Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/heat/patches/04-nopycrypto.patch
author Danek Duvall <danek.duvall@oracle.com>
Tue, 07 Apr 2015 13:31:20 -0700
branchs11-update
changeset 4072 db0cec748ec0
parent 3320 f9d413d0e202
permissions -rw-r--r--
PSARC 2015/110 OpenStack service updates for Juno PSARC 2014/302 oslo.messaging - OpenStack RPC and notifications PSARC 2014/303 concurrent.futures - high-level Python interface for asynchronous execution PSARC 2014/304 networkx - Python module for complex networks PSARC 2014/305 taskflow - Python module for task execution PSARC 2014/329 pycadf - Python interface for CADF (cloud auditing) PSARC 2014/330 posix_ipc - POSIX IPC primitives for Python PSARC 2014/331 oauthlib - Python implementation of OAuth request-signing logic PSARC 2015/058 oslo - OpenStack common libraries (context, db, i18n, middleware, serialization, utils, vmware) PSARC 2015/059 glance_store - Glance storage library PSARC 2015/060 ipaddr - an IPv4/IPv6 manipulation library in Python PSARC 2015/061 simplegeneric - single-dispatch generic Python functions PSARC 2015/062 wsme - Web Services Made Easy PSARC 2015/063 retrying - General purpose Python retrying library PSARC 2015/065 osprofiler - an OpenStack cross-project profiling library PSARC 2015/066 OpenStack client for Sahara (Hadoop as a Service) PSARC 2015/067 keystonemiddleware - Middleware for OpenStack Identity PSARC 2015/068 pyScss - Compiler for the SCSS flavor of the Sass language PSARC 2015/069 django-pyscss - pyScss support for Django PSARC 2015/073 barbicanclient - OpenStack client for Barbican (Key Management) PSARC 2015/074 pysendfile - Python interface to sendfile PSARC 2015/097 ldappool - a connection pool for python-ldap PSARC 2015/098 rfc3986 - URI reference validation module for Python PSARC 2015/102 iniparse - python .ini file parsing module 20667775 OpenStack service updates for Juno (Umbrella) 17511386 sqlalchemy-migrate should lose its bypass-gen tags once sqlalchemy is in the CBE 18293987 /usr/bin/alembic should be shipped 18293992 boto's demo scripts aren't delivered executable 18377642 py.test has a requirement on py 18615101 Horizon should prevent network, subnet, and port names with hyphens in them 18772068 instance failed to launch with NoValidHost but no reason 18887457 openstack shouldn't deliver .po files 18905324 hostname.xml should set config/ignore_dhcp_hostname = true 18961031 Duplicate names for role-create and user-create are allowed 19015363 Users should not be allowed to attempt to create volumes when quota exceed 19044301 boto's dependencies need work 19050335 user appears logged in but unauthorised after horizon reboot 19065699 cinderclient-34 lost in recent upgrade 19131218 solaris.css: 'Delete Interface' button in Router pop-up menu broken 19131507 solaris.css: 'Project Limits' section of Launch Instance pop-up menu broken 19144215 Instance manipulation buttons greyed out after all instances terminated 19249066 heat stack-preview doesn't appear to do anything 19313272 Need bottom slidebar in horizon for small browser windows 19439030 'nova migration-list' returns python error 19462265 The Python module oslo.messaging should be added to Userland 19462397 The Python module futures should be added to Userland 19476604 The Python module networkx should be added to Userland 19476953 The Python module taskflow should be added to Userland 19519227 The Python module pycadf should be added to Userland 19582394 The Python module posix_ipc should be added to Userland 19596691 instance failed to launch, cinder hit resource busy in stmfadm 19598430 The Python module oauthlib should be added to Userland 19649055 FC connection fails when the target_lun is assigned 0 19815780 nova package should have dependencies on brand-solaris and brand-solaris-kz 19883623 Image snapshots are missing 'instance_uuid' property 19887874 horizon should set up apache log rotation 19888859 six should enable its tests now. 19987962 Cinder lists additional volumes attached to instance with linuxy device names 20027791 horizon should be migrated to Apache 2.4 20046570 rabbitmq & rad-evs-controller should be added to group package 20052466 remove _ai_health_check() from driver.py now that 18857274 is integrated 20164815 The Python module django-pyscss should be added to Userland 20173049 The Python module retrying should be added to Userland 20174489 The Python module WSME should be added to Userland 20176001 The Python module keystonemiddleware should be added to Userland 20182039 The Python module pysendfile should be added to Userland 20200162 The Python module pyScss should be added to Userland 20222184 horizon doesn't send start request on shutdown instance 20312312 The Python module python-saharaclient should be added to Userland 20388250 problem in SERVICE/GLANCE 20433402 The fix for 20388250 is incomplete 20514287 wrong vnic label name used for dhcp vnic in evs 20596802 The Python module oslo.middleware should be added to Userland 20596803 The Python module barbicanclient should be added to Userland 20596804 The Python module oslo.context should be added to Userland 20596805 The Python module iniparse should be added to Userland 20596806 The Python module oslo.vmware should be added to Userland 20596807 The Python module osprofiler should be added to Userland 20596808 The Python module oslo.i18n should be added to Userland 20596809 The Python module oslo.utils should be added to Userland 20596811 The Python module ipaddr should be added to Userland 20596812 The Python module glance_store should be added to Userland 20596813 The Python module oslo.serialization should be added to Userland 20596814 The Python module oslo.db should be added to Userland 20596815 The Python module simplegeneric should be added to Userland 20602690 The Python module ldappool should be added to Userland 20602722 The Python module rfc3986 should be added to Userland 20638369 compilemessages.py requires GNU msgfmt without calling gmsgfmt 20715741 cinder 2014.2.2 20715742 glance 2014.2.2 20715743 heat 2014.2.2 20715744 horizon 2014.2.2 20715745 keystone 2014.2.2 20715746 neutron 2014.2.2 20715747 nova 2014.2.2 20715748 swift 2.2.2 20715749 alembic 0.7.4 20715750 amqp 1.4.6 20715751 boto 2.34.0 20715752 ceilometerclient 1.0.12 20715753 cinderclient 1.1.1 20715754 cliff 1.9.0 20715756 django 1.4.19 20739229 Update django to 1.4.20 20715757 django_compressor 1.4 20715758 django_openstack_auth 1.1.9 20715759 eventlet 0.15.2 20715761 glanceclient 0.15.0 20715762 greenlet 0.4.5 20715763 heatclient 0.2.12 20715764 keystoneclient 1.0.0 20715765 kombu 3.0.7 20715766 mysql 1.2.5 20715767 netaddr 0.7.13 20715769 netifaces 0.10.4 20715770 neutronclient 2.3.10 20715771 novaclient 2.20.0 20715772 oslo.config 1.6.0 20715773 py 1.4.26 20715774 pyflakes 0.8.1 20715775 pytest 2.6.4 20715776 pytz 2014.10 20715777 requests 2.6.0 20715778 simplejson 3.6.5 20715779 six 1.9.0 20715780 sqlalchemy-migrate 0.9.1 20715781 sqlalchemy 0.9.8 20715782 stevedore 1.2.0 20715783 swiftclient 2.3.1 20715784 tox 1.8.1 20715785 troveclient 1.0.8 20715786 virtualenv 12.0.7 20715787 websockify 0.6.0 20739215 problem in PYTHON-MOD/DJANGO 20739295 problem in PYTHON-MOD/DJANGO 20816861 zone-vnc-console instance goes in to maintenance 20829672 support flat network type in neutron
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3320
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     1
 
