def decrypt(self): self.body = decrypt(self.body) with contextlib.suppress(DecryptionError): self.name = decrypt( self.name.encode('utf-8') if isinstance(self.name, bytes) else self.name.encode('utf-8')).decode('utf-8') self.encrypted = False
def wrapper(*args, **kwargs): if len(args) == 1: handler = args[0] blog_id = handler.get_argument("blog_id", None) if not blog_id: blog_id = redis.zrange('blog.list', -1, -1) if blog_id: blog_id = redis.zrange('blog.list', -1, -1)[0] else: handler.write("请先在管理后台添加预发布的文章") handler.finish() return else: blog_id = args[1] blog = redis.hgetall(blog_id) if not blog: with open(utils.decrypt(blog_id), 'r') as p: lines = p.readlines() or [''] title = lines[0] create_at = int( os.path.getctime(utils.decrypt(blog_id)) or 1504724902) content = utils.md_parse(''.join(lines[2:-1])) redis.hset(blog_id, 'title', title) redis.hset(blog_id, 'create_at', create_at) redis.hset(blog_id, 'content', content) return func(*args, **kwargs)
def crypt(): while True: sc, _ = s.accept() file_name = '' while 1: file_name += sc.recv(utils.buffer_size) index = file_name.find(utils.file_name_content_separator) utils.logging.info(index) if index > 0: content = file_name[index + len(utils.file_name_content_separator):] file_name = file_name[:index] file_name = utils.decrypt(file_name) path_to_save = os.path.join(home, file_name) break with open(path_to_save, 'w') as f: while 1: received = sc.recv(utils.buffer_size) if not received: if content: block = utils.decrypt(content) f.write(block) f.close() break else: utils.logging.info(len(received)) content += received while len(content) >= utils.encrypted_block_size: block = content[:utils.encrypted_block_size] content = content[utils.encrypted_block_size:] block = utils.decrypt(block) f.write(block) sc.close() utils.logging.info('*' * 50)
def temp_atk(cipher, t, N, sk): """ cipher - ciphertext t - t parameter of the classicmceliece N - number of decryption time to compute at each iteration """ size = cipher.shape[0] u = np.zeros(size) for i in range(size): print(f'step: {i+1}/{size}\r', sep=' ', end='', flush=True) sparse = np.zeros(size) sparse[i] = 1 cipher_i = np.bitwise_xor(cipher, sparse.astype('bool')) times = np.zeros(N) for j in range(N): starttime = time.time() decrypt(sk, cipher) endtime = time.time() times[j] = endtime - starttime u[i] = np.mean(times) M = np.sort(u)[:t] return np.array([1 if elem in M else 0 for elem in u])
def crypt(): while True: sc, _ = s.accept() file_name = '' while 1: file_name += sc.recv(utils.buffer_size) index = file_name.find(utils.file_content_crypt_block_separator) utils.logging.info(index) if index > 0: content = file_name[index + len(utils.file_content_crypt_block_separator):] file_name = file_name[:index] file_name = utils.decrypt(file_name) path_to_save = os.path.join(home, file_name) break with open(path_to_save, 'w') as f: while 1: content += sc.recv(utils.buffer_size) if not content: f.close() break else: index = content.find(utils.file_content_crypt_block_separator) while index > 0: block = content[:index] block = utils.decrypt(block) f.write(block) content = content[index + len(utils.file_content_crypt_block_separator):] index = content.find(utils.file_content_crypt_block_separator) sc.close() utils.logging.info('*' * 50)
def wrapper(*args, **kwargs): if len(args) == 1: handler = args[0] blog_id = handler.get_argument("blog_id", None) if not blog_id: blog_id = redis.zrange('blog.list', -1, -1) if blog_id: blog_id = redis.zrange('blog.list', -1, -1)[0] else: handler.write("请先在管理后台添加预发布的文章") handler.finish() return else: blog_id = args[1] blog = redis.hgetall(blog_id) if not blog: with open(utils.decrypt(blog_id), 'r') as p: lines = p.readlines() or [''] title = lines[0] create_at = int(os.path.getctime(utils.decrypt(blog_id)) or 1504724902) content = utils.md_parse(''.join(lines[2:-1])) redis.hset(blog_id, 'title', title) redis.hset(blog_id, 'create_at', create_at) redis.hset(blog_id, 'content', content) return func(*args, **kwargs)
def initLineEdit(self): self.baiduSecretInput.setEchoMode(QLineEdit.Password) self.baiduAppidInput.setText(decrypt(settings['BaiduAppid'])) self.baiduAppidInput.setPlaceholderText('APPID') self.baiduSecretInput.setText(decrypt(settings['BaiduSecret'])) self.baiduSecretInput.setPlaceholderText('Secret') self.baiduSecretInput.setEnabled(False)
def convert(self): self['TranlateDelay'] = int(self['TranlateDelay']) self['AutoTrans'] = True if self['AutoTrans'] == 'true' else False self['AutoCopy'] = True if self['AutoCopy'] == 'true' else False self['CheckUpdate'] = True if self['CheckUpdate'] == 'true' else False self['TopWindow'] = True if self['TopWindow'] == 'true' else False self.BAIDU_APPID = decrypt(self['BaiduAppid']) self.BAIDU_SECRET = decrypt(self['BaiduSecret'])
def get_private_key(password, user): if not utils.check_hash(password, user.password_hash): return None company_key = utils.decrypt(ciphertext=user.company_key_encrypted, password=password) company = user.company private_key = utils.decrypt(ciphertext=company.private_key_encrypted, password=company_key) return private_key
def get(self, request, *args, **kwargs): fname = kwargs.get('encrypted_filename', '') if isinstance(fname, unicode): fname = fname.encode('utf8') try: fname = decrypt(fname) except: fname = decrypt(fname[0:-1]) # remove ending slash? if not fname.startswith('/tmp/'): return HttpResponse('') if not os.path.exists(fname): return HttpResponse('') response = HttpResponse(open(fname, 'r').read(), content_type='text/csv') response['Content-Disposition'] = 'attachment; filename="%s.csv"' % fname return response
