def post(self): if self.params.get('user'): password_in_db = self.params.get('user').get('password') # throw an HTTP 400 exception if missing old_password = self.get_argument('old-password') new_password = self.get_argument('new-password') if 6 <= len(old_password) <= 16 and 6 <= len(new_password) <= 16: # the password from user input must be the same with the one in DB if password_in_db == encrypt(old_password): try: _, error = yield tornado.gen.Task(mongodb['accounts'].update, {'email': self.params.get('user').get('email')}, {'$set': {'password': encrypt(new_password)}}) except: raise tornado.web.HTTPError(500) if error.get('error'): raise tornado.web.HTTPError(500) self.params['op_result'] = {'type': 'success', 'message': '密码更新成功'} self.render('account/edit_password_page.html') else: self.params['op_result'] = {'type': 'error', 'message': '您输入的旧密码不正确,请重新输入'} self.render('account/edit_password_page.html') else: raise tornado.web.HTTPError(403) else: raise tornado.web.HTTPError(403)
def __set_secret(self, secret): ''' Writes the specified secret to the configuration file (encrypted). ''' if secret != '': secret = utilities.encrypt(secret, Preferences.__PASSPHRASE) self.__set('secret', secret)
def lock(self, pin): if self.cipherpassword is None: if self.iv is None: self.iv = utilities.generate_iv() key = utilities.generate_key(self.domain, self.username, pin) self.cipherpassword = utilities.encrypt(key, self.iv, self.plainpassword) return self.cipherpassword, self.iv
def post(self): email = self.get_argument('email', '').strip() password = self.get_argument('password', '') nick_name = self.get_argument('nick-name', '').strip() if (0 < len(email) <= 254 and email_regex.match(email) and 6 <= len(password) <= 16 and 0 < len(nick_name) <= 12): try: # here we use insert to ensure concurrency _, error = yield tornado.gen.Task(mongodb['accounts'].insert, {'email': email, 'password': encrypt(password), 'nick_name': nick_name}) except: raise tornado.web.HTTPError(500) # Code 11000: duplicate key error if error.get('error'): if error.get('error').code == 11000: self.params['op_result'] = {'type': 'error', 'message': '您输入的邮箱已被注册,请重新输入'} self.render('account/register_page.html') else: raise tornado.web.HTTPError(500) else: self.set_secure_cookie('email', email) self.redirect('/') else: raise tornado.web.HTTPError(403)
def post(self): email = self.get_argument('email', '').strip() password = self.get_argument('password', '') nick_name = self.get_argument('nick-name', '').strip() if (0 < len(email) <= 254 and email_regex.match(email) and 6 <= len(password) <= 16 and 0 < len(nick_name) <= 12): try: # here we use insert to ensure concurrency _, error = yield tornado.gen.Task( mongodb['accounts'].insert, { 'email': email, 'password': encrypt(password), 'nick_name': nick_name }) except: raise tornado.web.HTTPError(500) # Code 11000: duplicate key error if error.get('error'): if error.get('error').code == 11000: self.params['op_result'] = { 'type': 'error', 'message': '您输入的邮箱已被注册,请重新输入' } self.render('account/register_page.html') else: raise tornado.web.HTTPError(500) else: self.set_secure_cookie('email', email) self.redirect('/') else: raise tornado.web.HTTPError(403)
def main(): #Use argparse to parse arguments parser = argparse.ArgumentParser(conflict_handler='resolve') parser.add_argument('-d', '--decrypt', metavar='<key>', help='Uses <key> to decrypt a file') parser.add_argument('-e', '--encrypt', metavar='<key>', help='Uses <key> to encrypt a file') parser.add_argument('-f', '--file', metavar='<file>', help='The <file> to encrypt') requiredNamed = parser.add_argument_group('required named arguments') requiredNamed.add_argument('-o', '--outfile', metavar='<filename>', help='Writes output to <filename>') requiredNamed.add_argument( '-w', '--wave', metavar='<wave>', help='The <wave> to hide an encrypted <file> in using LSB steganography' ) args = parser.parse_args() # Validates Arguments