def test_urandom(self):
for i in range(2048):
key = os.urandom(16)
data = os.urandom(i)
enc = xxtea.encrypt(data, key)
dec = xxtea.decrypt(enc, key)
self.assertEqual(data, dec)
data = b'\0' * i
enc = xxtea.encrypt(data, key)
dec = xxtea.decrypt(enc, key)
self.assertEqual(data, dec)
def test_zero_bytes(self):
for i in range(2048):
data = b'\0' * i
key = os.urandom(16)
enc = xxtea.encrypt(data, key)
dec = xxtea.decrypt(enc, key)
self.assertEqual(data, dec)
key = b'\0' * 16
enc = xxtea.encrypt(data, key)
dec = xxtea.decrypt(enc, key)
self.assertEqual(data, dec)
def load_login_page(self):
headers = {
'X-Requested-With': 'XMLHttpRequest',
'host': self.host,
"Referer": "https://kyfw.12306.cn/otn/login/init"
}
self.http.get("https://" + self.domain + "/otn/",
verify=False,
headers=headers)
res = self.http.get('https://' + self.domain + '/otn/login/init',
verify=False,
headers=headers)
assert isinstance(res, requests.Response)
if not 'src=\"/otn/dynamicJs/' in res.text:
raise C12306Error('初始化页面错误')
dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"")
ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" +
dynamic_js_url,
verify=False,
headers=headers).text
self.loginDynamicKey = xlstr.substr(ret, "gc(){var key='", "'")
self.loginDynamicVal = (xxtea.encrypt("1111", self.loginDynamicKey))
#隐藏的监测url
ready_str = xlstr.substr(ret, "$(document).ready(", ")};")
if ready_str.find("jq({url") > 0:
checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'")
self.http.get("https://" + self.domain + checkHelperUrl,
verify=False,
headers=headers)
def load_search_page(self):
headers = {
'Referer': 'https://kyfw.12306.cn/otn/login/init',
"host": self.host
}
leftText = self.http.get("https://" + self.domain +
"/otn/leftTicket/init",
verify=False,
headers=headers).text
self.leftTicketUrl = xlstr.substr(leftText, "var CLeftTicketUrl = '",
"'")
dynamic_js_url = xlstr.substr(leftText, "src=\"/otn/dynamicJs/", "\"")
ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" +
dynamic_js_url,
verify=False,
headers=headers).text
#隐藏的监测url
ready_str = xlstr.substr(ret, "$(document).ready(", ")};")
if ready_str.find("jq({url") > 0:
checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'")
self.http.get("https://" + self.domain + checkHelperUrl,
verify=False,
headers=headers)
self.searchDynamicKey = xlstr.substr(ret, "gc(){var key='", "'")
self.searchDynamicVal = urllib.parse.quote_plus(
xxtea.encrypt("1111", self.searchDynamicKey))
self.auth_code_img('login')
def test(info: str, key: str):
print('\nKey: {}\nCipher: {}'.format(key, info))
cipher = auth_base64.decode(info)
plain = xxtea.decrypt(cipher, key.encode())
print('Plain text: {}'.format(json.loads(plain)))
cipher2 = xxtea.encrypt(plain, key.encode())
print('encrypt(decrypt(Cipher)) == Cipher: {}'.format(cipher == cipher2))
def encrypt(filePath, key):
"""
:单文件加密
:param filePath: 文件目录
:param key: xxteaKey
:return: 加密数据
"""
if len(key) < 16:
key += "".join("\0" * (16 - len(key))) # key填充
data = read_txt(fileDir=filePath).encode("utf-8")
data = gzip.compress(data)
enc_data = xxtea.encrypt(data=data, key=key)
"""
#下面是decrypt程序的解压缩部分 对应的压缩部分暂时未实现
if dec_data[:2] == b"PK":
fio = BytesIO(dec_data)
fzip = zipfile.ZipFile(file=fio)
dec_data = fzip.read(fzip.namelist()[0]).decode("utf-8")
elif dec_data[:2] == b"\x1f\x8b":
dec_data = bytes(zlib.decompress(dec_data, 16 + zlib.MAX_WBITS)).decode("utf-8")
else:
try:
dec_data = bytes(dec_data).decode("utf-8")
except UnicodeDecodeError:
ColorPrinter.print_blue_text(" This file looks like have some unknown byte, try save as unknown files")
"""
return enc_data
def test_encrypt_nopadding_zero(self):
key = os.urandom(16)
for i in (8, 12, 16, 20):
data = b'\0' * i
enc = xxtea.encrypt(data, key, padding=False)
dec = xxtea.decrypt(enc, key, padding=False)
self.assertEqual(data, dec)
def crypt(data, password, add_header=False):
"""Return encrypted data"""
if add_header:
data = add_head(data)
key = get_key(password)
return xxtea.encrypt(data, key)
def encrypt_file(src_dir, file_path, temp_dir, xxtea_key = "", sign = ""):
if not file_path.startswith(src_dir):
print("%s is not parent dir of %s, can not do encrypt" % (src_dir, file_path))
# 将 X:/game/src/pkg1/pkg2/Module.lua 转换为 pkg1.pkg2.Module的形式
start_index = len(src_dir)
encrypt_file_name = file_path[start_index: len(file_path)]
if encrypt_file_name.startswith(os.path.sep):
encrypt_file_name = encrypt_file_name[1:len(encrypt_file_name)]
encrypt_file_name = encrypt_file_name.replace(os.path.sep, ".")
