def test_urandom(self): for i in range(2048): key = os.urandom(16) data = os.urandom(i) enc = xxtea.encrypt(data, key) dec = xxtea.decrypt(enc, key) self.assertEqual(data, dec) data = b'\0' * i enc = xxtea.encrypt(data, key) dec = xxtea.decrypt(enc, key) self.assertEqual(data, dec)
def test_zero_bytes(self): for i in range(2048): data = b'\0' * i key = os.urandom(16) enc = xxtea.encrypt(data, key) dec = xxtea.decrypt(enc, key) self.assertEqual(data, dec) key = b'\0' * 16 enc = xxtea.encrypt(data, key) dec = xxtea.decrypt(enc, key) self.assertEqual(data, dec)
def load_login_page(self): headers = { 'X-Requested-With': 'XMLHttpRequest', 'host': self.host, "Referer": "https://kyfw.12306.cn/otn/login/init" } self.http.get("https://" + self.domain + "/otn/", verify=False, headers=headers) res = self.http.get('https://' + self.domain + '/otn/login/init', verify=False, headers=headers) assert isinstance(res, requests.Response) if not 'src=\"/otn/dynamicJs/' in res.text: raise C12306Error('初始化页面错误') dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"") ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" + dynamic_js_url, verify=False, headers=headers).text self.loginDynamicKey = xlstr.substr(ret, "gc(){var key='", "'") self.loginDynamicVal = (xxtea.encrypt("1111", self.loginDynamicKey)) #隐藏的监测url ready_str = xlstr.substr(ret, "$(document).ready(", ")};") if ready_str.find("jq({url") > 0: checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'") self.http.get("https://" + self.domain + checkHelperUrl, verify=False, headers=headers)
def load_search_page(self): headers = { 'Referer': 'https://kyfw.12306.cn/otn/login/init', "host": self.host } leftText = self.http.get("https://" + self.domain + "/otn/leftTicket/init", verify=False, headers=headers).text self.leftTicketUrl = xlstr.substr(leftText, "var CLeftTicketUrl = '", "'") dynamic_js_url = xlstr.substr(leftText, "src=\"/otn/dynamicJs/", "\"") ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" + dynamic_js_url, verify=False, headers=headers).text #隐藏的监测url ready_str = xlstr.substr(ret, "$(document).ready(", ")};") if ready_str.find("jq({url") > 0: checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'") self.http.get("https://" + self.domain + checkHelperUrl, verify=False, headers=headers) self.searchDynamicKey = xlstr.substr(ret, "gc(){var key='", "'") self.searchDynamicVal = urllib.parse.quote_plus( xxtea.encrypt("1111", self.searchDynamicKey)) self.auth_code_img('login')
def test(info: str, key: str): print('\nKey: {}\nCipher: {}'.format(key, info)) cipher = auth_base64.decode(info) plain = xxtea.decrypt(cipher, key.encode()) print('Plain text: {}'.format(json.loads(plain))) cipher2 = xxtea.encrypt(plain, key.encode()) print('encrypt(decrypt(Cipher)) == Cipher: {}'.format(cipher == cipher2))
def encrypt(filePath, key): """ :单文件加密 :param filePath: 文件目录 :param key: xxteaKey :return: 加密数据 """ if len(key) < 16: key += "".join("\0" * (16 - len(key))) # key填充 data = read_txt(fileDir=filePath).encode("utf-8") data = gzip.compress(data) enc_data = xxtea.encrypt(data=data, key=key) """ #下面是decrypt程序的解压缩部分 对应的压缩部分暂时未实现 if dec_data[:2] == b"PK": fio = BytesIO(dec_data) fzip = zipfile.ZipFile(file=fio) dec_data = fzip.read(fzip.namelist()[0]).decode("utf-8") elif dec_data[:2] == b"\x1f\x8b": dec_data = bytes(zlib.decompress(dec_data, 16 + zlib.MAX_WBITS)).decode("utf-8") else: try: dec_data = bytes(dec_data).decode("utf-8") except UnicodeDecodeError: ColorPrinter.print_blue_text(" This file looks like have some unknown byte, try save as unknown files") """ return enc_data
def test_encrypt_nopadding_zero(self): key = os.urandom(16) for i in (8, 12, 16, 20): data = b'\0' * i enc = xxtea.encrypt(data, key, padding=False) dec = xxtea.decrypt(enc, key, padding=False) self.assertEqual(data, dec)
