Browse Source

fixes

dependabot/add-v2-config-file
R4SAS 6 years ago
parent
commit
85cc1454ea
  1. 7
      pbincli/actions.py
  2. 7
      pbincli/api.py
  3. 11
      pbincli/format.py
  4. 1
      pbincli/utils.py

7
pbincli/actions.py

@ -1,4 +1,3 @@
from sys import exit
from pbincli.format import Paste from pbincli.format import Paste
def send(args, api_client): def send(args, api_client):
@ -77,7 +76,7 @@ def get(args, api_client):
try: try:
pasteid, passphrase = args.pasteinfo.split("#") pasteid, passphrase = args.pasteinfo.split("#")
except ValueError as err: except:
print("PBinCLI error: provided info hasn't contain valid PasteID#Passphrase string") print("PBinCLI error: provided info hasn't contain valid PasteID#Passphrase string")
exit(1) exit(1)
@ -123,7 +122,7 @@ def get(args, api_client):
check_writable(filename) check_writable(filename)
with open(filename, "wb") as f: with open(filename, "wb") as f:
f.write(text) f.write(text)
f.close f.close()
attachment, attachment_name = paste.getAttachment() attachment, attachment_name = paste.getAttachment()
@ -133,7 +132,7 @@ def get(args, api_client):
check_writable(attachment_name) check_writable(attachment_name)
with open(attachment_name, "wb") as f: with open(attachment_name, "wb") as f:
f.write(attachment) f.write(attachment)
f.close f.close()
if version == 1 and 'meta' in result and 'burnafterreading' in result['meta'] and result['meta']['burnafterreading']: if version == 1 and 'meta' in result and 'burnafterreading' in result['meta'] and result['meta']['burnafterreading']:
print("Burn afrer reading flag found. Deleting paste...") print("Burn afrer reading flag found. Deleting paste...")

7
pbincli/api.py

@ -19,8 +19,8 @@ class PrivateBin:
try: try:
return result.json() return result.json()
except ValueError as e: except:
print("ERROR: Unable parse response as json. Received (size = {}):\n".format(len(result.text), result.text)) print("ERROR: Unable parse response as json. Received (size = {}):\n{}".format(len(result.text), result.text))
exit(1) exit(1)
@ -40,8 +40,9 @@ class PrivateBin:
headers = self.headers, headers = self.headers,
proxies = self.proxy, proxies = self.proxy,
data = request).json() data = request).json()
except ValueError as e: except:
# unable parse response as json because it can be empty (1.2), so simulate correct answer # unable parse response as json because it can be empty (1.2), so simulate correct answer
print("NOTICE: Received empty response. We interpret that as our paste has already been deleted.")
from json import loads as json_loads from json import loads as json_loads
result = json_loads('{"status":0}') result = json_loads('{"status":0}')

11
pbincli/format.py

@ -89,17 +89,18 @@ class Paste:
return b64encode(self._key).decode() return b64encode(self._key).decode()
def setHash(self, hash): def setHash(self, passphrase):
if self._version == 2: if self._version == 2:
from base58 import b58decode from base58 import b58decode
self._key = b58decode(hash) self._key = b58decode(passphrase)
else: else:
self._key = b64decode(hash) self._key = b64decode(passphrase)
def __deriveKey(self, salt): def __deriveKey(self, salt):
from Crypto.Protocol.KDF import PBKDF2 from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import HMAC, SHA256 from Crypto.Hash import HMAC, SHA256
# Key derivation, using PBKDF2 and SHA256 HMAC # Key derivation, using PBKDF2 and SHA256 HMAC
return PBKDF2( return PBKDF2(
self._key + self._password.encode(), self._key + self._password.encode(),
@ -116,12 +117,15 @@ class Paste:
@classmethod @classmethod
def __initializeCipher(self, key, iv, adata): def __initializeCipher(self, key, iv, adata):
from pbincli.utils import json_encode from pbincli.utils import json_encode
cipher = AES.new(key, AES.MODE_GCM, nonce=iv, mac_len=CIPHER_TAG_BYTES) cipher = AES.new(key, AES.MODE_GCM, nonce=iv, mac_len=CIPHER_TAG_BYTES)
cipher.update(json_encode(adata)) cipher.update(json_encode(adata))
return cipher return cipher
def __preparePassKey(self): def __preparePassKey(self):
from hashlib import sha256
if self._password: if self._password:
digest = sha256(self._password.encode("UTF-8")).hexdigest() digest = sha256(self._password.encode("UTF-8")).hexdigest()
return b64encode(self._key) + digest.encode("UTF-8") return b64encode(self._key) + digest.encode("UTF-8")
@ -243,7 +247,6 @@ class Paste:
self._data = {'v':2,'adata':adata,'ct':b64encode(ciphertext + tag).decode(),'meta':{'expire':expiration}} self._data = {'v':2,'adata':adata,'ct':b64encode(ciphertext + tag).decode(),'meta':{'expire':expiration}}
else: else:
from hashlib import sha256
from sjcl import SJCL from sjcl import SJCL
self._data = {'expire':expiration,'formatter':formatter,'burnafterreading':int(burnafterreading),'opendiscussion':int(discussion)} self._data = {'expire':expiration,'formatter':formatter,'burnafterreading':int(burnafterreading),'opendiscussion':int(discussion)}

1
pbincli/utils.py

@ -1,5 +1,4 @@
import json, ntpath, os import json, ntpath, os
from base64 import b64encode, b64decode
class PBinCLIException(Exception): class PBinCLIException(Exception):
pass pass

Loading…
Cancel
Save