def editAccount(self, id, title, description, account, password, secret,
tagIds):
'''
update account
@param title: account title
@param description: account description
@param account: account name/username, emailaddr, ....
@param secret: secret text from user
@param password: password , it will not get updated if value is None
@param tagIds: a list of related tagIds
'''
conn = self.getConnection()
pwdDao = PwdDao(conn)
pwdObj = pwdDao.getPwdById(id)
masterPwd = config.getRootPwd()
ePassword = util.encrypt(masterPwd,
password) if password else pwdObj.pwd
eSecret = util.encrypt(masterPwd, secret) if secret else ""
eUsername = util.encrypt(masterPwd, account) if account else ""
current = datetime.datetime.today()
pwdDao.updateAccount(id, title, description, eUsername, ePassword,
eSecret, current)
#2 process tags
pwdDao.updateAccountTags(id, tagIds)
conn.commit()
conn.close()
def _get_key(self):
# EKE algorithm
client_key = Random.get_random_bytes(16)
password = get_password(self._filename)
ciphertext = encrypt(password, client_key)
self._send(ciphertext)
# Get session key double encrypted
ciphertext = self._recv(80)
ciphertext = decrypt(password, ciphertext)
self._key = decrypt(client_key, ciphertext)
# Check key
r_a = Random.get_random_bytes(16)
ciphertext = encrypt(self._key, r_a)
self._send(ciphertext)
ciphertext = self._recv(64)
r_ab = decrypt(self._key, ciphertext)
if r_ab[:16] != r_a:
raise ValueError('r_a invalid')
r_b = r_ab[16:]
ciphertext = encrypt(self._key, r_b)
self._send(ciphertext)
print('Secure connection established')
def addAccount(self, title, description, username, password, secret, tagIDs):
'''
add a user-inputed account to database
@param title: account title
@param description: account description
@param username: account username
@param password: account password
@param secret: secret text from user
@param tagIDs: a list of related tagIDs
'''
conn = self.getConnection()
pDao = PwdDao(conn)
# encrypt username & password
mPwd = config.getMasterPwd()
eUsername = util.encrypt(mPwd, username) if username else ''
ePassword = util.encrypt(mPwd, password)
eSecret = util.encrypt(mPwd, secret) if secret else ''
currentDate = datetime.datetime.today()
id = pDao.getAvailablePwdID()
# insert
pDao.insertAccount(id, title, description, eUsername, ePassword, eSecret, currentDate)
# add tag to the new account if there is
if len(tagIDs) > 0: pDao.setTagsOnAccount(id, tagIDs)
conn.commit()
conn.close()
def updateAccount(self, id, title, description, username, password, secret, tagIDs):
'''
update account
@param id: account id
@param title: account title
@param description: account description
@param username: account username
@param password: account password, it will not be updated if value is None
@param secret: secret text from user
@param tagIDs: a list of related tagIDs
'''
conn = self.getConnection()
pDao = PwdDao(conn)
pwdObj = pDao.getPwdByID(id)
mPwd = config.getMasterPwd()
eUsername = util.encrypt(mPwd, username) if username else ''
ePassword = util.encrypt(mPwd, password) if password else pwdObj.pwd
eSecret = util.encrypt(mPwd, secret) if secret else ''
currentDate = datetime.datetime.today()
pDao.updateAccount(id, title, description, eUsername, ePassword, eSecret, currentDate)
pDao.updateAccountTags(id, tagIDs)
conn.commit()
conn.close()
def editAccount(self,id,title,description,account,password,secret,tagIds):
'''
update account
@param title: account title
@param description: account description
@param account: account name/username, emailaddr, ....
@param secret: secret text from user
@param password: password , it will not get updated if value is None
@param tagIds: a list of related tagIds
'''
conn = self.getConnection()
pwdDao = PwdDao(conn)
pwdObj = pwdDao.getPwdById(id)
masterPwd = config.getRootPwd()
ePassword = util.encrypt(masterPwd, password) if password else pwdObj.pwd
eSecret = util.encrypt(masterPwd,secret) if secret else ""
eUsername = util.encrypt(masterPwd, account) if account else ""
current = datetime.datetime.today()
pwdDao.updateAccount(id, title, description, eUsername, ePassword, eSecret, current)
#2 process tags
pwdDao.updateAccountTags(id, tagIds)
conn.commit()
conn.close()
def addAccount(self,title,description,account,password,secret,tagIds):
'''
add a user input account to database
@param title: account title
@param description: account description
@param account: account name/username, emailaddr, ....