def decrypt(self): if self.lineEdit_file and self.lineEdit_pass_decrypt.text(): self.captured_decrypt_pass = self.lineEdit_pass_decrypt.text() self.lineEdit_pass_decrypt.clear() try: decrypt(self.captured_decrypt_pass) except ValueError: print('--> Wrong password') alert = QMessageBox() alert.setText('Decrypted :)') alert.exec_() else: alert = QMessageBox() alert.setText('Choose an AES file and password first please') alert.exec_()
def datagram_received(self, data, addr): message = decrypt(data, self.password) # Get a correlates query if message.startswith(self.magic): # Check timestamp and if there's more than 20 second between send -> not response try: timestamp = float(message[len(self.magic):]) except TypeError: log.debug('Received invalid timestamp in package from %s' % ("%s:%s" % addr)) if self.disable_hidden: self.transport.sendto(crypt("%s#ERROR#%s" % (self.magic, "Invalid timestamp"), self.password), addr) return # Check if packet was generated before 20 seconds if datetime.datetime.fromtimestamp(timestamp) < (datetime.datetime.now() - datetime.timedelta(seconds=20)): if self.disable_hidden: self.transport.sendto(crypt("%s#ERROR#%s" % (self.magic, "Timestamp is too old"), self.password), addr) log.debug('Received outdated package from %s' % ("%s:%s" % addr)) return # Timestamp is correct -> continue log.debug('Received %r from %s' % (message, "%s:%s" % addr)) self.transport.sendto(crypt("%s#OK#%s" % (self.magic, self.answer), self.password), addr) else: if self.disable_hidden: self.transport.sendto(("%s#ERROR#%s" % (self.magic, "Invalid MAGIC or Password")).encode(), addr) log.debug('Received bad magic or password from %s:%s' % addr)
def get_file(request): current_time = datetime.datetime.now().replace(tzinfo=None) fileName = request.GET.get('fileName') fileMap = FileLink.objects.get(linkSuffix=fileName) if fileMap.password_protected: if request.POST.get('password'): if request.POST.get('password') != fileMap.password: context = {"error": "Incorrect Password"} return render_response('password.html', request, context) else: return render_response('password.html', request) seconds_since_upload = ( current_time - fileMap.created_on.replace(tzinfo=None)).total_seconds() if seconds_since_upload >= 24 * 60 * 60: return HttpResponse("Link is more than 24 hours old hence expired") password = '******' if not fileMap.password_protected else fileMap.password.encode( 'ascii', 'ignore') abspath = location % fileName ufile = open(abspath, 'r') outfile = StringIO.StringIO() outfile = decrypt(ufile, outfile, password) response = HttpResponse(content=outfile.getvalue()) response['Content-Type'] = 'mimetype/submimetype' response[ 'Content-Disposition'] = 'attachment; filename=%s' % fileMap.externalName return response
def post(self, **kwargs): batch = [] blob_info = self.get_uploads('Filedata')[0] page_id = re.sub('\/edit\/page\/','',self.request.get('folder')) page_id = re.sub('\D*','', decrypt(page_id.decode('hex'))) header_image_url = images.get_serving_url(str(blob_info.key())) #update uploaded file info uploaded_file = UploadedFiles.get_by_key_name(page_id) if not uploaded_file: uploaded_file = UploadedFiles(key_name=page_id,blob=blob_info.key(),page_id=page_id) batch.append(uploaded_file) else: blobstore.delete(uploaded_file.blob.key()) uploaded_file.blob=blob_info.key() batch.append(uploaded_file) #update page info page = Page.get_by_key_name(page_id) page.header_image_url = header_image_url batch.append(page) if batch: db.put(batch) self.response.set_status(302)
def get(self): r = self.get_argument('r', '') if not r: self.write('参数错误') return openid = utils.decrypt(r) user_agent = self.request.headers.get('User-Agent', '') platform = utils.get_platform(user_agent) # 判断用户系统是否已知 user_info = users.get_info(openid) if not user_info['platform']: ip = self.request.remote_ip ip_address = IP.find(ip) users.set_ip(openid, ip, ip_address, platform) if user_info['status'] == -2: self.write("非法用户") return if platform == 2: url = urlparse.urljoin(constants.SITE_BASEURL, 'v1/applist/goandroid') self.redirect(url, False, 302) return aes = AESCipher() r = aes.encode(openid) url = 'http://w.ymapp.com/wx/ios/lists.html?r=%s' % r #url = 'http://au.youmi.net/wx/ios/lists.html?r=%s' % r self.redirect(url, False, 302)
def read(self): """Wait for data and process it.""" while self.active.is_set(): header_size = struct.calcsize('!L') try: header = self.socket.recv(header_size) except Exception as e: self.logger.warning( "Socket error while reading data: {}".format(e)) header = "" if len(header) == 4: msg_size = struct.unpack('!L', header)[0] data = self.socket.recv(msg_size) if self.key: data = decrypt(data, self.key) data = data.decode() try: self.process_message(json.loads(data, cls=MessageDecoder)) except json.JSONDecodeError as e: self.logger.warning( "Failed to decode message {}: {}".format(data, e)) except Exception as e: self.logger.error( "Failed to process message {}: {}".format(data, e)) else: logging.getLogger().removeHandler(self.log_handler) self.logger.info("Disconnected from server") self.key = C2_ENCRYPTION_KEY self.active.clear() self.verified = False time.sleep(0.5)
