Thiết kế website giá rẻ

Question

<code>import constants

import base64

from secrets import token_hex

from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC

from cryptography.hazmat.primitives import hashes

from cryptography.hazmat.primitives import padding as sym_padding

from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes

from cryptography.hazmat.backends import default_backend

from cryptography.hazmat.primitives.asymmetric import padding as rsa_padding

from cryptography.hazmat.primitives.serialization import load_pem_public_key, load_pem_private_key

from src.func.jwt_token import generate_jwt

</code>

<code>import constants import base64 from secrets import token_hex from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import padding as sym_padding from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.asymmetric import padding as rsa_padding from cryptography.hazmat.primitives.serialization import load_pem_public_key, load_pem_private_key from src.func.jwt_token import generate_jwt </code>

import constants
import base64
from secrets import token_hex
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import padding as sym_padding
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import padding as rsa_padding
from cryptography.hazmat.primitives.serialization import load_pem_public_key, load_pem_private_key
from src.func.jwt_token import generate_jwt

This Fuction Encrypting the header

<code>def encrypt_header_with_header_public_key(data: str, header_key):

header_public_key = load_pem_public_key(header_key)

encrypted_header_data = header_public_key.encrypt(

data.encode(),

rsa_padding.PKCS1v15()

)

return base64.b64encode(encrypted_header_data)

</code>

<code>def encrypt_header_with_header_public_key(data: str, header_key): header_public_key = load_pem_public_key(header_key) encrypted_header_data = header_public_key.encrypt( data.encode(), rsa_padding.PKCS1v15() ) return base64.b64encode(encrypted_header_data) </code>

def encrypt_header_with_header_public_key(data: str, header_key):
    header_public_key = load_pem_public_key(header_key)
    encrypted_header_data = header_public_key.encrypt(
        data.encode(),
        rsa_padding.PKCS1v15()
    )
    return base64.b64encode(encrypted_header_data)

This Function will encrypt the body with AES KEY and IV

<code>def encrypt_body_with_aes(aes_key, data, iv):

cipher = Cipher(

algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend()

)

encryptor = cipher.encryptor()

padder = sym_padding.PKCS7(algorithms.AES.block_size).padder()

padded_data = padder.update(data.encode()) + padder.finalize()

encrypted_data = encryptor.update(padded_data) + encryptor.finalize()

return base64.b64encode(encrypted_data)

</code>

<code>def encrypt_body_with_aes(aes_key, data, iv): cipher = Cipher( algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend() ) encryptor = cipher.encryptor() padder = sym_padding.PKCS7(algorithms.AES.block_size).padder() padded_data = padder.update(data.encode()) + padder.finalize() encrypted_data = encryptor.update(padded_data) + encryptor.finalize() return base64.b64encode(encrypted_data) </code>

def encrypt_body_with_aes(aes_key, data, iv):
    cipher = Cipher(
        algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend()
    )
    encryptor = cipher.encryptor()
    padder = sym_padding.PKCS7(algorithms.AES.block_size).padder()
    padded_data = padder.update(data.encode()) + padder.finalize()
    encrypted_data = encryptor.update(padded_data) + encryptor.finalize()
    return base64.b64encode(encrypted_data)

This Function Will decrypt the response from the server

<code>def decrypt_response(encrypted_response, aes_key, iv):

print("AES for Decryption:",aes_key)

print("IV for Decryption:",iv)

if isinstance(encrypted_response, str):

encrypted_data = base64.b64decode(encrypted_response.encode())

else:

encrypted_data = base64.b64decode(encrypted_response)

cipher = Cipher(

algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend()

)

decryptor = cipher.decryptor()

decrypted_padded_data = decryptor.update(

encrypted_data) + decryptor.finalize()

unpadder = sym_padding.PKCS7(algorithms.AES.block_size).unpadder()

decrypted_data = unpadder.update(

decrypted_padded_data) + unpadder.finalize()

return json.loads(decrypted_data.decode())

</code>

<code>def decrypt_response(encrypted_response, aes_key, iv): print("AES for Decryption:",aes_key) print("IV for Decryption:",iv) if isinstance(encrypted_response, str): encrypted_data = base64.b64decode(encrypted_response.encode()) else: encrypted_data = base64.b64decode(encrypted_response) cipher = Cipher( algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend() ) decryptor = cipher.decryptor() decrypted_padded_data = decryptor.update( encrypted_data) + decryptor.finalize() unpadder = sym_padding.PKCS7(algorithms.AES.block_size).unpadder() decrypted_data = unpadder.update( decrypted_padded_data) + unpadder.finalize() return json.loads(decrypted_data.decode()) </code>

def decrypt_response(encrypted_response, aes_key, iv):
    print("AES for Decryption:",aes_key)
    print("IV for Decryption:",iv)
    if isinstance(encrypted_response, str):
        encrypted_data = base64.b64decode(encrypted_response.encode())
    else:
        encrypted_data = base64.b64decode(encrypted_response)
    cipher = Cipher(
        algorithms.AES(aes_key), modes.CBC(iv), backend=default_backend()
    )
    decryptor = cipher.decryptor()
    decrypted_padded_data = decryptor.update(
        encrypted_data) + decryptor.finalize()
    unpadder = sym_padding.PKCS7(algorithms.AES.block_size).unpadder()
    decrypted_data = unpadder.update(
        decrypted_padded_data) + unpadder.finalize()
    return json.loads(decrypted_data.decode())

