def decrypt_json(encrypted_data, secret_bytes_key, cipher_type='AES'): dct = serialization.BytesToDict( encrypted_data, encoding='utf-8', keys_to_text=True, values_to_text=True, ) if cipher_type == 'AES': cipher = AES.new( key=secret_bytes_key, mode=AES.MODE_CBC, iv=base64.b64decode(dct['iv'].encode('utf-8')), ) elif cipher_type == 'DES3': cipher = DES3.new( key=secret_bytes_key, mode=DES3.MODE_CBC, iv=base64.b64decode(dct['iv'].encode('utf-8')), ) else: raise Exception('unsupported cipher type') padded_data = cipher.decrypt(base64.b64decode(dct['ct'].encode('utf-8'))) if cipher_type == 'AES': raw_data = Padding.unpad( padded_data=padded_data, block_size=AES.block_size, ) elif cipher_type == 'DES3': raw_data = Padding.unpad( padded_data=padded_data, block_size=DES3.block_size, ) # TODO: remove salt from raw_data return raw_data
def decrypt_credential_v1(self, enc): try: enc = Util.base64dec_bytes(enc) iv = enc[:AES.block_size] cipher = AES.new(self.get_device_id_v1(), AES.MODE_CBC, iv) if sys.version_info < (3, 0): return py2_decode(Padding.unpad(padded_data=cipher.decrypt(enc[AES.block_size:]), block_size=32)) return Padding.unpad(padded_data=cipher.decrypt(enc[AES.block_size:]), block_size=32).decode('utf8') except Exception: self.log("Decrypt credentials error: " + traceback.format_exc()) return None
def decrypt(ciphertext, key, keylen=KEYLEN): """Decrypt bytes using AES-CBC with keys of length `keylen` (defaults to KEYLEN: 256 bits). @param ciphertext: Data to be decrypted. @type ciphertext: bytes @param key: Encryption passphrase. @type key: str, bytes @param keylen: Length of the key to use in bytes. Can be either 16, 24 or 32. @type keylen: str, bytes @return: The decrypted ciphertext. @rtype : bytes @raise ValueError: Incorrect padding. Happens if passphrase is incorrect. """ ciphertext = base64.b64decode(ciphertext) salt = ciphertext[:AES.block_size] iv = ciphertext[AES.block_size:2 * AES.block_size] key = KDF.PBKDF2(key, salt, dkLen=keylen) cipher = AES.new(key, AES.MODE_CBC, iv=iv) return Padding.unpad(cipher.decrypt(ciphertext[2 * AES.block_size:]), AES.block_size)
def decrypt_data(self, given_key=None, file_name=None): # data parsing if file_name is not None: self.file_name = file_name with open(self.file_name, 'rb') as file: iv = file.read(AES.block_size) encrypted_data = file.read() # key setting raw_key = given_key if raw_key is None: raw_key = self.raw_key set_key = self.set_key(raw_key) encoded_key = set_key.encode() key = strxor.strxor(encoded_key, iv) # decrypt data cipher = AES.new(key, AES.MODE_CBC, iv) decrypted_data = cipher.decrypt(encrypted_data) unpadded_data = Padding.unpad(decrypted_data, AES.block_size) plain_data = unpadded_data.decode() parsed_data = plain_data.split(';') self.login_id = parsed_data[0] self.login_password = parsed_data[1] self.account_password = parsed_data[2] self.certificate_password = parsed_data[3] return parsed_data
def __decrypt_payload_chunks(self, payloadchunks): decrypted_payload = '' for chunk in payloadchunks: payloadchunk = json.JSONDecoder().decode(chunk) payload = payloadchunk.get('payload') decoded_payload = base64.standard_b64decode(payload) encryption_envelope = json.JSONDecoder().decode(decoded_payload) # Decrypt the text cipher = AES.new( self.encryption_key, AES.MODE_CBC, base64.standard_b64decode(encryption_envelope['iv'])) ciphertext = encryption_envelope.get('ciphertext') plaintext = cipher.decrypt(base64.standard_b64decode(ciphertext)) # unpad the plaintext plaintext = json.JSONDecoder().decode(Padding.unpad(plaintext, 16)) data = plaintext.get('data') # uncompress data if compressed if plaintext.get('compressionalgo') == 'GZIP': decoded_data = base64.standard_b64decode(data) data = zlib.decompress(decoded_data, 16 + zlib.MAX_WBITS) else: data = base64.standard_b64decode(data) decrypted_payload += data decrypted_payload = json.JSONDecoder().decode( decrypted_payload)[1]['payload']['data'] decrypted_payload = base64.standard_b64decode(decrypted_payload) return json.JSONDecoder().decode(decrypted_payload)