def crypt(data, password, add_header=False): """Return encrypted data""" if add_header: data = add_head(data) key = get_key(password) return xxtea.encrypt(data, key)
def encrypt_file(src_dir, file_path, temp_dir, xxtea_key = "", sign = ""): if not file_path.startswith(src_dir): print("%s is not parent dir of %s, can not do encrypt" % (src_dir, file_path)) # 将 X:/game/src/pkg1/pkg2/Module.lua 转换为 pkg1.pkg2.Module的形式 start_index = len(src_dir) encrypt_file_name = file_path[start_index: len(file_path)] if encrypt_file_name.startswith(os.path.sep): encrypt_file_name = encrypt_file_name[1:len(encrypt_file_name)] encrypt_file_name = encrypt_file_name.replace(os.path.sep, ".") # 去除.lua扩展名 encrypt_file_name = encrypt_file_name[0: -4] encrypt_file_path = os.path.join(temp_dir, encrypt_file_name) print("encrypt file:%s ==============> %s" % (file_path, encrypt_file_path)) src_file = open(file_path, 'rb') output_file = open(encrypt_file_path, 'wb') try: file_content = src_file.read() # 若xxtea_key不为"",则对源文件内容进行加密并写入签名 if xxtea_key != "": encrypt_data = xxtea.encrypt(file_content, xxtea_key) data_len = len(encrypt_data) sign_len = len(sign) if sign_len > 0: encrypt_data = struct.pack("=%ds%ds" % (sign_len, data_len), sign, encrypt_data) output_data = encrypt_data else: output_data = file_content output_file.write(output_data) finally: output_file.close() src_file.close()
def __init__(self, domain=''): if domain != '': self.domain = domain headers = {"host": self.host} self.http.get("https://" + self.domain + "/otn/", verify=False, headers=headers) res = self.http.get('https://' + self.domain + '/otn/login/init', verify=False, headers=headers) assert isinstance(res, requests.Response) if not 'src=\"/otn/dynamicJs/' in res.text: raise C12306Error('初始化页面错误') dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"") ret = self.http.get("https://" + self.domain + "/otn/dynamicJs/" + dynamic_js_url, verify=False, headers=headers).text self.loginDynamicKey = xlstr.substr(ret, "gc(){var key='", "'") self.loginDynamicVal = (xxtea.encrypt("1111", self.loginDynamicKey)) #隐藏的监测url ready_str = xlstr.substr(ret, "$(document).ready(", ")};") if ready_str.find("jq({url") > 0: checkHelperUrl = xlstr.substr(ready_str, "jq({url :'", "'") self.http.get("https://" + self.domain + checkHelperUrl, verify=False, headers=headers) self.load_station_code()
def test_urandom(self): for i in range(2048): key = os.urandom(16) data = os.urandom(i) enc = xxtea.encrypt(data, key) dec = xxtea.decrypt(enc, key) self.assertEqual(data, dec)
def test_hex_encode(self): for i in range(2048): key = os.urandom(16) data = os.urandom(i) enc = xxtea.encrypt(data, key) hexenc = xxtea.encrypt_hex(data, key) self.assertEqual(binascii.b2a_hex(enc), hexenc)
def encrypt(key, data): """ @note: 加密 @param key: getTime() @param data: data @return: bytes """ try: return xxtea.encrypt(key + data, key[:16]) except: return b""
def encrypt(data, key): if len(data) <= 3: return data padding = len(data) / 4 * 4 to_data = data[0:padding] cipher = xxtea.encrypt(to_data, key, False) if padding < len(data): cipher = cipher + data[padding::] return cipher
def encryptFile(fname, key): uKey = bytes(key, encoding='utf-8') with open(fname, 'r+b') as input: plaintext = input.read() ciphertext = xxtea.encrypt(plaintext, uKey) input.seek(0) input.write(ciphertext) input.truncate() input.close()
def __encrypt(self, s, level, encryptmode): #return (xxtea.encrypt(s, self.__key) # if ((self.__key != None) and (encryptmode >= level)) # else s #) if ((self.__key != None) and (encryptmode >= level)) : result = xxtea.encrypt(s, self.__key) else : result = s return result
def __encrypt(self, s, level, encryptmode): #return (xxtea.encrypt(s, self.__key) # if ((self.__key != None) and (encryptmode >= level)) # else s #) if ((self.__key != None) and (encryptmode >= level)): result = xxtea.encrypt(s, self.__key) else: result = s return result
