def encrypt_image(self, file): print 'Encrypting image' enc_file = '%s.part' % file.replace('.tar.gz', '') # get 17 bytes of randomness with top bit a '1'. # convert to a hex string like '0x<34 hex chars>L' # then take the last 32 of the hex digits, giving 32 random hex chars key = hex(BN.rand(17 * 8, top=0))[4:36] if self.euca.debug: print 'Key: %s' % key iv = hex(BN.rand(17 * 8, top=0))[4:36] if self.euca.debug: print 'IV: %s' % iv k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(key), iv=unhexlify(iv), op=1) in_file = open(file, 'rb') out_file = open(enc_file, 'wb') self.crypt_file(k, in_file, out_file) in_file.close() out_file.close() bundled_size = os.path.getsize(enc_file) return (enc_file, key, iv, bundled_size)
def test_rand_range(self): # small range for x in range(loops): r = BN.rand_range(1) assert r == 0 for x in range(loops): r = BN.rand_range(4) assert 0 <= r < 4 # large range r512 = BN.rand(512, top=0) for x in range(loops): r = BN.rand_range(r512) assert 0 <= r < r512
def test_rand_range(self): # small range for _ in range(loops): r = BN.rand_range(1) self.assertEqual(r, 0) for _ in range(loops): r = BN.rand_range(4) assert 0 <= r < 4 # large range r512 = BN.rand(512, top=0) for _ in range(loops): r = BN.rand_range(r512) assert 0 <= r < r512
def test_randfname(self): m = re.compile('^[a-zA-Z0-9]{8}$') for x in range(loops): with warnings.catch_warnings(): warnings.simplefilter('ignore', DeprecationWarning) r = BN.randfname(8) assert m.match(r)
def encrypt_image(self, file): self._logger.info('Encrypting image') enc_file = '%s.part' % file.replace('.tar.gz', '') key = hex(BN.rand(16 * 8))[2:34].replace('L', 'c') iv = hex(BN.rand(16 * 8))[2:34].replace('L', 'c') self._logger.debug('Key: %s', key) self._logger.debug('IV: %s', iv) k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(key), iv=unhexlify(iv), op=1) in_file = open(file) out_file = open(enc_file, 'wb') self.crypt_file(k, in_file, out_file) in_file.close() out_file.close() bundled_size = os.path.getsize(enc_file) return (enc_file, key, iv, bundled_size)
def encrypt_image(self, file): print('Encrypting image') enc_file = '%s.part' % file.replace('.tar.gz', '') # get 17 bytes of randomness with top bit a '1'. # convert to a hex string like '0x<34 hex chars>L' # then take the last 32 of the hex digits, giving 32 random hex chars gen_key = hex(BN.rand(17 * 8, top=0)) key = gen_key[4:36] if self.euca.debug: print('Key: %s' % gen_key) gen_iv = hex(BN.rand(17 * 8, top=0)) iv = gen_iv[4:36] if self.euca.debug: print('IV: %s' % gen_iv) try: k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(key), iv=unhexlify(iv), op=1) except TypeError: print(file=sys.stderr) print('WARNING: retrying encryption to work around a rare RNG bug', file=sys.stderr) print( 'Please report the following values to Eucalyptus Systems at', file=sys.stderr) print('https://eucalyptus.atlassian.net/browse/TOOLS-103 to help', file=sys.stderr) print('diagnose this issue.', file=sys.stderr) print('k: ', key, file=sys.stderr) print('iv:', iv, file=sys.stderr) print(file=sys.stderr) return self.encrypt_image(file) in_file = open(file, 'rb') out_file = open(enc_file, 'wb') self.crypt_file(k, in_file, out_file) in_file.close() out_file.close() bundled_size = os.path.getsize(enc_file) return (enc_file, key, iv, bundled_size)
def mount_image(self, image_path): utils.check_prerequisite_command('mount') tmp_mnt_point = '/tmp/%s' % hex(BN.rand(16))[2:6] if not os.path.exists(tmp_mnt_point): os.makedirs(tmp_mnt_point) if self.euca.debug: print 'Creating loopback device...' loop_dev = self.create_loopback(image_path) if self.euca.debug: print 'Mounting image...' subprocess.Popen(['mount', loop_dev, tmp_mnt_point], stdout=subprocess.PIPE).communicate() return (tmp_mnt_point, loop_dev)
