def setUp(self):
self.pem_priv_key = """-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDDLrmt4lKRpm6P
2blptwJsa1EBuxuuAayLjwNqKGvm5c1CAUEa/NtEpUMM8WYKRDwxzakUIGI/BdP3
NOEMphcs5+OekgJLhzoSdtAIrXPy8JIidENZE6FzCJ2b6fHU5O4hoNvv1Bx5yoZr
HVaWJIZMRRocJJ0Nf9oMaU8IE6m6OdBzQHEwcnL2/a8Q3VxstHufzjILmaZD9WL+
6AESlQMKZPNQ+Xd7d4nvnVkY4ZV46tA+KvADGuotgovQwG+uiyQoGRrQUms21vHF
zIvd3G9OCiyCTCHSyfsE3g7tks33NZ8O8gF8xa9OmU9TQPwwAyUr6JQXz0CW77o7
Cr9LpHuNAgMBAAECggEBAJRbMbtfqc8XqDYjEfGur2Lld19Pb0yl7RbvD3NjYhDR
X2DqPyhaRfg5fWubGSp4jyBz6C5qJwMsVN80DFNm83qoj7T52lC6aoOaV6og3V8t
SIZzxLUyXKdpRxM5kR13HSHmeQYkPbi9HcrRM/1PqdzTMXNuyQl3wq9oZDAJchsf
fmoh080htkaxhEb1bMXa2Lj7j2OIkHOsQeIu6BdbxIKRPIT+zrcklE6ocW8fTWAS
Qi3IZ1FYLL+fs6TTxjx0VkC8QLaxWxY0pqTiwS7ndZiZKc3l3ARuvRk8buP+X3Jg
BD86FQ18OXZC9boMbDbzv2cOLtdkq5pS3lJE4F9gjYECgYEA69ukU2pNWot2OPwK
PuPwAXWNrvnvFzQgIc0qOiCmgKJU6wqunlop4Bx5XmetHExVyJVBEhaHoDr0F3Rs
gt8IclKDsWGXoVcgfu3llMimiZ05hOf/XtcGTCZwZenMQ30cFh4ZRuUu7WCZ9tqO
28P8jCXB3IcaRpRnNvVvmCr5NXECgYEA09nUzRW993SlohceRW2C9fT9HZ4BaPWO
5wVlnoo5mlUfAyzl+AGT/WlKmrn/1gAHIznQJ8ZIABQvPaBXhvkANXZP5Ie0lObw
jA7qFuKt7yV4GGlDnU1MOLh+acABMQBGSx8BJDaomH7glTiPEPTZjoP6wfAsd1uv
Knjt7jH2ad0CgYEAx9ghknRd+rx0fbBBVix4riPW20324ihOmZVnlD0aF6B0Z3tz
ncUz+irmQ7GBIpsjjIO60QK6BHAvZrhFQVaNp6B26ZORkSlr5WDZyImDYtMPa6fP
36I+OcPQNOo3I3Acnjj+ne2PJ59Ula92oIudr3pGmv72qpsQIacw2TSAWGECgYEA
sdNAN+HPMn68ZaGoLDjvW8uIB6tQnay5hhvWn8yA65YV0RGH+7Q/Z9BQ6i3EnPor
A5uMqUZbu4011jHYJpiuXzHvf/GVWAO92KLQReOCgqHd/Aen1MtEdrwOiG+90Ebd
ukLNL3ud61tc4oS2OlJ8p48LFm2mtY3FLA6UEYPoxhUCgYEAtsfWIGnBh7XC+HwI
2higSgN92VpJHSPOyOi0aG/u5AEQ+fsCUIi3KakxzvmiGMAEvWItkKyz2Gu8smtn
2HVsGxI5UW7aLw9s3qe8kyMSfUk6pGamVhJUQmDr77+5zEzykPBxwGwDwdeR43CR
xVgf/Neb/avXgIgi6drj8dp1fWA=
-----END PRIVATE KEY-----
"""
rsa_priv_key = RSA.importKey(self.pem_priv_key)
self.priv_key = PKCS1_v1_5.new(rsa_priv_key)
self.pub_key = PKCS1_v1_5.new(rsa_priv_key.publickey())
unittest.TestCase.setUp(self)
def main(argv):
encrypt = argv[0]
keyfile = argv[1]
service = argv[2]
username = argv[3]
if isinstance(encrypt, str):
if encrypt.lower().startswith('t'):
encrypt = True
else:
encrypt = False
if encrypt:
password = argv[4]
key = RSA.generate(1024)
cipher = PKCS1_v1_5.new(key)
keyring.set_password(service, username, key.exportKey())
with open(keyfile, 'wb') as outf:
outf.write(cipher.encrypt(password))
else:
key = RSA.importKey(keyring.get_password(service, username))
cipher = PKCS1_v1_5.new(key)
with open(keyfile, 'rb') as inf:
return cipher.decrypt(inf.read(), None)
def importKey(objId):
public = open(objId + '.pub.pem', 'rb')
private = open(objId + '.pri.pem', 'rb')
pub = RSA.importKey(public.read())
pri = RSA.importKey(private.read())
pubN = PKCS1_v1_5.new(pub)
priN = PKCS1_v1_5.new(pri)
secret = pubN.encrypt('410015216'.encode())
mess = priN.decrypt(secret, None)
print(mess)
def decrypt(messageFile):
#Read private key from file
f = open("rsa_priv.pem", 'r')
private = RSA.importKey(f.read())
f.close()
#Read the message from the file
f = open(messageFile, 'r')
msg = f.read()
f.close()
#Decrypt the message from the sender
print PKCS1_v1_5.new(private).decrypt(msg.decode("string-escape"), 0)
def serverkeyexgprocess(csession, ssession, p):
pubkey = str(p[Raw])[:64]
csession.crypto.server.rsa.pubkey = pubkey
ssession.crypto.server.rsa.pubkey = pubkey
prikey = getD(pubkey)
n = int(pubkey.encode('hex'), 16)
e = long(65537)
d = int(getD(pubkey).encode('hex'), 16)
csession.crypto.server.rsa.privkey = prikey
ssession.crypto.server.rsa.privkey = prikey
key = RSA.construct((n, e, d))
csession.crypto.server.rsa.cipher = PKCS1_v1_5.new(key)
ssession.crypto.server.rsa.cipher = PKCS1_v1_5.new(key)
return p
def encrypt(self, data):
cipher = PKCS1_v1_5.new(self.key)
try:
return ''.join(reversed(cipher.encrypt(data))) # Because MICROSOFT
except ValueError:
log.msg("Message too large to encrypt")
return None
def decrypt(self, data):
cipher = PKCS1_v1_5.new(self.key)
try:
return cipher.decrypt(''.join(reversed(data)), None) # For now
except ValueError:
log.msg("Message too large to decrypt")
return None
def rsa_base64_encrypt(data,key):
'''
1. rsa encrypt
2. base64 encrypt
'''
cipher = PKCS1_v1_5.new(key)
return base64.b64encode(cipher.encrypt(data))
def travis_encrypt_binstar_token(repo, string_to_encrypt):
# Copyright 2014 Matt Martz <*****@*****.**>
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
import base64
keyurl = "https://api.travis-ci.org/repos/{0}/key".format(repo)
r = requests.get(keyurl, headers=travis_headers())
r.raise_for_status()
public_key = r.json()["key"]
key = RSA.importKey(public_key)
cipher = PKCS1_v1_5.new(key)
return base64.b64encode(cipher.encrypt(string_to_encrypt.encode())).decode("utf-8")
def create_encrypted_outer_aes_key_bundle(self, recipient_rsa):
"""
The Outer AES Key Bundle is encrypted with the receipient's public
key, so only the receipient can decrypt the header.
