def get(self, crypto, image, security_key=None, **kw): cr = Crypto(security_key or conf.SECURITY_KEY) try: opt = cr.decrypt(crypto) except ValueError: opt = None if not opt and not security_key and conf.STORES_CRYPTO_KEY_FOR_EACH_IMAGE: security_key = self.storage.get_crypto(image) cr = Crypto(security_key or conf.SECURITY_KEY) opt = cr.decrypt(crypto) image_hash = opt and opt.get('image_hash') image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash path_hash = hashlib.md5(image).hexdigest() if not image_hash or image_hash != path_hash: self._error(404, 'Request denied because the specified image hash is not valid.') return return self.execute_image_operations(opt, image)
def get(self, crypto, image, security_key=None, **kw): cr = Crypto(security_key or self.context.config.SECURITY_KEY) try: opt = cr.decrypt(crypto) except ValueError: opt = None if not opt and not security_key and self.context.config.STORES_CRYPTO_KEY_FOR_EACH_IMAGE: security_key = self.storage.get_crypto(image) cr = Crypto(security_key or self.context.config.SECURITY_KEY) opt = cr.decrypt(crypto) image_hash = opt and opt.get('image_hash') image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash path_hash = hashlib.md5(image).hexdigest() if not image_hash or image_hash != path_hash: self._error(404, 'Request denied because the specified image hash is not valid.') return opt['image'] = image self.context.request = RequestParameters(**opt) return self.execute_image_operations()
def get(self, crypto, image, security_key=None, **kw): cr = Crypto(security_key or self.context.server.security_key) try: opt = cr.decrypt(crypto) except ValueError: opt = None if not opt and not security_key and self.context.config.STORES_CRYPTO_KEY_FOR_EACH_IMAGE: security_key = self.storage.get_crypto(image) cr = Crypto(security_key or self.context.server.security_key) opt = cr.decrypt(crypto) image_hash = opt and opt.get('image_hash') image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash path_hash = hashlib.md5(image.encode('utf-8')).hexdigest() if not image_hash or image_hash != path_hash: self._error(404, 'Request denied because the specified image hash is not valid.') return opt['image'] = image self.context.request = RequestParameters(**opt) return self.execute_image_operations()
def get(self, crypto, image, security_key=None, **kw): if not security_key and options.STORES_CRYPTO_KEY_FOR_EACH_IMAGE: security_key = self.storage.get_crypto(image) try: cr = Crypto(security_key or options.SECURITY_KEY) opt = cr.decrypt(crypto) except TypeError: self._error(404, 'Request denied because the specified encrypted url "%s" could not be decripted' % crypto) return image_hash = opt and opt.get('image_hash') image_hash = image_hash[1:] if image_hash and image_hash.startswith('/') else image_hash path_hash = hashlib.md5(image).hexdigest() if not image_hash or image_hash != path_hash: self._error(404, 'Request denied because the specified image hash "%s" does not match the given image path hash "%s"' %( unicode(image_hash, errors='replace'), path_hash )) return if not self.validate(image): self._error(404) return return self.execute_image_operations(opt, image)
def test_encdec_with_extra_args(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=False, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image") decrypted = crypto.decrypt(encrypted) assert decrypted['width'] == 300 assert decrypted['height'] == 200 assert not decrypted['smart'] assert decrypted['horizontal_flip'] assert decrypted['vertical_flip'] assert decrypted['halign'] == "center" assert decrypted['valign'] == "middle" assert decrypted['crop'] assert decrypted['crop']['left'] == 10 assert decrypted['crop']['top'] == 11 assert decrypted['crop']['right'] == 12 assert decrypted['crop']['bottom'] == 13
def test_encdec_with_extra_args(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=False, fit_in=True, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image") decrypted = crypto.decrypt(encrypted) assert decrypted['width'] == 300 assert decrypted['height'] == 200 assert not decrypted['smart'] assert decrypted['fit_in'] assert decrypted['horizontal_flip'] assert decrypted['vertical_flip'] assert decrypted['halign'] == "center" assert decrypted['valign'] == "middle" assert decrypted['crop'] assert decrypted['crop']['left'] == 10 assert decrypted['crop']['top'] == 11 assert decrypted['crop']['right'] == 12 assert decrypted['crop']['bottom'] == 13
def get(self, crypto, image, security_key=None, **kw): if not security_key and options.STORES_CRYPTO_KEY_FOR_EACH_IMAGE: security_key = self.storage.get_crypto(image) try: cr = Crypto(security_key or options.SECURITY_KEY) opt = cr.decrypt(crypto) except TypeError: self._error( 404, 'Request denied because the specified encrypted url "%s" could not be decripted' % crypto) return image_hash = opt and opt.get('image_hash') image_hash = image_hash[1:] if image_hash and image_hash.startswith( '/') else image_hash path_hash = hashlib.md5(image).hexdigest() if not image_hash or image_hash != path_hash: self._error( 404, 'Request denied because the specified image hash "%s" does not match the given image path hash "%s"' % (unicode(image_hash, errors='replace'), path_hash)) return if not self.validate(image): self._error(404) return return self.execute_image_operations(opt, image)
def test_decrypt(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=True, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image.jpg") decrypted = crypto.decrypt(encrypted) assert decrypted['width'] == 300 assert decrypted['height'] == 200 assert decrypted['smart'] == True
def test_decrypt(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=True, fit_in=False, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image.jpg") decrypted = crypto.decrypt(encrypted) assert decrypted['width'] == 300 assert decrypted['height'] == 200 assert decrypted['smart'] == True
def test_decrypting_with_wrong_key_fails(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=True, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image/") crypto = Crypto(salt="simething") decrypted = crypto.decrypt(encrypted) assert decrypted
def test_decrypting_with_wrong_key_fails(): crypto = Crypto(salt="something") encrypted = crypto.encrypt(width=300, height=200, smart=True, fit_in=False, flip_horizontal=True, flip_vertical=True, halign="center", valign="middle", crop_left=10, crop_top=11, crop_right=12, crop_bottom=13, image="/some/image/") crypto = Crypto(salt="simething") decrypted = crypto.decrypt(encrypted) assert decrypted
def test_thumbor_can_decrypt_lib_thumbor_generated_url(): key = "my-security-key" image = "s.glbimg.com/et/bb/f/original/2011/03/24/VN0JiwzmOw0b0lg.jpg" thumbor_crypto = Crypto(salt=key) crypto = CryptoURL(key=key) url = crypto.generate( width=300, height=200, smart=True, image_url=image ) reg = "/([^/]+)/(.+)" options = re.match(reg, url).groups()[0] decrypted_url = thumbor_crypto.decrypt(options) assert decrypted_url assert decrypted_url['height'] == 200 assert decrypted_url['width'] == 300 assert decrypted_url['smart'] assert decrypted_url['image_hash'] == hashlib.md5(image).hexdigest()
def topic(self, encrypted, crypto): crypto2 = Crypto(salt="simething") return (crypto2.decrypt(encrypted), crypto.decrypt(encrypted))
def decrypt_in_thumbor(url): '''Uses thumbor to decrypt libthumbor's encrypted URL''' encrypted = url.split('/')[1] crypto = Crypto(KEY) return crypto.decrypt(encrypted)
def decrypt_in_thumbor(key, encrypted): '''Uses thumbor to decrypt libthumbor's encrypted URL''' crypto = Crypto(key) return crypto.decrypt(encrypted)