def get(self):
auth = self.get_query_argument("auth", default=None)
# after users click url in their email, show the new password page
if auth:
try:
svalue = xxtea.decrypt_hex(
utf8(auth),
self.get_byte_16(self.settings.get("cookie_secret")))
(username, password, t) = svalue.split("|")
except:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
if time.time() - float(t) > 30 * 60:
self.custom_error("链接已过期,请在30分钟内点击链接找回密码", jump="/forgetpwd")
user = yield self.db.member.find_one({
"username": username,
"password": password
})
if user:
self.render("renewpwd.htm", auth=auth)
else:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
# first visit forgetpwd
else:
self.render("forgetpwd.htm", success=None)
def test_encrypt_hex_nopadding_zero(self):
key = os.urandom(16)
for i in (8, 12, 16, 20):
data = b'\0' * i
enc = xxtea.encrypt_hex(data, key, padding=False)
dec = xxtea.decrypt_hex(enc, key, padding=False)
self.assertEqual(data, dec)
def decrypt_hex(key, data):
"""
@note: 解密内容变为hex
@return: bytes
"""
try: return xxtea.decrypt_hex(data, key)
except: return b""
def test_encrypt_hex_nopadding_zero(self):
key = os.urandom(16)
for i in (8, 12, 16, 20):
data = b'\0' * i
enc = xxtea.encrypt_hex(data, key, padding=False)
dec = xxtea.decrypt_hex(enc, key, padding=False)
self.assertEqual(data, dec)
def TEstA_Read(self):
text = serialPort.readline()
text = text.decode("utf-8")
text = text[:-1]
text = text.lower()
plaintext = xxtea.decrypt_hex(text.encode(),
self.secret_key.encode(),
padding=False)
return plaintext.decode("ascii")
def decrypt_hex(key, data):
"""
@note: 解密内容变为hex
@return: bytes
"""
try:
return xxtea.decrypt_hex(data, key)
except:
return b""
def post(self):
email = self.get_body_argument("email", default=None)
auth = self.get_body_argument("auth", default=None)
# after users submit their email
if email:
# check captcha
captcha = self.get_body_argument("captcha", default="")
if not Captcha.check(captcha, self):
self.custom_error("验证码错误")
user = yield self.db.member.find_one({"email": email})
if not user:
self.custom_error("不存在这个Email")
sign = "%s|%s|%s" % (user["username"], user["password"],
time.time())
svalue = xxtea.encrypt_hex(
utf8(sign),
self.get_byte_16(self.settings.get("cookie_secret")))
url = self.settings.get(
"base_url") + "/forgetpwd?auth=%s" % url_escape(svalue, False)
Sendemail(self.settings.get("email")).send(
to=user["email"],
orgin="*****@*****.**",
title=u"找回密码 - %s" % self.settings["site"]["webname"],
content=
u"点击链接找回你的密码:<br /><a href=\"%s\">%s</a><br />如果你没有找回密码,请忽视这封邮件"
% (url, url))
self.render("forgetpwd.htm", success=True)
# after users click url in their email, and submit a new password
elif auth:
newpwd = self.get_body_argument("password")
try:
svalue = xxtea.decrypt_hex(
utf8(auth),
self.get_byte_16(self.settings.get("cookie_secret")))
(username, password, t) = svalue.split("|")
except:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
if time.time() - float(t) > 30 * 60:
self.custom_error("链接已过期,请在30分钟内点击链接找回密码", jump="/forgetpwd")
newpwd = yield self.backend.submit(hash.get, newpwd)
user = yield self.db.member.find_and_modify(
{
"username": username,
"password": password
}, {"$set": {
"password": newpwd
}})
if not user:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
else:
self.custom_error("密码修改成功", jump="/login", status="success")
else:
self.custom_error("不存在这个Email")
def decode_payload(self, payload):
"""Decoding text."""