"""
cipher = PKCS1_v1_5.new(recipient_rsa)
return cipher.encrypt(self.create_outer_aes_key_bundle().encode("utf-8"))
def key_decryption(bytes_key):
private_rsa_key = RSA.importKey(open('c:/cygwin64/certs/fred.pri.key').read())
dsize = SHA.digest_size
sentinel = Random.new().read(AES.block_size)
cipher = PKCS1_v1_5.new(private_rsa_key)
raw_aes_key = cipher.decrypt(bytes_key, sentinel)
return raw_aes_key
def encrypt_request_data(data_dict, key, modulus):
"""
Encrypts request data using the ArcGIS Server REST Admin API Public Key from an ArcGIS Server instance.
According to Esri's documentation, the public key should be retrieved every time a request is sent, as it may
change. This is also backed by Esri's own software, which follows this practice and doesn't cache the key. As
such, each request to this function should ensure it is providing an up-to-date key/modulus pair.
:param data_dict: The data to be encrypted. The data will not be modified, instead a new dictionary with the
encrypted data will be returned.
:type data_dict: Dict
:param key: The ArcGIS Server REST Admin API RSA public key
:type key: int
:param modulus: The ArcGIS Server REST Admin API RSA modulus
:type modulus: long
:returns: A new copy of the dictionary with all values encrypted using the public key and the RSA PKCS v1.5
algorithm.
:rtype: Dict
"""
# get crypto module, then encode
try:
from rsa import PublicKey, encrypt
rpk = PublicKey(modulus, key)
new_data = {key: encrypt(value, rpk).encode('hex') for key, value in data_dict.iteritems()}
except ImportError:
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP, PKCS1_v1_5
cipher = PKCS1_v1_5.new(RSA.construct((modulus, key)))
new_data = {key: cipher.encrypt(value).encode('hex') for key, value in data_dict.iteritems()}
return new_data
def encrypt_prepend(self, prepend, query_str_len):
buf = []
# 2 AES keys generated at run time, 16 bytes each
aes_encrypt_key = "".join([chr(random.getrandbits(8)) for i in range(16)])
aes_decrypt_key = "".join([chr(random.getrandbits(8)) for i in range(16)])
buf.append(aes_encrypt_key)
buf.append(aes_decrypt_key)
# query str len
size_field = struct.pack("I", query_str_len)
buf.append(size_field)
buf.append(prepend)
rsa_key = RSA.importKey(self.rsa_key_pem)
rsa = PKCS1_v1_5.new(rsa_key)
enc_prepend = rsa.encrypt("".join(buf))
keys = {
"enc": aes_encrypt_key,
"dec": aes_decrypt_key
}
return enc_prepend, keys
def RSA_encrypt(public_key, message):
if not globals().get('RSA'):
return ''
rsakey = RSA.importKey(public_key)
rsakey = PKCS1_v1_5.new(rsakey)
encrypted = rsakey.encrypt(message.encode('utf-8'))
return base64.encodestring(encrypted).decode('utf-8').replace('\n', '')
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(dict(
instance_id = dict(required=True),
key_file = dict(required=True),
)
)
module = AnsibleModule(argument_spec=argument_spec)
if not HAS_BOTO:
module.fail_json(msg='Boto required for this module.')
instance_id = module.params.get('instance_id')
key_file = expanduser(module.params.get('key_file'))
ec2 = ec2_connect(module)
data = ec2.get_password_data(instance_id)
decoded = b64decode(data)
f = open(key_file, 'r')
key = RSA.importKey(f.read())
cipher = PKCS1_v1_5.new(key)
sentinel = 'password decryption failed!!!'