def test_xxtea1(self): if sys.version_info < (3, 0): text = "Hello World! 你好,中国!" key = "1234567890" else: text = "Hello World! 你好,中国!".encode("utf-8") key = "1234567890".encode("utf-8") encrypt_data = xxtea.encrypt(text, key) decrypt_data = xxtea.decrypt(encrypt_data, key) self.assertEqual(text, decrypt_data)
def __encrypthex(self, data): try: import xxtea except: raise ImportError( 'Try to run "pip install xxtea-py" for using xxtea') return xxtea.encrypt( data, bytes.fromhex( '67377150343554566b51354736694e6262686155356e586c41656c4763416373' )).hex()
def encryptPic(pathname, encrykey): #加密目录下的图片 for dirpath, dirnames, filenames in os.walk(pathname): #压缩目录下的所有文件 for files in filenames: if files.endswith("png") or files.endswith("jpg"): filePath = os.path.join(dirpath, files) print filePath with open(filePath, "rb") as f: data = f.read() dataEncrypt = xxtea.encrypt(data, encrykey) #加密 f.close() with open(filePath, "wb") as f1: f1.write(dataEncrypt) f1.close()
def encrypt(file, output_file): print('************** xxtea encrypt =====>>>>> ' + file + ' **************') read_handle = open(file, 'rb') content = read_handle.read() read_handle.close() xxtea_content = xxtea.encrypt(content, ENCRYPT_KEY) xxtea_content = ENCRYPT_SIGN + xxtea_content write_handle = open(output_file, 'wb') write_handle.write(xxtea_content) write_handle.close()
def encrypt(data): """ :param data: str or bytes """ try: key = os.urandom(16) plen = randint(1, 9) padding = os.urandom(plen) # key + padding len + padding + data return key + hex(plen).encode() + padding + xxtea.encrypt(data, key) except: traceback.print_exc() return b''
def encrypt(file_path, out_path, key, sign): print("===>encrypt %s to %s" % (file_path, out_path)) fp = open(file_path, "rb") encrypt_bytes = xxtea.encrypt(fp.read(), key) fp.close() encrypt_bytes = sign + encrypt_bytes # out_dir = os.path.dirname(out_path) # if not os.path.exists(out_dir): # os.makedirs(out_dir) fp = open(out_path, "wb") fp.write(encrypt_bytes) fp.close()
def xxtea_test_memory(): s = 'xxtea is good' # key = os.urandom(16) key = b'1234567891234567' print('key:', key) enc = xxtea.encrypt(s, key) print(enc) dec = xxtea.decrypt(enc, key) print(dec) if s == dec.decode(): print(True)
def encrypt(is_zip, input_key, input_js_path): prefix = 'encryptTemp' if os.path.exists(prefix) is True: os.system('rm -r ' + prefix) os.mkdir(prefix) if os.path.exists("encryptOutput") is True: os.system('rm -r ' + "encryptOutput") os.mkdir("encryptOutput") js_path = input_js_path if js_path == '': js_path = raw_input('please input your .js path:') if os.path.exists(js_path) is False: print "error: your .js file is not exist." return False key = input_key if key == '': key = raw_input('please input your encrypt key:') if key == '': print "error: your key is empty." return False # zip .jsc if is_zip is True: print 'begin zip.' project_zip_name = prefix + '/projectChanged.zip' os.system("cp " + js_path + " " + prefix + '/encrypt.js') zip_file(prefix + '/encrypt.js', 'encrypt.js', project_zip_name) project_content = read_file_content(project_zip_name) else: project_content = read_file_content(js_path) # encrypt print 'begin encrypt.' enc = xxtea.encrypt(project_content, key) final_jsc_name = prefix + '/projectChanged.jsc' write_content_to_file(final_jsc_name, enc) os.system('cp ' + final_jsc_name + " encryptOutput/projectChanged.jsc") print 'remove temp file.' if os.path.exists(prefix) is True: os.system('rm -r ' + prefix) print "success. please check 'encryptOutput' directory." return True
def encrypt_file(path, key, sign): bytesFile = open(path, "rb+") buff = bytesFile.read() pre_sign = str(buff[0:len(sign)]) if pre_sign == sign: print("have entrypt :" + path) else: print("entrypt file :" + path) encryBytes = xxtea.encrypt(buff, key) encryBytes = sign.encode("utf-8") + encryBytes bytesFile.seek(0) bytesFile.write(encryBytes) bytesFile.close()