validate_args(args) # Print splash splash() # Load wave parsed_wave = wavparser.ParsedWave(args.wave) if parsed_wave.binary: parsed_wave.debug() else: print("ERROR: unable to parse {} as a wave".format(args.wave)) return # Check encrypt/decrypt flag if args.encrypt: encrypted_data = utilities.encrypt(args.file, args.encrypt) parsed_wave.encode_data(encrypted_data) parsed_wave.write_to_file(args.outfile) else: encrypted_data, error_found = parsed_wave.decode_data() if error_found: print("ERROR: Wave file does not appear to contain encoded data") exit(1) utilities.decrypt(encrypted_data, args.decrypt, args.outfile) print("STATUS: Success! Output file {} has been produced".format( args.outfile)) # Exit exit(0)
def close(self): with open(self.keyfile.database_path, 'wb') as f: f.write( utilities.encrypt( self.keyfile.key, self.keyfile.iv, '\n'.join(self.connection.iterdump()))) self.connection.close()
def __set_encrypted_secret(self, secret, password): ''' Writes the specified secret to the configuration file (encrypted). ''' if secret != '': secret = utilities.encrypt(secret, password) self.set('secret', secret)
def create(keyfile): connection = sqlite3.connect(':memory:') connection.executescript(SCHEMA) if os.path.isfile(keyfile.database_path): raise IOError('Database file already exsits') with open(keyfile.database_path, 'wb') as f: f.write( utilities.encrypt( keyfile.key, keyfile.iv, '\n'.join(connection.iterdump())))
def post(self): if self.params.get('user'): password_in_db = self.params.get('user').get('password') # throw an HTTP 400 exception if missing old_password = self.get_argument('old-password') new_password = self.get_argument('new-password') if 6 <= len(old_password) <= 16 and 6 <= len(new_password) <= 16: # the password from user input must be the same with the one in DB if password_in_db == encrypt(old_password): try: _, error = yield tornado.gen.Task( mongodb['accounts'].update, {'email': self.params.get('user').get('email')}, {'$set': { 'password': encrypt(new_password) }}) except: raise tornado.web.HTTPError(500) if error.get('error'): raise tornado.web.HTTPError(500) self.params['op_result'] = { 'type': 'success', 'message': '密码更新成功' } self.render('account/edit_password_page.html') else: self.params['op_result'] = { 'type': 'error', 'message': '您输入的旧密码不正确,请重新输入' } self.render('account/edit_password_page.html') else: raise tornado.web.HTTPError(403) else: raise tornado.web.HTTPError(403)
def support_recieved(self, secret_message): ''' This method helps analyze_support method for checking whether emblem is hidden inside the secret message ''' emblem = emblem_of[secret_message.ally_kingdom] encrypted_emblem = encrypt(emblem) count_of_letter_in_emblem = count_letters(encrypted_emblem) is_supporting = True for letter in count_of_letter_in_emblem: if secret_message.ally_message.count( letter) < count_of_letter_in_emblem[letter]: is_supporting = False break return is_supporting
def post(self): email = self.get_argument('email', '').strip() password = self.get_argument('password', '') persistent_login = self.get_argument('persistent-login', 'false') # here we only validate the upper bound and do not use # regex to validate email in case regex itself changes if (len(email) <= 254 and len(password) <= 16): try: response, error = yield tornado.gen.Task( mongodb['accounts'].find_one, { 'email': email, 'password': encrypt(password) }, fields={'email': 1}) except: raise tornado.web.HTTPError(500) if error.get('error'): raise tornado.web.HTTPError(500) user = response[0] if user: if persistent_login == 'true': self.set_secure_cookie('email', user['email']) # Persistent cookie else: self.set_secure_cookie('email', user['email'], expires_days=None) # Session cookie next_page = self.get_cookie('next') if next_page: self.clear_cookie('next') # !important self.redirect(next_page) else: self.redirect('/') else: self.params['op_result'] = { 'type': 'error', 'message': '您输入的邮箱或密码不正确,请重新输入' } self.render('account/login_page.html') else: raise tornado.web.HTTPError(403)