In-house removal of PyCrypto dependency in Heat. This patch is
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     2
 
Solaris-specific and not suitable for upstream.
f9d413d0e202 PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff changeset 
     3
 







4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




     4


--- heat-2014.2.2/heat/common/crypt.py.~1~	2014-12-04 21:02:27.000000000 -0800













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




     5


+++ heat-2014.2.2/heat/common/crypt.py	2015-01-31 16:56:20.917251751 -0800













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




     6


@@ -13,7 +13,7 @@








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     7


 













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




     8


 import base64








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




     9


 








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    10


-from Crypto.Cipher import AES













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    11


+from M2Crypto.EVP import Cipher













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    12


 from oslo.config import cfg













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    13


 








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    14


 from heat.openstack.common.crypto import utils













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    15


@@ -57,7 +57,9 @@ def heat_decrypt(auth_info):








3320






f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    16


     if auth_info is None:













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    17


         return None













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    18


     auth = base64.b64decode(auth_info)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    19


-    iv = auth[:AES.block_size]













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    20


-    cipher = AES.new(cfg.CONF.auth_encryption_key[:32], AES.MODE_CFB, iv)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    21


-    res = cipher.decrypt(auth[AES.block_size:])













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    22


+    iv = auth[:16]













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    23


+    cipher = Cipher(alg='aes_256_cfb', key=cfg.CONF.auth_encryption_key[:32],













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    24


+                    iv=iv, op=0)