def EncriptLua(data): #先判断是否混淆过了 dataLen = len(data); #为了和cocos C++一致 放到前面 signLen = len(CODE_SIGN); keyLen = len(CODE_KEY); if dataLen > signLen: checkSign = data[0:signLen]; if checkSign == CODE_SIGN: print('has merge') return data;#说明混淆过了 print('EncriptLua') data = xxtea.encrypt(data, CODE_KEY) data = CODE_SIGN + data return data
def submit_order(self,ticket): """ :param ticket: Ticket :return: :raise C12306Error: """ data='secretStr='+ticket.secret_str+'&train_date='+ticket.train_date+'&back_train_date='+ticket.train_date+\ '&tour_flag=dc&purpose_codes=ADULT&query_from_station_name='+ticket.from_station_name+\ '&query_to_station_name='+ticket.to_station_name+'&undefined&'+self.searchDynamicKey+"="+self.searchDynamicVal headers={'Referer':'https://kyfw.12306.cn/otn/leftTicket/init','X-Requested-With':'XMLHttpRequest'\ ,'Content-Type':'application/x-www-form-urlencoded; charset=UTF-8',"host":self.host} data=data.encode() self.http.post('https://'+self.domain+'/otn/login/checkUser',{"_json_att":""},verify=False,headers=headers) res=self.http.post('https://'+self.domain+'/otn/leftTicket/submitOrderRequest',data,verify=False,headers=headers) orderInfo=res.json() if orderInfo['status']!=True: raise C12306Error('提交订单错误:'+''.join(orderInfo['messages'])) res=self.http.post('https://'+self.domain+'/otn/confirmPassenger/initDc',{'_json_att':''},verify=False,headers=headers) pageText=res.text self.Token=xlstr.substr(pageText,"globalRepeatSubmitToken = '","'") self.keyCheck=xlstr.substr(pageText,"'key_check_isChange':'","'") self.leftTicketStr=xlstr.substr(pageText,"leftTicketStr':'","'") self.trainLocation=xlstr.substr(pageText,"train_location':'","'") dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\""); dynamic_js = self.http.get("https://"+self.domain +"/otn/dynamicJs/"+ dynamic_js_url, verify=False,headers=headers) #隐藏的监测url ready_str=xlstr.substr(dynamic_js.text,"$(document).ready(",")};") if ready_str.find("jq({url")>0 : checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'") self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers) self.dynamicKey=xlstr.substr(dynamic_js.text,"gc(){var key='","'") self.dynamicVal=xxtea.encrypt("1111",self.dynamicKey) self.dynamicVal=urllib.parse.quote_plus(self.dynamicVal) if len(self.Token)!=32 : raise C12306Error('预定页面获取失败!') return True
def generate_session_key(timestamp, numbers): """ session_key = base64_encode(tea(timestamp + numbers)) 10位时间 + 账号 :param timestamp: 时间挫,生产session_key的时间 :param numbers: 账号 :return: session_key/成功,None/失败 """ try: key = "key" plain = "%s%s" % (timestamp, numbers) session_key = base64.b64encode(encrypt(plain, key)) return session_key except Exception as e: g_log.error("<%s> %s", e.__class__, e) return None
def build_assets(root, odir, version, platform): flist.version = version flist.platform = platform flist.version_name = version_name(version) for r, dirs, files in os.walk(root, followlinks=True): r = os.path.relpath(r, root) if r=='.': r = '' if not is_valid_dir(r, platform): continue for f in files: url = os.path.join(r, f) if not is_valid_file(f, r, platform): continue url = url.replace('\\', '/') ipath = os.path.join(root, url) signed = XXTEA_SIGN + xxtea.encrypt(open(ipath, 'rb').read(), XXTEA_KEY) ipath = '/tmp/temp_compiled.lua' f = open(ipath, 'wb') f.write(signed) f.close() md5, size = file_md5_size(ipath) opath = os.path.join(odir, md5_to_path(md5, url)) copyto(ipath, opath) finfo = flist.files.add() finfo.url = url finfo.md5 = md5 finfo.size = size finfo.where = files_pb2.PACKAGE s = flist.SerializeToString() open(os.path.join(odir, DB_PATH), 'wb').write(s) if os.name=='nt': os.system('mkdir %s\\fonts'%odir) os.system('copy %s\\fonts\\YunYueFont.ttf %s\\fonts\\'%(root, odir)) os.system('copy %s\\fonts\\Fonts_android.png %s\\fonts\\'%(root, odir)) else: os.system('mkdir %s/fonts'%odir) os.system('cp %s/fonts/YunYueFont.ttf %s/fonts/'%(root, odir)) os.system('cp %s/fonts/Fonts_android.png %s/fonts/'%(root, odir)) os.system('cp %s/filelist %s/%s_filelist' % (odir, odir, platform))