This Function Will Generate AES_KEY and IV

<code>def generate_aes_key():

secret = "HERE IS MY SECRET"

salt = token_hex(8)

kdf = PBKDF2HMAC(

algorithm=hashes.SHA256(),

length=32,

salt=salt.encode(),

iterations=100000,

backend=default_backend(),

)

encrypted_salt = encrypt_header_with_header_public_key(

salt, constants.BODY_PUBLIC_KEY

)

aes_key = kdf.derive(secret.encode())

decoded_salt = encrypted_salt.decode()

generated_salt = salt

iv = generated_salt.encode()

return aes_key, decoded_salt, generated_salt, iv

</code>

<code>def generate_aes_key(): secret = "HERE IS MY SECRET" salt = token_hex(8) kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt.encode(), iterations=100000, backend=default_backend(), ) encrypted_salt = encrypt_header_with_header_public_key( salt, constants.BODY_PUBLIC_KEY ) aes_key = kdf.derive(secret.encode()) decoded_salt = encrypted_salt.decode() generated_salt = salt iv = generated_salt.encode() return aes_key, decoded_salt, generated_salt, iv </code>

def generate_aes_key():
    secret = "HERE IS MY SECRET"
    salt = token_hex(8)
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(),
        length=32,
        salt=salt.encode(),
        iterations=100000,
        backend=default_backend(),
    )

    encrypted_salt = encrypt_header_with_header_public_key(
        salt, constants.BODY_PUBLIC_KEY
    )

    aes_key = kdf.derive(secret.encode())
    decoded_salt = encrypted_salt.decode()
    generated_salt = salt
    iv = generated_salt.encode()

    return aes_key, decoded_salt, generated_salt, iv

This Function Will Finally Encrypt the Request Body with AES KEY AN Iv Using the “encrypt_body_with_aes()” Fuction

<code>def encrypt_body_with_body_public_key(request_body: dict, aes_key, iv):

print("AES for Encryption:",aes_key)

print("IV for Encryption:",iv)

encrypted_body = encrypt_body_with_aes(

aes_key, json.dumps(request_body), iv)

return encrypted_body

</code>

<code>def encrypt_body_with_body_public_key(request_body: dict, aes_key, iv): print("AES for Encryption:",aes_key) print("IV for Encryption:",iv) encrypted_body = encrypt_body_with_aes( aes_key, json.dumps(request_body), iv) return encrypted_body </code>

def encrypt_body_with_body_public_key(request_body: dict, aes_key, iv):
    print("AES for Encryption:",aes_key)
    print("IV for Encryption:",iv)
    encrypted_body = encrypt_body_with_aes(
        aes_key, json.dumps(request_body), iv)
    return encrypted_body

<code>def main():

aes_key, decoded_salt_as_key_header, generated_salt, iv = generate_aes_key()

body = {"myaccountNumber": "1234567890"}

header_data = {

"partner": "ABCD1234",

"headerToken": "ghjdgjsgj-jdsjgsjg-gjsg-hjsghjs-jsjsgjsg",

}

encrypted_request_body = encrypt_body_with_body_public_key(

body, aes_key, iv

).decode()

headers = {

"Auth": encrypt_header_with_header_public_key(

json.dumps(header_data), constants.HEADER_PUBLIC_KEY

).decode(),

"key": decoded_salt_as_key_header,

"token": generate_jwt(),

"cache-control": "no-cache",

"content-type": "application/json",

"User-Agent": "APIAGENT/7.29.2",

}

data = {

"requestData": encrypted_request_body

}

print(data)

response = httpx.post(

constants.CHECK_ACOOUNT_ID,

headers=headers,

json=json.dumps(data),

)

response = response.json()

print(response)

encrypted_response = response.get("returnData")

print("encrypted_response :", encrypted_response)

# Decrypt the response using the same AES key and IV

decrypted_response = decrypt_response(encrypted_response, aes_key, iv)

print(decrypt_response)

if __name__ == "__main__":

main()

</code>

<code>def main(): aes_key, decoded_salt_as_key_header, generated_salt, iv = generate_aes_key() body = {"myaccountNumber": "1234567890"} header_data = { "partner": "ABCD1234", "headerToken": "ghjdgjsgj-jdsjgsjg-gjsg-hjsghjs-jsjsgjsg", } encrypted_request_body = encrypt_body_with_body_public_key( body, aes_key, iv ).decode() headers = { "Auth": encrypt_header_with_header_public_key( json.dumps(header_data), constants.HEADER_PUBLIC_KEY ).decode(), "key": decoded_salt_as_key_header, "token": generate_jwt(), "cache-control": "no-cache", "content-type": "application/json", "User-Agent": "APIAGENT/7.29.2", } data = { "requestData": encrypted_request_body } print(data) response = httpx.post( constants.CHECK_ACOOUNT_ID, headers=headers, json=json.dumps(data), ) response = response.json() print(response) encrypted_response = response.get("returnData") print("encrypted_response :", encrypted_response) # Decrypt the response using the same AES key and IV decrypted_response = decrypt_response(encrypted_response, aes_key, iv) print(decrypt_response) if __name__ == "__main__": main() </code>