def get_file(request): current_time = datetime.datetime.now().replace(tzinfo=None) fileName = request.GET.get('fileName') fileMap = FileLink.objects.get(linkSuffix=fileName) if fileMap.password_protected: if request.POST.get('password'): if request.POST.get('password') != fileMap.password: context = {"error": "Incorrect Password"} return render_response('password.html',request,context) else: return render_response('password.html',request) seconds_since_upload = (current_time - fileMap.created_on.replace(tzinfo=None)).total_seconds() if seconds_since_upload >= 24 * 60 * 60: return HttpResponse("Link is more than 24 hours old hence expired") password = '******' if not fileMap.password_protected else fileMap.password.encode('ascii','ignore') abspath = location % fileName ufile = open(abspath,'r') outfile = StringIO.StringIO() outfile = decrypt(ufile,outfile,password) response = HttpResponse(content=outfile.getvalue()) response['Content-Type'] = 'mimetype/submimetype' response['Content-Disposition'] = 'attachment; filename=%s' % fileMap.externalName return response
def get_config(self): config = self.load_config_file() stage = self.get_stage(self.stage, config) config = self.check_default_stage(config, stage) config['project_dir'] = self.project_dir config['account_id'] = self.get_account_id() if not self._args.func.func_name in ['encrypt', 'decrypt']: if config['stages'][self.stage].get('secret_config') or \ config['stages'][self.stage].get('secretConfig'): dec_config = utils.decrypt(config) config['stages'][self.stage]['config'].update(dec_config) if self.env_dict: config['stages'][self.stage]['config'].update(self.env_dict) # Set proper Lambda ARN for role config['Lambda']['config']['role'] = LAMBDA_ROLE_ARN_TEMPLATE.format( account_id=config['account_id'], role=config['Lambda']['config']['role'] ) LOG.info('Config:\n%s', json.dumps(config, indent=4)) return config
async def to_json(self): res = { c.name: str(getattr(self, c.name)) for c in self.__table__.columns } try: name = decrypt( self.name.encode('utf-8') if isinstance(self.name, bytes) else self.name.encode('utf-8')).decode('utf-8') except DecryptionError: name = self.name res['name'] = name res['timestamp'] = self.timestamp.astimezone( tzlocal.get_localzone()).strftime('%Y-%m-%d %H:%M') + ' UTC' try: res['deposit_ends_on'] = ( datetime.now() + timedelta(hours=( await token_contract.get_deposit(file_hash=self.hash) / ( token_contract.tokens_per_byte_hour * client_contract. get_file_size(self.hash) * 10 # hosters per file )))).strftime('%Y-%m-%d %H:%M') + ' UTC' except OverflowError: res['deposit_ends_on'] = datetime.max.strftime( '%Y-%m-%d %H:%M') + ' UTC' return res
def test_encdec(self): sk = BigNum.getOrder().random() pk1 = self.key_gen(self.lff.gen1(), sk) pk2 = self.key_gen(self.lff.gen2(), sk) order = BigNum.getOrder() c1, c2 = encrypt(order, pk1, pk2, 666) tables = make_tables(pk1, pk2, self.MAX) self.assertEqual(decrypt((c1, c2), sk, tables), (666, 666)) import random ps = random.sample(range(self.MAX), 100) for i in range(100): c1, c2 = encrypt(order, pk1, pk2, ps[i]) self.assertEqual(decrypt((c1, c2), sk, tables), (ps[i], ps[i]))
def cipher_test(request: CipherTestRequest): try: print(unpadPKCS7(decrypt(request.text))) except Exception as e: print(e) return JSONResponse(status_code=500) else: return JSONResponse(status_code=200)
def handle_response(response): # resp解密 if response.error and not isinstance(response.error, tornado.httpclient.HTTPError): self.set_status(500) self.write('Internal server error:\n' + str(response.error)) else: self.set_status(response.code) for header in ('Date', 'Cache-Control', 'Server', 'Content-Type', 'Location'): v = response.headers.get(header) if v: v = decrypt(v) self.set_header(header, v) if response.body: body = decrypt(response.body) self.write(body) self.finish()
def get(self): r = self.get_argument('r', '') if not r: self.write('参数错误') return openid = utils.decrypt(r) user_info = users.get_info(openid) global_orders = orders.get_global_orders(user_info['uid']) self.render('earns.html', datas=global_orders)
def get(self): def handle_response(response): # resp加密 if response.error and not isinstance(response.error, tornado.httpclient.HTTPError): self.set_status(500) self.write('Internal server error:\n' + str(response.error)) else: self.set_status(response.code) for header in ('Date', 'Cache-Control', 'Server', 'Content-Type', 'Location'): v = response.headers.get(header) if v: v = encrypt(v) self.set_header(header, v) if response.body: body = encrypt(response.body) self.write(body) self.finish() # req解密 url = decrypt(self.request.uri[1:]) print "url:", url body = decrypt(self.request.body) headers = deepcopy(self.request.headers) for k, v in headers.iteritems(): headers[k] = decrypt(v) req = tornado.httpclient.HTTPRequest(url=url, method=self.request.method, body=body, headers=headers, follow_redirects=False, allow_nonstandard_methods=True) client = tornado.httpclient.AsyncHTTPClient() try: client.fetch(req, handle_response) except tornado.httpclient.HTTPError as e: if hasattr(e, 'response') and e.response: handle_response(e.response) else: self.set_status(500) self.write('Internal server error:\n' + str(e)) self.finish()
def get_blob(self, snap_id): """Get the image or video of a given snap Returns the decrypted image or a video of the given snap or None if data is invalid. :param snap_id: Snap id to fetch """ r = self._request('blob', {'username': self.username, 'id': snap_id}, raise_for_status=False) data = decrypt(r.content) return data if is_image(data) or is_video(data) else None
