tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-8365-ncm-fase-3' of https://brutus.artica.es:8081/artica/pandorafms into ent-8365-ncm-fase-3

This commit is contained in:
Jorge Rincon 2023-11-03 14:27:52 +01:00
parent 513a0bc296 e6f505da54
commit 366018b0e9
2 changed files with 83 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
pandora_server/extras/pandoraPlugintools/encryption.py
View File

@ -39,7 +39,7 @@ def _print_debug(
#### ####
# Internal use only: Get AES cipher # Internal use only: Get AES cipher
######################################################################################### #########################################################################################
def _get_cipher( def _get_cipher_AES(
password: str = _PASSWORD password: str = _PASSWORD
) -> AES: ) -> AES:
''' '''
@ -78,7 +78,7 @@ def encrypt_AES(
Returns: Returns:
str: The encrypted string in base64 encoding. str: The encrypted string in base64 encoding.
''' '''
cipher = _get_cipher(password) cipher = _get_cipher_AES(password)
try: try:
msg_padded = pad(str_to_encrypt.encode(), AES.block_size, style='pkcs7') msg_padded = pad(str_to_encrypt.encode(), AES.block_size, style='pkcs7')
@ -106,11 +106,91 @@ def decrypt_AES(
Returns: Returns:
str: The decrypted string. str: The decrypted string.
''' '''
cipher = _get_cipher(password) cipher = _get_cipher_AES(password)
try: try:
decrypted_str = unpad(cipher.decrypt(base64.b64decode(str_to_decrypt)), AES.block_size, style='pkcs7').decode().strip() decrypted_str = unpad(cipher.decrypt(base64.b64decode(str_to_decrypt)), AES.block_size, style='pkcs7').decode().strip()
except: except:
decrypted_str = '' decrypted_str = ''
return decrypted_str
####
# Internal use only: Get Rijndael cipher
#########################################################################################
def _get_cipher_Rijndael(
password: str = _PASSWORD
) -> AES:
'''
Internal use only: Get Rijndael cipher for encryption and decryption.
Args:
password (str): The password used to derive the encryption key.
Returns:
AES: An AES cipher instance for encryption and decryption.
'''
key = b''
msg = password.encode('utf-8')
hash_obj = hmac.new(key, msg, hashlib.sha256)
hash_result = hash_obj.digest()
hash_base64 = base64.b64encode(hash_result)[:16].decode()
return AES.new(hash_base64.encode(), AES.MODE_ECB)
####
# Return encrypted string
#########################################################################################
def encrypt_Rijndael(
str_to_encrypt: str = "",
password: str = _PASSWORD
) -> str:
'''
Encrypt a string using Rijndael encryption.
Args:
str_to_encrypt (str): The string to be encrypted.
password (str): The password used to derive the encryption key.
Returns:
str: The encrypted string in base64 encoding.
'''
cipher = _get_cipher_Rijndael(password)
try:
padded_data = str_to_encrypt.encode()
missing = 16 - (len(padded_data) % 16)
padded_data += bytes([0] * missing) if missing != 16 else b''
b64str = base64.b64encode(cipher.encrypt(padded_data)).decode()
except:
b64str = ''
return b64str
####
# Return decrypted string
#########################################################################################
def decrypt_Rijndael(
str_to_decrypt: str = "",
password: str = _PASSWORD
) -> str:
'''
Decrypt an encrypted string using Rijndael decryption.
Args:
str_to_decrypt (str): The encrypted string to be decrypted.
password (str): The password used to derive the encryption key.
Returns:
str: The decrypted string.
'''
cipher = _get_cipher_Rijndael(password)
try:
decrypted_data = cipher.decrypt(base64.b64decode(str_to_decrypt))
decrypted_str = decrypted_data.rstrip(b'\x00').decode()
except:
decrypted_str = ''
return decrypted_str return decrypted_str

61
pandora_server/lib/PandoraFMS/Tools.pm
View File

@ -30,9 +30,6 @@ use Scalar::Util qw(looks_like_number);
use LWP::UserAgent; use LWP::UserAgent;
use threads; use threads;
use threads::shared; use threads::shared;
use MIME::Base64;
use Crypt::CBC;
use Digest::SHA qw(hmac_sha256_base64);
use JSON; use JSON;
use Encode qw/decode_utf8 encode_utf8/; use Encode qw/decode_utf8 encode_utf8/;
@ -184,7 +181,6 @@ our @EXPORT = qw(
check_cron_value check_cron_value
check_cron_element check_cron_element
cron_check cron_check
decrypt_AES
); );
# ID of the different servers # ID of the different servers
@ -2987,63 +2983,6 @@ sub get_server_name {
return "UNKNOWN"; return "UNKNOWN";
} }
###############################################################################
# Encrypt with AES cypher
###############################################################################
sub encrypt_AES {
my ($str_to_encrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher($password);
my $cipher_text = $cipher->encrypt($str_to_encrypt);
my $b64str = encode_base64($cipher_text, '');
return $b64str;
}
###############################################################################
# Decrypt with AES cypher
###############################################################################
sub decrypt_AES {
my ($str_to_decrypt, $password) = @_;
if (!defined($password)) {
$password = "default_salt";
}
my $cipher = _get_cipher($password);
my $cipher_text = decode_base64($str_to_decrypt);
my $decrypted_str = $cipher->decrypt($cipher_text);
return $decrypted_str;
}
###############################################################################
# Get cipher for AES encrypt and decrypt
###############################################################################
sub _get_cipher {
my ($password) = @_;
my $hash_base64 = substr(Digest::SHA::hmac_sha256_base64($password,''), 0, 16);
my $iv = '0000000000000000';
my $cipher = Crypt::CBC->new(
-key => $hash_base64,
-cipher => 'Cipher::AES',
-iv => $iv,
-header => 'none',
-padding => 'standard', # PKCS7 padding
-keysize => 16,
-literal_key => 1
);
return $cipher;
}
1; 1;
__END__ __END__