try:
decrypted = cipher.decrypt(decoded, sentinel)
except ValueError as e:
decrypted = None
if decrypted == None:
module.exit_json(win_password='', changed=False)
else:
module.exit_json(win_password=decrypted, changed=True)
def encrypt_for_master(data):
# Encrypt the file so it can only be read by the bot master
# Generate key pairs
key = RSA.generate(2048)
# Export public key to file
export_pukey = key.publickey().exportKey('PEM')
publickey_file = open(os.path.join("pastebot.net", "publickey"), "wb")
publickey_file.write(export_pukey)
publickey_file.close()
# Create RSA object from public key
publickey_file = open(os.path.join("pastebot.net", "publickey"), "rb").read()
public_key = RSA.importKey(publickey_file)
# Hash message
hashed_m = SHA256.new(data)
# Encrypt message using public key
cipher = PKCS1_cipher.new(public_key)
ciphertext = cipher.encrypt(data+hashed_m.digest())
# Export private key to be prefixed to ciphertext
export_prkey = key.exportKey('PEM')
# Sign message using private key
prkey = RSA.importKey(export_prkey)
signer = PKCS1_v1_5.new(prkey)
signature = signer.sign(hashed_m)
# Return private key and ciphertext, as well as signature separately
return export_prkey + b"\n" + ciphertext, signature
def start_ciphering(file_to_encrypt):
pubkey = RSA.importKey(open(configuration_file.get("Encrypt_server", "pubkey_location")).read())
random_bytes = os.urandom(32)
# pid = os.fork()
# if pid == 0 :
disk_manager(file_name=file_to_encrypt)
# sys.exit()
# encrypt file with 256MB chunks and 512Mb file size takes about 17 seconds
print "Start cifer for %s at %s" % (file_to_encrypt, datetime.now())
encrypt_file(
key=random_bytes,
in_filename=file_to_encrypt,
out_filename=configuration_file.get("Encrypt_server", "encrypted_files_location")
+ os.path.basename(file_to_encrypt + ".enc"),
chunksize=configuration_file.getint("Encrypt_server", "chunksize"),
)
# cifer random key to post decrypt
public_cipher = PKCS1_v1_5.new(pubkey)
ciphertext = public_cipher.encrypt(random_bytes)
# doing this on a fuction so i can perform saves on databases to (later on the project)
save_signature(
KeyToSave=ciphertext,
Public_Cipher=public_cipher,
FileName=configuration_file.get("Encrypt_server", "encrypted_files_location")
+ os.path.basename(file_to_encrypt),
)
print "Ended cifer for %s at %s\n" % (file_to_encrypt, datetime.now())
os.system("rm %s" % (file_to_encrypt))
return "DONE:%s" % (file_to_encrypt)
def assymmetric_encrypt(val, public_key):
modulusDecoded = long(public_key["n"], 16)
exponentDecoded = long(public_key["e"], 16)
keyPub = RSA.construct((modulusDecoded, exponentDecoded))
# Generate a cypher using the PKCS1.5 standard
cipher = PKCS1_v1_5.new(keyPub)
return cipher.encrypt(val)
def packet_decrypt(self, packet):
"""Unpack a received Mixmaster email message header. The spec calls
for 512 Bytes, of which the last 31 are padding.
Public key ID [ 16 bytes]
Length of RSA-encrypted data [ 1 byte ]
RSA-encrypted session key [ 128 bytes]
Initialization vector [ 8 bytes]
Encrypted header part [ 328 bytes]
Padding [ 31 bytes]
"""
# Unpack the header components. This includes the 328 Byte
# encrypted component.
(keyid, datalen, sesskey, iv, enc,
pad) = struct.unpack('@16sB128s8s328s31s', packet.encheads[0])
if not len(sesskey) == datalen:
raise ValidationError("Incorrect session key size")
keyid = keyid.encode("hex")
log.debug("Message is encrypted to key: %s", keyid)
# Use the session key to decrypt the 3DES Symmetric key
seckey = self.secring[keyid]
if seckey is None:
raise ValidationError("Secret Key not found")
pkcs1 = PKCS1_v1_5.new(seckey)
deskey = pkcs1.decrypt(sesskey, "Failed")
# Process the 328 Bytes of encrypted header using our newly discovered
# 3DES key obtained from the pkcs1 decryption.
desobj = DES3.new(deskey, DES3.MODE_CBC, IV=iv)
packet.set_dhead(desobj.decrypt(enc))
def get_encrypted_password(password, rsa_mod, pub_exp):
""" Encrypts a Steam password for web login using RSA with PKCS1_v1_5.
Returns the base64 encoded ciphertext since that's what Steam's login endpoint wants. """
public_key = RSA.construct((rsa_mod, pub_exp))
cipher = PKCS1_v1_5.new(public_key)
ciphertext = cipher.encrypt(bytes(password, 'utf_8'))
return base64.b64encode(ciphertext)
def decrypt(self, ciphertext, key, padding="pkcs1_padding"):
if padding == "pkcs1_padding":
cipher = PKCS1_v1_5.new(key)
if self.with_digest:
dsize = SHA.digest_size
else:
dsize = 0
sentinel = Random.new().read(32+dsize)
text = cipher.decrypt(ciphertext, sentinel)
if dsize:
_digest = text[-dsize:]
_msg = text[:-dsize]
digest = SHA.new(_msg).digest()
if digest == _digest:
text = _msg
else:
raise DecryptionFailed()
else:
if text == sentinel:
raise DecryptionFailed()
elif padding == "pkcs1_oaep_padding":
cipher = PKCS1_OAEP.new(key)
text = cipher.decrypt(ciphertext)
else:
raise Exception("Unsupported padding")
return text
def encrypt_for_master(data):
# Encrypt the file so it can only be read by the bot master
h=SHA.new(data)
key = RSA.importKey(open(os.path.join("pastebot.net", "master_rsa.pub")).read())
cipher = PKCS1_v1_5.new(key)
ciphertext = cipher.encrypt(data+h.digest())
return ciphertext
def __init__(self, data, ignoreDigestErrors=False):
data = data[:512]
self.PublicKeyId = hexpad(bigEndian(binaryToByteArray(data[0:16])), 32)
self.DataLength = struct.unpack('B', data[16])[0]
if self.DataLength != 128:
raise Exception("Got an unexpected Data Length from the MixHeader:", self.DataLength)
self.TDESKey = data[17:145]
self.IV = data[145:153]
self.EncHeader = data[153:481]
self.Padding = data[481:512]
self.TDESKey_Decrypted = 0
ks = getKeyStore()
privKey = ks.getPrivateKey(self.PublicKeyId)
