github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-07-06 21:21:15 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Replace PyCryptodome with Cryptography

Browse source
This commit is contained in:
JonnyWong16 2024-08-16 20:00:17 -07:00
parent cf8fb2e65d
commit 14c9c7a393
No known key found for this signature in database
GPG key ID: B1F1F9807184697A
2 changed files with 18 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
package/requirements-package.txt
View file

@ -1,9 +1,9 @@
apscheduler==3.10.1 apscheduler==3.10.1
cryptography==43.0.0
importlib-metadata==8.2.0 importlib-metadata==8.2.0
importlib-resources==6.4.0 importlib-resources==6.4.0
pyinstaller==6.8.0 pyinstaller==6.8.0
pyopenssl==24.2.1 pyopenssl==24.2.1
pycryptodomex==3.20.0
pyobjc-core==10.3.1; platform_system == "Darwin" pyobjc-core==10.3.1; platform_system == "Darwin"
pyobjc-framework-Cocoa==10.3.1; platform_system == "Darwin" pyobjc-framework-Cocoa==10.3.1; platform_system == "Darwin"

42
plexpy/notifiers.py
View file

@ -38,20 +38,12 @@ import requests
from requests.auth import HTTPBasicAuth from requests.auth import HTTPBasicAuth
try: try:
from Cryptodome.Protocol.KDF import PBKDF2 from cryptography.hazmat.primitives import hashes
from Cryptodome.Cipher import AES from cryptography.hazmat.primitives.ciphers.aead import AESGCM
from Cryptodome.Random import get_random_bytes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from Cryptodome.Hash import SHA256 _CRYPTOGRAPHY = True
CRYPTODOME = True
except ImportError: except ImportError:
try: _CRYPTOGRAPHY = False
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Hash import SHA256
CRYPTODOME = True
except ImportError:
CRYPTODOME = False
import gntp.notifier import gntp.notifier
import facebook import facebook
@ -4030,21 +4022,21 @@ class TAUTULLIREMOTEAPP(Notifier):
#logger.debug("Plaintext data: {}".format(plaintext_data)) #logger.debug("Plaintext data: {}".format(plaintext_data))
if CRYPTODOME: if _CRYPTOGRAPHY:
# Key generation # Key generation
salt = get_random_bytes(16) salt = os.urandom(16)
passphrase = device['device_token'] passphrase = device['device_token']
key_length = 32 # AES256 key_length = 32 # AES256
iterations = 600000 iterations = 600000
key = PBKDF2(passphrase, salt, dkLen=key_length, count=iterations, hmac_hash_module=SHA256) kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=key_length, salt=salt, iterations=iterations)
key = kdf.derive(passphrase.encode())
#logger.debug("Encryption key (base64): {}".format(base64.b64encode(key))) #logger.debug("Encryption key (base64): {}".format(base64.b64encode(key)))
# Encrypt using AES GCM # Encrypt using AES GCM
nonce = get_random_bytes(16) nonce = os.urandom(16)
cipher = AES.new(key, AES.MODE_GCM, nonce) cipher = AESGCM(key)
encrypted_data, gcm_tag = cipher.encrypt_and_digest(json.dumps(plaintext_data).encode('utf-8')) encrypted_data = cipher.encrypt(nonce, json.dumps(plaintext_data).encode('utf-8'), None)
encrypted_data += gcm_tag
#logger.debug("Encrypted data (base64): {}".format(base64.b64encode(encrypted_data))) #logger.debug("Encrypted data (base64): {}".format(base64.b64encode(encrypted_data)))
#logger.debug("GCM tag (base64): {}".format(base64.b64encode(gcm_tag))) #logger.debug("GCM tag (base64): {}".format(base64.b64encode(gcm_tag)))
@ -4062,7 +4054,7 @@ class TAUTULLIREMOTEAPP(Notifier):
'server_id': plexpy.CONFIG.PMS_UUID} 'server_id': plexpy.CONFIG.PMS_UUID}
} }
else: else:
logger.warn("Tautulli Notifiers :: PyCryptodome library is missing. " logger.warn("Tautulli Notifiers :: Cryptography library is missing. "
"Tautulli Remote app notifications will be sent unecrypted. " "Tautulli Remote app notifications will be sent unecrypted. "
"Install the library to encrypt the notifications.") "Install the library to encrypt the notifications.")
@ -4094,22 +4086,22 @@ class TAUTULLIREMOTEAPP(Notifier):
def _return_config_options(self): def _return_config_options(self):
config_option = [] config_option = []
if not CRYPTODOME: if not _CRYPTOGRAPHY:
config_option.append({ config_option.append({
'label': 'Warning', 'label': 'Warning',
'description': '<strong>The PyCryptodome library is missing. ' 'description': '<strong>The Cryptography library is missing. '
'The content of your notifications will be sent unencrypted!</strong><br>' 'The content of your notifications will be sent unencrypted!</strong><br>'
'Please install the library to encrypt the notification contents. ' 'Please install the library to encrypt the notification contents. '
'Instructions can be found in the ' 'Instructions can be found in the '
'<a href="' + helpers.anon_url( '<a href="' + helpers.anon_url(
'https://github.com/%s/%s/wiki/Frequently-Asked-Questions#notifications-pycryptodome' 'https://github.com/%s/%s/wiki/Frequently-Asked-Questions#notifications-cryptography'
% (plexpy.CONFIG.GIT_USER, plexpy.CONFIG.GIT_REPO)) + '" target="_blank" rel="noreferrer">FAQ</a>.' , % (plexpy.CONFIG.GIT_USER, plexpy.CONFIG.GIT_REPO)) + '" target="_blank" rel="noreferrer">FAQ</a>.' ,
'input_type': 'help' 'input_type': 'help'
}) })
else: else:
config_option.append({ config_option.append({
'label': 'Note', 'label': 'Note',
'description': 'The PyCryptodome library was found. ' 'description': 'The Cryptography library was found. '
'The content of your notifications will be sent encrypted!', 'The content of your notifications will be sent encrypted!',
'input_type': 'help' 'input_type': 'help'
}) })