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    25


+    padded = cipher.update(auth[16:])













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    26


+    res = padded + cipher.final()













f9d413d0e202
PSARC/2014/236 OpenStack Heat (OpenStack Orchestration Service)



Drew Fisher <drew.fisher@oracle.com>


parents: 

diff
changeset




    27


     return res








4072






db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    28


--- heat-2014.2.2/heat/openstack/common/crypto/utils.py.~1~	2014-12-04 21:02:30.000000000 -0800













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    29


+++ heat-2014.2.2/heat/openstack/common/crypto/utils.py	2015-01-31 16:56:20.917680985 -0800













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    30


@@ -14,8 +14,8 @@













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    31


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    32


 import base64













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    33


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    34


-from Crypto.Hash import HMAC













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    35


-from Crypto import Random













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    36


+from M2Crypto import EVP













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    37


+from M2Crypto import Rand













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    38


 import six













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    39


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    40


 from heat.openstack.common.gettextutils import _













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    41


@@ -23,6 +23,24 @@ from heat.openstack.common import import













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    42


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    43


 bchr = six.int2byte













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    44


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    45


+# Provide a mapping between the names of hash types used by PyCrypto to













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    46


+# their digest sizes and the corresponding algorithm name used by













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    47


+# M2Crypto/OpenSSL.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    48


+hashmap = {













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    49


+    'SHA224':   (28, 'sha224'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    50


+    'SHA256':   (32, 'sha256'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    51


+    'SHA384':   (48, 'sha384'),













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    52


+    'SHA512':   (64, 'sha512')













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    53


+}













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    54


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    55


+# Provide a mapping between the length of a key and the algorithm name













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    56


+# used by M2Crypto/OpenSSL.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    57


+algomap = {













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    58


+    16:         'aes_128_cbc',













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    59


+    24:         'aes_192_cbc',













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    60


+    32:         'aes_256_cbc'













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    61


+}













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    62


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    63


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    64


 class CryptoutilsException(Exception):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    65


     """Generic Exception for Crypto utilities."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    66


@@ -39,6 +57,33 @@ class CipherBlockLengthTooBig(Cryptoutil













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    67


         super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    68


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    69


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    70


+class CipherKeyLengthInvalid(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    71


+    """The encryption key length is invalid for AES-CBC."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    72


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    73


+    def __init__(self, keylen):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    74


+        msg = _("Encryption key length of %d is invalid for AES-CBC.")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    75


+        message = msg % keylen













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    76


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    77


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    78


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    79


+class CipherTypeNotSupported(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    80


+    """The encryption cipher type is not supported."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    81


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    82


+    def __init__(self, enctype):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    83


+        msg = _("Encryption cipher type %s is not supported")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    84


+        message = msg % enctype













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    85


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    86


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    87


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    88


+class HashTypeNotSupported(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    89


+    """The message authentication hash function is not supported."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    90


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    91


+    def __init__(self, hashtype):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    92


+        msg = _("Message authentication hash function %s is not supported")













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    93


+        message = msg % hashtype













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    94


+        super(CryptoutilsException, self).__init__(message)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    95


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    96


+













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    97


 class HKDFOutputLengthTooLong(CryptoutilsException):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    98


     """The amount of Key Material asked is too much."""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




    99


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   100


@@ -55,8 +100,10 @@ class HKDF(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   101


     """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   102


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   103


     def __init__(self, hashtype='SHA256'):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   104


-        self.hashfn = importutils.import_module('Crypto.Hash.' + hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   105


-        self.max_okm_length = 255 * self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   106


+        if hashtype not in hashmap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   107


+            raise HashTypeNotSupported(hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   108


+        (self.digest_size, self.algo) = hashmap[hashtype]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   109


+        self.max_okm_length = 255 * self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   110


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   111


     def extract(self, ikm, salt=None):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   112


         """An extract function that can be used to derive a robust key given













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   113


@@ -67,9 +114,9 @@ class HKDF(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   114


         :param salt: optional salt value (a non-secret random value)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   115


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   116


         if salt is None:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   117


-            salt = b'\x00' * self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   118


+            salt = b'\x00' * self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   119


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   120


-        return HMAC.new(salt, ikm, self.hashfn).digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   121


+        return EVP.hmac(salt, ikm, self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   122


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   123


     def expand(self, prk, info, length):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   124


         """An expand function that will return arbitrary length output that can













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   125


@@ -83,12 +130,12 @@ class HKDF(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   126


         if length > self.max_okm_length:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   127


             raise HKDFOutputLengthTooLong(length, self.max_okm_length)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   128