def main():
    aes_key, decoded_salt_as_key_header, generated_salt, iv = generate_aes_key()

    body = {"myaccountNumber": "1234567890"}
    header_data = {
        "partner": "ABCD1234",
        "headerToken": "ghjdgjsgj-jdsjgsjg-gjsg-hjsghjs-jsjsgjsg",
    }

    encrypted_request_body = encrypt_body_with_body_public_key(
        body, aes_key, iv
    ).decode()

    headers = {
        "Auth": encrypt_header_with_header_public_key(
            json.dumps(header_data), constants.HEADER_PUBLIC_KEY
        ).decode(),
        "key": decoded_salt_as_key_header,
        "token": generate_jwt(),
        "cache-control": "no-cache",
        "content-type": "application/json",
        "User-Agent": "APIAGENT/7.29.2",
    }

    data = {
        "requestData": encrypted_request_body
    }
    print(data)

    response = httpx.post(
        constants.CHECK_ACOOUNT_ID,
        headers=headers,
        json=json.dumps(data),
    )

    response = response.json()
    print(response)
    encrypted_response = response.get("returnData")

    print("encrypted_response :", encrypted_response)

    # Decrypt the response using the same AES key and IV
    decrypted_response = decrypt_response(encrypted_response, aes_key, iv)

    print(decrypt_response)


if __name__ == "__main__":
    main()

Here is my server response :

{'returnData': 'y7SZOuY+njhjdshjdjfdfhjdsfdh+bdjbjdbjdbjdbcjdbcdjb+tphfbs5LI+29b0plz8aEA+m0bEUQtA1OTS3EpeRfHpLFO1Llyj90ojoSvi1poodGQ53QdFi+6mMxu6hadzexRG+Nc9yLHj263OEnX5Um'}

I am Getting this error while Decrypting :

<code>Traceback (most recent call last):

File "/home/ubuntu/ciprpa/pabitra.py", line 143, in <module>

main()

File "/home/ubuntu/ciprpa/pabitra.py", line 137, in main

decrypted_response = decrypt_response(encrypted_response, aes_key, iv)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/home/ubuntu/ciprpa/pabitra.py", line 56, in decrypt_response

decrypted_padded_data) + unpadder.finalize()

^^^^^^^^^^^^^^^^^^^

File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 136, in finalize

result = _byte_unpadding_check(

^^^^^^^^^^^^^^^^^^^^^^

File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 103, in _byte_unpadding_check

raise ValueError("Invalid padding bytes.")

ValueError: Invalid padding bytes.

</code>

<code>Traceback (most recent call last): File "/home/ubuntu/ciprpa/pabitra.py", line 143, in <module> main() File "/home/ubuntu/ciprpa/pabitra.py", line 137, in main decrypted_response = decrypt_response(encrypted_response, aes_key, iv) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/ubuntu/ciprpa/pabitra.py", line 56, in decrypt_response decrypted_padded_data) + unpadder.finalize() ^^^^^^^^^^^^^^^^^^^ File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 136, in finalize result = _byte_unpadding_check( ^^^^^^^^^^^^^^^^^^^^^^ File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 103, in _byte_unpadding_check raise ValueError("Invalid padding bytes.") ValueError: Invalid padding bytes. </code>

Traceback (most recent call last):
  File "/home/ubuntu/ciprpa/pabitra.py", line 143, in <module>
    main()
  File "/home/ubuntu/ciprpa/pabitra.py", line 137, in main
    decrypted_response = decrypt_response(encrypted_response, aes_key, iv)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ubuntu/ciprpa/pabitra.py", line 56, in decrypt_response
    decrypted_padded_data) + unpadder.finalize()
                             ^^^^^^^^^^^^^^^^^^^
  File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 136, in finalize
    result = _byte_unpadding_check(
             ^^^^^^^^^^^^^^^^^^^^^^
  File "/home/ubuntu/ciprpa/.venv/lib/python3.12/site-packages/cryptography/hazmat/primitives/padding.py", line 103, in _byte_unpadding_check
    raise ValueError("Invalid padding bytes.")
ValueError: Invalid padding bytes.

The Provider Guided I Have to use the same AES_KEY and IV to decrypt the response which I have use to encrypt the request Body and I have Done this and confirmed that the AES_KEY and IV is Same but still getting Invalid Padding bytes

Can Anyone please help me out to solve this issue

Danh mục

This Fuction Encrypting the header

This Function will encrypt the body with AES KEY and IV

This Function Will decrypt the response from the server

This Function Will Generate AES_KEY and IV

This Function Will Finally Encrypt the Request Body with AES KEY AN Iv Using the “encrypt_body_with_aes()” Fuction