def load_search_page(self): headers={'Referer':'https://kyfw.12306.cn/otn/login/init',"host":self.host} leftText=self.http.get("https://"+self.domain+"/otn/leftTicket/init",verify=False,headers=headers).text self.leftTicketUrl=xlstr.substr(leftText,"var CLeftTicketUrl = '","'") dynamic_js_url = xlstr.substr(leftText, "src=\"/otn/dynamicJs/", "\"") ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text #隐藏的监测url ready_str=xlstr.substr(ret,"$(document).ready(",")};") if ready_str.find("jq({url")>0 : checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'") self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers) self.searchDynamicKey=xlstr.substr(ret,"gc(){var key='","'") self.searchDynamicVal=urllib.parse.quote_plus(xxtea.encrypt("1111",self.searchDynamicKey)) self.auth_code_img('login')
def load_login_page(self): headers = {'X-Requested-With': 'XMLHttpRequest','host':self.host,"Referer":"https://kyfw.12306.cn/otn/login/init"} self.http.get("https://" + self.domain + "/otn/", verify=False,headers=headers) res = self.http.get('https://'+self.domain+'/otn/login/init', verify=False,headers=headers) assert isinstance(res, requests.Response) if not 'src=\"/otn/dynamicJs/' in res.text: raise C12306Error('初始化页面错误') dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"") ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text self.loginDynamicKey=xlstr.substr(ret,"gc(){var key='","'") self.loginDynamicVal=(xxtea.encrypt("1111",self.loginDynamicKey)) #隐藏的监测url ready_str=xlstr.substr(ret,"$(document).ready(",")};") if ready_str.find("jq({url")>0 : checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'") self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers)
def new_wallet(file_dir): if file_dir is None: file_dir = os.getcwd() # securely get the password to salt the wallet signing key password = getpass('Enter a password to secure the wallet: ') wallet = ED25519Wallet.new() signing_key = bytes.fromhex(wallet[0]) encrypted_wallet = xxtea.encrypt(signing_key, password) print(encrypted_wallet) # output wallet as a UTC timestamp for simplicity now = datetime.utcnow() file_name = 'UTC-' + str(now).replace(' ', '-') + '.tau' print('Generated new wallet in {}'.format(os.path.join( file_dir, file_name))) with open(os.path.join(file_dir, file_name), 'wb') as f: f.write(encrypted_wallet)
def __init__(self,domain=''): if domain!='': self.domain=domain headers={"host":self.host} self.http.get("https://" + self.domain + "/otn/", verify=False,headers=headers) res = self.http.get('https://'+self.domain+'/otn/login/init', verify=False,headers=headers) assert isinstance(res, requests.Response) if not 'src=\"/otn/dynamicJs/' in res.text: raise C12306Error('初始化页面错误') dynamic_js_url = xlstr.substr(res.text, "src=\"/otn/dynamicJs/", "\"") ret=self.http.get("https://"+self.domain+"/otn/dynamicJs/" + dynamic_js_url, verify=False,headers=headers).text self.loginDynamicKey=xlstr.substr(ret,"gc(){var key='","'") self.loginDynamicVal=(xxtea.encrypt("1111",self.loginDynamicKey)) #隐藏的监测url ready_str=xlstr.substr(ret,"$(document).ready(",")};") if ready_str.find("jq({url")>0 : checkHelperUrl=xlstr.substr(ready_str,"jq({url :'","'") self.http.get("https://"+self.domain+checkHelperUrl,verify=False,headers=headers) self.load_station_code()