# 去除.lua扩展名
encrypt_file_name = encrypt_file_name[0: -4]
encrypt_file_path = os.path.join(temp_dir, encrypt_file_name)
print("encrypt file:%s ==============> %s" % (file_path, encrypt_file_path))
src_file = open(file_path, 'rb')
output_file = open(encrypt_file_path, 'wb')
try:
file_content = src_file.read()
# 若xxtea_key不为"",则对源文件内容进行加密并写入签名
if xxtea_key != "":
encrypt_data = xxtea.encrypt(file_content, xxtea_key)
data_len = len(encrypt_data)
sign_len = len(sign)
if sign_len > 0:
encrypt_data = struct.pack("=%ds%ds" % (sign_len, data_len), sign, encrypt_data)
output_data = encrypt_data
else:
output_data = file_content
output_file.write(output_data)
finally:
output_file.close()
src_file.close()
def __init__(self, domain=''):
if domain != '':
self.domain = domain
headers = {"host": self.host}
self.http.get("https://" + self.domain + "/otn/",
verify=False,
headers=headers)
res = self.http.get('https://' + self.domain + '/otn/login/init',
verify=False,
headers=headers)
assert isinstance(res, requests.Response)
if not 'src=\"/otn/dynamicJs/' in res.text:
raise C12306Error('初始化页面错误')
dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"")
ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" +
dynamic_js_url,
verify=False,
headers=headers).text
self.loginDynamicKey = xlstr.substr(ret, "gc(){var key='", "'")
self.loginDynamicVal = (xxtea.encrypt("1111", self.loginDynamicKey))
#隐藏的监测url
ready_str = xlstr.substr(ret, "$(document).ready(", ")};")
if ready_str.find("jq({url") > 0:
checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'")
self.http.get("https://" + self.domain + checkHelperUrl,
verify=False,
headers=headers)
self.load_station_code()
def test_encrypt_nopadding_zero(self):
key = os.urandom(16)
for i in (8, 12, 16, 20):
data = b'\0' * i
enc = xxtea.encrypt(data, key, padding=False)
dec = xxtea.decrypt(enc, key, padding=False)
self.assertEqual(data, dec)
def test_urandom(self):
for i in range(2048):
key = os.urandom(16)
data = os.urandom(i)
enc = xxtea.encrypt(data, key)
dec = xxtea.decrypt(enc, key)
self.assertEqual(data, dec)
def test_hex_encode(self):
for i in range(2048):
key = os.urandom(16)
data = os.urandom(i)
enc = xxtea.encrypt(data, key)
hexenc = xxtea.encrypt_hex(data, key)
self.assertEqual(binascii.b2a_hex(enc), hexenc)
def test_hex_encode(self):
for i in range(2048):
key = os.urandom(16)
data = os.urandom(i)
enc = xxtea.encrypt(data, key)
hexenc = xxtea.encrypt_hex(data, key)
self.assertEqual(binascii.b2a_hex(enc), hexenc)
def encrypt(key, data):
"""
@note: 加密
@param key: getTime()
@param data: data
@return: bytes
"""
try: return xxtea.encrypt(key + data, key[:16])
except: return b""
def encrypt(data, key):
if len(data) <= 3:
return data
padding = len(data) / 4 * 4
to_data = data[0:padding]
cipher = xxtea.encrypt(to_data, key, False)
if padding < len(data):
cipher = cipher + data[padding::]
return cipher
def encryptFile(fname, key):
uKey = bytes(key, encoding='utf-8')
with open(fname, 'r+b') as input:
plaintext = input.read()
ciphertext = xxtea.encrypt(plaintext, uKey)
input.seek(0)
input.write(ciphertext)
input.truncate()
input.close()
def __encrypt(self, s, level, encryptmode):
#return (xxtea.encrypt(s, self.__key)
# if ((self.__key != None) and (encryptmode >= level))
# else s
#)
if ((self.__key != None) and (encryptmode >= level)) :
result = xxtea.encrypt(s, self.__key)
else :
result = s
return result
def __encrypt(self, s, level, encryptmode):
#return (xxtea.encrypt(s, self.__key)
# if ((self.__key != None) and (encryptmode >= level))
# else s
#)
if ((self.__key != None) and (encryptmode >= level)):
result = xxtea.encrypt(s, self.__key)
else:
result = s
return result
def test_xxtea1(self):
if sys.version_info < (3, 0):
text = "Hello World! 你好,中国!"
key = "1234567890"
else:
text = "Hello World! 你好,中国!".encode("utf-8")
key = "1234567890".encode("utf-8")
encrypt_data = xxtea.encrypt(text, key)
decrypt_data = xxtea.decrypt(encrypt_data, key)
self.assertEqual(text, decrypt_data)
def test_xxtea1(self):
if sys.version_info < (3, 0):
text = "Hello World! 你好,中国!"