def decrypt(pass_phrase, cipher_text): """ Decrypt encrypted data with provided pass phrase :param pass_phrase: Pass phrase :type pass_phrase: String :param cipher_text: Encrypted data :type cipher_text: String :return: Decrypted data :rtype: String """ mode = AES.MODE_CBC block_size = AES.block_size salt, initialization_vector, body = cipher_text.split('.') body = b64decode(body.encode('utf-8')) initialization_vector = b64decode(initialization_vector.encode('utf-8')) salt = b64decode(salt.encode('utf-8')) key = PBKDF2(pass_phrase, salt) cipher = AES.new(key, mode, initialization_vector) try: body = Padding.unpad(cipher.decrypt(body), block_size).decode('utf-8') except ValueError: # most likely a padding error which suggests incorrect password raise click.UsageError('Password incorrect') return body
def decode(self, enc): enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(self.crypt_key, AES.MODE_CBC, iv) cipher2 = AES.new(self.crypt_key2, AES.MODE_CBC, iv) try: decoded = Padding.unpad(padded_data=cipher.decrypt( enc[AES.block_size:]), block_size=self.bs).decode('utf-8') except: decoded = Padding.unpad(padded_data=cipher2.decrypt( enc[AES.block_size:]), block_size=self.bs).decode('utf-8') return decoded
async def get_between(self, ctx, first, last): await ctx.message.delete() if not(len(first) == 10 and first[2] == "-" and first[5] == "-"): await ctx.send("Wrong format for first date, valid format is: 'dd-mm-yyyy'") return if not(len(last) == 10 and last[2] == "-" and last[5] == "-"): await ctx.send("Wrong format for last date, valid format is: 'dd-mm-yyyy'") return date1 = datetime.datetime.strptime(first, "%d-%m-%Y") date2 = datetime.datetime.strptime(last, "%d-%m-%Y") query = """SELECT * FROM absence WHERE date BETWEEN $1 AND $2 ORDER BY date, userid;""" fetched = await self.bot.db.fetch(query, date1, date2) absence_list = "" for row in fetched: member = discord.utils.get(ctx.guild.members, id=row["userid"]) if member: excuse = self.aes.decrypt(row["excuse"]) excuse = Padding.unpad(excuse, 16) absence_list += f"{row['date'].strftime('%A %d-%m')} - {member.display_name}: {str(excuse)}\n" absenceembed = discord.Embed() absenceembed.title = f"All absence between {first} and {last}" absenceembed.description = absence_list if fetched else "No absence logged" await ctx.author.send(embed=absenceembed)
def decrypt_response(self, key, ciphertext): """ decrypt_response() Method to decrypt an encrypted response with provided key @param key: Key in bytes @param ciphertext: Ciphertext to decrypt in bytes @return: Decrypted response as a dict """ aes_cbc_ctx = AES.new(key, AES.MODE_CBC, iv=b'\0' * 16) try: plaintext = Padding.unpad(aes_cbc_ctx.decrypt(ciphertext), 16) except ValueError: self.logger.error('Error decrypting response') self.logger.error('Ciphertext:') self.logger.error(base64.b64encode(ciphertext).decode('utf8')) self.logger.error('Tried decrypting with key %s', base64.b64encode(key).decode('utf8')) raise ValueError('Error decrypting response') return json.loads(plaintext.decode('utf8'))
async def get_all(self, ctx): await ctx.message.delete() query = """SELECT * FROM absence WHERE guildid = $1 ORDER BY posted DESC, userid;""" fetched = await self.bot.db.fetch(query, ctx.guild.id) absence_list = "" for row in fetched: member = discord.utils.get(ctx.guild.members, id=row["userid"]) if member: excuse = self.aes.decrypt(row["excuse"]) excuse = Padding.unpad(excuse, 16).decode("utf-8") ab_id = row["id"] from_date = row['absentfrom'].strftime("%d/%m") to_date = row['absentto'].strftime("%d/%m") if from_date == to_date: date = from_date else: date = f"{from_date}-{to_date}" a_s = f"{ab_id} | {date} - {member.display_name}: {excuse}" a_s = Database.slice_string(a_s) if len(absence_list) + len(a_s) > 2000: break absence_list += f"{a_s:<65}\n" absenceembed = discord.Embed() absenceembed.title="All absence" absenceembed.description = absence_list if fetched else "No absence logged" await ctx.author.send(embed=absenceembed)