def encrypt_zip(zip_path, xxtea_key = "", sign = ""): zip_file = open(zip_path, 'rb') try: content = zip_file.read() # 若xxtea_key不为"",则对源文件内容进行加密并写入签名 if xxtea_key != "": encrypt_data = xxtea.encrypt(content, xxtea_key) data_len = len(encrypt_data) sign_len = len(sign) if sign_len > 0: encrypt_data = struct.pack("=%ds%ds" % (sign_len, data_len), sign, encrypt_data) output_data = encrypt_data else: output_data = content finally: zip_file.close() os.remove(zip_path) out_file = open(zip_path, 'wb') try: out_file.write(output_data) finally: out_file.close()
def postarray(postUrl:"提交到指定的URL",jsonDataArr:"提交的数据数组",showAllInfo=True): """[加密传输]向服务器提交内容并显示返回内容,自动处理加密解密""" # 需要提供与数据库 app 表中记录的内容 apiverAppidSecret = ["1","vbCxaCOZL36G5EamUIbKC9ABk4aj8L9CTxBrcaJdrdukZJU3PrZs1oAh2UNkK0nW"] if (showAllInfo): tlog("传输模式:加密") tlog("准备输入的数据 ...") tlog(postUrl) tlog(jsonDataArr) if (showAllInfo) : tlog("读取 totpsecret.json ...") totpsecret = "" totptoken = "" try: f = open('totpsecret.json', 'r') filejson = f.read().rstrip('\n') if (showAllInfo) : tlog(filejson) filedataarr = demjson.decode(filejson) totpsecret = filedataarr["totp_secret"] totptoken = filedataarr["totp_token"] except: terr("错误:不能打开文件「totpsecret.json」,先运行「test_gettotptoken.py」来获取返回的 JSON,确保没有错误信息,然后将 JSON 保存到「totpsecret.json」") finally: if f: f.close() if (showAllInfo) : tlog("插入固定提交信息 ...") jsonDataArr["apiver"] = apiverAppidSecret[0] jsonDataArr["appsecret"] = apiverAppidSecret[1] if (showAllInfo) : tlog(apiverAppidSecret) tlog("JSON 编码 ...") jsonstr = demjson.encode(jsonDataArr) if (showAllInfo) : tlog(jsonstr) tlog("生成 TOTP 代码 ...") tlog(totpsecret) totpcode = otp.get_totp(totpsecret) if (showAllInfo) : tlog(totpcode) tlog("混合 totpsecret 和 totpcode 并转为 MD5 ...") md5g = hashlib.md5() md5prestr = totpsecret + str(totpcode) md5g.update(md5prestr.encode(encoding='utf-8')) md5str = md5g.hexdigest() if (showAllInfo) : tlog(md5prestr) tlog(md5str) tlog("XXTEA 加密 ...") encryptdata = xxtea.encrypt(jsonstr, md5str) if (showAllInfo) : tlog(encryptdata) tlog("base64 编码 ...") base64str = base64.b64encode(encryptdata).decode() if (showAllInfo) : tlog(base64str) tlog("base64 变体 ...") postStr = base64str.replace('+','-').replace('/','_').replace('=','') if (showAllInfo) : tlog(postStr) tlog("准备 POST 数据 ...") postData = {'t':totptoken,'j':postStr} postMod = parse.urlencode(postData).encode(encoding='utf-8') if (showAllInfo) : tlog("↑ 发送请求:") tlog(postMod.decode()) postReq = request.Request(url=postUrl,data=postMod) try: postRes = request.urlopen(postReq) except error.HTTPError as e: terr("错误:HTTP 连接遇到问题!") tlog(e) tlog("使用 cURL 获取原始数据 ...") curlcmd = 'curl -X POST -d "'+postMod.decode()+'" "'+postUrl+'"' tlog(curlcmd) output = os.popen(curlcmd) tlog(output.read()) sys.exit(1) except error.URLError as e: terr("错误:网址不正确!") tlog(e) sys.exit(1) postRes = postRes.read() postRes = postRes.decode(encoding='utf-8') if (showAllInfo) : tlog("↓ 收到数据:") tlog(postRes) tlog("检查返回数据合法性 ...") matchObj = re.match(r"^[0-9A-Za-z\-_]+$", postRes) if matchObj == None: tlog("\033[31m错误:收到了非预期的数据,中止。\033[0m") tlog("原始内容:") tlog(postRes) sys.exit() if (showAllInfo) : tlog("base64 撤销变体 ...") base64str = postRes.replace('-','+').replace('_','/') mod4 = len(postRes) % 4 if mod4: base64str += "===="[0:4-mod4] if (showAllInfo) : tlog(base64str) tlog("base64 解码 ...") encryptdata = base64.b64decode(base64str) if (showAllInfo) : tlog(encryptdata) tlog("生成 TOTP 代码 ...") tlog(totpsecret) totpcode = otp.get_totp(totpsecret) if (showAllInfo) : tlog(totpcode) tlog("混合 totpsecret 和 totpcode 并转为 MD5 ...") md5g = hashlib.md5() md5prestr = totpsecret + str(totpcode) md5g.update(md5prestr.encode(encoding='utf-8')) md5str = md5g.hexdigest() if (showAllInfo) : tlog(md5prestr) tlog(md5str) tlog("XXTEA 解密 ...") jsonstr = xxtea.decrypt_utf8(encryptdata, md5str) if (showAllInfo) : tlog(jsonstr) tlog("JSON 解析 ...") try: dataarr = demjson.decode(jsonstr) except: terr("错误:解密失败。") tlog("原始内容:") tlog(postRes) sys.exit() tlog(dataarr) if (showAllInfo) : tok("完成。") return dataarr