if not privKey:
raise Exception("Could not decrypt MixHeader, Private Key for " + self.PublicKeyId + " not found in keystore: " + str(ks.listPrivateKeys()))
rsa = PKCS1_v1_5.new(privKey.getPCPrivateKey())
self.TDESKey_Decrypted = rsa.decrypt(self.TDESKey, "This is most certainly not the key")
if self.TDESKey_Decrypted == "This is most certainly not the key":
raise Exception("Could not decrypt MixHeader Encrypted Header")
des = DES3.new(self.TDESKey_Decrypted, DES3.MODE_CBC, IV=self.IV)
self.EncHeader_Decrypted = des.decrypt(self.EncHeader)
self.DecryptedHeader = EncryptedMixHeader(self.EncHeader_Decrypted, ignoreDigestErrors)
def encrypt_using_bot_public(data):
public_key = RSA.importKey(open("../PublicKeyDir.Keys/botpubkey.pem", 'rb').read())
h = SHA256.new(data)
cipher = PKCS1_v1_5.new(public_key)
ciphertext = cipher.encrypt(data + h.digest())
return ciphertext
def decrypt_using_bot_private(data):
private_key_encryption_file = "./lib/botPrivateKey/botprivatekey.pem"
key = RSA.importKey(open(private_key_encryption_file, 'rb').read())
digest_size = SHA256.digest_size
sentinel = Random.new().read(15 + digest_size)
cipher = PKCS1_v1_5.new(key)
return cipher.decrypt(data, sentinel)
def process(self,p):
if p.haslayer(TLSHandshake):
if p.haslayer(TLSClientHello):
if not self.params.handshake.client:
self.params.handshake.client=p[TLSClientHello]
if not self.crypto.session.randombytes.client:
self.crypto.session.randombytes.client=struct.pack("!I",p[TLSClientHello].gmt_unix_time)+p[TLSClientHello].random_bytes
if p.haslayer(TLSServerHello):
if not self.params.handshake.server:
self.params.handshake.server=p[TLSServerHello]
if not self.crypto.session.randombytes.server:
self.crypto.session.randombytes.server=struct.pack("!I",p[TLSServerHello].gmt_unix_time)+p[TLSServerHello].random_bytes
if not self.params.negotiated.ciphersuite:
self.params.negotiated.version=p[TLSServerHello].version
self.params.negotiated.ciphersuite=p[TLSServerHello].cipher_suite
self.params.negotiated.compression=p[TLSServerHello].compression_method
self.parseCipherSuite()
#kex,enc,mac = describe_ciphersuite(self.params.negotiated.ciphersuite)
#self.params.negotiated.key_exchange=kex
#self.params.negotiated.encryption=enc
#self.params.negotiated.mac=mac
if p.haslayer(TLSCertificateList):
if self.params.negotiated.key_exchange and "RSA" in self.params.negotiated.key_exchange:
cert = p[TLSCertificateList].certificates[0].data
self.crypto.server.rsa.pubkey = PKCS1_v1_5.new(x509_extract_pubkey_from_der(cert))
if p.haslayer(TLSClientKeyExchange) and self.crypto.server.rsa.privkey:
self.crypto.session.encrypted_premaster_secret = str(p[TLSClientKeyExchange].load)
self.crypto.session.premaster_secret = self.crypto.server.rsa.cipher.decrypt(self.crypto.session.encrypted_premaster_secret,None)
#print 'PMS',self.crypto.session.premaster_secret.encode('hex')
self.keysFromPreMasterSecret()
# one for encryption and one for decryption to not mess up internal states
self.crypto.client.enc = self.ciphersuite_factory(self.crypto.session.key.client.encryption,self.crypto.session.key.client.iv)
self.crypto.client.dec = self.ciphersuite_factory(self.crypto.session.key.client.encryption,self.crypto.session.key.client.iv)
self.crypto.server.enc = self.ciphersuite_factory(self.crypto.session.key.server.encryption,self.crypto.session.key.server.iv)
self.crypto.server.dec = self.ciphersuite_factory(self.crypto.session.key.server.encryption,self.crypto.session.key.server.iv)
def encrypt_using_master_public(data):
public_key_encryption_file = "./PublicKeyDir.Keys/pubkeys.pem"
h = SHA256.new(data)
key = RSA.importKey(open(public_key_encryption_file, 'rb').read())
cipher = PKCS1_v1_5.new(key)
ciphertext = cipher.encrypt(data + h.digest())
return ciphertext
def __init__(self, user, password):
# Generate an RSA key
self.rsa_full = RSA.generate(2048)
self.cipher_full = PKCS1_v1_5.new(self.rsa_full)
self._content_type_json = 'application/json; charset=utf-8'
self._login_stage = ['email', 'twocfactor', 'captcha']
self._steamid = str(random_number(17))
# Register URIs
httpretty.register_uri(httpretty.POST, 'https://steamcommunity.com/mobilelogin/getrsakey/',
body=json.dumps({
'success': True,
'publickey_mod': format(self.rsa_full.n, 'x').upper(),
'publickey_exp': format(self.rsa_full.e, 'x').upper(),
'timestamp': '64861350000', # TODO don't know how this is constructed
}),
content_type=self._content_type_json)
httpretty.register_uri(httpretty.POST, 'https://steamcommunity.com/mobilelogin/dologin/',
body=self.generate_dologin_response)
httpretty.register_uri(httpretty.GET, 'https://steamcommunity.com/public/captcha.php',
body=self.generate_captcha_response,
adding_headers={
'Set-Cookie': 'sessionid=%s; path=/' % (
random_ascii_string(24),
),
})
httpretty.register_uri(httpretty.POST, 'https://steamcommunity.com/login/transfer',
body='Success',
status=200)
super(SteamWebBrowserMocked, self).__init__(user, password)
def encrypt(self, msg, pubKeyStr): ''' Encrypt a message ''' # prepare for AES aes_rand = Random.new().read(32) aes_iv_rand = Random.new().read(AES.block_size) aes_key = AES.new(aes_rand,AES.MODE_CBC,aes_iv_rand) pre_msg = str(json.dumps(msg)) # Pad the msg length = 16 - (len(pre_msg) % 16) # Now encrypt AES aes_msg = aes_key.encrypt(str.encode(pre_msg) + bytes([length])*length) # Prepare PKCS1 1.5 Cipher pubKey = RSA.importKey(pubKeyStr) cipher = PKCS1_v1_5.new(pubKey) # encrypt RSA rsa_aes_key = cipher.encrypt(aes_rand) rsa_aes_iv = cipher.encrypt(aes_iv_rand) combined = rsa_aes_key + rsa_aes_iv + aes_msg b64out = base64.b64encode(combined) return b64out.decode()
def sign_file(f):