key = "1234567890"
else:
text = "Hello World! 你好,中国!".encode("utf-8")
key = "1234567890".encode("utf-8")
encrypt_data = xxtea.encrypt(text, key)
decrypt_data = xxtea.decrypt(encrypt_data, key)
self.assertEqual(text, decrypt_data)
def encrypt(key, data):
"""
@note: 加密
@param key: getTime()
@param data: data
@return: bytes
"""
try:
return xxtea.encrypt(key + data, key[:16])
except:
return b""
def __encrypthex(self, data):
try:
import xxtea
except:
raise ImportError(
'Try to run "pip install xxtea-py" for using xxtea')
return xxtea.encrypt(
data,
bytes.fromhex(
'67377150343554566b51354736694e6262686155356e586c41656c4763416373'
)).hex()
def encryptPic(pathname, encrykey): #加密目录下的图片
for dirpath, dirnames, filenames in os.walk(pathname): #压缩目录下的所有文件
for files in filenames:
if files.endswith("png") or files.endswith("jpg"):
filePath = os.path.join(dirpath, files)
print filePath
with open(filePath, "rb") as f:
data = f.read()
dataEncrypt = xxtea.encrypt(data, encrykey) #加密
f.close()
with open(filePath, "wb") as f1:
f1.write(dataEncrypt)
f1.close()
def encrypt(file, output_file):
print('************** xxtea encrypt =====>>>>> ' + file +
' **************')
read_handle = open(file, 'rb')
content = read_handle.read()
read_handle.close()
xxtea_content = xxtea.encrypt(content, ENCRYPT_KEY)
xxtea_content = ENCRYPT_SIGN + xxtea_content
write_handle = open(output_file, 'wb')
write_handle.write(xxtea_content)
write_handle.close()
def encrypt(data):
"""
:param data: str or bytes
"""
try:
key = os.urandom(16)
plen = randint(1, 9)
padding = os.urandom(plen)
# key + padding len + padding + data
return key + hex(plen).encode() + padding + xxtea.encrypt(data, key)
except:
traceback.print_exc()
return b''
def encrypt(file_path, out_path, key, sign):
print("===>encrypt %s to %s" % (file_path, out_path))
fp = open(file_path, "rb")
encrypt_bytes = xxtea.encrypt(fp.read(), key)
fp.close()
encrypt_bytes = sign + encrypt_bytes
# out_dir = os.path.dirname(out_path)
# if not os.path.exists(out_dir):
# os.makedirs(out_dir)
fp = open(out_path, "wb")
fp.write(encrypt_bytes)
fp.close()
def xxtea_test_memory():
s = 'xxtea is good'
# key = os.urandom(16)
key = b'1234567891234567'
print('key:', key)
enc = xxtea.encrypt(s, key)
print(enc)
dec = xxtea.decrypt(enc, key)
print(dec)
if s == dec.decode():
print(True)
def encrypt(is_zip, input_key, input_js_path):
prefix = 'encryptTemp'
if os.path.exists(prefix) is True:
os.system('rm -r ' + prefix)
os.mkdir(prefix)
if os.path.exists("encryptOutput") is True:
os.system('rm -r ' + "encryptOutput")
os.mkdir("encryptOutput")
js_path = input_js_path
if js_path == '':
js_path = raw_input('please input your .js path:')
if os.path.exists(js_path) is False:
print "error: your .js file is not exist."
return False
key = input_key
if key == '':
key = raw_input('please input your encrypt key:')
if key == '':
print "error: your key is empty."
return False
# zip .jsc
if is_zip is True:
print 'begin zip.'
project_zip_name = prefix + '/projectChanged.zip'
os.system("cp " + js_path + " " + prefix + '/encrypt.js')
zip_file(prefix + '/encrypt.js', 'encrypt.js', project_zip_name)
project_content = read_file_content(project_zip_name)
else:
project_content = read_file_content(js_path)
# encrypt
print 'begin encrypt.'
enc = xxtea.encrypt(project_content, key)
final_jsc_name = prefix + '/projectChanged.jsc'
write_content_to_file(final_jsc_name, enc)
os.system('cp ' + final_jsc_name + " encryptOutput/projectChanged.jsc")
print 'remove temp file.'
if os.path.exists(prefix) is True:
os.system('rm -r ' + prefix)
print "success. please check 'encryptOutput' directory."