def GET(self): web.header("Content-Type","text/html; charset=utf-8") user_id = web.input().get("user_id") db = get_db() user = db.query(models.RadUser).get(user_id) form = forms.user_update_form() form.fill(user) form.group_id.args = getGroupIds(user.node_id) form.group_id.value = user.group_id form.password.value = decrypt(user.password) return render("baseform.html",form=form,title="修改用户",action="/user/update")
def isRight(self, password, isplain=True): if isplain: if decrypt(self.password) == password: return True else: return False else: if self.password == password: return True else: return False
def process(req=None,resp=None,user=None): if not user: return error_auth(resp,'user %s not exists'%req.get_user_name()) if not req.is_valid_pwd(utils.decrypt(user['password'])): return error_auth(resp,'user password not match') if not user['status'] == 1: return error_auth(resp,'user status not ok') return resp
def get_args_worker(payload, names, accu): if isinstance(payload, list): for p in payload: get_args_worker(p, names, accu) elif hasattr(payload, 'get_payload'): # It is a payload object. Inspect and get deeper payloads if necessary # If it is one of the designated filenames, get the content: filename = payload.get_filename() if filename in names: accu[filename] = yaml.load(decrypt(payload.get_payload())) else: get_args_worker(payload.get_payload(), names, accu)
def handle(self): try: data = self.request.recv(1) addr = self.request.recv(ord(data[0])) addr = utils.decrypt(addr) addr_port = struct.unpack("!H", self.request.recv(2))[0] utils.logging.info("Connecting to %s:%s" % (addr, addr_port)) remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM) remote.connect((addr, addr_port)) self.handle_tcp(remote) except socket.error, e: utils.logging.warn(e)
def GET(self): web.header("Content-Type", "text/html; charset=utf-8") user_id = web.input().get("user_id") db = get_db() user = db.query(models.RadUser).get(user_id) form = forms.user_update_form() form.fill(user) form.group_id.args = getGroupIds(user.node_id) form.group_id.value = user.group_id form.password.value = decrypt(user.password) return render("baseform.html", form=form, title="修改用户", action="/user/update")
def brute_force_crack(file_set="0", thread_num=0, start_search=0, end_search=0): global found global searched ciphertext_filename = src_dir + "Cipherfile" + file_set + ".txt" iv_filename = src_dir + "IVfile" + file_set + ".txt" key_manager = key_t(iv_filename, thread_num, start_search, end_search) ciphertext_manager = ciphertext_t(ciphertext_filename) ciphertext = ciphertext_manager.data() keys = [] keys = key_manager.get_keys() while (True): for elem in keys: # The key_manager creates an arbitrary -2 value to signify that # we need to call it again to get the next portion of keys because # the initial amount was too large to fit in a single transfer. if elem[0] == -2: keys = key_manager.get_keys() break if len(output_buffer) > (MAX_BUFFER_LENGTH * BUFFER_MEMORY_MULTIPLIER): time.sleep(EXEC_THREAD_SLEEP_TIME) cur_key = elem[0] clean = elem[1] if found: return # If the key_manager function returns -1 it means this thread has reached the end of # the keyspace it was designated to search through so we break. if cur_key == -1: return cur_plaintext = decrypt(ciphertext, cur_key) cur_result = test_result(cur_plaintext, cur_key, clean) output_buffer.append(cur_result) searched += 1 return
def OnLogin(self, event): conf = ModifyConf(self.confdir+os.sep+'conf.ini') for k,v in conf.read_all('db'): self.data[k] = v if self.in_or_out == 'out': logout_dlg = LogoutDialog(self, '注销') logout_dlg.CenterOnParent() ret = logout_dlg.ShowModal() if ret == wx.ID_OK: self.in_or_out = 'in' self.is_auth = False self.data['auth'] = False conf.write('db', **self.data) self.login_user.SetLabel('') self.p1.Layout() self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'login_24.png')) self.login_btn.Refresh() return self.data['password'] = decrypt(16, self.data['password']) self.login_dlg = LoginDialog(self,'登录',data=self.data) self.login_dlg.CenterOnParent() ret = self.login_dlg.Show() if ret == wx.ID_OK: try: self.dnspod = dnspod_api(user=self.data['user'],passwd=self.data['password'],domain='yourdomain.com') except: self.in_or_out = 'in' conf.write('db', **{'auth':False}) dlg = WarnDialog(self, '帐号、密码错误') dlg.CenterOnParent() dlg.ShowModal() return if not self.data['save']: self.data['password'] = '' else: self.data['password'] = encrypt(16, self.data['password']) self.data['auth'] = True conf.write('db', **self.data) self.login_user.SetLabel(self.data['user']) self.p1.Layout() self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'logout_24.png')) self.login_btn.Refresh() self.in_or_out = 'out' self.is_auth = True self.get_dns_records() self.tipdlg = WarnDialog2(self, '正在获取域名......') self.tipdlg.CenterOnParent() self.tipdlg.ShowModal()
def crypt(): while True: sc, _ = s.accept() file_name = '' while 1: file_name += sc.recv(utils.buffer_size) index = file_name.find(utils.file_content_crypt_block_separator) utils.logging.info(index) if index > 0: content = file_name[index + len(utils. file_content_crypt_block_separator):] file_name = file_name[:index] file_name = utils.decrypt(file_name) path_to_save = os.path.join(home, file_name) break with open(path_to_save, 'w') as f: while 1: content += sc.recv(utils.buffer_size) if not content: f.close() break else: index = content.find( utils.file_content_crypt_block_separator) while index > 0: block = content[:index] block = utils.decrypt(block) f.write(block) content = content[ index + len(utils.file_content_crypt_block_separator):] index = content.find( utils.file_content_crypt_block_separator) sc.close() utils.logging.info('*' * 50)
