Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/heat/patches/02-nopycrypto.patch
author Devjani Ray <devjani.ray@oracle.com>
Fri, 20 May 2016 17:42:29 -0400
branchs11u3-sru
changeset 6035 c9748fcc32de
parent 4072 components/openstack/heat/patches/04-nopycrypto.patch@db0cec748ec0
child 6850 f8d3bc724af7
permissions -rw-r--r--
PSARC 2015/535 OpenStack service updates for Kilo PSARC 2015/458 aioeventlet - asyncio event loop scheduling callbacks in eventlet PSARC 2015/460 msgpack - C/Python bindings for MessagePack (de)serializer data PSARC 2015/466 openstackclient - OpenStack Command-line Client PSARC 2015/467 oslo.versionedobjects - Oslo Versioned Objects library PSARC 2015/468 pint - A physical quantities module PSARC 2015/469 pysaml2 - A pure Python implementation of SAML2 PSARC 2015/471 semantic_version - A library implementing the 'SemVer' scheme PSARC 2015/472 testresources - PyUnit extension for managing expensive test resources PSARC 2015/473 testscenarios - Extensions to Python unittest to support scenarios PSARC 2015/474 trollius - Port of the Tulip project (asyncio module, PEP 3156) on Python 2 PSARC 2015/475 urllib3 - HTTP library with thread-safe connection pooling, file post, and more PSARC 2015/520 oslo.concurrency - Oslo Concurrency library PSARC 2015/521 oslo.log - Oslo Logging Configuration library PSARC 2015/529 oslo.policy - Oslo Policy library PSARC 2015/530 psutil - Python system and process utilities PSARC 2015/538 fixtures - Python module to support reusable state for writing clean tests PSARC 2015/539 sqlparse - An SQL parser module for Python PSARC 2016/017 extras - Useful extra utilities for Python PSARC 2016/018 linecache2 - Port of the standard linecache module PSARC 2016/019 python-mimeparse - Basic functions for parsing mime-types PSARC 2016/020 testtools - Extensions to the Python unit testing framework PSARC 2016/021 traceback2 - Port of the standard traceback module PSARC 2016/014 OpenStack Cinder NFS driver for Solaris PSARC/2016/010 cloudbase-init: Portable cloud image initialization PSARC/2016/130 Solaris OpenStack Puppet Extensions PSARC/2016/172 Making OpenStack Nova's image cache sharable PSARC/2016/001 OpenStack Puppet Modules PSARC/2016/016 Rename/Refactor Puppet and Puppet Module Packages PSARC/2015/368 Common Puppet Modules PSARC 2015/357 OpenStack Nova support for kernel zone suspend/resume 22384068 OpenStack service updates for Kilo (Umbrella) 23205460 Fix for 23192887 breaks Juno to Kilo upgrade with instances and floating IPs 23192887 Upgrade from Juno to Kilo fails (neutron-upgrade) due to typo 22878181 Neutron database tables not upgraded properly from Juno to Kilo schema 22935140 Kilo upgrade adds deprecated settings for rabbit and qpid 22935039 Kilo upgrade conf file migration errors 23027746 Metadata access broken with too many networks 23040216 extra zfssa_ prefix in the zfssa_iscsi.pp backend manifest 22992961 Update saz-memcached to 2.8.1 22992956 Update puppetlabs-stdlib to 4.11.0 22992951 Update puppetlabs-ntp to 4.1.2 22992946 Update puppetlabs-mysql to 3.6.2 22992926 Update puppetlabs-apache to 1.8.1 22992933 Update puppetlabs-inifile to 1.4.3 22999085 apache puppet module doesn't support ssl on Solaris 22985076 neutron_network provider always sets --shared on new networks 22813139 add zfssa cinder puppet modules 22902222 add NFS cinder puppet modules 22918553 update vpnaas and l3 agent puppet modules 22902853 Neutron/VPNaaS needs a workaround for 22902761 22827759 nova-compute still trips over itself when rad:local restarts 20990774 nova image cache bloats clone archives to godzilla size 22750945 Revert resize same host branded zones results in error status 18733958 nova tried to create x86 instance on SPARC 22220227 failure to apply zonecfg in attach_volume can leave debris in zonecfg 22935198 puppetlabs-mysql should define basedir in params.pp 22911268 Update puppetlabs-rabbitmq to 5.3.1 22852949 problem in PYTHON-MOD/DJANGO 22852962 problem in PYTHON-MOD/DJANGO 22819808 target_provision_state should not be set to AVAILABLE 22491714 Request to integrate OpenStack Puppet modules 22713569 nova-conductor doesn't handle RPC timeout during