@param password: password
@param secret: the secret text from user
@param tagIds: a list of related tagIds
'''
conn = self.getConnection()
pwdDao = PwdDao(conn)
# encode account & password
master = config.getRootPwd()
ePassword = util.encrypt(master, password.decode("utf-8"))
eSecret = util.encrypt(master,secret) if secret else ""
eAccount = util.encrypt(master, account) if account else ""
current = datetime.datetime.today()
id = pwdDao.getPwdId()
#insert the account
pwdDao.insertAccount(id, title, description, eAccount, ePassword, eSecret, current)
#add tag to the new account if there is
if len(tagIds) > 0 :
pwdDao.setTagsOnAccount(id, tagIds)
conn.commit()
conn.close()
def changeMasterPwd(self, newPwd):
oldPwd = config.getMasterPwd()
conn = self.getConnection()
mDao = MasterPwdDao(conn)
pDao = PwdDao(conn)
# 1st re-encrypt all passwords with the new master password
accountList = pDao.getAllPwd()
currentDate = unicode(datetime.datetime.today())
for account in accountList:
dePwd = util.decrypt(oldPwd, account.pwd)
enPwd = util.encrypt(newPwd, dePwd)
if account.secret:
deSecret = util.decrypt(oldPwd, account.secret)
enSecret = util.encrypt(newPwd, deSecret)
else:
enSecret = ''
deUsername = util.decrypt(oldPwd, account.username)
enUsername = util.encrypt(newPwd, deUsername)
pDao.updateAccount(account.id, account.title, account.description, enUsername, enPwd, enSecret, currentDate)
# 2nd get md5 of new master password, update the masterpassword table
newMD5String = util.md5Encoding(newPwd)
mDao.updateMasterPwd(newMD5String)
# 3rd update master password in config module
config.setMasterPwd(newPwd)
conn.commit()
conn.close()
def addAccount(self, title, description, account, password, secret,
tagIds):
'''
add a user input account to database
@param title: account title
@param description: account description
@param account: account name/username, emailaddr, ....
@param password: password
@param secret: the secret text from user
@param tagIds: a list of related tagIds
'''
conn = self.getConnection()
pwdDao = PwdDao(conn)
# encode account & password
master = config.getRootPwd()
ePassword = util.encrypt(master, password.decode("utf-8"))
eSecret = util.encrypt(master, secret) if secret else ""
eAccount = util.encrypt(master, account) if account else ""
current = datetime.datetime.today()
id = pwdDao.getPwdId()
#insert the account
pwdDao.insertAccount(id, title, description, eAccount, ePassword,
eSecret, current)
#add tag to the new account if there is
if len(tagIds) > 0:
pwdDao.setTagsOnAccount(id, tagIds)
conn.commit()
conn.close()
def post_user(client, s, c, u, key=None):
data = {'date': 'now', 'result': 2700, 'detail': 'it"s fake'}
if key is None:
with api.app.app_context():
key = get_secret(s)
encrypt(data, key)
data = json.dumps(data)
return client.post('/api/v0/s/{}/c/{}/user/{}'.format(s, c, u), data=data)
def __init__(self, data):
# Generate an encryption key for the action
self.encryption_key = secrets.token_bytes(32)
# Encrypt the data
encrypted_data = encrypt(self.encryption_key, data.to_bytes())
# Save the encrypted data
self.user_data = encrypted_data
def test_encrypt_decrypt(self):
# roundtrip to ensure we can recover original plaintext
password = b'potato'
salt = util.make_salt()
plain_text = b'the cat meows twice at midnight'
cipher_text = util.encrypt(password, salt, plain_text)
deciphered_text = util.decrypt(password, salt, cipher_text)
self.assertEqual(plain_text, deciphered_text)
def post(self):
dwolla = db.Query(DwollaCredentials).filter('userid =', self.userid).get()
newpin = self.request.get('newPIN')
if len(newpin) == 4 and newpin.isdigit():
dwolla.pin = util.encrypt(newpin, PASSWORD)
dwolla.put()
self.redirect('/')
#decryption logic - self.response.out.write(util.decrypt(dwolla.pin, PASSWORD))
else:
self.response.out.write('invalid pin')
def changeRootPwd(self, newRootPwd):
oldPwd = config.getRootPwd()
conn = self.getConnection()
masterDao = MasterDao(conn)
pwdDao = PwdDao(conn)
# 1 re-encrypt all passwords with new root pwd
accountList = pwdDao.getAllPasswd()
currentDate = datetime.datetime.today()
for account in accountList:
dePassword = util.decrypt(oldPwd, account.pwd)
enPassword = util.encrypt(newRootPwd, dePassword)
if account.secret:
deSecret = util.decrypt(oldPwd, account.secret)
enSecret = util.encrypt(newRootPwd, deSecret)
else:
enSecret = ""
deUsername = util.decrypt(oldPwd, account.username)
enUsername = util.encrypt(newRootPwd, deUsername)
account.pwd = enPassword
account.username = enUsername
account.secret = enSecret
account.lastupdate = currentDate
pwdDao.updateAccount(account.id, account.title,
account.description, account.username,
account.pwd, account.secret,
account.lastupdate)
# 2 get md5 of new root pwd, update the rootpassword table
newMd5String = util.md5Encode(newRootPwd)
masterDao.updateMasterPwd(newMd5String)