def main(): arg1 = os.sys.argv[1] arg2 = os.sys.argv[2] _xsign = b'5by5' _key = b'm2NkkPpfWJxmTvuV' CURRENT_EXT = ".xml" if arg1 == '-d': filein = arg2 #fileout = arg2 + CURRENT_EXT fileDir, fileName = os.path.split(arg2) if str(fileDir) == "": fileDir = os.getcwd() if not os.path.exists(fileDir + "/xml"): os.mkdir(fileDir + "/xml") if not os.path.exists(fileDir + "/png"): os.mkdir(fileDir + "/png") if not os.path.exists(fileDir + "/luaj"): os.mkdir(fileDir + "/luaj") if not os.path.exists(fileDir + "/unknown"): os.mkdir(fileDir + "/unknown") if not os.path.exists(fileDir + "/zip"): os.mkdir(fileDir + "/zip") if not os.path.exists(fileDir + "/json"): os.mkdir(fileDir + "/json") with open(filein, 'rb') as raw: magic = raw.read(4) raw.seek(0) if magic == b'5by5': rawdata = raw.read() data = _remove_header(rawdata, _xsign) plain = xxtea.decrypt(data, _key) if bytes(plain).startswith(b'<?xml') == True: # XML CURRENT_EXT = ".xml" fileName += CURRENT_EXT print("its xml\n") with open(fileDir + "/xml/" + fileName, 'wb') as output: output.write(plain) #move it elif bytes(plain).startswith( b'\x89\x50\x4E\x47') == True: # PNG CURRENT_EXT = ".png" fileName += CURRENT_EXT print("its png\n") with open(fileDir + "/png/" + fileName, 'wb') as output: output.write(plain) elif bytes(plain).startswith( b'\x1B\x4C\x4A') == True: # LUA JIT CURRENT_EXT = ".luaj" print("its lua jit\n") fileName += CURRENT_EXT with open(fileDir + "/luaj/" + fileName, 'wb') as output: output.write(plain) elif bytes(plain).startswith(b'PK') == True: # ZIP CURRENT_EXT = ".zip" print("its zip") fileName += CURRENT_EXT with open(fileDir + "/zip/" + fileName, 'wb') as output: output.write(plain) elif bytes(plain).startswith(b'{"') == True: # JSON CURRENT_EXT = ".json" print("its json") fileName += CURRENT_EXT with open(fileDir + "/json/" + fileName, 'wb') as output: output.write(plain) else: print("its unknown\n") unknown_magic = bytes(plain)[:4] print("magic : " + str(unknown_magic)) CURRENT_EXT = "_" + str(unknown_magic) fileName += CURRENT_EXT with open(fileDir + "/unknown/" + fileName, 'wb') as output: output.write(plain) elif arg1 == '-e': fileIn = arg2 fileOut = arg2 + "_" with open(fileIn, 'rb') as raw: with open(fileOut, 'wb') as output: rawdata = raw.read() encrypted = xxtea.encrypt(rawdata, _key) datawithsign = _add_header(encrypted, _xsign) output.write(datawithsign) return
def build_assets(root, odir, version, platform, use_png_ext): from encrypt_png import encrypt as encrypt_png flist = files_pb2.FileList() flist.version = version flist.platform = platform flist.version_name = version_name(version) flist.config_version = get_config_version( root ) # 存放的是增量配置的版本号 print 'config version :', flist.config_version for r, dirs, files in os.walk(root, followlinks=True): r = os.path.relpath(r, root) if r=='.': r = '' if not is_valid_dir(r, platform): continue for f in files: url = os.path.join(r, f) if not is_valid_file(f, r, platform, use_png_ext): continue url = url.replace('\\', '/') ipath = os.path.join(root, url) if f.endswith('.lua') and 'GameSettings' not in f: signed = XXTEA_SIGN + xxtea.encrypt(open(ipath, 'rb').read(), XXTEA_KEY) ipath = '/tmp/temp_compiled.lua' f = open(ipath, 'wb') f.write(signed) f.close() if url.endswith('.p8') : url = url[:-3] # png 加密 if url.endswith( '.png' ) : temp_file_name = '/tmp/temp_encrypt.png' copyto( ipath, temp_file_name ) encrypt_png(temp_file_name) ipath = temp_file_name md5, size = file_md5_size(ipath) opath = os.path.join(odir, md5_to_path(md5, url)) copyto(ipath, opath) finfo = flist.files.add() finfo.url = url finfo.md5 = md5 finfo.size = size finfo.where = files_pb2.PACKAGE s = flist.SerializeToString() open(os.path.join(odir, DB_PATH), 'wb').write(s) os.system('cp %s/filelist %s/%s_filelist' % (odir, odir, platform)) if os.name=='nt': os.system('mkdir %s\\fonts'%odir) os.system('copy %s\\fonts\\YunYueFont.ttf %s\\fonts\\'%(root, odir)) else: os.system('mkdir %s/fonts'%odir) os.system('cp %s/fonts/YunYueFont.ttf %s/fonts/'%(root, odir))