# TODO: For Part 2, you'll use public key crypto here
# The existing scheme just ensures the updates start with the line 'Caesar'
# This is naive -- replace it with something better!
# Generate key pairs
key = RSA.generate(2048)
# Export public key to file
export_pukey = key.publickey().exportKey('PEM')
publickey_file = open(os.path.join("pastebot.net", "publickey"), "wb")
publickey_file.write(export_pukey)
publickey_file.close()
# Create RSA object from public key
publickey_file = open(os.path.join("pastebot.net", "publickey"), "rb").read()
public_key = RSA.importKey(publickey_file)
# Hash message
hashed_m = SHA256.new(f)
# Encrypt message using public key
cipher = PKCS1_cipher.new(public_key)
ciphertext = cipher.encrypt(f+hashed_m.digest())
# Export private key to be prefixed to ciphertext
export_prkey = key.exportKey('PEM')
# Sign message using private key
prkey = RSA.importKey(export_prkey)
signer = PKCS1_v1_5.new(prkey)
signature = signer.sign(hashed_m)
# Return private key and ciphertext, as well as signature separately
return export_prkey + b"\n" + ciphertext, signature
def decrypt(self, cipher_text):
rsakey = RSA.importKey(self.rsa_private_key)
cipher = Cipher_pkcs1_v1_5.new(rsakey)
random_generator = Random.new().read
text = cipher.decrypt(base64.b64decode(cipher_text), random_generator)
return text.decode('utf8')
def encrypt(self, msg):
msg = msg.encode('utf-8')
rsakey = RSA.importKey(self.rsa_public_key)
cipher = Cipher_pkcs1_v1_5.new(rsakey)
cipher_text = base64.b64encode(cipher.encrypt(msg))
return cipher_text
#!/usr/bin/env python
from Crypto.PublicKey import RSA
from Crypto.Hash import SHA
from Crypto.Cipher import PKCS1_v1_5
import sys
if len(sys.argv) <=1:
print "Usage : pkcs1_v1_5_decrypt.py <encryptfile.txt> < output_decrypt.txt>"
exit()
file1_object = open(sys.argv[1], "rb")
contents = file1_object.read()
key_object = RSA.importKey(open("/root/privatekey.txt").read())
sha_object = SHA.new(sys.argv[1])
object_encrypt = PKCS1_v1_5.new(key_object)
file2_object = open(sys.argv[2], "a+")
file2_object = open(sys.argv[2], "wb")
file2_object.write(object_encrypt.decrypt(contents , sha_object))
file2_object = open(sys.argv[2], "rb")
file2_object.read()
#!/usr/bin/env python
# -*- coding:utf-8
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
import json
import base64
privateKeyFile = open("czdap.private.key", "r")
key = RSA.importKey(privateKeyFile.read())
cipher = PKCS1_v1_5.new(key)
privateKeyFile.close()
credsFile = open("credentials.json", "r")
credsData = json.load(credsFile)
credsFile.close()
print "server,username,password"
for creds in credsData:
piecesJSON = cipher.decrypt(base64.b64decode(creds['credentials']), 0)
if not piecesJSON:
print "\nError: Decryption failed, do you have the correct keyfile?"
exit(1)
pieces = json.loads(piecesJSON)
username = unicode(base64.b64decode(pieces[0]), "utf-8")
password = unicode(base64.b64decode(pieces[1]), "utf-8")
print ",".join([creds['host'], username, password])
if k == 0:
continue
else:
break
print k
if try_square_root(4 * e * k * n + 1):
print k
p = (math.sqrt(4 * e * k * n + 1) - 1) / (2 * k)
print p
q = n / p
print q
d = inverse(e, (p - 1) * (q - 1))
print d
privkey = RSA.construct((n, e, d))
print PKCS1_v1_5.new(privkey).decrypt(
open("flag.encrypted", "rb").read(), "!")
break
k = 54080
print try_square_root(4 * e * k * n + 1)
p = (try_square_root(4 * e * k * n + 1) - 1) / (2 * k)
q = n / p
d = inverse(e, (p - 1) * (q - 1))
print p
print q
print d
privkey = RSA.construct((n, e, d))
print PKCS1_v1_5.new(privkey).decrypt(open("flag.encrypted", "rb").read(), "!")