# 3 update master password in config module.
config.setRootPwd(newRootPwd)
conn.commit()
conn.close()
def request_service(self, service, app, user_agent=LOGIN_USER_AGENT):
"""
requesting a login service from google
:param service: the service to request, like ac2dm
:param app: the app to request to
:param user_agent: the user agent
:return: The response from the server
"""
self.session.headers.update({
'User-Agent':
user_agent,
'Content-Type':
'application/x-www-form-urlencoded'
})
if self.android_id:
self.session.headers.update({'device': self.android_id})
data = {
'accountType': 'HOSTED_OR_GOOGLE',
'has_permission': '1',
'add_account': '1',
'get_accountid': '1',
'service': service,
'app': app,
'source': 'android',
'Email': self.user
}
if self.android_id:
data['androidId'] = self.android_id
data['EncryptedPasswd'] = self.token or encrypt(
self.user, self.password)
response = self.session.post(GOOGLE_LOGIN_URL,
data=data,
allow_redirects=True)
response_values = dict(
[line.split('=', 1) for line in response.text.splitlines()])
if 'Error' in response_values:
error_msg = response_values.get(
'ErrorDetail', None) or response_values.get('Error')
if 'Url' in response_values:
error_msg += '\n\nTo resolve the issue, visit: ' + response_values[
'Url']
error_msg += '\n\nOr try: https://accounts.google.com/b/0/DisplayUnlockCaptcha'
raise Exception(error_msg)
elif 'Auth' not in response_values:
raise Exception('Could not login')
return response_values.get('Token', None), response_values.get('Auth')
def changeRootPwd(self,newRootPwd):
oldPwd = config.getRootPwd()
conn = self.getConnection()
masterDao = MasterDao(conn)
pwdDao = PwdDao(conn)
# 1 re-encrypt all passwords with new root pwd
accountList = pwdDao.getAllPasswd()
currentDate = datetime.datetime.today()
for account in accountList:
dePassword = util.decrypt(oldPwd, account.pwd)
enPassword = util.encrypt(newRootPwd, dePassword)
if account.secret:
deSecret = util.decrypt(oldPwd, account.secret)
enSecret = util.encrypt(newRootPwd, deSecret)
else:
enSecret = ""
deUsername = util.decrypt(oldPwd, account.username)
enUsername = util.encrypt(newRootPwd, deUsername)
account.pwd = enPassword
account.username = enUsername
account.secret = enSecret
account.lastupdate = currentDate
pwdDao.updateAccount(account.id,account.title, account.description, account.username,
account.pwd, account.secret,account.lastupdate)
# 2 get md5 of new root pwd, update the rootpassword table
newMd5String = util.md5Encode(newRootPwd)
masterDao.updateMasterPwd(newMd5String)
# 3 update master password in config module.
config.setRootPwd(newRootPwd)
conn.commit()
conn.close()
def admin(name):
kp = os.path.join(secret.key_path, name)
if not os.path.exists(kp):
print('User not found')
exit(-1)
kE, kM = util.get_key(kp)
nonce = bytes_to_long(get_random_bytes(16))
print(f'Nonce: {nonce}')
ticket = input('Ticket: ').strip()
data = f'{name}||{nonce}'
if ticket != util.mac(kM, data.encode()):
print('Unauthorized')
exit(-1)
if name == 'Admin':
return util.encrypt(kE, secret.FLAG2)
else:
msg = f'Hello guest, {name}'
return util.encrypt(kE, msg.encode())
def test_enc_dec_file_data():
""" Test encrypt/decrypt file content """
key = base64.urlsafe_b64encode(os.urandom(32))
with open('test_file') as f:
data = f.read()
c = util.encrypt(key, data)
d = util.decrypt(key, c)
assert d == data
def aes_padding(self, plaintext, iv):
""" Encrypts a plaintext using AES-128 in CBC mode.
