2 Solaris-specific and not suitable for upstream. |
2 Solaris-specific and not suitable for upstream. |
3 |
3 |
4 Convert urlsafe_encrypt() and urlsafe_decrypt() to use M2Crypto instead |
4 Convert urlsafe_encrypt() and urlsafe_decrypt() to use M2Crypto instead |
5 of PyCrypto. |
5 of PyCrypto. |
6 |
6 |
7 --- glance-2013.1.4/glance.egg-info/requires.txt.orig Thu Jan 16 22:08:47 2014 |
7 --- glance-2013.2.3/glance/common/crypt.py.orig 2014-04-03 11:43:55.000000000 -0700 |
8 +++ glance-2013.1.4/glance.egg-info/requires.txt Thu Jan 16 22:23:01 2014 |
8 +++ glance-2013.2.3/glance/common/crypt.py 2014-05-19 03:47:07.005226253 -0700 |
9 @@ -11,7 +11,7 @@ |
|
10 sqlalchemy-migrate>=0.7 |
|
11 httplib2 |
|
12 kombu |
|
13 -pycrypto>=2.1.0alpha1 |
|
14 +M2Crypto>=0.21.1 |
|
15 iso8601>=0.1.4 |
|
16 oslo.config>=1.1.0 |
|
17 python-swiftclient>=1.2,<2 |
|
18 --- glance-2013.1.4/glance/common/crypt.py.orig Thu Oct 17 11:22:18 2013 |
|
19 +++ glance-2013.1.4/glance/common/crypt.py Thu Jan 16 22:42:41 2014 |
|
20 @@ -4,6 +4,8 @@ |
9 @@ -4,6 +4,8 @@ |
21 # Copyright 2011 OpenStack LLC. |
10 # Copyright 2011 OpenStack LLC. |
22 # All Rights Reserved. |
11 # All Rights Reserved. |
23 # |
12 # |
24 +# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
13 +# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
25 +# |
14 +# |
26 # Licensed under the Apache License, Version 2.0 (the "License"); you may |
15 # Licensed under the Apache License, Version 2.0 (the "License"); you may |
27 # not use this file except in compliance with the License. You may obtain |
16 # not use this file except in compliance with the License. You may obtain |
28 # a copy of the License at |
17 # a copy of the License at |
29 @@ -21,12 +23,27 @@ |
18 @@ -21,10 +23,26 @@ |
30 """ |
19 """ |
31 |
20 |
32 import base64 |
21 import base64 |
33 +import os |
22 +import os |
|
23 + |
|
24 +from M2Crypto.EVP import Cipher |
|
25 + |
|
26 +from glance.common import exception |
|
27 + |
34 |
28 |
35 -from Crypto.Cipher import AES |
29 -from Crypto.Cipher import AES |
36 -from Crypto import Random |
30 -from Crypto import Random |
37 -from Crypto.Random import random |
31 -from Crypto.Random import random |
38 +from M2Crypto.EVP import Cipher |
|
39 |
|
40 +from glance.common import exception |
|
41 |
|
42 + |
|
43 +def _key_to_alg(key): |
32 +def _key_to_alg(key): |
44 + """Return a M2Crypto-compatible AES-CBC algorithm name given a key.""" |
33 + """Return a M2Crypto-compatible AES-CBC algorithm name given a key.""" |
45 + aes_algs = { |
34 + aes_algs = { |
46 + 128: 'aes_128_cbc', |
35 + 128: 'aes_128_cbc', |
47 + 192: 'aes_192_cbc', |
36 + 192: 'aes_192_cbc', |
51 + keylen = 8 * len(key) |
40 + keylen = 8 * len(key) |
52 + if keylen not in aes_algs: |
41 + if keylen not in aes_algs: |
53 + msg = ('Invalid AES key length, %d bits') % keylen |
42 + msg = ('Invalid AES key length, %d bits') % keylen |
54 + raise exception.Invalid(msg) |
43 + raise exception.Invalid(msg) |
55 + return aes_algs[keylen] |
44 + return aes_algs[keylen] |
56 + |
45 |
|
46 |
57 def urlsafe_encrypt(key, plaintext, blocksize=16): |
47 def urlsafe_encrypt(key, plaintext, blocksize=16): |
58 """ |
48 @@ -36,20 +54,12 @@ |
59 Encrypts plaintext. Resulting ciphertext will contain URL-safe characters |
|
60 @@ -36,20 +53,12 @@ |
|
61 |
49 |
62 :returns : Resulting ciphertext |
50 :returns : Resulting ciphertext |
63 """ |
51 """ |
64 - def pad(text): |
52 - def pad(text): |
65 - """ |
53 - """ |
80 + padded = cipher.update(str(plaintext)) |
68 + padded = cipher.update(str(plaintext)) |
81 + padded = padded + cipher.final() |
69 + padded = padded + cipher.final() |
82 return base64.urlsafe_b64encode(init_vector + padded) |
70 return base64.urlsafe_b64encode(init_vector + padded) |
83 |
71 |
84 |
72 |
85 @@ -63,6 +72,7 @@ |
73 @@ -63,6 +73,7 @@ |
86 """ |
74 """ |
87 # Cast from unicode |
75 # Cast from unicode |
88 ciphertext = base64.urlsafe_b64decode(str(ciphertext)) |
76 ciphertext = base64.urlsafe_b64decode(str(ciphertext)) |
89 - cypher = AES.new(key, AES.MODE_CBC, ciphertext[:16]) |
77 - cypher = AES.new(key, AES.MODE_CBC, ciphertext[:16]) |
90 - padded = cypher.decrypt(ciphertext[16:]) |
78 - padded = cypher.decrypt(ciphertext[16:]) |
91 - return padded[:padded.rfind(chr(0))] |
79 - return padded[:padded.rfind(chr(0))] |
92 + cipher = Cipher(alg=_key_to_alg(key), key=key, iv=ciphertext[:16], op=0) |
80 + cipher = Cipher(alg=_key_to_alg(key), key=key, iv=ciphertext[:16], op=0) |
93 + padded = cipher.update(ciphertext[16:]) |
81 + padded = cipher.update(ciphertext[16:]) |
94 + padded = padded + cipher.final() |
82 + padded = padded + cipher.final() |
95 + return padded |
83 + return padded |
96 --- glance-2013.1.4/tools/pip-requires.orig Thu Oct 17 11:22:19 2013 |
|
97 +++ glance-2013.1.4/tools/pip-requires Thu Jan 16 22:22:56 2014 |
|
98 @@ -15,7 +15,7 @@ |
|
99 sqlalchemy-migrate>=0.7 |
|
100 httplib2 |
|
101 kombu |
|
102 -pycrypto>=2.1.0alpha1 |
|
103 +M2Crypto>=0.21.1 |
|
104 iso8601>=0.1.4 |
|
105 oslo.config>=1.1.0 |
|
106 |
|