tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 16:24:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added Rijndael encryption for python pandoraPlugintools and PandoraFMS::Tools

Browse Source
This commit is contained in:
Enrique Martin 2023-11-02 11:24:50 +01:00
parent 3031e7ddbd
commit 1a021c9689
2 changed files with 132 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
pandora_server/extras/pandoraPlugintools/encryption.py
View File

@ -39,7 +39,7 @@ def _print_debug(
#### ####
# Internal use only: Get AES cipher # Internal use only: Get AES cipher
######################################################################################### #########################################################################################
def _get_cipher( def _get_cipher_AES(
password: str = _PASSWORD password: str = _PASSWORD
) -> AES: ) -> AES:
''' '''
@ -78,7 +78,7 @@ def encrypt_AES(
Returns: Returns:
str: The encrypted string in base64 encoding. str: The encrypted string in base64 encoding.
''' '''
cipher = _get_cipher(password) cipher = _get_cipher_AES(password)
try: try:
msg_padded = pad(str_to_encrypt.encode(), AES.block_size, style='pkcs7') msg_padded = pad(str_to_encrypt.encode(), AES.block_size, style='pkcs7')
@ -106,7 +106,7 @@ def decrypt_AES(
Returns: Returns:
str: The decrypted string. str: The decrypted string.
''' '''
cipher = _get_cipher(password) cipher = _get_cipher_AES(password)
try: try:
decrypted_str = unpad(cipher.decrypt(base64.b64decode(str_to_decrypt)), AES.block_size, style='pkcs7').decode().strip() decrypted_str = unpad(cipher.decrypt(base64.b64decode(str_to_decrypt)), AES.block_size, style='pkcs7').decode().strip()
@ -114,3 +114,86 @@ def decrypt_AES(
decrypted_str = '' decrypted_str = ''
return decrypted_str return decrypted_str
####
# Internal use only: Get Rijndael cipher
#########################################################################################
def _get_cipher_Rijndael(
password: str = _PASSWORD
) -> AES:
'''
Internal use only: Get Rijndael cipher for encryption and decryption.
Args:
password (str): The password used to derive the encryption key.
Returns:
AES: An AES cipher instance for encryption and decryption.
'''
key = b''
msg = password.encode('utf-8')
hash_obj = hmac.new(key, msg, hashlib.sha256)
hash_result = hash_obj.digest()
hash_base64 = base64.b64encode(hash_result)[:16].decode()
iv = b'0000000000000000'
return AES.new(hash_base64.encode(), AES.MODE_CBC, iv)
####
# Return encrypted string
#########################################################################################
def encrypt_Rijndael(
str_to_encrypt: str = "",
password: str = _PASSWORD
) -> str:
'''
Encrypt a string using Rijndael encryption.
Args:
str_to_encrypt (str): The string to be encrypted.
password (str): The password used to derive the encryption key.
Returns:
str: The encrypted string in base64 encoding.
'''
cipher = _get_cipher_Rijndael(password)
block_size = 16 # Rijndael block size is 16 bytes
padding_length = block_size - (len(str_to_encrypt) % block_size)
padded_data = str_to_encrypt + chr(padding_length) * padding_length
try:
b64str = base64.b64encode(cipher.encrypt(padded_data.encode())).decode()
except Exception as e:
b64str = ''
return b64str
####
# Return decrypted string
#########################################################################################
def decrypt_Rijndael(
str_to_decrypt: str = "",
password: str = _PASSWORD
) -> str:
'''
Decrypt an encrypted string using Rijndael decryption.
Args:
str_to_decrypt (str): The encrypted string to be decrypted.
password (str): The password used to derive the encryption key.
Returns:
str: The decrypted string.
'''
cipher = _get_cipher_Rijndael(password)
try:
decrypted_data = cipher.decrypt(base64.b64decode(str_to_decrypt)).decode().strip()
padding_length = ord(decrypted_data[-1])
decrypted_str = decrypted_data[:-padding_length]
except:
decrypted_str = ''
return decrypted_str

92
pandora_server/lib/PandoraFMS/Tools.pm
View File

@ -31,7 +31,7 @@ use LWP::UserAgent;
use threads; use threads;
use threads::shared; use threads::shared;
use MIME::Base64; use MIME::Base64;
use Crypt::CBC; use Crypt::Rijndael;
use Digest::SHA qw(hmac_sha256_base64); use Digest::SHA qw(hmac_sha256_base64);
use JSON; use JSON;
@ -2989,62 +2989,62 @@ sub get_server_name {
} }
############################################################################### ###############################################################################
# Encrypt with AES cypher # Get cipher for Rijndael encrypt and decrypt
############################################################################### ###############################################################################
sub encrypt_AES { sub _get_cipher_Rijndael {
my ($str_to_encrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher($password);
my $cipher_text = $cipher->encrypt($str_to_encrypt);
my $b64str = encode_base64($cipher_text, '');
return $b64str;
}
###############################################################################
# Decrypt with AES cypher
###############################################################################
sub decrypt_AES {
my ($str_to_decrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher($password);
my $cipher_text = decode_base64($str_to_decrypt);
my $decrypted_str = $cipher->decrypt($cipher_text);
return $decrypted_str;
}
###############################################################################
# Get cipher for AES encrypt and decrypt
###############################################################################
sub _get_cipher {
my ($password) = @_; my ($password) = @_;
my $hash_base64 = substr(Digest::SHA::hmac_sha256_base64($password,''), 0, 16); my $hash_base64 = substr(Digest::SHA::hmac_sha256_base64($password,''), 0, 16);
my $iv = '0000000000000000'; my $iv = '0000000000000000';
my $cipher = Crypt::CBC->new( my $cipher = Crypt::Rijndael->new($hash_base64, Crypt::Rijndael::MODE_CBC());
-key => $hash_base64, $cipher->set_iv($iv);
-cipher => 'Cipher::AES',
-iv => $iv,
-header => 'none',
-padding => 'standard', # PKCS7 padding
-keysize => 16,
-literal_key => 1
);
return $cipher; return $cipher;
} }
###############################################################################
# Encrypt with Rijndael cypher
###############################################################################
sub encrypt_Rijndael {
my ($str_to_encrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher_Rijndael($password);
my $block_size = 16; # Rijndael block size is 16 bytes
my $padding_length = $block_size - (length($str_to_encrypt) % $block_size);
my $padded_data = $str_to_encrypt . chr($padding_length) x $padding_length;
my $cipher_text = $cipher->encrypt($padded_data);
my $b64str = encode_base64($cipher_text, '');
return $b64str;
}
###############################################################################
# Decrypt with Rijndael cypher
###############################################################################
sub decrypt_Rijndael {
my ($str_to_decrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher_Rijndael($password);
my $cipher_text = decode_base64($str_to_decrypt);
my $decrypted_data = $cipher->decrypt($cipher_text);
my $padding_length = ord(substr($decrypted_data, -1));
my $decrypted_str = substr($decrypted_data, 0, -$padding_length);
return $decrypted_str;
}
1; 1;
__END__ __END__