Args:
plaintext (str): The message to encrypt. Assumes it is padded properly according to PKCS#7 padding format.
iv (str): The initialiation vector.
Returns:
ciphertext (str): The encrypted message.
"""
return encrypt(plaintext, iv, self.key)
def gibbs(key):
best_swap = (float('-inf'),"")
last_n = []
for i in xrange(200):
for a in xrange(len(key)):
swaps = []
for b in xrange(len(key)):
temp_key = swapIndices(a, b, key)
temp_score = self.languagemodel.score(util.encrypt(upperCipher, temp_key))
temp_swap = (temp_score, temp_key)
if temp_swap[0] > best_swap[0]: best_swap = temp_swap
swaps.append(temp_swap)
# convert to probabilities
maxSwap = max(swaps, key=operator.itemgetter(0))
swaps = [(math.e ** (swap[0] - maxSwap[0]),swap[1],swap[0]) for swap in swaps]
scoreSum = sum([swap[0] for swap in swaps])
swaps = [(float(swap[0])/scoreSum,swap[1],swap[2]) for swap in swaps]
# sample randomly
selected = sample(swaps)
key = selected[1]
# keep last n swaps
converge_n = 5
last_n.append(best_swap)
last_n = last_n[-converge_n:]
# print best_swap[0], util.encrypt(upperCipher, best_swap[1])
# check for convergence
avgSwap = sum([swap[0] for swap in last_n]) / float(converge_n)
if sum([abs(swap[0] - avgSwap) <= 1 for swap in last_n]) == converge_n:
return best_swap
decrypted = util.encrypt(upperCipher, best_swap[1])
sys.stdout.write('.')
sys.stdout.flush()
return best_swap
def key_exchange(n1, n2, id1, id2):
kp1 = os.path.join(secret.key_path, id1)
kp2 = os.path.join(secret.key_path, id2)
if not os.path.exists(kp1) or not os.path.exists(kp2):
print('User not found')
exit(-1)
kE1, kM1 = util.get_key(kp1)
kE2, kM2 = util.get_key(kp2)
shareKey = hexlify(get_random_bytes(32))
c2 = util.encrypt(kE2, shareKey)
d2 = f'{id1}||{n1}||{n2}'
t2 = util.mac(kM2, d2.encode())
c1 = util.encrypt(kE1, shareKey)
d1 = f'{id2}||{n1}||{n2}'
t1 = util.mac(kM1, d1.encode())
return c1, t1, c2, t2
def __init__(self, data, service_provider_cert):
# generate a symmetric encryption key to encrypt the data
encryption_key = secrets.token_bytes(32)
# encrypt the symmetric encryption key with the public key of the receiver
encrypted_encryption_key = encrypt_public(
service_provider_cert.public_key(), encryption_key)
# encrypt the user data with the generated symmetric key
encrypted_data = encrypt(encryption_key, data.to_bytes())
# combine the key and data to send to the service provider
self.user_data = combine_data(encrypted_encryption_key, encrypted_data)
def login():
try:
data = dict(request.get_json())
if util.Check_all(data.keys(), ['email', 'password']):
user = db.get_user(data['email'], None)
if util.encrypt(data['password']) == user['password']:
return jsonify({
'token':
util.create_token(user['email'], str(user['_id']),
app.config['JWT_SECRET_KEY'])
})
raise ValidationError('Invalid username or Password!!')
except ValidationError as err:
return dict(message=err.messages)
def server_edit(serverid):
server = GameServer.query.get_or_404(serverid)
is_owner = (g.user and (util.is_server_owner(g.user, server)))
is_sadmin = (g.user and util.is_super_admin(g.user))
app.logger.info("Owner: {} Sadmin: {}".format(is_owner, is_sadmin))
if not is_owner:
if not is_sadmin:
raise BadRequestError('You do not have access to this server.')