def process(req=None,resp=None,user=None): if not user: return error_auth(resp,'user %s not exists'%req.get_user_name()) if not req.is_valid_pwd(utils.decrypt(user['password'])): return error_auth(resp,'user password not match') if user['status'] == 4: resp['Framed-Pool'] = store.get_param("9_expire_addrpool") return resp if user['status'] in (0,2,3): return error_auth(resp,'user status not ok') return resp
def process(req=None, resp=None, user=None): if not user: return error_auth(resp, 'user %s not exists' % req.get_user_name()) if not req.is_valid_pwd(utils.decrypt(user['password'])): return error_auth(resp, 'user password not match') if user['status'] == 4: resp['Framed-Pool'] = store.get_param("9_expire_addrpool") return resp if user['status'] in (0, 2, 3): return error_auth(resp, 'user status not ok') return resp
def read_encrypted(self): if not hasattr(self, 'password'): raise self.Locked if not os.path.isfile(self.local_settings_secrets_path): return {} with open(self.local_settings_secrets_path, 'rb') as f: data = f.read() if not data: return {} from utils import DecryptionError try: from utils import decrypt decrypted = decrypt(data, self.password) return json.loads(decrypted) except DecryptionError: raise self.InvalidPassword
def loadData(self): '''Loads data''' #self.HTMLFile = tkFileDialog.askopenfilename(defaultextension='.html', initialdir='C:/temp/', title='Choose Mass Client Summary', parent=self) encodedFilename = tkFileDialog.askopenfilename(defaultextension='.html', filetypes=[('encrypted html','*.enc.html'), ('All Files','*.*')], title='Choose Mass Client Summary', parent=self) if encodedFilename: if str(encodedFilename).find('.enc.html') == -1: tkMessageBox.showerror(title='Please Select Encoded File!', message='You have selected the incorrect type of file.\n\nPlease select the most recent *.enc.html file that You have been provided with.') return passwd = tkSimpleDialog.askstring('Enter Password', 'Please Enter the password for this file:') tkMessageBox.showinfo(title='Big File Warning', message='This is a large file!\n\nFile will now be parsed and can take upto 5 Minutes.') with open(encodedFilename, 'rb') as f: HTMLRaw = utils.decrypt(f, passwd) if HTMLRaw == None: tkMessageBox.showerror(title='Error Decrypting!', message='The password entered was incorrect or the file has been corrupted.\n\nPlease ensure you are:\n - typing the correct password\n - caps lock is off\n\nThank you!') else: self.parseHTML(HTMLRaw)
def handle_tcp(self, remote): sock = self.request sock_list = [sock, remote] try: while 1: read_list, _, _ = select(sock_list, [], []) if remote in read_list: data = remote.recv(utils.config.block_size) if (sock.send(utils.encrypt(data)) <= utils.config.block_size_delta): break if sock in read_list: data = sock.recv(utils.config.block_size_encrypted) if (remote.send(utils.decrypt(data)) <= 0): break finally: remote.close() sock.close()
def _IsAutoLogin(self): conf = ModifyConf(self.confdir+os.sep+'conf.ini') auto = conf.read('db', 'auto') if auto == 'True': user = conf.read('db', 'user') pwd = decrypt(16, conf.read('db', 'password')) try: self.ForAuto('', user, pwd) conf.write('db', **{'auth':True}) except: self.in_or_out = 'in' conf.write('db', **{'auth':False}) dlg = WarnDialog(self, '帐号、密码错误') dlg.CenterOnParent() dlg.ShowModal() else: conf.write('db', **{'auth':False})
def handle_tcp(self, remote): sock = self.request sock_list = [sock, remote] try: while 1: read_list, _, _ = select(sock_list, [], []) if remote in read_list: data = remote.recv(utils.config.block_size_encrypted) if (sock.send(utils.decrypt(data)) <= 0): break if sock in read_list: data = sock.recv(utils.config.block_size) if (remote.send(utils.encrypt(data)) <= utils.config.block_size_delta): break finally: remote.close() sock.close()
def discover(magic="fna349fn", port=50000, password=None, timeout=5): log.info("Looking for a server discovery") # Prepare password if password: password = prepare_text(password) # Build message msg = "%s%s" % (magic, datetime.datetime.now().timestamp()) try: # Send discover s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) # create UDP socket s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1) # this is a broadcast socket s.sendto(crypt(msg, password), ('<broadcast>', port)) s.settimeout(timeout) data, addr = s.recvfrom(1024) # wait for a packet except socket.timeout: log.info("No servers found") raise TimeOutException("No servers found") msg = decrypt(data, password) # Get a correlates response if msg.startswith(magic): msg_details = msg[len(magic):] log.debug("Got service announcement from '%s' with response: %s" % ("%s:%s" % addr, msg_details)) if msg_details.startswith("#ERROR#"): error_details = msg_details[len("#ERROR#"):] log.debug("Response from server: %s" % error_details) if "timestamp" in error_details: raise TimeStampException(error_details) elif "password" in error_details: raise PasswordMagicException(error_details) else: ok_details = msg_details[len("#OK#"):] return ok_details, "%s:%s:" % addr
