import os | |
import base64 | |
import json | |
from Crypto.Cipher import AES | |
from phpserialize import loads | |
def decrypt(payload): | |
data = json.loads(base64.b64decode(payload)) | |
value = base64.b64decode(data['value']) | |
iv = base64.b64decode(data['iv']) | |
return unserialize(mcrypt_decrypt(value, iv)) | |
def mcrypt_decrypt(value, iv): | |
AES.key_size=128 | |
key=os.environ['APP_KEY'] | |
crypt_object=AES.new(key=key,mode=AES.MODE_CBC,IV=iv) | |
return crypt_object.decrypt(value) | |
def unserialize(serialized): | |
return loads(serialized) |
This comment has been minimized.
This comment has been minimized.
Just be sure to check the mac first! That is, before decrypting. |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Traceback (most recent call last): I'm getting this error.. please help |
This comment has been minimized.
This comment has been minimized.
Hi! You may not have a secret key set there. IIRC, this package also hard
coded an expectation of a 128 bit while newer Laravel apps may use a 256
bit key (it’s been a while so i’m not 100% sure on that!)
…On Mon, Apr 13, 2020 at 06:20 Md.Shamimul Alam ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
Traceback (most recent call last):
File "/var/www/html/adnsms/SMS-Shooting-Process/Helpers/crypt.py", line
66, in
decrypt(code)
File "/var/www/html/adnsms/SMS-Shooting-Process/Helpers/crypt.py", line
49, in decrypt
return unserialize(mcrypt_decrypt(value, iv))
File "/var/www/html/adnsms/SMS-Shooting-Process/Helpers/crypt.py", line
57, in mcrypt_decrypt
crypt_object=AES.new(key=key,mode=AES.MODE_CBC,IV=iv)
File
"/var/www/html/adnsms/SMS-Shooting-Process/venv/lib/python3.8/site-packages/Crypto/Cipher/AES.py",
line 232, in new
return _create_cipher(sys.modules[*name*], key, mode, *args, **kwargs)
File
"/var/www/html/adnsms/SMS-Shooting-Process/venv/lib/python3.8/site-packages/Crypto/Cipher/
*init*.py", line 79, in _create_cipher
return modes[mode](factory, **kwargs)
File
"/var/www/html/adnsms/SMS-Shooting-Process/venv/lib/python3.8/site-packages/Crypto/Cipher/_mode_cbc.py",
line 274, in _create_cbc_cipher
cipher_state = factory._create_base_cipher(kwargs)
File
"/var/www/html/adnsms/SMS-Shooting-Process/venv/lib/python3.8/site-packages/Crypto/Cipher/AES.py",
line 92, in _create_base_cipher
if len(key) not in key_size:
TypeError: argument of type 'int' is not iterable
I'm getting this error.. please help
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://gist.github.com/c4806c504e46e8cdb00a#gistcomment-3252304>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADSDU2QVQV4R3LXTSJ4QH3RMLYO5ANCNFSM4MG4QRRQ>
.
|
This comment has been minimized.
This comment has been minimized.
Thanks for your reply. Let me check it |
This comment has been minimized.
This comment has been minimized.
Laraves sems to be using 256 bit since a while So I tested the above code in the "php artisan tinker" console, by replacing: where tZMp17lQI70EEYqCsQfwLzlHm6tyaYWPAX66n7YA8KI= is a string generated issuing the Laravel command
that adds to Laravel's .env a line like:
I took just the part after "base64:". With these small changes, I got the same error as @adamilleriam:
|
This comment has been minimized.
This comment has been minimized.
Some hints:
..stay tuned.. .. I am adding details here in future EDITS |
This comment has been minimized.
This comment has been minimized.
HERE IS A TESTED WORKING SCRIPT
|
This comment has been minimized.
This comment has been minimized.
Thanks @mcfoi |
This comment has been minimized.
This comment has been minimized.
Hello ^_^ I am seeing this a bit later, but I was looking for this same thing and now that I have tried it it has problems with the "json.loads" part. Here is the exception I am getting Traceback (most recent call last):
File ".\sendMail.py", line 52, in sendMailSMTP
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x8c in position 5: invalid Can someone please help me with this, thanк you in advance |
This comment has been minimized.
Usage:
Explanation:
Laravel
Crypt::encrypt('whatever');
will create a base64's json-encoded array of:Our job is to un-base64 encode it, json decode it, grab the IV and Encrypted Value, and use mcrypt to decode that, which requires the key used to encrypt it (generated when you install a new laravel build).
The unencrypted value itself is serialized (as in, php's
serialize()
function), so we need a handy little python library that can unserialize PHP serialized strings.