# Attempt encryption/decryption
rconDecrypt = util.decrypt(dbKey, server.rcon_password)
form = ServerForm(request.form,
display_name=server.display_name,
ip_string=server.ip_string,
port=server.port,
rcon_password=server.rcon_password
if rconDecrypt is None else rconDecrypt,
public_server=server.public_server)
if request.method == 'POST':
if form.validate():
mock = app.config['TESTING']
data = form.data
if not mock:
encRcon = util.encrypt(dbKey, str(data['rcon_password']))
else:
encRcon = data['rcon_password']
server.display_name = data['display_name']
server.ip_string = data['ip_string']
server.port = data['port']
server.rcon_password = encRcon
server.public_server = (data['public_server']
and util.is_admin(g.user))
if mock or util.check_server_connection(server, dbKey):
db.session.commit()
return redirect('/myservers')
else:
db.session.remove()
flash('Failed to connect to server')
else:
flash_errors(form)
return render_template('server_create.html',
user=g.user,
form=form,
edit=True,
is_admin=util.is_admin(g.user),
is_sadmin=util.is_super_admin(g.user))
def setup(self):
self._session_key = get_random_bytes(16)
ciphertext = self._socket.recv(48)
client_key = decrypt(self._password, ciphertext)
ciphertext = encrypt(client_key, self._session_key)
ciphertext = encrypt(self._password, ciphertext)
self._socket.sendall(ciphertext)
ciphertext = self._socket.recv(48)
r_a = decrypt(self._session_key, ciphertext)
r_b = get_random_bytes(16)
ciphertext = encrypt(self._session_key, r_a + r_b)
self._socket.sendall(ciphertext)
ciphertext = self._socket.recv(48)
r_b_received = decrypt(self._session_key, ciphertext)
if r_b_received != r_b:
raise ValueError('r_b invalid')
print('Secure connection established')
self._socket.settimeout(0.5)
def signin():
username = request.POST.get('username')
password = request.POST.get('password')
email = request.POST.get('email')
if not username or not password or not email:
return HTTPError(404, 'no data.')
password_encrypt = encrypt(username + password)
user = User(name=username, password=password_encrypt, email=email)
dbsession.add(user)
dbsession.commit()
session = request.environ['beaker.session']
session['username'] = username
session.save()
return {'username': username}
def signin():
username = request.POST.get('username')
password = request.POST.get('password')
email = request.POST.get('email')
if not username or not password or not email :
return HTTPError(404, 'no data.')
password_encrypt = encrypt( username + password )
user = User(name=username, password=password_encrypt, email=email)
dbsession.add(user)
dbsession.commit()
session = request.environ['beaker.session']
session['username'] = username
session.save()
return {'username' : username}
def release(self, path, fh):
print "RELEASE", path, fh
self.opens[path] -= 1
# encrypt and write if dirty
if self.dirty[path]:
print "TRYING TO WRITE"
#copy enc(/tmp/path file) to /root/path
with open(self._tmp_full_path(path), 'rb') as f:
data = f.read()
with open(self._full_path(path), 'wb') as f:
f.write(encrypt(KEY, data))
self.dirty[path] = False
self.cleanup()
return os.close(fh)
def release(self, path, fh):
print "RELEASE", path, fh
self.opens[path] -= 1
# encrypt and write if dirty
if self.dirty[path]:
print "TRYING TO WRITE"
#copy enc(/tmp/path file) to /root/path
with open(self._tmp_full_path(path), 'rb') as f:
data = f.read()
with open(self._full_path(path), 'wb') as f:
f.write(encrypt(KEY, data))
self.dirty[path] = False
self.cleanup()
return os.close(fh)
def handle(self) -> None:
while True:
ciphertext = self._recv()
if not ciphertext:
time.sleep(0.25)
continue
data = decrypt(self._session_key, ciphertext)
print(f'{self._address}: {data.decode()}')
response = input('>')
ciphertext = encrypt(self._session_key, response.encode())
self._socket.sendall(ciphertext)
print('sent', ciphertext)
def save_user():
dbtransaction = model.Session()
user_record = model.User()
# edit user
if request.POST.get('user_id') is not None:
user_record = dbtransaction.query(model.User).get(request.POST.get('user_id'))
user_record.user_name = request.POST.get('user_name')
user_record.email_address = request.POST.get('email_address')
user_record.hash = util.generateHash()
user_record.password = util.encrypt(user_record.hash,request.POST.get('password'))
dbtransaction.add(user_record)
dbtransaction.commit()
return redirect('/admin')
def addteam_(self, **kwargs):
success, serial = self._addteamform.Validate(kwargs)
if not success:
raise cpy.HTTPRedirect("/admin/addteam?%s" % Form.Encode(serial))