try:
unescaped = html.unescape(payload)
encoded = json.loads(unescaped)
ct = xxtea.decrypt_hex(encoded.encode(), self.secret)
except Exception:
print("[!] Failure to retrieve data or bad key: {}".format(
Exception))
sys.exit(0)
return bytes(ct).decode('utf-8')[:-1]
def post(self):
email = self.get_body_argument("email", default=None)
auth = self.get_body_argument("auth", default=None)
# after users submit their email
if email:
# check captcha
captcha = self.get_body_argument("captcha", default="")
if not Captcha.check(captcha, self):
self.custom_error("验证码错误")
user = yield self.db.member.find_one({
"email": email
})
if not user:
self.custom_error("不存在这个Email")
sign = "%s|%s|%s" % (user["username"], user["password"], time.time())
svalue = xxtea.encrypt_hex(utf8(sign), self.get_byte_16(self.settings.get("cookie_secret")))
url = self.settings.get("base_url") + "/forgetpwd?auth=%s" % url_escape(svalue, False)
Sendemail(self.settings.get("email")).send(
to=user["email"],
orgin="*****@*****.**",
title=u"找回密码 - %s" % self.settings["site"]["webname"],
content=u"点击链接找回你的密码:<br /><a href=\"%s\">%s</a><br />如果你没有找回密码,请忽视这封邮件" % (url, url)
)
self.render("forgetpwd.htm", success=True)
# after users click url in their email, and submit a new password
elif auth:
newpwd = self.get_body_argument("password")
try:
svalue = xxtea.decrypt_hex(utf8(auth), self.get_byte_16(self.settings.get("cookie_secret")))
(username, password, t) = svalue.split("|")
except:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
if time.time() - float(t) > 30 * 60:
self.custom_error("链接已过期,请在30分钟内点击链接找回密码", jump="/forgetpwd")
newpwd = yield self.backend.submit(hash.get, newpwd)
user = yield self.db.member.find_and_modify({
"username": username, "password": password
}, {
"$set": {"password": newpwd}
})
if not user:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
else:
self.custom_error("密码修改成功", jump="/login", status="success")
else:
self.custom_error("不存在这个Email")
def get_environ(varname='', default='', key=None):
"""
获取环境变量值(解密数据)
:param varname: str, 环境变量名称
:param default: 缺省值
:param key: 加密的 key
:return: str
"""
data = os.getenv(varname, default)
if key:
try:
data = xxtea.decrypt_hex(data.encode('utf-8'), key).decode('utf-8')
except Exception:
data = default
return data
def checkCookie(auth, saltkey):
if ((auth is not None) & (saltkey is not None)):
try:
dec = xxtea.decrypt_hex(str.encode(auth), str.encode(saltkey))
mannageInfo = bytes.decode(dec)
mannageList = mannageInfo.split("\t")
print(mannageList)
except (Exception) as e:
print(e)
return False
if (len(mannageList) != 2):
return False
else:
g.appname = "swortect"
return True
else:
return False
def get(self):
auth = self.get_query_argument("auth", default=None)
# after users click url in their email, show the new password page
if auth:
try:
svalue = xxtea.decrypt_hex(utf8(auth), self.get_byte_16(self.settings.get("cookie_secret")))
(username, password, t) = svalue.split("|")
except:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
if time.time() - float(t) > 30 * 60:
self.custom_error("链接已过期,请在30分钟内点击链接找回密码", jump="/forgetpwd")
user = yield self.db.member.find_one({
"username": username, "password": password
})
if user:
self.render("renewpwd.htm", auth=auth)
else:
self.custom_error("参数错误,请重新找回密码", jump="/forgetpwd")
# first visit forgetpwd
else:
self.render("forgetpwd.htm", success=None)
def index(request):
a = xxtea.encrypt_hex(data, key)
b = xxtea.decrypt_hex(enchex, key)
return HttpResponse(a + " " + b)
def test_decrypt_hex(self):
data = xxtea.decrypt_hex(self.hexenc, self.key)
self.assertEqual(data, self.data)
kf.write(key)
kf.close()
print("ключ")
print(key)
shifr = xxtea.encrypt_hex(data, key.encode('utf-8'))
print("шифр")
print(shifr.decode('utf-8'))
sh = open("shifr.txt", "w", encoding='utf-8')
sh.write(shifr.decode('utf-8'))
sh.close()
else:
df = open("shifr.txt", "r")
data = df.read().encode('utf-8')
df.close()
print("Входящие данные")
print(data)
kf = open("key.txt", "r")
key = kf.read().encode('utf-8')
kf.close()
print("ключ")
print(key)
shifr = xxtea.decrypt_hex(data, key)
sh = open("deshifr.txt", "w", encoding='utf-8')
sh.write(shifr.decode('utf-8'))
sh.close()
print("Расшифровка")
print(shifr.decode('utf-8'))
def test_decrypt_hex(self):
data = xxtea.decrypt_hex(self.hexenc, self.key)
self.assertEqual(data, self.data)
@author = super_fazai @File : demo.py @connect : [email protected] ''' # xxtea加解密算法 # pip3 install xxtea # https://pypi.org/project/xxtea/ import os import xxtea import binascii # Key must be a 16-byte string. key = os.urandom(16) print('key: {}'.format(key)) s = b"xxtea is good" enc = xxtea.encrypt(s, key) dec = xxtea.decrypt(enc, key) print(s == dec) hexenc = xxtea.encrypt_hex(s, key) print(hexenc) print(s == xxtea.decrypt_hex(hexenc, key)) from base64 import b64decode key = os.urandom(16) s = 'QUvZd5mSBl+PxFo8LFfHOdVRBxbdL6CC0JrFtY/DlOHZQuLhrnRzdUvdq4ZHTCWuNTWCm5/K/pQ8jw8FaX7tPW1QR7ik7FqvDrKIPPEg4n7PjQogcabkyA4cBKk=' xxtea.decrypt(s, key=key)