def save_credentials(self): ''' Tries to encrypt the credentials entered by the user and save them to the configuration file. Incomplete or inplausible credentials will not be saved. ''' def error_message(reason): #refactored to be a little cleaner phrase = 'Credentials not saved ' self.status_message(phrase + reason) return 0 key = str(format(self.mainWindow.lineEditKey.text())) secret = str(self.mainWindow.lineEditSecret.text()) if key == '': return error_message("(empty key).") if secret == '': return error_message("(empty secret).") #get the passphrase from Password Tab self.passphrase = str(self.mainWindow.passwordLineEdit.text()) #if the user never filled in the password box, cause an error, and #switch the current tab to the password tab for them to fill it in. if self.passphrase == '': self.mainWindow.tabWidget_1.setCurrentIndex(2) return error_message("(invalid password).") try: utilities.assert_valid_key(key) except Exception: return error_message("(invalid key).") try: secret = utilities.encrypt(secret, self.passphrase) except Exception: return error_message("(invalid secret).") self.gox.config.set("gox", "secret_key", key) self.gox.config.set("gox", "secret_secret", secret) self.gox.config.save() #if everything's OK, trigger a reload of credentials(below) self.load_credentials()
def save_credentials(self): ''' Tries to encrypt the credentials entered by the user and save them to the configuration file. Incomplete or inplausible credentials will not be saved. ''' key = str(format(self.mainWindow.lineEditKey.text())) secret = str(self.mainWindow.lineEditSecret.text()) if key == '': self.status_message("Credentials not saved (empty key).") return if secret == '': self.status_message("Credentials not saved (empty secret).") return try: utilities.assert_valid_key(key) except Exception: self.status_message("Credentials not saved (invalid key).") return try: secret = utilities.encrypt(secret, View.PASSPHRASE) except Exception: self.status_message("Credentials not saved (invalid secret).") return self.gox.config.set("gox", "secret_key", key) self.gox.config.set("gox", "secret_secret", secret) self.gox.config.save() self.status_message("Credentials saved.") self.load_credentials() self.restart_gox()
def test_encrypt_decrypt_wrong_password(self): text = '/GU3lmrgX9LCG7cIpGySlgVIVT8t8CKn3p/uayvc57Z98UhYJYy4/eIdEvi5VSuFd/vwMTroy8ELc5VbqWdQWg==' # @IgnorePep8 encrypted = utilities.encrypt(text, 'bar') self.assertRaises(Exception, utilities.decrypt, encrypted, 'foo')
def test_encrypt_decrypt_ok(self): text = '/GU3lmrgX9LCG7cIpGySlgVIVT8t8CKn3p/uayvc57Z98UhYJYy4/eIdEvi5VSuFd/vwMTroy8ELc5VbqWdQWg==' # @IgnorePep8 password = '******' encrypted = utilities.encrypt(text, password) self.assertEqual(text, utilities.decrypt(encrypted, password))
def post(self): email = self.get_argument('email', '').strip() password = self.get_argument('password', '') persistent_login = self.get_argument('persistent-login', 'false') # here we only validate the upper bound and do not use # regex to validate email in case regex itself changes if (len(email) <= 254 and len(password) <= 16): try: response, error = yield tornado.gen.Task(mongodb['accounts'].find_one, {'email': email, 'password': encrypt(password)}, fields={'email': 1}) except: raise tornado.web.HTTPError(500) if error.get('error'): raise tornado.web.HTTPError(500) user = response[0] if user: if persistent_login == 'true': self.set_secure_cookie('email', user['email']) # Persistent cookie else: self.set_secure_cookie('email', user['email'], expires_days=None) # Session cookie next_page = self.get_cookie('next') if next_page: self.clear_cookie('next') # !important self.redirect(next_page) else: self.redirect('/') else: self.params['op_result'] = {'type': 'error', 'message': '您输入的邮箱或密码不正确,请重新输入'} self.render('account/login_page.html') else: raise tornado.web.HTTPError(403)