From 31fbba4929fadf1864475420213541af71aa0c60 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Wed, 5 Aug 2020 23:35:35 -0400 Subject: [PATCH 01/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index efb1701..4dd6017 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -12,7 +12,7 @@ from struct import pack, unpack from collections import namedtuple -import simplejson as json +import json from pbkdf2 import PBKDF2 from Crypto.Cipher import AES from Crypto.Random import get_random_bytes From 7a326736be83599034322d80d21fb7db901da927 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Wed, 5 Aug 2020 23:52:38 -0400 Subject: [PATCH 02/19] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index a4b9885..14bc2cf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ pbkdf2>=1.3 -pycrypto>=2.6 +pycryptodome>=3.9.8 simplejson From 56745046b6f9207485aea673562bc70ef25b6e3d Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Wed, 5 Aug 2020 23:59:09 -0400 Subject: [PATCH 03/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 4dd6017..80bb4f0 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -14,9 +14,9 @@ import json from pbkdf2 import PBKDF2 -from Crypto.Cipher import AES -from Crypto.Random import get_random_bytes -from Crypto.Hash import HMAC, SHA, SHA256, SHA384, SHA512 +from Cryptodome.Cipher import AES +from Cryptodome.Random import get_random_bytes +from Cryptodome.Hash import HMAC, SHA, SHA256, SHA384, SHA512 from .utils import ( const_equal, From ea3b9e2139f88cde407b25cb5378069c18ce0a7a Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Wed, 5 Aug 2020 23:59:33 -0400 Subject: [PATCH 04/19] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 14bc2cf..9f8d82b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ pbkdf2>=1.3 -pycryptodome>=3.9.8 +pycryptodomex>=3.9.8 simplejson From 8818b7bef740027813ee3cc2ae6cdba12334fe39 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:17:55 -0400 Subject: [PATCH 05/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 80bb4f0..bbc7ccd 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -749,7 +749,7 @@ def _aes_encrypt(data, algorithm, key): numpad = block_size - (len(data) % block_size) data = data + numpad * chr(numpad) - enc = AES.new(key, mode, iv_value).encrypt(data) + enc = AES.new(key, mode, iv_value).encrypt(data.encode('utf-8')) if include_iv: enc = iv_value + enc From 83157d8ab65bf2e5537e02a459d4edce696822d2 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:19:49 -0400 Subject: [PATCH 06/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index bbc7ccd..4d27943 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -575,7 +575,7 @@ def _add_header(self, data, options): flags = options['flags'] header_flags = dict( - (i, str(int(j))) for i, j in options['flags'].iteritems()) + (i, str(int(j))) for i, j in options['flags'].items()) header_flags = ''.join(version_info['flags'](**header_flags)) header_flags = int(header_flags, 2) options['flags'] = header_flags From a0b3d4feef5d0ec360928918d428aa1277ab6959 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:23:47 -0400 Subject: [PATCH 07/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 4d27943..9c0dda7 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -561,8 +561,8 @@ def _add_magic(self, data): '''Add magic''' if self.magic: - return self.magic + data - + return self.magic + data.decode("utf-8") + return data def _add_header(self, data, options): From 6d171aaf429b75877d4edcbf039bdbc20c429aa9 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:26:10 -0400 Subject: [PATCH 08/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 9c0dda7..1b893d4 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -561,7 +561,7 @@ def _add_magic(self, data): '''Add magic''' if self.magic: - return self.magic + data.decode("utf-8") + return self.magic + data.decode('utf-8') return data From a7d56d7e2dc90ee530e75446a67844770ba133c9 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:28:15 -0400 Subject: [PATCH 09/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 1b893d4..83062d8 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -561,7 +561,7 @@ def _add_magic(self, data): '''Add magic''' if self.magic: - return self.magic + data.decode('utf-8') + return self.magic + data.decode('utf-8').strip() return data From e7586ed711ba729a30fbf7bffaa029691824d40d Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:35:55 -0400 Subject: [PATCH 10/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 83062d8..e92adbf 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -561,7 +561,7 @@ def _add_magic(self, data): '''Add magic''' if self.magic: - return self.magic + data.decode('utf-8').strip() + return self.magic + str(data) return data From cb6125c65bac98d7a8e64abc8266ecf14c4cbafa Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:38:09 -0400 Subject: [PATCH 11/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index e92adbf..24d458c 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -722,7 +722,7 @@ def _hmac_generate(data, algorithm, key): digestmod = EncryptedPickle._get_hashlib(algorithm['subtype']) - return HMAC.new(key, data, digestmod).digest() + return HMAC.new(key, data.encode('utf-8'), digestmod).digest() @staticmethod def _aes_encrypt(data, algorithm, key): From 1c2cd660e73f1d3e99d3b6c2e6bd94cccd9e9e3f Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:41:48 -0400 Subject: [PATCH 12/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 24d458c..8df59bb 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -345,7 +345,7 @@ def _encode(self, data, algorithm, key=None): '''Encode