live-migration well 22695176 Miscellaneous package cleanup for Kilo 22694904 Some of the OpenStack patches can be cleaned up 22694680 Dependencies in several OpenStack service packages can be improved 22694592 Several configuration files should be more aligned with the upstream 22575858 problem in SERVICE/SWIFT 22047789 puppet package name and dependencies are confusing 22664785 Puppet module files should be owned by puppet 21460057 Add cloudbase-init to Solaris 21974208 The Python module msgpack should be added to Userland 22010630 The Python trollius module should be added to Userland 22011755 The Python module pint should be added to Userland 22012256 The Python aioeventlet module should be added to Userland 22012282 The Python oslo.versionedobjects module should be added to Userland 22012317 The Python semantic_version module should be added to Userland 22012321 The Python testresources module should be added to Userland 22012329 The Python testscenarios module should be added to Userland 22012336 The Python urllib3 module should be added to Userland 22012343 The Python openstackclient module should be added to Userland 22299389 The Python oslo.concurrency module should be added to Userland 22299409 The Python oslo.log module should be added to Userland 22299418 The Python oslo.policy module should be added to Userland 22299469 The Python psutil module should be added to Userland 22337793 The Python sqlparse module should be added to Userland 22338325 The Python fixtures module should be added to Userland 22535728 The Python testtools module should be added to Userland 22535739 The Python extras module should be added to Userland 22535748 The Python linecache2 module should be added to Userland 22535753 The Python traceback2 module should be added to Userland 22535760 The Python python-mimeparse module should be added to Userland 18961001 Image filtering does not function as expected 21678935 NFS for Cinder in Solaris OpenStack 22548630 derived manifest should not enforce presence of global when installing from UAR 22629795 problem in SERVICE/KEYSTONE 22151922 zones_suspend_path needs update based on post-PSARC discussion 21660603 passlib dependency needs to be added to Nova 22188197 puppetlabs-rabbitmq needs a patch to handle rabbitmqadmin 21756542 problem in SERVICE/SWIFT 21978756 addrconf addresses must be created for stateless and slaac Neutron subnets 21978743 ndpd.conf entries are incorrectly formatted for IPv6 subnets 21919000 neutron-dhcp-agent and neutron-server have timing issues 21918991 database times out when attempting various actions 21682493 Neutron fails due to mysql transaction locks when creating multiple instances 22024767 Remove annoying "Arguments dropped when creating context" logging 21691386 Request to integrate common puppet modules into Userland 21630128 Neutron needs to support updating subnet DNS configuration 21761279 Driver erroneously includes trailing space in zone.install() arguments 21438537 After update, openstack/keystone/keystone-token-flush not running 21630538 Nova driver should support suspend/resume 21542088 VM's display_name is used instead of hostname to set the hostname for VM 19774239 Nova should support setting the Admin Password 21439855 Console SMF instance remains after nova instance is deleted 21348400 Issues encountered via unit testing 21341088 Parsing manifest/profiles fails if multiple criteria present 21303465 edit image window has no ZFS disk format option 21091598 ceilometerclient's Makefile needs to point to its own PROJECT_URL 21164329 saharaclient COMPONENT_BUGDB points to the wrong subcomponent 20431382 keystone should include a periodic token cleanup job 21299660 enable no-gateway check box now that we support it 21135855 Enable gateway-less external networks 20230409 remove _get_zone_auto_install_state from driver.py 21022556 optional dependencies on rabbitmq need work in OpenStack services 22568587 heat denial of service through template-validate 22157556 RabbitMQ Warning: Mochiweb enabled and Erlang version 17
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3320
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     1
 