session = Session()
team = Team(kwargs['name'],
kwargs['thumb'],
kwargs['fullsize'],
encrypt(kwargs['password']),
1,
kwargs['description'])
session.save(team)
session.commit()
session.close()
raise cpy.HTTPRedirect("/admin/lsteam/")
def server_edit(serverid):
server = GameServer.query.get_or_404(serverid)
is_owner = g.user and (g.user.id == server.user_id)
if not is_owner:
return 'Not your server', 400
# Attempt encryption/decryption
rconDecrypt = util.decrypt(dbKey, server.rcon_password)
form = ServerForm(request.form,
display_name=server.display_name,
ip_string=server.ip_string,
port=server.port,
rcon_password=server.rcon_password
if rconDecrypt is None else rconDecrypt,
public_server=server.public_server)
if request.method == 'POST':
if form.validate():
mock = app.config['TESTING']
data = form.data
if not mock:
encRcon = util.encrypt(dbKey, str(data['rcon_password']))
else:
encRcon = data['rcon_password']
server.display_name = data['display_name']
server.ip_string = data['ip_string']
server.port = data['port']
server.rcon_password = encRcon
server.public_server = (data['public_server'] and g.user.admin)
if mock or util.check_server_connection(server, dbKey):
db.session.commit()
return redirect('/myservers')
else:
db.session.remove()
flash('Failed to connect to server')
else:
flash_errors(form)
return render_template('server_create.html',
user=g.user,
form=form,
edit=True,
is_admin=g.user.admin)
def create_invoice(amount, currency, description, address, expiry):
passphrase = generate_passphrase(8)
invoice = dict(desc=description,
timestamp=int(time.time()),
addr=address,
amount=amount,
currency=currency,
expiry=expiry * 86400)
encrypted_invoice = encrypt(json.dumps(invoice), passphrase)
r = requests.post(BLOCKONOMICS_URL + API_ENDPOINT,
json=dict(content=encrypted_invoice))
r.raise_for_status()
invoice_id = r.json().get('number')
if (not invoice_id):
raise Exception("Server didn't return invoice number")
return "{}/invoice/{}/#/?key={}".format(BLOCKONOMICS_URL, invoice_id,
passphrase)
def __encryptAccounts(self, key, conn):
cur = conn.cursor()
cur2 = conn.cursor()
sql = "select id, username FROM ACCOUNT"
cur.execute(sql)
upsql = "update Account set username=? where id=?"
c = 0
for row in cur.fetchall():
(id, uid) = row
newUid = util.encrypt(key, uid)
cur2.execute(upsql, (newUid, id))
c += 1
cur2.close()
cur.close()
return c
def editteam_(self, **kwargs):
success, serial = self._editteamform.Validate(kwargs)
if not success:
raise cpy.HTTPRedirect("/admin/editteam?%s" % Form.Encode(serial))
session = Session()
#TODO: load the team, see what's different, and change those fields
team = session.query(Team).filter_by(id=kwargs["team_id"]).first()
if team.name != kwargs["name"]:
team.name = kwargs.name
if team.description != kwargs["description"]:
team.description = kwargs["description"]
if team.fullsize != kwargs["fullsize"]:
team.fullsize = kwargs["fullsize"]
if "password" in kwargs:
team.password = encrypt(kwargs["password"])
session.commit()
session.close()
raise cpy.HTTPRedirect("/admin/lsteam/")
def register():
'''Putting new user into database'''
#getting and verifying the form fields
usr = request.form.get("nametxt")
pswd = request.form.get("pswdtxt")
if usr == None or pswd == None:
return render_template("error.htm",
message="Internal error on registration")
#encrypting password with sha256
pswd = util.encrypt(pswd)
#committing into table
db.execute("INSERT INTO users(usr, pswd) VALUES (:usr, :pswd)", {
"usr": usr,
"pswd": pswd
})
db.commit()
return render_template("success.htm",
message="You're successfully registered")
def save_user():
dbtransaction = model.Session()
user_record = model.User()
# edit user
if request.POST.get('user_id') is not None:
user_record = dbtransaction.query(model.User).get(
request.POST.get('user_id'))
user_record.user_name = request.POST.get('user_name')
user_record.email_address = request.POST.get('email_address')
user_record.hash = util.generateHash()
user_record.password = util.encrypt(user_record.hash,
request.POST.get('password'))
dbtransaction.add(user_record)
dbtransaction.commit()
return redirect('/admin')
def server_create():
if not g.user:
return redirect('/login')
form = ServerForm(request.form)
if request.method == 'POST':
num_servers = g.user.servers.count()
max_servers = config_setting('USER_MAX_SERVERS')
if max_servers >= 0 and num_servers >= max_servers and not (
util.is_admin(g.user) or util.is_super_admin(g.user)):
flash('You already have the maximum number of servers ({}) stored'.
