mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-07-31 01:35:36 +02:00
Changed pandoraPlugintools encryption funcion and removed encryption functions from Tools.pm
This commit is contained in:
Enrique Martin
parent
dc64816763
commit
9e4ba18f49
@ -136,9 +136,7 @@ def _get_cipher_Rijndael(
|
|||||||
hash_result = hash_obj.digest()
|
hash_result = hash_obj.digest()
|
||||||
hash_base64 = base64.b64encode(hash_result)[:16].decode()
|
hash_base64 = base64.b64encode(hash_result)[:16].decode()
|
||||||
|
|
||||||
iv = b'0000000000000000'
|
return AES.new(hash_base64.encode(), AES.MODE_ECB)
|
||||||
|
|
||||||
return AES.new(hash_base64.encode(), AES.MODE_CBC, iv)
|
|
||||||
|
|
||||||
####
|
####
|
||||||
# Return encrypted string
|
# Return encrypted string
|
||||||
@ -159,13 +157,13 @@ def encrypt_Rijndael(
|
|||||||
'''
|
'''
|
||||||
cipher = _get_cipher_Rijndael(password)
|
cipher = _get_cipher_Rijndael(password)
|
||||||
|
|
||||||
block_size = 16 # Rijndael block size is 16 bytes
|
|
||||||
padding_length = block_size - (len(str_to_encrypt) % block_size)
|
|
||||||
padded_data = str_to_encrypt + chr(padding_length) * padding_length
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
b64str = base64.b64encode(cipher.encrypt(padded_data.encode())).decode()
|
padded_data = str_to_encrypt.encode()
|
||||||
except Exception as e:
|
missing = 16 - (len(padded_data) % 16)
|
||||||
|
padded_data += bytes([0] * missing) if missing != 16 else b''
|
||||||
|
|
||||||
|
b64str = base64.b64encode(cipher.encrypt(padded_data)).decode()
|
||||||
|
except:
|
||||||
b64str = ''
|
b64str = ''
|
||||||
|
|
||||||
return b64str
|
return b64str
|
||||||
@ -190,9 +188,8 @@ def decrypt_Rijndael(
|
|||||||
cipher = _get_cipher_Rijndael(password)
|
cipher = _get_cipher_Rijndael(password)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
decrypted_data = cipher.decrypt(base64.b64decode(str_to_decrypt)).decode().strip()
|
decrypted_data = cipher.decrypt(base64.b64decode(str_to_decrypt))
|
||||||
padding_length = ord(decrypted_data[-1])
|
decrypted_str = decrypted_data.rstrip(b'\x00').decode()
|
||||||
decrypted_str = decrypted_data[:-padding_length]
|
|
||||||
except:
|
except:
|
||||||
decrypted_str = ''
|
decrypted_str = ''
|
||||||
|
|
||||||
|
|||||||
@ -30,9 +30,6 @@ use Scalar::Util qw(looks_like_number);
|
|||||||
use LWP::UserAgent;
|
use LWP::UserAgent;
|
||||||
use threads;
|
use threads;
|
||||||
use threads::shared;
|
use threads::shared;
|
||||||
use MIME::Base64;
|
|
||||||
use Crypt::Rijndael;
|
|
||||||
use Digest::SHA qw(hmac_sha256_base64);
|
|
||||||
|
|
||||||
use JSON;
|
use JSON;
|
||||||
use Encode qw/decode_utf8 encode_utf8/;
|
use Encode qw/decode_utf8 encode_utf8/;
|
||||||
@ -184,8 +181,8 @@ our @EXPORT = qw(
|
|||||||
check_cron_value
|
check_cron_value
|
||||||
check_cron_element
|
check_cron_element
|
||||||
cron_check
|
cron_check
|
||||||
decrypt_Rijndael
|
decrypt_AES
|
||||||
encrypt_Rijndael
|
encrypt_AES
|
||||||
);
|
);
|
||||||
|
|
||||||
# ID of the different servers
|
# ID of the different servers
|
||||||
@ -2988,63 +2985,6 @@ sub get_server_name {
|
|||||||
return "UNKNOWN";
|
return "UNKNOWN";
|
||||||
}
|
}
|
||||||
|
|
||||||
###############################################################################
|
|
||||||
# Get cipher for Rijndael encrypt and decrypt
|
|
||||||
###############################################################################
|
|
||||||
sub _get_cipher_Rijndael {
|
|
||||||
my ($password) = @_;
|
|
||||||
|
|
||||||
my $hash_base64 = substr(Digest::SHA::hmac_sha256_base64($password,''), 0, 16);
|
|
||||||
|
|
||||||
my $iv = '0000000000000000';
|
|
||||||
|
|
||||||
my $cipher = Crypt::Rijndael->new($hash_base64, Crypt::Rijndael::MODE_CBC());
|
|
||||||
$cipher->set_iv($iv);
|
|
||||||
|
|
||||||
return $cipher;
|
|
||||||
}
|
|
||||||
|
|
||||||
###############################################################################
|
|
||||||
# Encrypt with Rijndael cypher
|
|
||||||
###############################################################################
|
|
||||||
sub encrypt_Rijndael {
|
|
||||||
my ($str_to_encrypt, $password) = @_;
|
|
||||||
|
|
||||||
if (!defined($password)) {
|
|
||||||
$password = "default_salt";
|
|
||||||
}
|
|
||||||
my $cipher = _get_cipher_Rijndael($password);
|
|
||||||
|
|
||||||
my $block_size = 16; # Rijndael block size is 16 bytes
|
|
||||||
my $padding_length = $block_size - (length($str_to_encrypt) % $block_size);
|
|
||||||
my $padded_data = $str_to_encrypt . chr($padding_length) x $padding_length;
|
|
||||||
|
|
||||||
my $cipher_text = $cipher->encrypt($padded_data);
|
|
||||||
my $b64str = encode_base64($cipher_text, '');
|
|
||||||
|
|
||||||
return $b64str;
|
|
||||||
}
|
|
||||||
|
|
||||||
###############################################################################
|
|
||||||
# Decrypt with Rijndael cypher
|
|
||||||
###############################################################################
|
|
||||||
sub decrypt_Rijndael {
|
|
||||||
my ($str_to_decrypt, $password) = @_;
|
|
||||||
|
|
||||||
if (!defined($password)) {
|
|
||||||
$password = "default_salt";
|
|
||||||
}
|
|
||||||
my $cipher = _get_cipher_Rijndael($password);
|
|
||||||
|
|
||||||
my $cipher_text = decode_base64($str_to_decrypt);
|
|
||||||
my $decrypted_data = $cipher->decrypt($cipher_text);
|
|
||||||
|
|
||||||
my $padding_length = ord(substr($decrypted_data, -1));
|
|
||||||
my $decrypted_str = substr($decrypted_data, 0, -$padding_length);
|
|
||||||
|
|
||||||
return $decrypted_str;
|
|
||||||
}
|
|
||||||
|
|
||||||
1;
|
1;
|
||||||
__END__
|
__END__
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user