In-house removal of PyCrypto dependency in Heat. This patch is
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     2
 
Solaris-specific and not suitable for upstream.
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     3
 







6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




     4


--- heat-2015.1.2/heat/common/crypt.py.~1~	2015-10-13 09:51:53.000000000 -0700













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




     5


+++ heat-2015.1.2/heat/common/crypt.py	2016-01-28 00:39:30.968509417 -0800













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




     6


@@ -13,7 +13,6 @@








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     7


 













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     8


 import base64








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




     9


 








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    10


-from Crypto.Cipher import AES








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    11


 from oslo_config import cfg








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    12


 








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    13


 from heat.openstack.common.crypto import utils








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    14


@@ -59,9 +58,11 @@ def heat_decrypt(auth_info):








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    15


     if auth_info is None:













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    16


         return None













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    17


     auth = base64.b64decode(auth_info)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    18


-    iv = auth[:AES.block_size]













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    19


-    cipher = AES.new(cfg.CONF.auth_encryption_key[:32], AES.MODE_CFB, iv)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    20


-    res = cipher.decrypt(auth[AES.block_size:])













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    21


+    iv = auth[:16]













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    22


+    cipher = Cipher(alg='aes_256_cfb', key=cfg.CONF.auth_encryption_key[:32],













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    23


+                    iv=iv, op=0)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    24


+    padded = cipher.update(auth[16:])













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    25


+    res = padded + cipher.final()













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    26


     return res








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    27


 













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    28


 













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    29


--- heat-2015.1.2/heat/openstack/common/crypto/utils.py.~1~	2015-10-13 09:51:50.000000000 -0700













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    30


+++ heat-2015.1.2/heat/openstack/common/crypto/utils.py	2016-01-28 00:39:30.935927064 -0800













c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    31


@@ -27,8 +27,8 @@








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    32


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    33


 import base64













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    34


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    35


-from Crypto.Hash import HMAC













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    36


-from Crypto import Random













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    37


+from M2Crypto import EVP













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    38


+from M2Crypto import Rand








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    39


 from oslo_utils import importutils








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    40


 import six













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    41


 








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    42


@@ -36,6 +36,24 @@ from heat.openstack.common._i18n import








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    43


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    44


 bchr = six.int2byte













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    45


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    46


+# Provide a mapping between the names of hash types used by PyCrypto to













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    47


+# their digest sizes and the corresponding algorithm name used by













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    48


+# M2Crypto/OpenSSL.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    49


+hashmap = {













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    50


+    'SHA224':   (28, 'sha224'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    51


+    'SHA256':   (32, 'sha256'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    52


+    'SHA384':   (48, 'sha384'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    53


+    'SHA512':   (64, 'sha512')













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    54


+}













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    55


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    56


+# Provide a mapping between the length of a key and the algorithm name













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    57


+# used by M2Crypto/OpenSSL.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    58


+algomap = {













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    59


+    16:         'aes_128_cbc',













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    60


+    24:         'aes_192_cbc',













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    61


+    32:         'aes_256_cbc'













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    62


+}













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    63


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    64


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    65


 class CryptoutilsException(Exception):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    66


     """Generic Exception for Crypto utilities."""








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




    67


@@ -52,6 +70,33 @@ class CipherBlockLengthTooBig(Cryptoutil








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    68


         super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    69


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    70


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    71


+class CipherKeyLengthInvalid(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    72


+    """The encryption key length is invalid for AES-CBC."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    73


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    74


+    def __init__(self, keylen):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    75


+        msg = _("Encryption key length of %d is invalid for AES-CBC.")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    76


+        message = msg % keylen













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    77


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    78


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    79


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    80


+class CipherTypeNotSupported(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    81


+    """The encryption cipher type is not supported."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    82


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    83


+    def __init__(self, enctype):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    84


+        msg = _("Encryption cipher type %s is not supported")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    85


+        message = msg % enctype













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    86


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    87


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    88


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    89


+class HashTypeNotSupported(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    90


+    """The message authentication hash function is not supported."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    91


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    92


+    def __init__(self, hashtype):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    93


+        msg = _("Message authentication hash function %s is not supported")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    94


+        message = msg % hashtype













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    95


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    96


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    97


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    98


 class HKDFOutputLengthTooLong(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    99


     """The amount of Key Material asked is too much."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   100


 








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   101


@@ -68,8 +113,10 @@ class HKDF(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   102


     """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   103


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   104


     def __init__(self, hashtype='SHA256'):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   105


-        self.hashfn = importutils.import_module('Crypto.Hash.' + hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   106


-        self.max_okm_length = 255 * self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   107


+        if hashtype not in hashmap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   108


+            raise HashTypeNotSupported(hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   109


+        (self.digest_size, self.algo) = hashmap[hashtype]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   110


+        self.max_okm_length = 255 * self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   111


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   112


     def extract(self, ikm, salt=None):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   113


         """An extract function that can be used to derive a robust key given








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   114


@@ -80,9 +127,9 @@ class HKDF(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   115


         :param salt: optional salt value (a non-secret random value)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   116


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   117


         if salt is None:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   118


-            salt = b'\x00' * self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   119


+            salt = b'\x00' * self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   120


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   121


-        return HMAC.new(salt, ikm, self.hashfn).digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   122


+        return EVP.hmac(salt, ikm, self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   123


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   124


     def expand(self, prk, info, length):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   125