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   129


-        N = (length + self.hashfn.digest_size - 1) // self.hashfn.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   130


+        N = (length + self.digest_size - 1) // self.digest_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   131


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   132


         okm = b""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   133


         tmp = b""













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   134


         for block in range(1, N + 1):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   135


-            tmp = HMAC.new(prk, tmp + info + bchr(block), self.hashfn).digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   136


+            tmp = EVP.hmac(prk, tmp + info + bchr(block), self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   137


             okm += tmp













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   138


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   139


         return okm[:length]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   140


@@ -108,11 +155,15 @@ class SymmetricCrypto(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   141


     """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   142


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   143


     def __init__(self, enctype='AES', hashtype='SHA256'):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   144


-        self.cipher = importutils.import_module('Crypto.Cipher.' + enctype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   145


-        self.hashfn = importutils.import_module('Crypto.Hash.' + hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   146


+        if enctype != 'AES':













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   147


+            raise CipherTypeNotSupported(enctype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   148


+        if hashtype not in hashmap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   149


+            raise HashTypeNotSupported(hashtype)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   150


+        self.algo = hashmap[hashtype][1]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   151


+        self.block_size = 16













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   152


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   153


     def new_key(self, size):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   154


-        return Random.new().read(size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   155


+        return Rand.rand_bytes(size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   156


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   157


     def encrypt(self, key, msg, b64encode=True):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   158


         """Encrypt the provided msg and returns the cyphertext optionally













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   159


@@ -129,19 +180,14 @@ class SymmetricCrypto(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   160


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   161


         :returns enc: a block of encrypted data.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   162


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   163


-        iv = Random.new().read(self.cipher.block_size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   164


-        cipher = self.cipher.new(key, self.cipher.MODE_CBC, iv)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   165


-













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   166


-        # CBC mode requires a fixed block size. Append padding and length of













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   167


-        # padding.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   168


-        if self.cipher.block_size > MAX_CB_SIZE:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   169


-            raise CipherBlockLengthTooBig(self.cipher.block_size, MAX_CB_SIZE)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   170


-        r = len(msg) % self.cipher.block_size













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   171


-        padlen = self.cipher.block_size - r - 1













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   172


-        msg += b'\x00' * padlen













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   173


-        msg += bchr(padlen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   174


+        keylen = len(key)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   175


+        if keylen not in algomap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   176


+            raise CipherKeyLengthInvalid(keylen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   177


+        iv = Rand.rand_bytes(self.block_size)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   178


+        cipher = EVP.Cipher(algomap[keylen], key, iv, 1)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   179


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   180


-        enc = iv + cipher.encrypt(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   181


+        enc = iv + cipher.update(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   182


+        enc += cipher.final()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   183


         if b64encode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   184


             enc = base64.b64encode(enc)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   185


         return enc













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   186


@@ -157,14 +203,16 @@ class SymmetricCrypto(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   187


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   188


         :returns plain: the plaintext message.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   189


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   190


+        keylen = len(key)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   191


+        if keylen not in algomap:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   192


+            raise CipherKeyLengthInvalid(keylen)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   193


         if b64decode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   194


             msg = base64.b64decode(msg)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   195


-        iv = msg[:self.cipher.block_size]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   196


-        cipher = self.cipher.new(key, self.cipher.MODE_CBC, iv)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   197


+        iv = msg[:self.block_size]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   198


+        cipher = EVP.Cipher(algomap[keylen], key, iv, 0)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   199


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   200


-        padded = cipher.decrypt(msg[self.cipher.block_size:])













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   201


-        l = ord(padded[-1:]) + 1













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   202


-        plain = padded[:-l]













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   203


+        padded = cipher.update(msg[self.block_size:])













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   204


+        plain = padded + cipher.final()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   205


         return plain













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   206


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   207


     def sign(self, key, msg, b64encode=True):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   208


@@ -177,8 +225,7 @@ class SymmetricCrypto(object):













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   209


 













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   210


         :returns out: a base64 encoded signature.













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   211


         """













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   212


-        h = HMAC.new(key, msg, self.hashfn)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   213


-        out = h.digest()













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   214


+        out = EVP.hmac(key, msg, self.algo)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   215


         if b64encode:













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   216


             out = base64.b64encode(out)













db0cec748ec0
PSARC 2015/110 OpenStack service updates for Juno



Danek Duvall <danek.duvall@oracle.com>


parents: 
3320

diff
changeset




   217


         return out















upstream/oracle/userland-gate