format(num_servers))
elif form.validate():
mock = config_setting('TESTING')
data = form.data
if not mock:
encRcon = util.encrypt(dbKey, str(data['rcon_password']))
else:
encRcon = data['rcon_password']
server = GameServer.create(
g.user, data['display_name'], data['ip_string'], data['port'],
encRcon, data['public_server'] and util.is_admin(g.user))
if mock or util.check_server_connection(server, dbKey):
db.session.commit()
app.logger.info('User {} created server {}'.format(
g.user.id, server.id))
return redirect('/myservers')
else:
db.session.remove()
flash('Failed to connect to server')
else:
flash_errors(form)
return render_template('server_create.html',
user=g.user,
form=form,
edit=False,
is_admin=util.is_admin(g.user))
def login():
'''getting into homepage'''
#getting and verifying the form fields
usr = request.form.get("nametxt")
pswd = request.form.get("pswdtxt")
if usr == None or pswd == None:
return render_template("error.htm",
message="Invalid username or password")
#encrypting password with sha256
pswd = util.encrypt(pswd)
user = db.execute("SELECT * FROM users WHERE usr=:usr AND pswd=:pswd", {
"usr": usr,
"pswd": pswd
}).fetchone()
if user is None:
return render_template("error.htm",
message="Invalid username or password")
#saving the session
session["user_id"] = user.id
return redirect(url_for("home"))
def __encryptAccounts(self, key, conn):
cur = conn.cursor()
cur2 = conn.cursor()
sql = 'select id, username FROM ACCOUNT'
cur.execute(sql)
upsql = 'update Account set username=? where id=?'
c = 0
for row in cur.fetchall():
(id, uid) = row
newUid = util.encrypt(key, uid)
cur2.execute(upsql, (
newUid,
id,
))
c += 1
cur2.close()
cur.close()
return c
def encrypt(str,secret):
return util.encrypt(str,secret)
print(" 1. Connect ")
print(" 2. Accept ")
print("=================")
if __name__ == "__main__":
kp = os.path.join(secret.key_path, NAME)
u = user.User(NAME, kp)
menu()
choice = input('> ').strip()
try:
choice = int(choice)
except:
exit(-1)
if choice == 1:
_id, skey = u.connect()
print(f'Connected with {_id}')
if _id == 'Bob':
print(util.encrypt(skey, secret.FLAG1))
else:
msg = f'Hi, {_id}'
print(util.encrypt(skey, msg.encode()))
elif choice == 2:
_id, skey = u.accept()
print(f'Connected with {_id}')
msg = f'Hi, {_id}'
print(util.encrypt(skey, msg.encode()))
else:
exit(-1)
def secret(self): return util.encrypt( self.login )
util.writenum(p)
print('C: writing g...')
util.writenum(g)
print('C: writing A...')
util.writenum(A)
print('C: reading B...')
B = util.readnum()
s = pow(B, a, p)
key = util.derivekey(s)
iv = util.randbytes(16)
encryptedMessage = util.encrypt(key, iv, message)
print('C: writing encrypted message...')
util.writebytes(encryptedMessage)
print('C: writing iv...')
util.writebytes(iv)
print('C: reading encrypted message...')
encryptedMessage2 = util.readbytes()
message2 = util.decrypt(key, iv, encryptedMessage2)
if message2 != message:
raise Exception(message2 + ' != ' + message)
finally:
sock.close()