         """An expand function that will return arbitrary length output that can








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   126


@@ -96,12 +143,12 @@ class HKDF(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   127


         if length > self.max_okm_length:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   128


             raise HKDFOutputLengthTooLong(length, self.max_okm_length)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   129


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   130


-        N = (length + self.hashfn.digest_size - 1) // self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   131


+        N = (length + self.digest_size - 1) // self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   132


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   133


         okm = b""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   134


         tmp = b""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   135


         for block in range(1, N + 1):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   136


-            tmp = HMAC.new(prk, tmp + info + bchr(block), self.hashfn).digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   137


+            tmp = EVP.hmac(prk, tmp + info + bchr(block), self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   138


             okm += tmp













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   139


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   140


         return okm[:length]








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   141


@@ -121,11 +168,15 @@ class SymmetricCrypto(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   142


     """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   143


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   144


     def __init__(self, enctype='AES', hashtype='SHA256'):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   145


-        self.cipher = importutils.import_module('Crypto.Cipher.' + enctype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   146


-        self.hashfn = importutils.import_module('Crypto.Hash.' + hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   147


+        if enctype != 'AES':













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   148


+            raise CipherTypeNotSupported(enctype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   149


+        if hashtype not in hashmap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   150


+            raise HashTypeNotSupported(hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   151


+        self.algo = hashmap[hashtype][1]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   152


+        self.block_size = 16













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   153


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   154


     def new_key(self, size):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   155


-        return Random.new().read(size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   156


+        return Rand.rand_bytes(size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   157


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   158


     def encrypt(self, key, msg, b64encode=True):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   159


         """Encrypt the provided msg and returns the cyphertext optionally








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   160


@@ -142,19 +193,14 @@ class SymmetricCrypto(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   161


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   162


         :returns enc: a block of encrypted data.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   163


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   164


-        iv = Random.new().read(self.cipher.block_size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   165


-        cipher = self.cipher.new(key, self.cipher.MODE_CBC, iv)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   166


-













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   167


-        # CBC mode requires a fixed block size. Append padding and length of













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   168


-        # padding.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   169


-        if self.cipher.block_size > MAX_CB_SIZE:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   170


-            raise CipherBlockLengthTooBig(self.cipher.block_size, MAX_CB_SIZE)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   171


-        r = len(msg) % self.cipher.block_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   172


-        padlen = self.cipher.block_size - r - 1













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   173


-        msg += b'\x00' * padlen













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   174


-        msg += bchr(padlen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   175


+        keylen = len(key)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   176


+        if keylen not in algomap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   177


+            raise CipherKeyLengthInvalid(keylen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   178


+        iv = Rand.rand_bytes(self.block_size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   179


+        cipher = EVP.Cipher(algomap[keylen], key, iv, 1)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   180


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   181


-        enc = iv + cipher.encrypt(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   182


+        enc = iv + cipher.update(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   183


+        enc += cipher.final()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   184


         if b64encode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   185


             enc = base64.b64encode(enc)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   186


         return enc








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   187


@@ -170,14 +216,16 @@ class SymmetricCrypto(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   188


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   189


         :returns plain: the plaintext message.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   190


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   191


+        keylen = len(key)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   192


+        if keylen not in algomap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   193


+            raise CipherKeyLengthInvalid(keylen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   194


         if b64decode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   195


             msg = base64.b64decode(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   196


-        iv = msg[:self.cipher.block_size]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   197


-        cipher = self.cipher.new(key, self.cipher.MODE_CBC, iv)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   198


+        iv = msg[:self.block_size]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   199


+        cipher = EVP.Cipher(algomap[keylen], key, iv, 0)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   200


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   201


-        padded = cipher.decrypt(msg[self.cipher.block_size:])













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   202


-        l = ord(padded[-1:]) + 1













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   203


-        plain = padded[:-l]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   204


+        padded = cipher.update(msg[self.block_size:])













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   205


+        plain = padded + cipher.final()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   206


         return plain













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   207


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   208


     def sign(self, key, msg, b64encode=True):








6035






c9748fcc32de
PSARC 2015/535 OpenStack service updates for Kilo



Devjani Ray <devjani.ray@oracle.com>


parents: 
4072

diff
changeset




   209


@@ -190,8 +238,7 @@ class SymmetricCrypto(object):








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   210


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   211


         :returns out: a base64 encoded signature.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   212


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   213


-        h = HMAC.new(key, msg, self.hashfn)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   214


-        out = h.digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   215


+        out = EVP.hmac(key, msg, self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   216


         if b64encode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   217


             out = base64.b64encode(out)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   218


         return out















upstream/oracle/userland-gate