diff options
| -rw-r--r-- | src/leap/common/crypto.py | 14 | ||||
| -rw-r--r-- | src/leap/common/events/component.py | 6 | ||||
| -rw-r--r-- | src/leap/common/events/server.py | 4 |
3 files changed, 12 insertions, 12 deletions
diff --git a/src/leap/common/crypto.py b/src/leap/common/crypto.py index 8a2ff20..7f80a8a 100644 --- a/src/leap/common/crypto.py +++ b/src/leap/common/crypto.py @@ -15,13 +15,13 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +import os +import binascii from Crypto.Cipher import AES -from Crypto.Random import random from Crypto.Util import Counter from leap.common.check import leap_assert, leap_assert_type - # # encryption methods # @@ -70,10 +70,10 @@ def encrypt_sym(data, key, method=EncryptionMethods.AES_256_CTR): leap_assert( len(key) == 32, # 32 x 8 = 256 bits. 'Wrong key size: %s bits (must be 256 bits long).' % (len(key)*8)) - iv = random.getrandbits(256) - ctr = Counter.new(128, initial_value=iv) + iv = os.urandom(8) + ctr = Counter.new(64, prefix=iv) cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr) - return iv, cipher.encrypt(data) + return binascii.b2a_base64(iv), cipher.encrypt(data) # raise if method is unknown raise UnknownEncryptionMethod('Unkwnown method: %s' % method) @@ -106,8 +106,8 @@ def decrypt_sym(data, key, method=EncryptionMethods.AES_256_CTR, **kwargs): leap_assert( 'iv' in kwargs, 'AES-256-CTR needs an initial value given as.') - ctr = Counter.new(128, initial_value=kwargs['iv']) - cipher = AES.new(key, AES.MODE_CTR, counter=ctr) + ctr = Counter.new(64, prefix=binascii.a2b_base64(kwargs['iv'])) + cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr) return cipher.decrypt(data) # raise if method is unknown diff --git a/src/leap/common/events/component.py b/src/leap/common/events/component.py index 1669356..9932190 100644 --- a/src/leap/common/events/component.py +++ b/src/leap/common/events/component.py @@ -137,7 +137,7 @@ def register(signal, callback, uid=None, replace=False, reqcbk=None, logger.info( "Sending registration request to server on port %s: %s", server.SERVER_PORT, - str(request)) + str(request)[:40]) return service.register(request, callback=reqcbk, timeout=timeout) @@ -178,7 +178,7 @@ def signal(signal, content="", mac_method="", mac="", reqcbk=None, request.mac = mac service = RpcService(proto.EventsServerService_Stub, server.SERVER_PORT, 'localhost') - logger.info("Sending signal to server: %s", str(request)) + logger.info("Sending signal to server: %s", str(request)[:40]) return service.signal(request, callback=reqcbk, timeout=timeout) @@ -204,7 +204,7 @@ class EventsComponentService(proto.EventsComponentService): :param done: callback to be called when done :type done: protobuf.socketrpc.server.Callback """ - logger.info('Received signal from server: %s' % str(request)) + logger.info('Received signal from server: %s...' % str(request)[:40]) # run registered callbacks # TODO: verify authentication using mac in incoming message diff --git a/src/leap/common/events/server.py b/src/leap/common/events/server.py index 33ba580..1f3a874 100644 --- a/src/leap/common/events/server.py +++ b/src/leap/common/events/server.py @@ -88,7 +88,7 @@ class EventsServerService(proto.EventsServerService): :param done: callback to be called when done :type done: protobuf.socketrpc.server.Callback """ - logger.info("Received registration request: %s" % str(request)) + logger.info("Received registration request: %s..." % str(request)[:40]) # add component port to signal list if request.event not in registered_components: registered_components[request.event] = set([]) @@ -112,7 +112,7 @@ class EventsServerService(proto.EventsServerService): :param done: callback to be called when done :type done: protobuf.socketrpc.server.Callback """ - logger.info('Received signal from component: %s', str(request)) + logger.info('Received signal from component: %s...', str(request)[:40]) # send signal to all registered components # TODO: verify signal auth if request.event in registered_components: |