async def get_id(self, ctx, ab_id:int): query = """SELECT * FROM absence WHERE id = $1 AND guildid = $2""" await ctx.message.delete() fetched = await self.bot.db.fetchrow(query, ab_id, ctx.guild.id) if not fetched: await ctx.send("Couldn't find an absence with the id: {ab_id}") return member = discord.utils.get(ctx.guild.members, id=fetched["userid"]) excuse = self.aes.decrypt(fetched["excuse"]) excuse = Padding.unpad(excuse, 16).decode("utf-8") ab_id = fetched["id"] from_date = fetched['absentfrom'].strftime("%d/%m/%Y") to_date = fetched['absentto'].strftime("%d/%m/%Y") if from_date == to_date: date = from_date else: date = f"{from_date}-{to_date}" a_s = f"Absence id: {ab_id}\nDate: {date}\nExcuse: {excuse}" absenceembed = discord.Embed() absenceembed.set_author(name=member.display_name, icon_url=member.avatar_url) absenceembed.description = a_s[:2000] await ctx.author.send(embed=absenceembed)
async def get_user(self, ctx, member:discord.Member): query = """SELECT * FROM absence WHERE userid = $1 AND guildid = $2 ORDER BY id DESC;""" fetched = await self.bot.db.fetch(query, member.id, ctx.guild.id) absence_list = "" for row in fetched: excuse = self.aes.decrypt(row["excuse"]) excuse = Padding.unpad(excuse, 16).decode("utf-8") ab_id = row["id"] from_date = row['absentfrom'].strftime("%d/%m") to_date = row['absentto'].strftime("%d/%m") if from_date == to_date: date = from_date else: date = f"{from_date}-{to_date}" a_s = f"{ab_id} | {date} - {member.display_name}: {excuse}" a_s = Database.slice_string(a_s) if len(absence_list) + len(a_s) > 2000: break absence_list += f"{a_s:<65}\n" absenceembed = discord.Embed() absenceembed.set_author(name=member.display_name, icon_url=member.avatar_url) absenceembed.description = absence_list[:2000] await ctx.author.send(embed=absenceembed)
def _get_authentication_key_data(file_path, pin): """Open the auth key file""" from resources.lib.kodi import ui # Keep these imports within the method otherwise if the packages are not installed, # the addon crashes and the user does not read the warning message try: # The crypto package depends on the library installed (see Wiki) from Cryptodome.Cipher import AES from Cryptodome.Util import Padding except ImportError: from Crypto.Cipher import AES from Crypto.Util import Padding try: file_content = load_file(file_path) iv = '\x00' * 16 cipher = AES.new((pin + pin + pin + pin).encode("utf-8"), AES.MODE_CBC, iv.encode("utf-8")) decoded = Padding.unpad(padded_data=cipher.decrypt( base64.b64decode(file_content)), block_size=16) return json.loads(decoded.decode('utf-8')) except ValueError: # ValueError should always means wrong decryption due to wrong key ui.show_ok_dialog(get_local_string(30342), get_local_string(30106)) return '' except Exception as exc: # pylint: disable=broad-except LOG.warn('Exception raised: {}', exc) ui.show_ok_dialog(get_local_string(30342), get_local_string(30343)) return None
def decrypt_from_json(encrypted_data, secret_16bytes_key): # not in use at the moment b64 = json.loads(encrypted_data) iv = base64.b64decode(b64['iv']) ct = base64.b64decode(b64['ct']) cipher = AES.new(secret_16bytes_key, AES.MODE_CBC, iv) result = Padding.unpad(cipher.decrypt(ct), AES.block_size) return result
def decrypt_credential_v1(self, enc): try: enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(self.get_device_id_v1(), AES.MODE_CBC, iv) decoded = Padding.unpad(padded_data=cipher.decrypt(enc[AES.block_size:]), block_size=32).decode('utf-8') return decoded except: return None
async def content(self, ctx, content, limit: int=10): query = """ SELECT * FROM messages WHERE guild_id = $1 ORDER BY date desc LIMIT 1000;""" rows = await self.bot.db.fetch( query, ctx.guild.id) embed = discord.Embed( title=f"Fetched logs resembling search query") desc = "" topx = close_str(content, rows, limit) for _, record in reversed(topx): msgid, authorid, channelid, _, content, date = record date = date.strftime("%d/%m/%y %H:%M") msg = None try: msg = ctx.guild.get_message(msgid) except Exception: pass channel = "" try: channel = ctx.guild.get_channel(channelid).name except Exception: pass author = "" try: author = ctx.guild.get_member(authorid).mention except Exception: pass if msg: content = msg.content else: aes = AES.new(self.bot.secrets.ENCRYPT_KEY, AES.MODE_ECB) content = aes.decrypt(content) content = Padding.unpad(content, 16).decode("utf-8") prefix = f"{date} {author} #{channel}:" if len(prefix) > 25: prefix = prefix[:70] prefix += "\n" prefix = f"__**{prefix}**__" desc += f"{prefix}*{content}*\n" embed.description = f"{desc[:2000]}" if rows: await ctx.send(embed=embed) return await ctx.send(embed=discord.Embed(description="No logs available"))
def decrypt(encrypted_data, secret_16bytes_key): input_data = serialization.StringToObject(encrypted_data) cipher = AES.new( key=secret_16bytes_key, mode=AES.MODE_CBC, iv=input_data['iv'], ) padded_data = cipher.decrypt(input_data['ct']) result = Padding.unpad(padded_data, AES.block_size) return result
def decrypt_payload(encrypted_text, key): """Decrypts and returns plain text :param str encrypted_text: :param str key: :returns: plain text """ key = key.encode("utf-8") raw = binascii.unhexlify(encrypted_text) crypt = AES.new(key, AES.MODE_CBC, iv=key) return Padding.unpad(crypt.decrypt(raw), PADDING_OFFSET).decode("utf-8")
def test_solution() -> None: cases = [ (b"ICE ICE BABY\x04\x04\x04\x04", b"ICE ICE BABY"), (b"ICE ICE BABY\x05\x05\x05\x05", None), (b"ICE ICE BABY\x01\x02\x03\x04", None), ] for s, want in cases: try: got: Optional[bytes] = Padding.unpad(s, len(s)) except ValueError: got = None assert got == want
def decrypt_json(encrypted_data, secret_16bytes_key): dct = serialization.BytesToDict(encrypted_data) iv = base64.b64decode(dct['iv']) ct = base64.b64decode(dct['ct']) cipher = AES.new( key=secret_16bytes_key, mode=AES.MODE_CBC, iv=iv, ) result = Padding.unpad(cipher.decrypt(ct), AES.block_size) # TODO: remove salt from raw_data return result
async def secrets(self, ctx, limit=10, info=None): msg = None messages = await self.bot.db.fetch(""" SELECT * FROM messages ORDER BY date desc LIMIT $1;""", limit) embed = discord.Embed( title=f"{limit} last messages from everything") desc = "" for msg in messages: msgid, authorid, channelid, guildid, content, date = msg if authorid == self.bot.user.id: continue guild = None channel = None msg = None member = None try: guild = self.bot.get_guild(guildid) channel = guild.get_channel(channelid) msg = await channel.get_message(msgid) member = guild.get_member(authorid) except Exception: pass form_date = date.strftime("%d/%m/%y %H:%M") if guild and channel and member and msg and not info: desc += f"{form_date} in {guild.name} #{channel.name} @{member.display_name}: \n\t\"{msg.content}\"\n" continue elif guild and channel and member and msg: desc += f"{form_date}: {msg.content}\n" continue if content: msg = self.aes.decrypt(content) msg = Padding.unpad(msg, 16).decode("utf-8") desc += f"{form_date}: {msg}\n" embed.description = f"```{desc[:2000]}```" if msg: await ctx.send(embed=embed) return await ctx.send(embed=discord.Embed(description="No logs available"))
def decrypt(self, data: bytes) -> str: """ decrypt data :param data: encrypted byte array :return: decrypted str """ if not self.encrypt_key: return '' data = base64.b64decode(data) data = AES.new(key=self.encrypt_key.encode().ljust(32, b'\x00'), mode=AES.MODE_CBC, iv=data[0:16]).decrypt(base64.b64decode(data[16:])) data = Padding.unpad(data, 16) return data.decode('utf-8')
def aes_decrypt(text, key): """ aes解密还原,ECB模式 :param text: str待解密的字符串密文 :param key: str秘钥 :return: 解密后的字符串 """ aes = AES.new(key.encode(), AES.MODE_ECB) text = base64.b64decode(text.encode()) plain_text = aes.decrypt(text) # pad后的数据可能在末尾加了字符,避免影响json识别,需进行unpad。 plain_text = Padding.unpad(plain_text, AES.block_size, style='pkcs7').decode() return plain_text
def decrypt(self, ciphertext: str): ciphertext = urlsafe_b64decode(ciphertext.encode("utf-8")) iv = ciphertext[:AES.block_size] cipher = AES.new( key=self.key, mode=AES.MODE_CBC, iv=iv ) padded_plaintext = cipher.decrypt(ciphertext[AES.block_size:]) return Padding.unpad( padded_data=padded_plaintext, block_size=AES.block_size ).decode("utf-8")
def decode(self, enc): """ Decodes data :param data: Data to be decoded :type data: str :returns: string -- Decoded data """ enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(self.crypt_key, AES.MODE_CBC, iv) decoded = Padding.unpad( padded_data=cipher.decrypt(enc[AES.block_size:]), block_size=self.bs).decode('utf-8') return decoded
def decrypt(self) -> str: """ Decrypts encrypted text with cipher specified on the instance and checks tag to verify message integrity """ cipher = self.set_key(self.nonce) plaintext = Padding.unpad(cipher.decrypt(self.text), 16) # Verify message integrity try: cipher.verify(self.tag) except ValueError: raise return str(plaintext, "utf-8")
def authenticated_decrypt(aes_key, hmac_key, data): data = base64.b64decode(data) tag = data[-64:] data = data[:-64] # verify the HMAC tag hmac = HMAC.new(hmac_key, digestmod=SHA256) hmac.update(data) if tag != hmac.hexdigest(): raise AuthenticationError("failure") # decrypt the data using AES data = AES.new(aes_key, AES.MODE_CBC, data[:AES.block_size]).decrypt(data[AES.block_size:]) return Padding.unpad(data, AES.block_size, style='pkcs7')
def find_closest_records(a: "Search str", b: "List of records", limit=10) -> list: scores_set = set() for entry in b: aes = AES.new(ENCRYPT_KEY, AES.MODE_ECB) content = aes.decrypt(entry["content"]) content = Padding.unpad(content, 16).decode("utf-8") score = seq(a=a.lower(), b=content.lower()).ratio() if score > 0.3: scores_set.add((score, entry)) if limit > len(scores_set): limit = len(scores_set) return nlargest(limit, scores_set, key=lambda tup: tup[0])
def decrypt_msl_payload(self, payload): """ decrypt_msl_payload() @param payload: Chunked payload response as received from MSL API @return: Decrypted and assembled payload as a dict """ payloads = re.split( r',"signature":"[0-9A-Za-z/+=]+"}', payload.split('}}')[1] ) payloads = [x + '}' for x in payloads][:-1] payload_chunks = payloads chunks = [] for chunk in payload_chunks: payloadchunk = json.loads(chunk) encryption_envelope = payloadchunk['payload'] cipher = AES.new( self.msl_session['session_keys']['encryption_key'], AES.MODE_CBC, base64.b64decode(json.loads( base64.b64decode(encryption_envelope).decode('utf8') )['iv']) ) plaintext = cipher.decrypt( base64.b64decode(json.loads( base64.b64decode(encryption_envelope).decode('utf8') )['ciphertext']) ) plaintext = json.loads(Padding.unpad(plaintext, 16).decode('utf8')) data = plaintext['data'] data = base64.b64decode(data).decode('utf8') chunks.append(data) decrypted_payload = json.loads(''.join(chunks)) return decrypted_payload
def decrypt_credential(enc, secret=None): """ Decodes data :param data: Data to be decoded :type data: str :returns: string -- Decoded data """ # pylint: disable=invalid-name,import-error import base64 from Cryptodome.Cipher import AES from Cryptodome.Util import Padding enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(secret or __uniq_id(), AES.MODE_CBC, iv) decoded = Padding.unpad(padded_data=cipher.decrypt(enc[AES.block_size:]), block_size=__BLOCK_SIZE__).decode('utf-8') return decoded
def decrypt(self, iv, data): cipher = AES.new(self.encryption_key, AES.MODE_CBC, iv) return Padding.unpad(cipher.decrypt(data), 16)