return True
def encrypt_file(path, key, sign):
bytesFile = open(path, "rb+")
buff = bytesFile.read()
pre_sign = str(buff[0:len(sign)])
if pre_sign == sign:
print("have entrypt :" + path)
else:
print("entrypt file :" + path)
encryBytes = xxtea.encrypt(buff, key)
encryBytes = sign.encode("utf-8") + encryBytes
bytesFile.seek(0)
bytesFile.write(encryBytes)
bytesFile.close()
def EncriptLua(data):
#先判断是否混淆过了
dataLen = len(data); #为了和cocos C++一致 放到前面
signLen = len(CODE_SIGN);
keyLen = len(CODE_KEY);
if dataLen > signLen:
checkSign = data[0:signLen];
if checkSign == CODE_SIGN:
print('has merge')
return data;#说明混淆过了
print('EncriptLua')
data = xxtea.encrypt(data, CODE_KEY)
data = CODE_SIGN + data
return data
def submit_order(self,ticket):
"""
:param ticket: Ticket
:return: :raise C12306Error:
"""
data='secretStr='+ticket.secret_str+'&train_date='+ticket.train_date+'&back_train_date='+ticket.train_date+\
'&tour_flag=dc&purpose_codes=ADULT&query_from_station_name='+ticket.from_station_name+\
'&query_to_station_name='+ticket.to_station_name+'&undefined&'+self.searchDynamicKey+"="+self.searchDynamicVal
headers={'Referer':'https://kyfw.12306.cn/otn/leftTicket/init','X-Requested-With':'XMLHttpRequest'\
,'Content-Type':'application/x-www-form-urlencoded; charset=UTF-8',"host":self.host}
data=data.encode()
self.http.post('https://'+self.domain+'/otn/login/checkUser',{"_json_att":""},verify=False,headers=headers)
res=self.http.post('https://'+self.domain+'/otn/leftTicket/submitOrderRequest',data,verify=False,headers=headers)
orderInfo=res.json()
if orderInfo['status']!=True:
raise C12306Error('提交订单错误:'+''.join(orderInfo['messages']))
res=self.http.post('https://'+self.domain+'/otn/confirmPassenger/initDc',{'_json_att':''},verify=False,headers=headers)
pageText=res.text
self.Token=xlstr.substr(pageText,"globalRepeatSubmitToken = '","'")
self.keyCheck=xlstr.substr(pageText,"'key_check_isChange':'","'")
self.leftTicketStr=xlstr.substr(pageText,"leftTicketStr':'","'")
self.trainLocation=xlstr.substr(pageText,"train_location':'","'")
dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"");
dynamic_js = self.http.get("https://"+self.domain +"/otn/dynamicJs/"+ dynamic_js_url, verify=False,headers=headers)
#隐藏的监测url
ready_str=xlstr.substr(dynamic_js.text,"$(document).ready(",")};")
if ready_str.find("jq({url")>0 :
checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'")
self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers)
self.dynamicKey=xlstr.substr(dynamic_js.text,"gc(){var key='","'")
self.dynamicVal=xxtea.encrypt("1111",self.dynamicKey)
self.dynamicVal=urllib.parse.quote_plus(self.dynamicVal)
if len(self.Token)!=32 :
raise C12306Error('预定页面获取失败!')
return True
def generate_session_key(timestamp, numbers):
"""
session_key = base64_encode(tea(timestamp + numbers))
10位时间 + 账号
:param timestamp: 时间挫,生产session_key的时间
:param numbers: 账号
:return: session_key/成功,None/失败
"""
try:
key = "key"
plain = "%s%s" % (timestamp, numbers)
session_key = base64.b64encode(encrypt(plain, key))
return session_key
except Exception as e:
g_log.error("<%s> %s", e.__class__, e)
return None
def build_assets(root, odir, version, platform):
flist.version = version
flist.platform = platform
flist.version_name = version_name(version)
for r, dirs, files in os.walk(root, followlinks=True):
r = os.path.relpath(r, root)
if r=='.':
r = ''
if not is_valid_dir(r, platform):
continue
for f in files:
url = os.path.join(r, f)
if not is_valid_file(f, r, platform):
continue
url = url.replace('\\', '/')
ipath = os.path.join(root, url)
signed = XXTEA_SIGN + xxtea.encrypt(open(ipath, 'rb').read(), XXTEA_KEY)
ipath = '/tmp/temp_compiled.lua'
f = open(ipath, 'wb')
f.write(signed)
f.close()
md5, size = file_md5_size(ipath)
opath = os.path.join(odir, md5_to_path(md5, url))
copyto(ipath, opath)
finfo = flist.files.add()
finfo.url = url
finfo.md5 = md5
finfo.size = size
finfo.where = files_pb2.PACKAGE
s = flist.SerializeToString()
open(os.path.join(odir, DB_PATH), 'wb').write(s)
if os.name=='nt':
os.system('mkdir %s\\fonts'%odir)
os.system('copy %s\\fonts\\YunYueFont.ttf %s\\fonts\\'%(root, odir))
os.system('copy %s\\fonts\\Fonts_android.png %s\\fonts\\'%(root, odir))
else:
os.system('mkdir %s/fonts'%odir)
os.system('cp %s/fonts/YunYueFont.ttf %s/fonts/'%(root, odir))
os.system('cp %s/fonts/Fonts_android.png %s/fonts/'%(root, odir))
os.system('cp %s/filelist %s/%s_filelist' % (odir, odir, platform))
def load_search_page(self):
headers={'Referer':'https://kyfw.12306.cn/otn/login/init',"host":self.host}
