Merge remote-tracking branch 'kali/bug/allow-absolute-paths2' into develop
authorTomás Touceda <chiiph@leap.se>
Tue, 28 May 2013 20:38:30 +0000 (17:38 -0300)
committerTomás Touceda <chiiph@leap.se>
Tue, 28 May 2013 20:38:30 +0000 (17:38 -0300)
src/leap/common/crypto.py
src/leap/common/events/component.py
src/leap/common/events/server.py

index 8a2ff20..7f80a8a 100644 (file)
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 
+import os
+import binascii
 
 from Crypto.Cipher import AES
-from Crypto.Random import random
 from Crypto.Util import Counter
 from leap.common.check import leap_assert, leap_assert_type
 
-
 #
 # encryption methods
 #
@@ -70,10 +70,10 @@ def encrypt_sym(data, key, method=EncryptionMethods.AES_256_CTR):
         leap_assert(
             len(key) == 32,  # 32 x 8 = 256 bits.
             'Wrong key size: %s bits (must be 256 bits long).' % (len(key)*8))
-        iv = random.getrandbits(256)
-        ctr = Counter.new(128, initial_value=iv)
+        iv = os.urandom(8)
+        ctr = Counter.new(64, prefix=iv)
         cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr)
-        return iv, cipher.encrypt(data)
+        return binascii.b2a_base64(iv), cipher.encrypt(data)
 
     # raise if method is unknown
     raise UnknownEncryptionMethod('Unkwnown method: %s' % method)
@@ -106,8 +106,8 @@ def decrypt_sym(data, key, method=EncryptionMethods.AES_256_CTR, **kwargs):
         leap_assert(
             'iv' in kwargs,
             'AES-256-CTR needs an initial value given as.')
-        ctr = Counter.new(128, initial_value=kwargs['iv'])
-        cipher = AES.new(keyAES.MODE_CTR, counter=ctr)
+        ctr = Counter.new(64, prefix=binascii.a2b_base64(kwargs['iv']))
+        cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr)
         return cipher.decrypt(data)
 
     # raise if method is unknown
index 1669356..9932190 100644 (file)
@@ -137,7 +137,7 @@ def register(signal, callback, uid=None, replace=False, reqcbk=None,
     logger.info(
         "Sending registration request to server on port %s: %s",
         server.SERVER_PORT,
-        str(request))
+        str(request)[:40])
     return service.register(request, callback=reqcbk, timeout=timeout)
 
 
@@ -178,7 +178,7 @@ def signal(signal, content="", mac_method="", mac="", reqcbk=None,
     request.mac = mac
     service = RpcService(proto.EventsServerService_Stub, server.SERVER_PORT,
                          'localhost')
-    logger.info("Sending signal to server: %s", str(request))
+    logger.info("Sending signal to server: %s", str(request)[:40])
     return service.signal(request, callback=reqcbk, timeout=timeout)
 
 
@@ -204,7 +204,7 @@ class EventsComponentService(proto.EventsComponentService):
         :param done: callback to be called when done
         :type done: protobuf.socketrpc.server.Callback
         """
-        logger.info('Received signal from server: %s' % str(request))
+        logger.info('Received signal from server: %s...' % str(request)[:40])
 
         # run registered callbacks
         # TODO: verify authentication using mac in incoming message
index 33ba580..1f3a874 100644 (file)
@@ -88,7 +88,7 @@ class EventsServerService(proto.EventsServerService):
         :param done: callback to be called when done
         :type done: protobuf.socketrpc.server.Callback
         """
-        logger.info("Received registration request: %s" % str(request))
+        logger.info("Received registration request: %s..." % str(request)[:40])
         # add component port to signal list
         if request.event not in registered_components:
             registered_components[request.event] = set([])
@@ -112,7 +112,7 @@ class EventsServerService(proto.EventsServerService):
         :param done: callback to be called when done
         :type done: protobuf.socketrpc.server.Callback
         """
-        logger.info('Received signal from component: %s', str(request))
+        logger.info('Received signal from component: %s...', str(request)[:40])
         # send signal to all registered components
         # TODO: verify signal auth
         if request.event in registered_components: