Merge branch 'ent-8365-ncm-fase-3' of https://brutus.artica.es:8081/artica/pandorafms into ent-8365-ncm-fase-3

2023-11-03 14:27:52 +01:00 · 2023-11-03 14:27:52 +01:00 · 366018b0e9
parent 513a0bc296 e6f505da54
commit 366018b0e9
2 changed files with 83 additions and 64 deletions
--- a/pandora_server/extras/pandoraPlugintools/encryption.py
+++ b/pandora_server/extras/pandoraPlugintools/encryption.py
@ -39,7 +39,7 @@ def _print_debug(
 ####
 # Internal use only: Get AES cipher
 #########################################################################################
-def _get_cipher(
+def _get_cipher_AES(
        password: str = _PASSWORD
    ) -> AES:
    '''
@ -78,7 +78,7 @@ def encrypt_AES(
    Returns:
        str: The encrypted string in base64 encoding.
    '''
-    cipher = _get_cipher(password)
+    cipher = _get_cipher_AES(password)
    
    try:
        msg_padded = pad(str_to_encrypt.encode(), AES.block_size, style='pkcs7')
@ -106,11 +106,91 @@ def decrypt_AES(
    Returns:
        str: The decrypted string.
    '''
-    cipher = _get_cipher(password)
+    cipher = _get_cipher_AES(password)
    
    try:
        decrypted_str = unpad(cipher.decrypt(base64.b64decode(str_to_decrypt)), AES.block_size, style='pkcs7').decode().strip()
    except:
        decrypted_str = ''

+    return decrypted_str
+
+####
+# Internal use only: Get Rijndael cipher
+#########################################################################################
+def _get_cipher_Rijndael(
+        password: str = _PASSWORD
+    ) -> AES:
+    '''
+    Internal use only: Get Rijndael cipher for encryption and decryption.
+
+    Args:
+        password (str): The password used to derive the encryption key.
+
+    Returns:
+        AES: An AES cipher instance for encryption and decryption.
+    '''
+    key = b''
+    msg = password.encode('utf-8')
+    hash_obj = hmac.new(key, msg, hashlib.sha256)
+    hash_result = hash_obj.digest()
+    hash_base64 = base64.b64encode(hash_result)[:16].decode()
+    
+    return AES.new(hash_base64.encode(), AES.MODE_ECB)
+
+####
+# Return encrypted string
+#########################################################################################
+def encrypt_Rijndael(
+        str_to_encrypt: str = "",
+        password: str = _PASSWORD
+    ) -> str:
+    '''
+    Encrypt a string using Rijndael encryption.
+
+    Args:
+        str_to_encrypt (str): The string to be encrypted.
+        password (str): The password used to derive the encryption key.
+
+    Returns:
+        str: The encrypted string in base64 encoding.
+    '''
+    cipher = _get_cipher_Rijndael(password)
+    
+    try:
+        padded_data = str_to_encrypt.encode()
+        missing = 16 - (len(padded_data) % 16)
+        padded_data += bytes([0] * missing) if missing != 16 else b''
+        
+        b64str = base64.b64encode(cipher.encrypt(padded_data)).decode()
+    except:
+        b64str = ''
+    
+    return b64str
+
+####
+# Return decrypted string
+#########################################################################################
+def decrypt_Rijndael(
+        str_to_decrypt: str = "",
+        password: str = _PASSWORD
+    ) -> str:
+    '''
+    Decrypt an encrypted string using Rijndael decryption.
+
+    Args:
+        str_to_decrypt (str): The encrypted string to be decrypted.
+        password (str): The password used to derive the encryption key.
+
+    Returns:
+        str: The decrypted string.
+    '''
+    cipher = _get_cipher_Rijndael(password)
+    
+    try:
+        decrypted_data = cipher.decrypt(base64.b64decode(str_to_decrypt))
+        decrypted_str = decrypted_data.rstrip(b'\x00').decode()
+    except:
+        decrypted_str = ''
+
    return decrypted_str
--- a/pandora_server/lib/PandoraFMS/Tools.pm
+++ b/pandora_server/lib/PandoraFMS/Tools.pm
@ -30,9 +30,6 @@ use Scalar::Util qw(looks_like_number);
 use LWP::UserAgent;
 use threads;
 use threads::shared;
-use MIME::Base64;
-use Crypt::CBC;
-use Digest::SHA qw(hmac_sha256_base64);

 use JSON;
 use Encode qw/decode_utf8 encode_utf8/;
@ -184,7 +181,6 @@ our @EXPORT = qw(
 	check_cron_value
 	check_cron_element
 	cron_check
-	decrypt_AES
 );

 # ID of the different servers
@ -2987,63 +2983,6 @@ sub get_server_name {
 	return "UNKNOWN";
 }

-###############################################################################
-# Encrypt with AES cypher
-###############################################################################
-sub encrypt_AES {
-    my ($str_to_encrypt, $password) = @_;
-
-    if (!defined($password)) {
-        $password = "default_salt";
-    }
-    my $cipher = _get_cipher($password);
-
-    my $cipher_text = $cipher->encrypt($str_to_encrypt);
-    my $b64str = encode_base64($cipher_text, '');
-
-    return $b64str;
-}
-
-###############################################################################
-# Decrypt with AES cypher
-###############################################################################
-sub decrypt_AES {
-    my ($str_to_decrypt, $password) = @_;
-
-    if (!defined($password)) {
-        $password = "default_salt";
-    }
-    my $cipher = _get_cipher($password);
-
-    my $cipher_text = decode_base64($str_to_decrypt);
-    my $decrypted_str = $cipher->decrypt($cipher_text);
-
-    return $decrypted_str;
-}
-
-###############################################################################
-# Get cipher for AES encrypt and decrypt
-###############################################################################
-sub _get_cipher {
-    my ($password) = @_;
-
-    my $hash_base64 = substr(Digest::SHA::hmac_sha256_base64($password,''), 0, 16);
-
-    my $iv = '0000000000000000';
-
-    my $cipher = Crypt::CBC->new(
-        -key         => $hash_base64,
-        -cipher      => 'Cipher::AES',
-        -iv          => $iv,
-        -header      => 'none',
-        -padding     => 'standard',  # PKCS7 padding
-        -keysize     => 16,
-        -literal_key => 1
-    );
-
-    return $cipher;
-}
-
 1;
 __END__