from __future__ import print_function, unicode_literals
import base64
import sys
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey.RSA import construct
# prepare public key
e = int('10001', 16)
n = int('10011', 16)
pubkey = construct((n, e))
# create a cipher via PKCS1.5
cipher = PKCS1_v1_5.new(pubkey)
# encrypt
cipher_text = cipher.encrypt("Hello RSA!".encode())
# do base64 encode
cipher_text = base64.b64encode(cipher_text)
print(cipher_text.decode('utf-8'))
def encrypt_pwd(password, public_key=RSA_PUBLIC_KEY):
rsa_key = RSA.importKey(public_key)
encryptor = Cipher_pkcs1_v1_5.new(rsa_key)
cipher = b64encode(encryptor.encrypt(password.encode('utf-8')))
return cipher.decode('utf-8')
def __init__(self, account, pwd):
self.account = account
self.pwd = pwd
self.cipher_text = base64.b64encode(
Cipher_pkcs1_v1_5.new(RSA.importKey(self.rsa_public_key)).encrypt(
bytes(self.pwd, encoding="utf8")))
def setUp(self):
self.key = RSA.generate(2048)
self.public_key = self.key.publickey().export_key()
self.partner_id = "001"
self.signatureObj = Signature(self.partner_id, self.public_key)
self.cipher = PKCS1_v1_5.new(self.key.exportKey())
def rsa_encrypt(pubkey,data):
pub_key = RSA.importKey(str(pubkey))
cipher = PKCS1_cipher.new(pub_key)
rsa_text = base64.b64encode(cipher.encrypt(bytes(data.encode("utf8"))))
# print(rsa_text.decode('utf-8'))
return rsa_text
def rsa_decrypt(prikey,data):
pri_key = RSA.importKey(prikey)
cipher = PKCS1_cipher.new(pri_key)
back_text = cipher.decrypt(base64.b64decode(data), 0)
# print(back_text.decode('utf-8'))
return back_text
def rsa_encrypt(self, data: bytes):
key = RSA.construct((int(self.rsa_keys['MR'],
16), int(self.rsa_keys['ER'], 16)))
# noinspection PyTypeChecker
pkcs = PKCS1_v1_5.new(key)
return pkcs.encrypt(data)
def testMemoryview(self):
pt = b"XER"
cipher = PKCS.new(self.key1024)
ct = cipher.encrypt(memoryview(bytearray(pt)))
pt2 = cipher.decrypt(memoryview(bytearray(ct)), "---")
self.assertEqual(pt, pt2)
def rsaEncrypt(message):
pubkey = "MIICkTCCAfoCCQDtC3okdmjaOTANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nRG9uZzELMAkGA1UEBwwCU1oxDzANBgNVBAoMBk1pblRvdTEPMA0GA1UECwwGTWluVG91MRUwEwYDVQQDDAxtaW50b3VqZi5jb20xIzAhBgkqhkiG9w0BCQEWFHNlcnZpY2VAbWludG91amYuY29tMB4XDTE2MDgxNzE4NTMxNloXDTI2MDgxNTE4NTMxNlowgYwxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxCzAJBgNVBAcMAlNaMQ8wDQYDVQQKDAZNaW5Ub3UxDzANBgNVBAsMBk1pblRvdTEVMBMGA1UEAwwMbWludG91amYuY29tMSMwIQYJKoZIhvcNAQkBFhRzZXJ2aWNlQG1pbnRvdWpmLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsOUUh/sLlrK5Q1ToHzMWjJxUXl7/3UdrIIwUHaSFQDUl2AuxO7otmi2qHPyfvtE1wgy9Dkc+GIlQ+kQdaGoU82+hdgEDZmqawWzPb5W7S4m0/9EBKMq3oe+YBOfq9HdcoFExFOcllFf4rMvb8d2qZCOv/l9Ln5OdCd5056OK2pcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGqrJeCzjP5GLt6owQjb1MeTZBlwYaRg8/xbEz+1JkBBnw6YXCDz62pjc2KX90htzfwIFYKny96fBEaclM3xe9vVQtd0OVLfeA1BHETPcCmsTQzMlzxHmEoYKpBTEf+HPdZHUpsCvkCDp66tv3k7egJUtwl8gBqPBzdQrxE7yyew=="
rsaKey = RSA.importKey(base64.b64decode(pubkey))
cipher = Cipher_pkcs1_v1_5.new(rsaKey)
temp = cipher.encrypt(message.encode())
return binascii.b2a_hex(temp)
def rsa_pkcs1_key_wrap(n, e, p):
key = RSA.construct((n, e))
cipher = PKCS1_v1_5_cipher.new(key)
return cipher.encrypt(p)
def decrypt(prikey, message):
random = Random.new().read
rsakey = RSA.importKey(prikey)
cipher = PKCS1_Cipher.new(rsakey)
decrypted = cipher.decrypt(base64.b64decode(message), random)
return decrypted.decode('utf-8')
def rsa_decrypt(ciphertext, key):
cipher = PKCS1_v1_5.new(RSA.importKey(key))
return cipher.decrypt(ciphertext, '')
def main():
# Set login datas
login_id = input('학번을 입력해 주세요 : ')
login_pw = getpass.getpass(prompt='비밀번호를 입력해 주세요 : ', stream=None)
login_datas = json.dumps({
'loginId': login_id,
'loginPwd': login_pw,
'storeIdYn': 'N'
})
# Encrypt with RSA
public_key = hr.postRequest(
'https://klas.kw.ac.kr/usr/cmn/login/LoginSecurity.do').json(
)['publicKey']
rsa_key = RSA.import_key(base64.b64decode(public_key))
cipher = PKCS1_v1_5.new(rsa_key)
login_token = cipher.encrypt(bytes(login_datas, 'utf8'))
login_token = base64.b64encode(login_token).decode()
# Request login
login_result = hr.postRequest(
'https://klas.kw.ac.kr/usr/cmn/login/LoginConfirm.do', {
'loginToken': login_token,
'redirectUrl': '',
'redirectTabUrl': ''
}).json()
if len(login_result['fieldErrors']) > 0:
log_message('Error', login_result['fieldErrors'][0]['message'])
return
log_message('Info', '로그인 성공')
# Set syllabus data
syllabus_year = input('강의 계획서의 년도를 입력하세요 : ')
syllabus_semester = input('강의 계획서의 학기를 입력하세요 : ')
# Get all syllabus
syllabus_result = hr.postRequest(
'https://klas.kw.ac.kr/std/cps/atnlc/LectrePlanStdList.do', {
'selectYear': syllabus_year,
'selecthakgi': syllabus_semester,
'selectRadio': 'all'
}).json()
if len(syllabus_result) == 0:
log_message('Error', '강의 계획서 정보가 없습니다.')
return
syllabus_count = len(syllabus_result)
log_message('Info', '%d개의 강의 계획서 정보를 불러왔습니다.' % syllabus_count)
# Alert message
if input('강의실 정보를 불러옵니다. 이 작업은 서버에 부하를 줄 수 있습니다. [Y / N] : ') != 'Y':
return
lecture_list = []
progress_count = 0
# Parse syllabus info
for syllabus_info in syllabus_result:
lecture_info = get_lecture_info(syllabus_info)
lecture_list += lecture_info
progress_count += 1
progress_bar(progress_count, syllabus_count)
time.sleep(0.25)
print('')
log_message('Info', '모든 정보를 정상적으로 불러왔습니다.')
