Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def decrypt_windows_password(self, instance_id):
password = ""
password_data = self._client. \
get_password_data(InstanceId=instance_id)['PasswordData']
if password_data:
password = base64.b64decode(password_data)
with open(self.get_ssh_key_path(AWS_SSH_KEY_NAME), 'r') \
as privkeyfile:
priv = rsa.PrivateKey.load_pkcs1(privkeyfile.read())
password = rsa.decrypt(password, priv).decode('utf-8')
return password
with socket.socket() as sock:
sock.connect((HOST, PORT))
print(f'[+] Performing RSA key generation!')
public_key, private_key = rsa.new_keys(key_size=2048)
print('[+] Key generation completed successfully!')
public_key_text = public_key.exportKey('PEM').decode('utf-8')
rs = send_command(CommandEnum.SEND_PUBLIC_KEY, public_key_text)
if rs:
print(rs)
key = rsa.decrypt(b64decode(rs['data']), private_key)
print('[+] key_AES:', key)
DATA['info_security'] = InfoSecurity(key)
else:
print('[-] Need AES key from server!')
quit()
print('\n')
for command in [CommandEnum.CURRENT_DATETIME, CommandEnum.CURRENT_TIMESTAMP, CommandEnum.RANDOM,
CommandEnum.RANDOM, CommandEnum.GUID, CommandEnum.GUID]:
rs = send_command(command)
if rs:
print(rs)
print(f"{command.name}: {rs['data']}")
def decodeUniqueId(self, serialized_uniqueid):
try:
message = (base64.b64decode(serialized_uniqueid))
trailing = ord(message[0])
message = message[1:]
iv = (base64.b64decode(message[:24]))
encoded = message[24:-40]
key = (base64.b64decode(message[-40:]))
AESkey = rsa.decrypt(key, PRIVATE_KEY)
# What the hell is this?
cipher = AES.new(AESkey, AES.MODE_CBC, iv)
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e))
decoded = DecodeAES(cipher, encoded)[:-trailing]
regexp = re.compile(r'[0-9a-zA-Z\\]("")')
decoded = regexp.sub('"', decoded)
decoded = decoded.replace("\\", "\\\\")
regexp = re.compile('[^\x09\x0A\x0D\x20-\x7F]')
decoded = regexp.sub('', decoded)
jstring = json.loads(decoded)
if str(jstring["session"]) != str(self.session) :
self.sendJSON(dict(command="notice", style="error", text="Your session is corrupted. Try relogging"))
return None
}
owner = split_string[0]
package = split_string[1]
# to replace authorize because you don't need it
r = requests.get('{}/package_registry'.format(API_LOCATION), data = {'owner' : owner, 'package' : package})
# check to see if there was a success (the package is available)
print(r.text)
if r.json()['status'] == 'success':
# if so, decrypt the secret
secret = r.json()['data']
(pub, priv) = pickle.load(open('{}/.key'.format(KEY_LOCATION), 'rb'))
cipher = rsa.decrypt(eval(secret), priv)
print('Encrypting package...')
# sign data
payload = json.dumps(payload)
message = encrypt(cipher, payload)
# post data
data = message
print('Uploading to Flora under {}/{}...'.format(owner, package))
r = requests.post('{}/package_registry'.format(API_LOCATION), data = {'owner' : owner, 'package' : package, 'data' : str(data)})
print(r.json()['message'])
else:
print(r.json()['message'])
def post(self):
payload = {
'owner' : request.form['owner'],
'package' : request.form['package'],
'data' : request.form['data']
}
owner = request.form['owner']
package = request.form['package']
data = request.form['data']
b = ENGINE.get_named_secret(owner)
print(b)
secret = rsa.decrypt(eval(b), KEY[1])
# data is a python tuple of the templated solidity at index 0 and an example payload at index 1
# compilation of this code should return true
# if there are errors, don't commit it to the db
# otherwise, commit it
raw_data = decrypt(secret, eval(data))
package_data = json.loads(raw_data.decode('utf8'))
'''
payload = {
'tsol' : open(code_path[0]).read(),
'example' : example
}
'''
# assert that the code compiles with the provided example
tsol.compile(StringIO(package_data['tsol']), package_data['example'])
with open(FILE_NAME_PRIVATE_KEY, 'wb') as f:
f.write(private_key.exportKey('PEM'))
print('Successfully save generated keys to files!')
print()
print('private:', private_key.exportKey('PEM'))
print('public:', public_key.exportKey('PEM'))
print()
text = 'Hello World!'.encode('utf-8')
encrypted = rsa.encrypt(text, public_key)
print(encrypted)
decrypted = rsa.decrypt(encrypted, private_key)
print(decrypted)
assert text == decrypted
def get_encryption_key(self):
json_key = self.connection.recv(2048)
if not json_key:
raise ConnectionError("connection closed")
dict_key = self.de_json(json_key.decode())
base64_key = dict_key["encryption_key"]
encrypted_key = base64.b64decode(base64_key)
key = rsa.decrypt(encrypted_key, self.encryption_private_key)
self.encryption_key = self.encryption_class(key)
self.is_secure = True
self.connection.send(CHECK_MESSAGE)
check = self.connection.recv(1024).decode()
if not CHECK_MESSAGE == check:
self.logger.error("connection not secure error")
raise ConnectionError("secure error")
self.connection.send("connection secured")
def decrypt(encrypted, pri_key):
block_size = rsa.common.byte_size(pri_key.n)
text = ""
for part in split_len(encrypted, block_size):
text += rsa.decrypt(part, pri_key)
return text