data with specific algorithm''' if algorithm['type'] == 'hmac': - return data + self._hmac_generate(data, algorithm, key) + return str(data) + self._hmac_generate(data, algorithm, key) elif algorithm['type'] == 'aes': return self._aes_encrypt(data, algorithm, key) elif algorithm['type'] == 'no-serialization': From bb8f45e0076403654d8d331a03a163797bcf78b3 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:42:52 -0400 Subject: [PATCH 13/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index 8df59bb..d2fce0c 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -345,7 +345,7 @@ def _encode(self, data, algorithm, key=None): '''Encode data with specific algorithm''' if algorithm['type'] == 'hmac': - return str(data) + self._hmac_generate(data, algorithm, key) + return data + str(self._hmac_generate(data, algorithm, key)) elif algorithm['type'] == 'aes': return self._aes_encrypt(data, algorithm, key) elif algorithm['type'] == 'no-serialization': From 98edc118851badc378c25dbf443568808e382991 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:44:09 -0400 Subject: [PATCH 14/19] Update encryptedpickle.py --- encryptedpickle/encryptedpickle.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/encryptedpickle.py b/encryptedpickle/encryptedpickle.py index d2fce0c..99afa6c 100644 --- a/encryptedpickle/encryptedpickle.py +++ b/encryptedpickle/encryptedpickle.py @@ -400,7 +400,7 @@ def _sign_data(self, data, options): data = self._encode(data, algorithm, key) - return data + key_salt + return data + str(key_salt) def _unsign_data(self, data, options): '''Verify and remove signature''' From 2d5b378ad6ac26e33e66cb2c63b5632ae10db543 Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:46:06 -0400 Subject: [PATCH 15/19] Update utils.py --- encryptedpickle/utils.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/encryptedpickle/utils.py b/encryptedpickle/utils.py index bab96ad..624de95 100644 --- a/encryptedpickle/utils.py +++ b/encryptedpickle/utils.py @@ -12,7 +12,7 @@ def urlsafe_nopadding_b64encode(data): '''URL safe Base64 encode without padding (=)''' - return urlsafe_b64encode(data).rstrip('=') + return urlsafe_b64encode(data.encode('utf-8')).rstrip('=') def urlsafe_nopadding_b64decode(data): '''URL safe Base64 decode without padding (=)''' @@ -22,7 +22,7 @@ def urlsafe_nopadding_b64decode(data): padding = 4 - padding padding = '=' * padding data = data + padding - return urlsafe_b64decode(data) + return urlsafe_b64decode(data.encode('utf-8')) def const_equal(str_a, str_b): '''Constant time string comparison''' From 5f47e6bef49d8a4694cf37fa624369358aa7025c Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:52:13 -0400 Subject: [PATCH 16/19] Update utils.py --- encryptedpickle/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/utils.py b/encryptedpickle/utils.py index 624de95..3cd0c50 100644 --- a/encryptedpickle/utils.py +++ b/encryptedpickle/utils.py @@ -12,7 +12,7 @@ def urlsafe_nopadding_b64encode(data): '''URL safe Base64 encode without padding (=)''' - return urlsafe_b64encode(data.encode('utf-8')).rstrip('=') + return urlsafe_b64encode(data).rstrip('=') def urlsafe_nopadding_b64decode(data): '''URL safe Base64 decode without padding (=)''' From 98518f2173232913a2b27c65daee4e313adb8e5a Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:54:43 -0400 Subject: [PATCH 17/19] Update utils.py --- encryptedpickle/utils.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/encryptedpickle/utils.py b/encryptedpickle/utils.py index 3cd0c50..7aed9e3 100644 --- a/encryptedpickle/utils.py +++ b/encryptedpickle/utils.py @@ -12,7 +12,7 @@ def urlsafe_nopadding_b64encode(data): '''URL safe Base64 encode without padding (=)''' - return urlsafe_b64encode(data).rstrip('=') + return urlsafe_b64encode(data.encode('utf-8')).rstrip('=') def urlsafe_nopadding_b64decode(data): '''URL safe Base64 decode without padding (=)''' @@ -22,7 +22,7 @@ def urlsafe_nopadding_b64decode(data): padding = 4 - padding padding = '=' * padding data = data + padding - return urlsafe_b64decode(data.encode('utf-8')) + return urlsafe_b64decode(data) def const_equal(str_a, str_b): '''Constant time string comparison''' From 8c8d7e83365d90c202ffbfc0bc56df529197a3cf Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 01:59:00 -0400 Subject: [PATCH 18/19] test (ignore) --- encryptedpickle/utils.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/encryptedpickle/utils.py b/encryptedpickle/utils.py index 7aed9e3..cec08d9 100644 --- a/encryptedpickle/utils.py +++ b/encryptedpickle/utils.py @@ -7,11 +7,13 @@ from __future__ import absolute_import from base64 import urlsafe_b64encode, urlsafe_b64decode +import warnings def urlsafe_nopadding_b64encode(data): '''URL safe Base64 encode without padding (=)''' - + + warnings.warn(data) return urlsafe_b64encode(data.encode('utf-8')).rstrip('=') def urlsafe_nopadding_b64decode(data): From 3ab3d30a56a1f74b5d2be483a3f31b07a69e0c4f Mon Sep 17 00:00:00 2001 From: //AI's are better than humans <57877338+ai-are-better-than-humans@users.noreply.github.com> Date: Thu, 6 Aug 2020 02:04:30 -0400 Subject: [PATCH 19/19] Update utils.py --- encryptedpickle/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/encryptedpickle/utils.py b/encryptedpickle/utils.py index cec08d9..817ad30 100644 --- a/encryptedpickle/utils.py +++ b/encryptedpickle/utils.py @@ -13,7 +13,7 @@ def urlsafe_nopadding_b64encode(data): '''URL safe Base64 encode without padding (=)''' - warnings.warn(data) + warnings.warn(type(data)) return urlsafe_b64encode(data.encode('utf-8')).rstrip('=') def urlsafe_nopadding_b64decode(data):