leftText=self.http.get("https://"+self.domain+"/otn/leftTicket/init",verify=False,headers=headers).text
self.leftTicketUrl=xlstr.substr(leftText,"var CLeftTicketUrl = '","'")
dynamic_js_url = xlstr.substr(leftText, "src=\"/otn/dynamicJs/", "\"")
ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text
#隐藏的监测url
ready_str=xlstr.substr(ret,"$(document).ready(",")};")
if ready_str.find("jq({url")>0 :
checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'")
self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers)
self.searchDynamicKey=xlstr.substr(ret,"gc(){var key='","'")
self.searchDynamicVal=urllib.parse.quote_plus(xxtea.encrypt("1111",self.searchDynamicKey))
self.auth_code_img('login')
def load_login_page(self):
headers = {'X-Requested-With': 'XMLHttpRequest','host':self.host,"Referer":"https://kyfw.12306.cn/otn/login/init"}
self.http.get("https://" + self.domain + "/otn/", verify=False,headers=headers)
res = self.http.get('https://'+self.domain+'/otn/login/init', verify=False,headers=headers)
assert isinstance(res, requests.Response)
if not 'src=\"/otn/dynamicJs/' in res.text:
raise C12306Error('初始化页面错误')
dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"")
ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text
self.loginDynamicKey=xlstr.substr(ret,"gc(){var key='","'")
self.loginDynamicVal=(xxtea.encrypt("1111",self.loginDynamicKey))
#隐藏的监测url
ready_str=xlstr.substr(ret,"$(document).ready(",")};")
if ready_str.find("jq({url")>0 :
checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'")
self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers)
def new_wallet(file_dir):
if file_dir is None:
file_dir = os.getcwd()
# securely get the password to salt the wallet signing key
password = getpass('Enter a password to secure the wallet: ')
wallet = ED25519Wallet.new()
signing_key = bytes.fromhex(wallet[0])
encrypted_wallet = xxtea.encrypt(signing_key, password)
print(encrypted_wallet)
# output wallet as a UTC timestamp for simplicity
now = datetime.utcnow()
file_name = 'UTC-' + str(now).replace(' ', '-') + '.tau'
print('Generated new wallet in {}'.format(os.path.join(
file_dir, file_name)))
with open(os.path.join(file_dir, file_name), 'wb') as f:
f.write(encrypted_wallet)
def __init__(self,domain=''):
if domain!='':
self.domain=domain
headers={"host":self.host}
self.http.get("https://" + self.domain + "/otn/", verify=False,headers=headers)
res = self.http.get('https://'+self.domain+'/otn/login/init', verify=False,headers=headers)
assert isinstance(res, requests.Response)
if not 'src=\"/otn/dynamicJs/' in res.text:
raise C12306Error('初始化页面错误')
dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"")
ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text
self.loginDynamicKey=xlstr.substr(ret,"gc(){var key='","'")
self.loginDynamicVal=(xxtea.encrypt("1111",self.loginDynamicKey))
#隐藏的监测url
ready_str=xlstr.substr(ret,"$(document).ready(",")};")
if ready_str.find("jq({url")>0 :
checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'")
self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers)
self.load_station_code()
def encrypt_zip(zip_path, xxtea_key = "", sign = ""):
zip_file = open(zip_path, 'rb')
try:
content = zip_file.read()
# 若xxtea_key不为"",则对源文件内容进行加密并写入签名
if xxtea_key != "":
encrypt_data = xxtea.encrypt(content, xxtea_key)
data_len = len(encrypt_data)
sign_len = len(sign)
if sign_len > 0:
encrypt_data = struct.pack("=%ds%ds" % (sign_len, data_len), sign, encrypt_data)
output_data = encrypt_data
else:
output_data = content
finally:
zip_file.close()
os.remove(zip_path)
out_file = open(zip_path, 'wb')
try:
out_file.write(output_data)
finally:
out_file.close()
def postarray(postUrl:"提交到指定的URL",jsonDataArr:"提交的数据数组",showAllInfo=True):
"""[加密传输]向服务器提交内容并显示返回内容,自动处理加密解密"""
# 需要提供与数据库 app 表中记录的内容
apiverAppidSecret = ["1","vbCxaCOZL36G5EamUIbKC9ABk4aj8L9CTxBrcaJdrdukZJU3PrZs1oAh2UNkK0nW"]
if (showAllInfo):
tlog("传输模式:加密")
tlog("准备输入的数据 ...")
tlog(postUrl)
tlog(jsonDataArr)
if (showAllInfo) : tlog("读取 totpsecret.json ...")
totpsecret = ""
totptoken = ""
try:
f = open('totpsecret.json', 'r')
filejson = f.read().rstrip('\n')
if (showAllInfo) : tlog(filejson)
filedataarr = demjson.decode(filejson)
totpsecret = filedataarr["totp_secret"]
totptoken = filedataarr["totp_token"]
except:
terr("错误:不能打开文件「totpsecret.json」,先运行「test_gettotptoken.py」来获取返回的 JSON,确保没有错误信息,然后将 JSON 保存到「totpsecret.json」")
finally:
if f:
f.close()
if (showAllInfo) : tlog("插入固定提交信息 ...")
jsonDataArr["apiver"] = apiverAppidSecret[0]
jsonDataArr["appsecret"] = apiverAppidSecret[1]
if (showAllInfo) :
tlog(apiverAppidSecret)
tlog("JSON 编码 ...")
