1 In-house removal of PyCrypto dependency in Heat. This patch is |
1 In-house removal of PyCrypto dependency in Heat. This patch is |
2 Solaris-specific and not suitable for upstream. |
2 Solaris-specific and not suitable for upstream. |
3 |
3 |
4 --- heat-2015.1.2/heat/common/crypt.py.~1~ 2015-10-13 09:51:53.000000000 -0700 |
4 --- heat-5e1c8cb19eaee7570c2e1ca96c330b8d7d77a719/heat/common/crypt.py.~2~ 2016-02-02 01:40:32.301153073 -0800 |
5 +++ heat-2015.1.2/heat/common/crypt.py 2016-01-28 00:39:30.968509417 -0800 |
5 +++ heat-5e1c8cb19eaee7570c2e1ca96c330b8d7d77a719/heat/common/crypt.py 2016-02-02 01:40:52.942307172 -0800 |
6 @@ -13,7 +13,6 @@ |
6 @@ -14,7 +14,6 @@ |
7 |
|
8 import base64 |
7 import base64 |
|
8 import sys |
9 |
9 |
10 -from Crypto.Cipher import AES |
10 -from Crypto.Cipher import AES |
|
11 from cryptography import fernet |
11 from oslo_config import cfg |
12 from oslo_config import cfg |
12 |
13 from oslo_utils import encodeutils |
13 from heat.openstack.common.crypto import utils |
14 @@ -88,9 +87,11 @@ def heat_decrypt(value, encryption_key=N |
14 @@ -59,9 +58,11 @@ def heat_decrypt(auth_info): |
15 """ |
15 if auth_info is None: |
16 encryption_key = get_valid_encryption_key(encryption_key) |
16 return None |
17 auth = base64.b64decode(value) |
17 auth = base64.b64decode(auth_info) |
|
18 - iv = auth[:AES.block_size] |
18 - iv = auth[:AES.block_size] |
19 - cipher = AES.new(cfg.CONF.auth_encryption_key[:32], AES.MODE_CFB, iv) |
19 - cipher = AES.new(encryption_key, AES.MODE_CFB, iv) |
20 - res = cipher.decrypt(auth[AES.block_size:]) |
20 - res = cipher.decrypt(auth[AES.block_size:]) |
21 + iv = auth[:16] |
21 + iv = auth[:16] |
22 + cipher = Cipher(alg='aes_256_cfb', key=cfg.CONF.auth_encryption_key[:32], |
22 + cipher = Cipher(alg='aes_256_cfb', key=cfg.CONF.auth_encryption_key[:32], |
23 + iv=iv, op=0) |
23 + iv=iv, op=0) |
24 + padded = cipher.update(auth[16:]) |
24 + padded = cipher.update(auth[16:]) |
25 + res = padded + cipher.final() |
25 + res = padded + cipher.final() |
26 return res |
26 return res |
27 |
27 |
28 |
28 |
29 --- heat-2015.1.2/heat/openstack/common/crypto/utils.py.~1~ 2015-10-13 09:51:50.000000000 -0700 |
29 --- heat-5e1c8cb19eaee7570c2e1ca96c330b8d7d77a719/heat/openstack/common/crypto/utils.py.~2~ 2016-02-02 01:41:07.005491185 -0800 |
30 +++ heat-2015.1.2/heat/openstack/common/crypto/utils.py 2016-01-28 00:39:30.935927064 -0800 |
30 +++ heat-5e1c8cb19eaee7570c2e1ca96c330b8d7d77a719/heat/openstack/common/crypto/utils.py 2016-02-02 01:50:03.227200903 -0800 |
31 @@ -27,8 +27,8 @@ |
31 @@ -27,8 +27,8 @@ |
32 |
32 |
33 import base64 |
33 import base64 |
34 |
34 |
35 -from Crypto.Hash import HMAC |
35 -from Crypto.Hash import HMAC |