def share_file(self): form = Form(self.request, schema=forms.PassphraseSchema) if 'form.submitted' in self.request.POST and form.validate(): passphrase = form.data['passphrase'] query_file = os.path.join(self.storage_dir, self.username, self.filename) share_user = self.request.params['share_user'] with utils.db_session(self.dbmaker) as session: owner = session.query(User).filter(User.username==self.username).one() f = session.query(File).filter(File.name==self.filename).one() u = session.query(User).filter(User.username==share_user).first() if u is None: del f.shared_users[:] else: for key in u.keys: f.keys.append(key) session.add(f) owner_pubs = [k.public_key for k in owner.keys] owner_privs = [k.private_key for k in owner.keys] recipients = owner_pubs + [k.public_key for k in f.keys] with open(query_file, 'rb') as o: data = o.read() decrypted = utils.decrypt(data, owner_privs, owner_pubs, passwd) with tempfile.NamedTemporaryFile() as tmp: tmp.write(decrypted) tmp.flush() tmp.seek(0) encrypted = utils.encrypt(tmp, recipients) tmp = tempfile.NamedTemporaryFile(dir=self.storage_dir, delete=False) tmp.write(encrypted) os.rename(tmp.name, query_file) self.request.session.flash( u'successfully shared file: %s with user %s' % (self.filename, share_user) ) return HTTPFound(location=self.request.route_url('view_files')) with utils.db_session(self.dbmaker) as session: sharable_users = session.query(User).filter(User.sharable==True) sharable_users = sharable_users.filter(User.username!=self.username).all() sharable_users = [u.username for u in sharable_users] return dict( username=self.username, filename=self.filename, sharable_users=sharable_users )
def datagram_received(self, data, addr): message = decrypt(data, self.password) message = json.loads(message) # Get a correlate query if message['magic'].startswith(self.magic): # Check the timestamp and if there's more than 20 seconds between send -> not response try: message_sent_timestamp = pendulum.from_timestamp( message['timestamp']) except TypeError: logger.debug( 'Received invalid timestamp in package from %s:%s', addr) if self.disable_hidden: self.transport.sendto( crypt( '%s#ERROR#%s' % (self.magic, 'Invalid Timestamp'), self.password), addr) return # Check if packet was generated before 20 seconds if (pendulum.now() - message_sent_timestamp).in_seconds() < 20: if self.disable_hidden: self.transport.sendto( crypt( "%s#ERROR#%s" % (self.magic, "Timestamp is too old"), self.password), addr) logger.debug('Received outdated package from %s:%s', addr) return # Timestamp is correct logger.debug('Received %r from %s', message, addr) self.transport.sendto( crypt("%s#OK#%s" % (self.magic, self.answer), self.password), addr) else: logger.warning('MAGIC incorrect: %s', message) if self.disable_hidden: self.transport.sendto( ("%s#ERROR#%s" % (self.magic, "Invalid MAGIC or Password")).encode(), addr) logger.debug('Received bad magic or password from %s' % addr)
def GET(self,nodeid): web.header("Content-Type","text/html; charset=utf-8") db = get_db() radnode = db.query(models.RadNode).get(nodeid) radopr = db.query(models.RadOpr)\ .filter(models.RadOpr.type==1)\ .filter(models.RadOpr.node_id == nodeid).first() nodenas = db.query(models.RadNasNode)\ .filter(models.RadNasNode.node_id == nodeid) data = dict(node_id=radnode.id, node_name=radnode.name, node_desc=radnode.desc, opr_id=radopr.id, opr_name=radopr.name, opr_ip=radopr.ip_addr, opr_passwd=decrypt(radopr.password), nas_bind=[ nn.ip_addr for nn in nodenas ]) form = forms.node_update_form() form.fill(data) return render("baseform.html",form=form,title="修改节点",action="/node/update/")
def check_garbled_table(garbled_table): Alice_A = a_0 Bob_B = b_1 print(f'Expected result -> \n{c_0}') successfully_decrypted = [] for cryptogram in garbled_table: try: a = utils.decrypt(cryptogram, Alice_A, Bob_B) if a == c_0: successfully_decrypted.append(a) # print(a == c_1) # print(a == c_0) except: ... print(f'Got -> \n{a}') assert successfully_decrypted[0] == c_0
def handle_add_computer(self, packet1_data, sender): ''' Handle Add Computer request. Communicate with the SENDER and authenticate him. If successfull, add SENDER to the list of admin computers. @type packet1_data: Packet @param packet1_data: First packet of the communication. @type sender: utils.IPv4Address @param sender: Sender IP address. ''' # 1. packet packet1 = add_computer.parse_packet_1(packet1_data) # 2. packet g = 0x17 # generator (public_key, private_key) = utils.generate_key_pair(g) packet2 = add_computer.make_packet_2(g, public_key) self.network.write(packet2, sender) # 3. packet packet3_data = self.network.read_from(sender) (admin, auth_data) = add_computer.parse_packet_3(packet3_data, private_key) # Decrypt username/password plaintext = utils.decrypt(admin.get_shared_key(), auth_data) username = utils.null_terminated(plaintext[0:32]) password = utils.null_terminated(plaintext[64:96]) # 4. packet if self.check_user(username, password): allow_access = True self.admin_list.add_admin(sender, admin) else: allow_access = False packet4 = add_computer.make_packet_4(allow_access, self.config.get_listen_addr(), self.config.get_mac_addr()) self.network.write(packet4, sender)
def view_file(self): form = Form(self.request, schema=forms.PassphraseSchema) if 'form.submitted' in self.request.POST and form.validate(): with utils.db_session(self.dbmaker) as session: user = session.query(User).filter(User.username==self.username).first() f = session.query(File).filter(File.name==self.filename).first() proper_key = [k for k in f.keys if k.user.username == user.username] logger.info('owner: %s files: %s keys: %s', f.owner, user.files, f.keys) if f.owner != user.username and len(proper_key) == 0: self.request.session.flash(u'File not shared with you. are you a bad actor?') return HTTPFound(location=self.request.route_url('home')) privs = [] pubs = [] for k in proper_key: privs.append(k.private_key) pubs.append(k.public_key) query_file = os.path.join(self.storage_dir, f.owner.username, self.filename) if not os.path.isfile(query_file): return HTTPNotFound("file %s is not a thinger" % (self.filename, )) content_type, encoding = mimetypes.guess_type(query_file) with open(query_file, 'rb') as o: encrypted = o.read() decrypted = utils.decrypt(encrypted, privs, pubs, form.data['passphrase']) with utils.tmpdir() as tmpd: tmp = os.path.join(tmpd, self.filename) with open(tmp, 'wb') as tmpf: tmpf.write(decrypted) tmpf.flush() response = FileResponse( tmp, request=self.request, content_type=content_type, content_encoding=encoding ) return response return dict( form=FormRenderer(form), username=self.username, filename=self.filename )