# Save to file
f = open('%d-%02d.json' % (int(syllabus_year), int(syllabus_semester)),
'w',
encoding='utf8')
f.write(json.dumps(lecture_list, ensure_ascii=False))
f.close()
log_message('Info', '모든 정보가 파일에 저장되었습니다.')
def download_book(bookid, booksum = 1):
global book_cnt
detail = parse_detail_url(bookid)
#print(detail.content)
AuthorizeToken, Title = get_token_tile(detail)
logging.info('%s parse detial url done!'%bookid)
authorize = parse_authorize_url(bookid, AuthorizeToken)
aes_key, book_url, SplitFileUrls = get_key_urls(authorize)
logging.info('%s parse authorize url done!'%bookid)
get_bookmark(bookid)
rsakey = RSA.importKey(rsa['privateKey'])
cipher = Cipher_pkcs1_v1_5.new(rsakey)
text = cipher.decrypt(base64.b64decode(aes_key), None)
aes_key = str(text, encoding='utf-8')
logging.info('%s decrypt AES key done!'%bookid)
print(SplitFileUrls)
page_sum = len(SplitFileUrls)
tasks = [i for i in range(1, page_sum+1)]
tasks_path = Path(TaskFilePath+bookid+'.txt')
if tasks_path.exists():
tasks = load_taskfile(bookid)
logging.info('%s taskfile already exist, jump'%bookid)#bug
else:
# 第一次运行
save_taskfile(bookid, tasks)
while tasks:
# popleft
num = tasks.pop(0) # num : int
try:
page_url = SplitFileUrls[num - 1]
download_pdf_page(page_url, bookid, Title, num, aes_key)
# 存档
save_taskfile(bookid, tasks)
logging.info('%s<%s> page %d/%d OK [%d/%d]'%(bookid, Title, num, page_sum, book_cnt, booksum))
slptime = round(random.uniform(10 ,20))
time.sleep(slptime)
except:
tasks.append(num)
save_taskfile(bookid, tasks)
logging.error('%s<%s> page %d/%d ERROR [%d/%d]'%(bookid, Title, num, page_sum, book_cnt, booksum))
# 合并PDF
floder = os.path.join(BookPath, bookid)
if not os.path.exists(floder):
os.makedirs(floder)
# 检查是否已经转换过
pdf = Path(BookPath, bookid, bookid+'-'+Title+'.pdf')
if not pdf.exists():
logging.info('%s merge pdf ...'%bookid)
pdfpath = os.path.join(DownloadPath, bookid)
try:
file_name_walk(pdfpath, bookid)
logging.info('%s merge pdf done!'%bookid)
book_cnt += 1
except:
logging.error('%s merge pdf error!'%bookid)
else:
book_cnt += 1
logging.warning('%s pdf already exists!'%bookid)
def secrecy(params):
try:
if params['type'] in ['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512', 'sha3_224', 'sha3_256', 'sha3_384',
'sha3_512', 'blake2b', 'blake2s', 'shake_128', 'shake_256']:
return True, getattr(hashlib, params['type'])(params['text'].encode()).hexdigest()
elif params['type'] == 'AES':
if len(params['key']) > 32:
return False, 'The \'key\' cannot be longer than 32'
while len(params['key']) not in [16, 24, 32]:
params['key'] += ' '
while len(params['text']) % 32 != 0:
params['text'] += ' '
aes = AES.new(params['key'].encode("utf-8"), AES.MODE_ECB)
return True, base64.encodebytes(aes.encrypt(params['text'].encode('utf-8'))).decode().rstrip('\n')
elif params['type'] == 'D-AES':
if len(params['key']) > 32:
return False, 'The \'key\' cannot be longer than 32'
while len(params['key']) not in [16, 24, 32]:
params['key'] += ' '
aes = AES.new(params['key'].encode("utf-8"), AES.MODE_ECB)
return True, aes.decrypt(base64.decodebytes(params['text'].encode())).decode().rstrip(' ')
elif params['type'] == 'DES':
if len(params['key']) > 8:
return False, 'The \'key\' cannot be longer than 8'
while len(params['key']) < 8:
params['key'] += ' '
while len(params['text']) % 8 != 0:
params['text'] += ' '
des = DES.new(params['key'].encode("utf-8"), DES.MODE_ECB)
return True, base64.encodebytes(des.encrypt(params['text'].encode('utf-8'))).decode().rstrip('\n')
elif params['type'] == 'D-DES':
if len(params['key']) > 8:
return False, 'The \'key\' cannot be longer than 8'
while len(params['key']) < 8:
params['key'] += ' '
des = DES.new(params['key'].encode("utf-8"), DES.MODE_ECB)
return True, des.decrypt(base64.decodebytes(params['text'].encode())).decode().rstrip(' ')
elif params['type'] == 'DES3':
if len(params['key']) > 16:
return False, 'The \'key\' cannot be longer than 16'
while len(params['key']) < 16:
params['key'] += ' '
while len(params['text']) % 8 != 0:
params['text'] += ' '
des3 = DES3.new(params['key'].encode("utf-8"), DES3.MODE_ECB)
return True, base64.encodebytes(des3.encrypt(params['text'].encode('utf-8'))).decode().rstrip('\n')
elif params['type'] == 'D-DES3':
if len(params['key']) > 16:
return False, 'The \'key\' cannot be longer than 16'
while len(params['key']) < 16:
params['key'] += ' '
des3 = DES3.new(params['key'].encode("utf-8"), DES3.MODE_ECB)
return True, des3.decrypt(base64.decodebytes(params['text'].encode())).decode().rstrip(' ')
elif params['type'] == 'rsa-k':
length = params.get('length', '1024')
if int(length) < 1024:
length = "1024"
password = params.get('password', None)
if password == "":
password = None
x = RSA.generate(int(length), Random.new().read)
s_key = x.export_key(passphrase=password, pkcs=8, protection="scryptAndAES128-CBC")
g_key = x.publickey().export_key()