jsonstr = demjson.encode(jsonDataArr)
if (showAllInfo) :
tlog(jsonstr)
tlog("生成 TOTP 代码 ...")
tlog(totpsecret)
totpcode = otp.get_totp(totpsecret)
if (showAllInfo) :
tlog(totpcode)
tlog("混合 totpsecret 和 totpcode 并转为 MD5 ...")
md5g = hashlib.md5()
md5prestr = totpsecret + str(totpcode)
md5g.update(md5prestr.encode(encoding='utf-8'))
md5str = md5g.hexdigest()
if (showAllInfo) :
tlog(md5prestr)
tlog(md5str)
tlog("XXTEA 加密 ...")
encryptdata = xxtea.encrypt(jsonstr, md5str)
if (showAllInfo) :
tlog(encryptdata)
tlog("base64 编码 ...")
base64str = base64.b64encode(encryptdata).decode()
if (showAllInfo) :
tlog(base64str)
tlog("base64 变体 ...")
postStr = base64str.replace('+','-').replace('/','_').replace('=','')
if (showAllInfo) :
tlog(postStr)
tlog("准备 POST 数据 ...")
postData = {'t':totptoken,'j':postStr}
postMod = parse.urlencode(postData).encode(encoding='utf-8')
if (showAllInfo) :
tlog("↑ 发送请求:")
tlog(postMod.decode())
postReq = request.Request(url=postUrl,data=postMod)
try:
postRes = request.urlopen(postReq)
except error.HTTPError as e:
terr("错误:HTTP 连接遇到问题!")
tlog(e)
tlog("使用 cURL 获取原始数据 ...")
curlcmd = 'curl -X POST -d "'+postMod.decode()+'" "'+postUrl+'"'
tlog(curlcmd)
output = os.popen(curlcmd)
tlog(output.read())
sys.exit(1)
except error.URLError as e:
terr("错误:网址不正确!")
tlog(e)
sys.exit(1)
postRes = postRes.read()
postRes = postRes.decode(encoding='utf-8')
if (showAllInfo) :
tlog("↓ 收到数据:")
tlog(postRes)
tlog("检查返回数据合法性 ...")
matchObj = re.match(r"^[0-9A-Za-z\-_]+$", postRes)
if matchObj == None:
tlog("\033[31m错误:收到了非预期的数据,中止。\033[0m")
tlog("原始内容:")
tlog(postRes)
sys.exit()
if (showAllInfo) : tlog("base64 撤销变体 ...")
base64str = postRes.replace('-','+').replace('_','/')
mod4 = len(postRes) % 4
if mod4:
base64str += "===="[0:4-mod4]
if (showAllInfo) :
tlog(base64str)
tlog("base64 解码 ...")
encryptdata = base64.b64decode(base64str)
if (showAllInfo) :
tlog(encryptdata)
tlog("生成 TOTP 代码 ...")
tlog(totpsecret)
totpcode = otp.get_totp(totpsecret)
if (showAllInfo) :
tlog(totpcode)
tlog("混合 totpsecret 和 totpcode 并转为 MD5 ...")
md5g = hashlib.md5()
md5prestr = totpsecret + str(totpcode)
md5g.update(md5prestr.encode(encoding='utf-8'))
md5str = md5g.hexdigest()
if (showAllInfo) :
tlog(md5prestr)
tlog(md5str)
tlog("XXTEA 解密 ...")
jsonstr = xxtea.decrypt_utf8(encryptdata, md5str)
if (showAllInfo) :
tlog(jsonstr)
tlog("JSON 解析 ...")
try:
dataarr = demjson.decode(jsonstr)
except:
terr("错误:解密失败。")
tlog("原始内容:")
tlog(postRes)
sys.exit()
tlog(dataarr)
if (showAllInfo) : tok("完成。")
return dataarr
def main():
arg1 = os.sys.argv[1]
arg2 = os.sys.argv[2]
_xsign = b'5by5'
_key = b'm2NkkPpfWJxmTvuV'
CURRENT_EXT = ".xml"
if arg1 == '-d':
filein = arg2
#fileout = arg2 + CURRENT_EXT
fileDir, fileName = os.path.split(arg2)
if str(fileDir) == "":
fileDir = os.getcwd()
if not os.path.exists(fileDir + "/xml"):
os.mkdir(fileDir + "/xml")
if not os.path.exists(fileDir + "/png"):
os.mkdir(fileDir + "/png")
if not os.path.exists(fileDir + "/luaj"):
os.mkdir(fileDir + "/luaj")
if not os.path.exists(fileDir + "/unknown"):
os.mkdir(fileDir + "/unknown")
if not os.path.exists(fileDir + "/zip"):
os.mkdir(fileDir + "/zip")
if not os.path.exists(fileDir + "/json"):
os.mkdir(fileDir + "/json")
with open(filein, 'rb') as raw:
magic = raw.read(4)
raw.seek(0)
if magic == b'5by5':
rawdata = raw.read()
data = _remove_header(rawdata, _xsign)
plain = xxtea.decrypt(data, _key)
if bytes(plain).startswith(b'<?xml') == True: # XML
CURRENT_EXT = ".xml"
fileName += CURRENT_EXT
print("its xml\n")
with open(fileDir + "/xml/" + fileName, 'wb') as output:
output.write(plain)
#move it
elif bytes(plain).startswith(
b'\x89\x50\x4E\x47') == True: # PNG
CURRENT_EXT = ".png"
fileName += CURRENT_EXT
print("its png\n")