# 1. The inner key may change on the next update import struct, xxtea, zlib, binascii, sys file_xml = open("C:\mlp.xml", "r") gluid = "3c7675febad2a6448446f083cb4a837f7d52d3fdabf16a38afeed478865b17db128669a6" gluid_hex = gluid.decode("hex") SIZE_ADJUSTMENT = 24 INNER_KEY = "302a75507acbd72f89504e4712901cf0" try: xml_data = file_xml.read() finally: file_xml.close() encry_xml = xxtea.encrypt(xml_data, binascii.unhexlify(INNER_KEY), False) comp_data = zlib.compress(encry_xml) crc = struct.pack('i', zlib.crc32(encry_xml)) encry_data = xxtea.encrypt(comp_data + crc, gluid_hex, False) uncomp_size = struct.pack('i', sys.getsizeof(xml_data) + 3 - SIZE_ADJUSTMENT) comp_size = struct.pack('i', sys.getsizeof(comp_data) + 4 - SIZE_ADJUSTMENT) encry_size = struct.pack('i', sys.getsizeof(encry_data) - SIZE_ADJUSTMENT) reserved = '\x01\x00\x00\x00' file_save = open("C:\mlp_save_new.dat", "wb") try: file_save.write(uncomp_size) file_save.write(comp_size) file_save.write(encry_size) file_save.write(encry_data)
def __encrypt_string(self, s, key, level, encrypt): if (encrypt >= level): return xxtea.encrypt(s, key) else: return s
def test_encrypt(self): enc = xxtea.encrypt(self.data, self.key) self.assertEqual(enc, self.enc)
#!/usr/bin/env python # -*- coding: utf-8 -*- ''' Created on 2018年1月28日 @author: Irony."[讽刺] @site: http://alyl.vip, http://orzorz.vip, https://coding.net/u/892768447, https://github.com/892768447 @email: [email protected] @file: build @description: ''' __Author__ = "By: Irony.\"[讽刺]\nQQ: 892768447\nEmail: [email protected]" __Copyright__ = "Copyright (c) 2018 Irony.\"[讽刺]" __Version__ = "Version 1.0" import base64 import xxtea # @UnresolvedImport KEY = base64.b85decode("HF5^hbNbOVOKM=(SB`7h") with open("src/test.py", "rb") as fi: open("test.irony", "wb").write(xxtea.encrypt(fi.read(), KEY)) print("ok")
def _en(str=''): global xxtea_key return base64.b64encode(xxtea.encrypt(str,xxtea_key))
def encode(cls, metadata): checksum = hex(crc32(metadata) & 0xffffffff).split('x')[1].upper() return b64encode( xxtea.encrypt( '%s#%s' % (checksum, metadata), cls.AMAZON_KEY, False))
import os import sys import timeit import xxtea if __name__ == '__main__': try: length = int(sys.argv[1]) times = int(sys.argv[2]) except: print >> sys.stderr, 'Usage: {} datalength times'.format(sys.argv[0]) sys.exit(-1) testkey = os.urandom(16) testdata = os.urandom(length) t = timeit.Timer('encrypt({}, {})'.format(repr(testdata), repr(testkey)), 'from xxtea import encrypt') print 'encrypt', t.timeit(times) testdata = xxtea.encrypt(testdata, testkey) t = timeit.Timer('decrypt({}, {})'.format(repr(testdata), repr(testkey)), 'from xxtea import decrypt') print 'decrypt', t.timeit(times)
file_old = open("C:\mlp_save.dat", "rb") file_new = open("C:\mlp_save_new.dat", "wb") gluid = "1ee4688454e7a830e44491c86a1140fc137b6c204d60742c5cdb0bb1e8eb0465453aaa43" gluid_new = "3c7675febad2a6448446f083cb4a837f7d52d3fdabf16a38afeed478865b17db128669a6" gluid_hex = gluid.decode("hex") gluid_hex_new = gluid_new.decode("hex") try: data = file_old.read() finally: file_old.close() data_size = len(data) uncomp_size = data[0:WORD_SIZE] comp_size = data[WORD_SIZE : 2 * WORD_SIZE] encry_size = data[2 * WORD_SIZE : 3 * WORD_SIZE] encry_data = data[3 * WORD_SIZE : data_size - WORD_SIZE] reserved = data[data_size - WORD_SIZE : len(data)] decry_data = xxtea.decrypt(encry_data, gluid_hex, False) new_encry_data = xxtea.encrypt(decry_data, gluid_hex_new, False) try: file_new.write(uncomp_size) file_new.write(comp_size) file_new.write(encry_size) file_new.write(new_encry_data) file_new.write(reserved) finally: file_new.close()