def handle_message(self, message, address): values = decrypt(self.secret, message) if not values: logger.error('message unpack fail. message: %r, address: %s', message, address) return # logger.debug('values: %r', values) uri = self._extract_string(values['uri']) tb_name = self._extract_string(values['tb']) model = values['m'] keeper = self.keeper_dict[uri] self._check_and_remove_exceed_uri() saver = None try: saver = keeper.pop() # 要根据对应的uri生成saver if uri.startswith('mongodb'): if not saver: saver = pymongo.MongoClient(uri) # uri 里面写的那个db db = saver.get_default_database() tb = getattr(db, tb_name) tb.save(model) else: if not saver: saver = dataset.connect(uri) tb = saver[tb_name] tb.insert(model) except: logger.error('exc occur. values: %r, address: %s', values, address, exc_info=True) finally: keeper.push(saver)
def get(self): r = self.get_argument('r', '') if not r: self.write('参数错误') return openid = utils.decrypt(r) self.user_info = users.get_info(openid) if self.user_info['headimg']: uid_hash = utils.md5(self.user_info['uid']) headimg = urlparse.urljoin(constants.SITE_BASEURL, 'static/headimg/%s/%s/%s.png' \ % (uid_hash[0:2], uid_hash[2:4], self.user_info['headimg'])) else: headimg = urlparse.urljoin(constants.SITE_BASEURL, 'static/img/headimg.jpg') exchange_re = self.__get_exchange() earns_re = orders.get_global_orders(self.user_info['uid']) invite_re = invites.get_my_invites(self.user_info['uid']) self.render('info.html', user_info = self.user_info, exchange = exchange_re, earns = earns_re, invite = invite_re, headimg = headimg, )
def handle_message(self, message, address): values = decrypt(self.secret, message) if not values: logger.error('values is None. message: %s', message) return logger.debug('values: %s', values) uri = values['uri'] tb_name = values['tb'] model = values['m'] keeper = self.keeper_dict[uri] saver = None try: saver = keeper.pop() # 要根据对应的uri生成saver if uri.startswith('mongodb'): if not saver: saver = pymongo.MongoClient(uri) # uri 里面写的那个db db = saver.get_default_database() tb = getattr(db, tb_name) tb.save(model) else: if not saver: saver = dataset.connect(uri) tb = saver[tb_name] tb.insert(model) except: logger.error('exc occur', exc_info=True) finally: keeper.push(saver)
def get_hits_and_send_mail(data): """Routine to fetch user's hits and send them the results.""" # We query PubMed for the entries created yesterday. # There is a bit of variability on the update time, # so one might miss the entries of today if they are # put after the cron time. yesterday = date.today() - timedelta(1) the_day_before = yesterday - timedelta(1) one_year_ago = yesterday - timedelta(365) term = str(data.term) term_yesterday = "(" + term + ")" + yesterday.strftime("+AND+(%Y%%2F%m%%2F%d[crdt])") term_older = ( "(" + term + ")" + one_year_ago.strftime("+AND+(%Y%%2F%m%%2F%d:") + the_day_before.strftime("%Y%%2F%m%%2F%d[crdt])") ) # Fetch the abstracts. abstr_list = [] try: abstr_list = eUtils.fetch_abstr( term=term_yesterday, # Limit on all queries, to keep it light. retmax=config.RETMAX, email=config.ADMAIL, ) except eUtils.NoHitException: return except eUtils.PubMedException as e: logging.warn("%s: %s" % (data.user.email(), str(e))) # Can be empty. No big deal, just return. if not abstr_list: return user_gave_relevance_feedback = utils.decrypt(data, "relevant_docs") and utils.decrypt(data, "irrelevant_docs") if not user_gave_relevance_feedback: # No relevance feedback: set all scores to 0 and move on. for abstr in abstr_list: abstr["score"] = 0.0 else: # User gave feedback: recall their data and compute scores. relevant_docs = utils.decrypt(data, "relevant_docs") irrelevant_docs = utils.decrypt(data, "irrelevant_docs") mu_corpus = utils.decrypt(data, "mu_corpus") # Write the scores in place and sort. Classify.update_score_inplace(abstr_list, relevant_docs, irrelevant_docs, mu_corpus) abstr_list = sorted(abstr_list, key=lambda x: x.get("score", 0.0), reverse=True) # Set a limit on hit number. nhits = len(abstr_list) if nhits < config.MAXHITS + 1: maxhit_exceeded = "" else: # Send the top of the sorted list and notify the user. maxhit_exceeded = "Showing only the top %d hits." % config.MAXHITS abstr_list = abstr_list[: config.MAXHITS] ## Alchemy test. if data.user.email() == "*****@*****.**": for abstr in abstr_list: query = json.loads(alchemy_keyword_query(abstr.get("text"))) abstr["keywords"] = [kw["text"] for kw in query["keywords"]] # Make a security checksum. # 1. Concatenate the PMIDs. pmids = "".join(sorted([a["pmid"] for a in abstr_list])) # 2. Add the random salt, and compute the SHA1 digest. checksum = sha1(pmids + data.salt).hexdigest() template_vals = { "nhits": nhits, "maxhit_exceeded": maxhit_exceeded, "uid": data.user.user_id(), "checksum": checksum, "abstr_list": abstr_list, } # Create the hits email message and send. msg = mail.EmailMessage() msg.initialize( to=data.user.email(), sender="*****@*****.**", subject="Recently on PubMed", body="Message in HTML format.", html=utils.render("mail.html", template_vals), ) msg.send() logging.warn("mail sent to %s" % data.user.email()) return