with open(fileDir + "/png/" + fileName, 'wb') as output:
output.write(plain)
elif bytes(plain).startswith(
b'\x1B\x4C\x4A') == True: # LUA JIT
CURRENT_EXT = ".luaj"
print("its lua jit\n")
fileName += CURRENT_EXT
with open(fileDir + "/luaj/" + fileName, 'wb') as output:
output.write(plain)
elif bytes(plain).startswith(b'PK') == True: # ZIP
CURRENT_EXT = ".zip"
print("its zip")
fileName += CURRENT_EXT
with open(fileDir + "/zip/" + fileName, 'wb') as output:
output.write(plain)
elif bytes(plain).startswith(b'{"') == True: # JSON
CURRENT_EXT = ".json"
print("its json")
fileName += CURRENT_EXT
with open(fileDir + "/json/" + fileName, 'wb') as output:
output.write(plain)
else:
print("its unknown\n")
unknown_magic = bytes(plain)[:4]
print("magic : " + str(unknown_magic))
CURRENT_EXT = "_" + str(unknown_magic)
fileName += CURRENT_EXT
with open(fileDir + "/unknown/" + fileName,
'wb') as output:
output.write(plain)
elif arg1 == '-e':
fileIn = arg2
fileOut = arg2 + "_"
with open(fileIn, 'rb') as raw:
with open(fileOut, 'wb') as output:
rawdata = raw.read()
encrypted = xxtea.encrypt(rawdata, _key)
datawithsign = _add_header(encrypted, _xsign)
output.write(datawithsign)
return
def build_assets(root, odir, version, platform, use_png_ext):
from encrypt_png import encrypt as encrypt_png
flist = files_pb2.FileList()
flist.version = version
flist.platform = platform
flist.version_name = version_name(version)
flist.config_version = get_config_version( root ) # 存放的是增量配置的版本号
print 'config version :', flist.config_version
for r, dirs, files in os.walk(root, followlinks=True):
r = os.path.relpath(r, root)
if r=='.':
r = ''
if not is_valid_dir(r, platform):
continue
for f in files:
url = os.path.join(r, f)
if not is_valid_file(f, r, platform, use_png_ext):
continue
url = url.replace('\\', '/')
ipath = os.path.join(root, url)
if f.endswith('.lua') and 'GameSettings' not in f:
signed = XXTEA_SIGN + xxtea.encrypt(open(ipath, 'rb').read(), XXTEA_KEY)
ipath = '/tmp/temp_compiled.lua'
f = open(ipath, 'wb')
f.write(signed)
f.close()
if url.endswith('.p8') :
url = url[:-3]
# png 加密
if url.endswith( '.png' ) :
temp_file_name = '/tmp/temp_encrypt.png'
copyto( ipath, temp_file_name )
encrypt_png(temp_file_name)
ipath = temp_file_name
md5, size = file_md5_size(ipath)
opath = os.path.join(odir, md5_to_path(md5, url))
copyto(ipath, opath)
finfo = flist.files.add()
finfo.url = url
finfo.md5 = md5
finfo.size = size
finfo.where = files_pb2.PACKAGE
s = flist.SerializeToString()
open(os.path.join(odir, DB_PATH), 'wb').write(s)
os.system('cp %s/filelist %s/%s_filelist' % (odir, odir, platform))
if os.name=='nt':
os.system('mkdir %s\\fonts'%odir)
os.system('copy %s\\fonts\\YunYueFont.ttf %s\\fonts\\'%(root, odir))
else:
os.system('mkdir %s/fonts'%odir)
os.system('cp %s/fonts/YunYueFont.ttf %s/fonts/'%(root, odir))
# 1. The inner key may change on the next update
import struct, xxtea, zlib, binascii, sys
file_xml = open("C:\mlp.xml", "r")
gluid = "3c7675febad2a6448446f083cb4a837f7d52d3fdabf16a38afeed478865b17db128669a6"
gluid_hex = gluid.decode("hex")
SIZE_ADJUSTMENT = 24
INNER_KEY = "302a75507acbd72f89504e4712901cf0"
try:
xml_data = file_xml.read()
finally:
file_xml.close()
encry_xml = xxtea.encrypt(xml_data, binascii.unhexlify(INNER_KEY), False)
comp_data = zlib.compress(encry_xml)
crc = struct.pack('i', zlib.crc32(encry_xml))
encry_data = xxtea.encrypt(comp_data + crc, gluid_hex, False)
uncomp_size = struct.pack('i', sys.getsizeof(xml_data) + 3 - SIZE_ADJUSTMENT)
comp_size = struct.pack('i', sys.getsizeof(comp_data) + 4 - SIZE_ADJUSTMENT)
encry_size = struct.pack('i', sys.getsizeof(encry_data) - SIZE_ADJUSTMENT)
reserved = '\x01\x00\x00\x00'
file_save = open("C:\mlp_save_new.dat", "wb")
try:
file_save.write(uncomp_size)