return True, [s_key.decode(), g_key.decode()]
elif params['type'] == 'rsa-e':
password = params.get('password', None)
if password == "":
password = None
g_key = PKCS1_v1_5.new(RSA.importKey(params['pub_k'], passphrase=password))
en_data = g_key.encrypt(params['text'].encode())
return True, base64.b64encode(en_data).decode()
elif params['type'] == 'rsa-d':
password = params.get('password', None)
if password == "":
password = None
s_key = PKCS1_v1_5.new(RSA.importKey(params['pri_k'], passphrase=password))
de_data = s_key.decrypt(base64.b64decode(params['text']), Random.new().read).decode()
return True, de_data
else:
return False, 'params error'
except Exception as ex:
return False, str(ex)
-102, -76, 47, 124, 124, 65, -127, -65, 50, 28, -63, -56, 48, 127, 48, -36,
-121, -109, 6, -114, 72, -96, -100, -3, 72, -62, -55, -52, 24, 6, -24, 1,
-113, 50, 116, 68, 74, 71, -70, -8, 14, -96, 121, 10, -98, 92, -4, -119,
-55, 112, 102, 54, 73, 1, -20, 71, -113, -28, -123, -8, -99, 9
]
# create key object
n = [ctypes.c_ubyte(i).value for i in n]
d = [ctypes.c_ubyte(i).value for i in d]
n = int(''.join(format(x, '02x') for x in n), 16)
d = int(''.join(format(x, '02x') for x in d), 16)
priKey = RSA.construct((n, e, d)).exportKey()
pubKey = RSA.construct((n, e)).exportKey()
private_key = RSA.import_key(priKey)
public_key = RSA.import_key(pubKey)
cipher_rsa_pri = PKCS1_v1_5.new(private_key)
######################### MONGODB ACCESS
db_client = MongoClient('localhost', 27017)
db_db = db_client.xtldb
db_xtlcard = db_db.xtlcard
def verify_transactions_first_stage(cipherTxs):
dsize = SHA.digest_size
sentinel = Random.new().read(15 + dsize)
userCredentials = None
userHash = None
serverInvocationCounter = None
balance = None
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
from base64 import b64encode
message = "我是要加密的訊息"
new_key = RSA.generate(1024)
prikey = new_key.exportKey("PEM").decode('ascii')
pubkey = new_key.publickey().exportKey("PEM").decode('ascii')
pubKeyObj = RSA.import_key(pubkey)
priKeyObj = RSA.import_key(prikey)
cipher = PKCS1_v1_5.new(pubKeyObj)
emsg = cipher.encrypt(message.encode())
e = PKCS1_v1_5.new(priKeyObj)
decrypt_text = e.decrypt(emsg, None).decode()
print("加密->", b64encode(emsg))
print("解密的訊息->", decrypt_text)
def rsa_decryption(msg, private_key):
random_generator = Random.new().read
cipher = Cipher_pkcs1_v1_5.new(private_key)
text = cipher.decrypt(base64.b64decode(msg), random_generator)
return text
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
import base64
from urllib import parse
from public import config
try:
with open(config.RSA_PRIKEY_FILE_PATH, "rb") as file:
privkey_b = file.read()
privkey = RSA.importKey(privkey_b)
cipher_rsa = PKCS1_v1_5.new(privkey)
except Exception as e:
print(e)
def encrypt(context):
return cipher_rsa.encrypt(context.encode('utf8')).decode('utf8')
def decrypt(context):
context = parse.unquote(context)
context = base64.b64decode(context)
decontext = cipher_rsa.decrypt(context, None)
if decontext is None:
return None
return decontext
def sign(privatekey, data):
cipher = csign.new(privatekey)
cipher_text = cipher.encrypt(data.encode())
return base64.b64encode(cipher_text)
def rsa_encryption(msg, public_key):
cipher = Cipher_pkcs1_v1_5.new(public_key)
cipher_text = base64.b64encode(cipher.encrypt(msg))
return cipher_text
def rsa(src):
rsakey = RSA.construct((int(define.__LOGIN_RSA_VER158_KEY_N__,
16), define.__LOGIN_RSA_VER158_KEY_E__))
cipher = Cipher_pkcs1_v1_5.new(rsakey)
encrypt_buf = cipher.encrypt(src)
return encrypt_buf
h+PdDw4DgC06j1VxOa2LA5tm9lPXkLUTlGDxz0blF4601hqO6XGc57tGfqECQQCT
CBZbj8H1s5WTbbeVQGsfa2CB2IFq6VehncMTEzeAmsNcrCUAsijv1M3kAUg/50kH
GaBQwkkEbSQmVAjJGFylAkBDibHDD1cms1DHyqFMxqkPG0Y50N0eu1hU7brZfQPB
kNRpW9f/TE97QOb8ux867n2i0/q0YpjWSTY6XsZncKkI
-----END RSA PRIVATE KEY-----'''
def generate_key():
rsa_key = RSA.generate(1024)
pri = rsa_key.exportKey()
with open('private.pem', 'w+') as f:
f.write(pri.decode())
f.close()
pub = rsa_key.publickey().exportKey()
with open('public.pem', 'w+') as f:
f.write(pub.decode())
f.close()
if __name__ == '__main__':
# generate_key()
rsa_key = RSA.importKey(PUB_KEY)
x = PKCS1_v1_5.new(rsa_key).encrypt('lazzy'.encode())
x = base64.b64encode(x).decode()
# x = 'f1lQLhP19w6p1Q0jgA2i3EIFWtnA/wj5aTp8mJn8PLEeIJ2GxLohPDMUr1GNbngIjVEmAuIFbLLku3BL8NEsll+xlovWOXV/cA5W/INPpJlUz8kBtIOn9Yj9zTqUAy2LnHHrZm0v3TapY9J/TSBYR/DjV7dV2PxZH4WMLNPyRgc='
rsa_privkey = RSA.importKey(PRIVATE_KEY)
y = PKCS1_v1_5.new(rsa_privkey).decrypt(base64.b64decode(x), None)
print(y == 'lazzy'.encode('utf-8'))
def testEncrypt2(self):
# Verify that encryption fail if plaintext is too long
pt = '\x00' * (128 - 11 + 1)
cipher = PKCS.new(self.key1024)
self.assertRaises(ValueError, cipher.encrypt, pt)
def rsa_encrypt(plaintext, key):
cipher = PKCS1_v1_5.new(RSA.importKey(key))
return cipher.encrypt(plaintext)