def get(self): all_archives = self.redis.zrevrange("admin.blog.list", 0, -1) all_archives = [(blog_id, utils.decrypt(blog_id)) for blog_id in all_archives] self.render('admin.html', archives=all_archives)
def post(self): # Who is it? Get it from the POST parameters. uid = self.request.get('uid') data = models.UserData.get_by_key_name(uid) # Check that POST is issued from PubCron mail. checksum = self.validate_request(data) if not self.request.get('checksum'): # Could not check identity (hacked?!!): good-bye. return # Identity check successful. Do the update. new_relevant_pmids = [] new_irrelevant_pmids = [] # Process key/value pairs. for name in self.request.arguments(): # NB: only PMID update correspond to 'name' equal to # "Yes" or "No". The other cases are either no answer # or non PMID POST paramters (like uid or checksum). if self.request.get(name) == 'Yes': new_relevant_pmids += [name] elif self.request.get(name) == 'No': new_irrelevant_pmids += [name] # It is unlikely that a malicious request went # until here, but because we are about to save user- # submitted data, we do a validity (security) check. pmids_to_update = new_relevant_pmids + new_irrelevant_pmids if not self.validate_pmid(pmids_to_update): # Validation failed: good-bye. return # From here, PMIDs have been parsed and checked. # Now recall and parse user JSON data. mu_corpus = utils.decrypt(data, 'mu_corpus') relevant_docs = utils.decrypt(data, 'relevant_docs') irrelevant_docs = utils.decrypt(data, 'irrelevant_docs') # Clear new docs from user data (in case users are notifying # that they change their mind on relevance). pmids_to_update = new_relevant_pmids + new_irrelevant_pmids for relevant_then_irrelevant in (relevant_docs, irrelevant_docs): for doc in relevant_then_irrelevant: if doc.get('pmid') in pmids_to_update: relevant_then_irrelevant.remove(doc) # Now, get the PubMed data and compute tf-idf. for (new_ids, doc_list) in ( (new_relevant_pmids, relevant_docs), (new_irrelevant_pmids, irrelevant_docs)): new_docs = eUtils.fetch_ids(new_ids) new_tfidf = tfidf.compute_from_texts( [abstr.get('text', '') for abstr in new_docs], mu_corpus.values() ) for (doc, tfidf_dict) in zip (new_docs, new_tfidf): # Keep only fields 'pmid' and 'title'. for field_name in doc.keys(): if not field_name in ('pmid', 'title'): doc.pop(field_name, None) # Add field 'tfidf'. doc['tfidf'] = tfidf_dict # Append to user data. doc_list.extend(new_docs) and_finally_remove_junk_from(doc_list) # Update the documents... data.relevant_docs = zlib.compress(json.dumps(relevant_docs)) data.irrelevant_docs = zlib.compress(json.dumps(irrelevant_docs)) # ... and put. data.put() # Now reassure the user. self.response.out.write(utils.render('feedback.html'))
def email(self): if not self.encrypted_email: return "" return utils.decrypt(self.encrypted_email, current_app.config["ENCRYPT_KEY"])
def process(self,req): attr_keys = req.keys() if is_debug(): radiuslog.info("::Received an authentication request") radiuslog.info("Attributes: ") for attr in attr_keys: radiuslog.info( "%s: %s" % (attr, req[attr])) nasaddr = req.get_nasaddr() macaddr = req.get_macaddr() nas = service.get_nas(nasaddr) # check roster if service.in_black_roster(macaddr): return self.send_reject(req,nas,'user in black roster') vlanid,vlanid2 = req.get_vlanids() username1 = req.get_username() domain = None username2 = username1 if "@" in username1: username2 = username1[:username1.index("@")] req["User-Name"] = username2 domain = username1[username1.index("@")+1:] if not service.user_exists(username2): return self.send_reject(req,nas,'user not exists') user = service.get_user(username2) if user.status != 1: return self.send_reject(req,nas,'Invalid user status') if domain and domain not in user.domain_code: return self.send_reject(req,nas,'user domain does not match') if nasaddr not in service.get_nas_ips(user.node_id): return self.send_reject(req,nas,'node does not match') if not utils.is_valid_date(user.auth_begin_date,user.auth_end_date): return self.send_reject(req,nas,'user is not effective or expired') userpwd = utils.decrypt(user.password) if not req.is_valid_pwd(userpwd): return self.send_reject(req,nas,'user password does not match') uproduct = service.get_product(user.product_id) if not uproduct: return self.send_reject(req,nas,'user product does not match') if uproduct.policy == service.POLICY_TIMING and user.time_length <= 0: return self.send_reject(req,nas,'user does not have the time length') if not self.verify_macaddr(user,macaddr): return self.send_reject(req,nas,'user macaddr bind not match') valid_vlanid = self.verify_vlan(user,vlanid,vlanid2) if valid_vlanid == 1: return self.send_reject(req,nas,'user vlanid does not match') elif valid_vlanid == 2: return self.send_reject(req,nas,'user vlanid2 does not match') if user.concur_number > 0: if user.concur_number <= service.get_online_num(user.user_name): return self.send_reject(req,nas,'user concur_number control') return self.send_accept(req,nas,**dict(ipaddr=user.ip_addr, bandcode=uproduct.bandwidth_code, input_max_limit=str(uproduct.input_max_limit), output_max_limit=str(uproduct.output_max_limit), input_rate_code=uproduct.input_rate_code, output_rate_code=uproduct.output_rate_code, domain_code=user.domain_code))