def mount_image(self, image_path): utils.check_prerequisite_command('mount') tmp_mnt_point = '/tmp/%s' % hex(BN.rand(16))[2:6] if not os.path.exists(tmp_mnt_point): os.makedirs(tmp_mnt_point) if self.euca.debug: print('Creating loopback device...') loop_dev = self.create_loopback(image_path) if self.euca.debug: print('Mounting image...') subprocess.Popen(['mount', loop_dev, tmp_mnt_point], stdout=subprocess.PIPE).communicate() return (tmp_mnt_point, loop_dev)
def encrypt_image(self, file): print('Encrypting image') enc_file = '%s.part' % file.replace('.tar.gz', '') # get 17 bytes of randomness with top bit a '1'. # convert to a hex string like '0x<34 hex chars>L' # then take the last 32 of the hex digits, giving 32 random hex chars gen_key = hex(BN.rand(17 * 8,top=0)) key = gen_key[4:36] if self.euca.debug: print('Key: %s' % gen_key) gen_iv = hex(BN.rand(17 * 8,top=0)) iv = gen_iv[4:36] if self.euca.debug: print('IV: %s' % gen_iv) try: k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(key), iv=unhexlify(iv), op=1) except TypeError: print(file=sys.stderr) print('WARNING: retrying encryption to work around a rare RNG bug', file=sys.stderr) print('Please report the following values to Eucalyptus Systems at', file=sys.stderr) print('https://eucalyptus.atlassian.net/browse/TOOLS-103 to help', file=sys.stderr) print('diagnose this issue.', file=sys.stderr) print('k: ', key, file=sys.stderr) print('iv:', iv, file=sys.stderr) print(file=sys.stderr) return self.encrypt_image(file) in_file = open(file, 'rb') out_file = open(enc_file, 'wb') self.crypt_file(k, in_file, out_file) in_file.close() out_file.close() bundled_size = os.path.getsize(enc_file) return (enc_file, key, iv, bundled_size)
def encrypt_image(self, file): print 'Encrypting image' enc_file = '%s.part' % file.replace('.tar.gz', '') # get 17 bytes of randomness with top bit a '1'. # convert to a hex string like '0x<34 hex chars>L' # then take the last 32 of the hex digits, giving 32 random hex chars key = hex(BN.rand(17 * 8,top=0))[4:36] if self.euca.debug: print 'Key: %s' % key iv = hex(BN.rand(17 * 8,top=0))[4:36] if self.euca.debug: print 'IV: %s' % iv k = EVP.Cipher(alg='aes_128_cbc', key=unhexlify(key), iv=unhexlify(iv), op=1) in_file = open(file, 'rb') out_file = open(enc_file, 'wb') self.crypt_file(k, in_file, out_file) in_file.close() out_file.close() bundled_size = os.path.getsize(enc_file) return (enc_file, key, iv, bundled_size)
def test_randfname(self): m = re.compile('^[a-zA-Z0-9]{8}$') for x in range(loops): r = BN.randfname(8) assert m.match(r)
def test_rand(self): # defaults for x in range(loops): r8 = BN.rand(8) # top for x in range(loops): r8 = BN.rand(8, top=0) assert r8 & 128 for x in range(loops): r8 = BN.rand(8, top=1) assert r8 & 192 # bottom for x in range(loops): r8 = BN.rand(8, bottom=1) assert r8 % 2 == 1 # make sure we can get big numbers and work with them for x in range(loops): r8 = BN.rand(8, top=0) r16 = BN.rand(16, top=0) r32 = BN.rand(32, top=0) r64 = BN.rand(64, top=0) r128 = BN.rand(128, top=0) r256 = BN.rand(256, top=0) r512 = BN.rand(512, top=0) assert r8 < r16 < r32 < r64 < r128 < r256 < r512 < (r512 + 1)
def _makeRandomProfileDir(pattern): import M2Crypto.BN as BN profileDir = pattern.replace("*", "%s") % (BN.randfname(8)) os.makedirs(profileDir, 0700) return profileDir