uvs) self.U = md.digest() + uvs + uks if DEBUG: print("self.U (hex) = %s" % hexText(self.U)) # Calculate the User encryption key (UE) md = sha256(asBytes(self.userPassword[:127]) + uks) encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(md.digest(), iv=iv)) self.UE = encrypter.feed(self.key) self.UE += encrypter.feed() if DEBUG: print("self.UE (hex) = %s" % hexText(self.UE)) # Random Owner salts ovs = os_urandom(8) oks = os_urandom(8) # Calculate the hash of the Owner password (U) md = sha256(asBytes(self.ownerPassword[:127]) + ovs + self.U) self.O = md.digest() + ovs + oks if DEBUG: print("self.O (hex) = %s" % hexText(self.O)) # Calculate the User encryption key (OE) md = sha256(asBytes(self.ownerPassword[:127]) + oks + self.U) encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(md.digest(), iv=iv)) self.OE = encrypter.feed(self.key) self.OE += encrypter.feed() if DEBUG: print("self.OE (hex) = %s" % hexText(self.OE)) # Compute permissions array permsarr = [ self.P & 0xFF, # store the permission value in the first 32-bits self.P >> 8 & 0xFF, self.P >> 16 & 0xFF, self.P >> 24 & 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, ord( 'T' ), # 'T' if EncryptMetaData is True (default), 'F' otherwise ord('a'), # a, d, b are magic values ord('d'), ord('b'), 0x01, # trailing zeros will be ignored 0x01, 0x01, 0x01 ] # the permission array should be enrypted in the Perms field encrypter = pyaes.Encrypter( pyaes.AESModeOfOperationCBC(self.key, iv=iv)) self.Perms = encrypter.feed(bytes3(permsarr)) self.Perms += encrypter.feed() if DEBUG: print("self.Perms (hex) = %s" % hexText(self.Perms)) elif self.revision in (2, 3): self.O = computeO(self.userPassword, self.ownerPassword, self.revision) if DEBUG: print("self.O (as hex) = %s" % hexText(self.O)) #print "\nself.O", self.O, repr(self.O) self.key = encryptionkey(self.userPassword, self.O, self.P, internalID, revision=self.revision) if DEBUG: print("self.key (hex) = %s" % hexText(self.key)) self.U = computeU(self.key, revision=self.revision, documentId=internalID) if DEBUG: print("self.U (as hex) = %s" % hexText(self.U)) self.objnum = self.version = None self.prepared = 1
def send_packet(self, command, payload): self.count = (self.count + 1) & 0xffff packet = bytearray(0x38) packet[0x00] = 0x5a packet[0x01] = 0xa5 packet[0x02] = 0xaa packet[0x03] = 0x55 packet[0x04] = 0x5a packet[0x05] = 0xa5 packet[0x06] = 0xaa packet[0x07] = 0x55 packet[0x24] = 0x2a packet[0x25] = 0x27 packet[0x26] = command packet[0x28] = self.count & 0xff packet[0x29] = self.count >> 8 packet[0x2a] = self.mac[0] packet[0x2b] = self.mac[1] packet[0x2c] = self.mac[2] packet[0x2d] = self.mac[3] packet[0x2e] = self.mac[4] packet[0x2f] = self.mac[5] packet[0x30] = self.id[0] packet[0x31] = self.id[1] packet[0x32] = self.id[2] packet[0x33] = self.id[3] checksum = 0xbeaf for i in range(len(payload)): checksum += payload[i] checksum = checksum & 0xffff # aes = AES.new(bytes(self.key), AES.MODE_CBC, bytes(self.iv)) # payload = aes.encrypt(bytes(payload)) aes = pyaes.AESModeOfOperationCBC(bytes(self.key), iv=bytes(self.iv)) encrypter = pyaes.Encrypter(aes) length = len(payload) payload = encrypter.feed(bytes(payload)) payload += encrypter.feed() payload = payload[:length] # # packet[0x34] = checksum & 0xff packet[0x35] = checksum >> 8 for i in range(len(payload)): packet.append(payload[i]) checksum = 0xbeaf for i in range(len(packet)): checksum += packet[i] checksum = checksum & 0xffff packet[0x20] = checksum & 0xff packet[0x21] = checksum >> 8 starttime = time.time() with self.lock: while True: try: self.cs.sendto(packet, self.host) self.cs.settimeout(1) response = self.cs.recvfrom(1024) break except socket.timeout: if (time.time() - starttime) < self.timeout: pass raise return bytearray(response[0])
# For some modes of operation we need a random initialization vector # of 16 bytes iv = os.urandom(16) #plaintext = "Text may be any length you wish, no padding is required" plaintext = input("Enter message to be encrypted: ") print() for mode in pyaes.AESModesOfOperation.values(): for key in keys: aes = mode(keys[key], iv) if mode == pyaes.AESModeOfOperationCFB else mode(keys[key]) tracemalloc.start() encrypter = pyaes.Encrypter(aes) ciphertext = encrypter.feed(plaintext) ciphertext += encrypter.feed() current, peak = tracemalloc.get_traced_memory() tracemalloc.stop() # show the encrypted data print (key, mode.name[-5:]) print ("Encrypted message CPU: {}% ".format(psutil.cpu_percent(interval=1))) print ("Encryption memory: {:10f}MB used\tPeaked at: {:10f}MB".format(current / 2**20, peak / 2**20)) # DECRYPTION # CRT mode decryption requires a new instance be created aes = mode(keys[key], iv) if mode == pyaes.AESModeOfOperationCFB else mode(keys[key]) # decrypted data is always binary, need to decode to plaintext
def get_access_attrs(content, url, check=True): values = {} attrs = {} mw_pid = re.compile(r"partner_id:\s*(\w*),").findall(content)[0] p_domain_id = re.compile(r"domain_id:\s*(\w*),").findall(content)[0] _mw_adb = False video_token = re.compile(r"video_token:\s*\S?\'([0-9a-f]*)\S?\'").findall( content)[0] ref = re.compile('ref: \'(.+?)\'').findall(content)[0] js_path = re.compile(r'script src=\"(.*)\"').findall(content)[0] headers = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36", } request = urllib2.Request("http://" + url.split('/')[2] + js_path, "", headers) request.get_method = lambda: 'GET' js_page = urllib2.urlopen(request).read() t = EncryptedData() t.a = mw_pid t.b = p_domain_id t.c = _mw_adb #t.d = window_value t.e = video_token t.f = USER_AGENT json_string = t.to_json() e_value = addon.getSetting('value1') n_value = addon.getSetting('value2') encrypt_mode = pyaes.AESModeOfOperationCBC(binascii.a2b_hex(e_value), binascii.a2b_hex(n_value)) encrypter = pyaes.Encrypter(encrypt_mode) encrypted = '' encrypted += encrypter.feed(json_string) encrypted += encrypter.feed() attrs['purl'] = "http://" + url.split('/')[2] + "/vs" values["q"] = base64.standard_b64encode(encrypted) values["ref"] = ref #check if (check == True) and vurl: try: opener = urllib2.build_opener(urllib2.HTTPCookieProcessor()) opener.addheaders = [("User-Agent", USER_AGENT)] request = urllib2.Request(attrs["purl"], urllib.urlencode(values), {}) connection = opener.open(request) response = connection.read() except: values, attrs = reload_values(content, url) xbmc.log("param=" + repr(values) + " " + repr(attrs)) return values, attrs