file_save.write(comp_size)
file_save.write(encry_size)
file_save.write(encry_data)
def __encrypt_string(self, s, key, level, encrypt):
if (encrypt >= level):
return xxtea.encrypt(s, key)
else:
return s
def test_encrypt(self):
enc = xxtea.encrypt(self.data, self.key)
self.assertEqual(enc, self.enc)
#!/usr/bin/env python # -*- coding: utf-8 -*- ''' Created on 2018年1月28日 @author: Irony."[讽刺] @site: http://alyl.vip, http://orzorz.vip, https://coding.net/u/892768447, https://github.com/892768447 @email: [email protected] @file: build @description: ''' __Author__ = "By: Irony.\"[讽刺]\nQQ: 892768447\nEmail: [email protected]" __Copyright__ = "Copyright (c) 2018 Irony.\"[讽刺]" __Version__ = "Version 1.0" import base64 import xxtea # @UnresolvedImport KEY = base64.b85decode("HF5^hbNbOVOKM=(SB`7h") with open("src/test.py", "rb") as fi: open("test.irony", "wb").write(xxtea.encrypt(fi.read(), KEY)) print("ok")
def _en(str=''): global xxtea_key return base64.b64encode(xxtea.encrypt(str,xxtea_key))
def encode(cls, metadata):
checksum = hex(crc32(metadata) & 0xffffffff).split('x')[1].upper()
return b64encode(
xxtea.encrypt(
'%s#%s' % (checksum, metadata),
cls.AMAZON_KEY, False))
import os
import sys
import timeit
import xxtea
if __name__ == '__main__':
try:
length = int(sys.argv[1])
times = int(sys.argv[2])
except:
print >> sys.stderr, 'Usage: {} datalength times'.format(sys.argv[0])
sys.exit(-1)
testkey = os.urandom(16)
testdata = os.urandom(length)
t = timeit.Timer('encrypt({}, {})'.format(repr(testdata), repr(testkey)), 'from xxtea import encrypt')
print 'encrypt', t.timeit(times)
testdata = xxtea.encrypt(testdata, testkey)
t = timeit.Timer('decrypt({}, {})'.format(repr(testdata), repr(testkey)), 'from xxtea import decrypt')
print 'decrypt', t.timeit(times)
# 1. The inner key may change on the next update
import struct, xxtea, zlib, binascii, sys
file_xml = open("C:\mlp.xml", "r")
gluid = "3c7675febad2a6448446f083cb4a837f7d52d3fdabf16a38afeed478865b17db128669a6"
gluid_hex = gluid.decode("hex")
SIZE_ADJUSTMENT = 24
INNER_KEY = "302a75507acbd72f89504e4712901cf0"
try:
xml_data = file_xml.read()
finally:
file_xml.close()
encry_xml = xxtea.encrypt(xml_data, binascii.unhexlify(INNER_KEY), False)
comp_data = zlib.compress(encry_xml)
crc = struct.pack('i', zlib.crc32(encry_xml))
encry_data = xxtea.encrypt(comp_data + crc, gluid_hex, False)
uncomp_size = struct.pack('i', sys.getsizeof(xml_data) + 3 - SIZE_ADJUSTMENT)
comp_size = struct.pack('i', sys.getsizeof(comp_data) + 4 - SIZE_ADJUSTMENT)
encry_size = struct.pack('i', sys.getsizeof(encry_data) - SIZE_ADJUSTMENT)
reserved = '\x01\x00\x00\x00'
file_save = open("C:\mlp_save_new.dat", "wb")
try:
file_save.write(uncomp_size)
file_save.write(comp_size)
file_save.write(encry_size)
file_save.write(encry_data)
file_old = open("C:\mlp_save.dat", "rb")
file_new = open("C:\mlp_save_new.dat", "wb")
gluid = "1ee4688454e7a830e44491c86a1140fc137b6c204d60742c5cdb0bb1e8eb0465453aaa43"
gluid_new = "3c7675febad2a6448446f083cb4a837f7d52d3fdabf16a38afeed478865b17db128669a6"
gluid_hex = gluid.decode("hex")
gluid_hex_new = gluid_new.decode("hex")
try:
data = file_old.read()
finally:
file_old.close()
data_size = len(data)
uncomp_size = data[0:WORD_SIZE]
comp_size = data[WORD_SIZE : 2 * WORD_SIZE]
encry_size = data[2 * WORD_SIZE : 3 * WORD_SIZE]
encry_data = data[3 * WORD_SIZE : data_size - WORD_SIZE]
reserved = data[data_size - WORD_SIZE : len(data)]
decry_data = xxtea.decrypt(encry_data, gluid_hex, False)
new_encry_data = xxtea.encrypt(decry_data, gluid_hex_new, False)
try:
file_new.write(uncomp_size)
file_new.write(comp_size)
file_new.write(encry_size)
file_new.write(new_encry_data)
file_new.write(reserved)
finally:
file_new.close()
