예제 #1
0
async def meme(ctx, option: str = None):
    '''Send an ALMA meme'''

    meme_list = glob.glob(os.path.join(cfg.MEMES_PATH_TO_FOLDER, '*.jpg')) + \
        glob.glob(os.path.join(cfg.MEMES_PATH_TO_FOLDER, '*.png'))

    if not meme_list:
        await ctx.message.channel.send(
            'No meme was found. This is a real emergency. Contact a meme specialist.'
        )
        logger.info('{}/#{} - Memes not found in folder {}'.format(
            ctx.message.guild.name, ctx.message.channel.name,
            cfg.MEMES_PATH_TO_FOLDER))
    else:
        if option is None or option == "random":
            random.seed(os.getrandom(10))
            chosen_meme = random.choice(meme_list)
        elif option == 'latest':
            meme_list.sort(key=os.path.getmtime)
            chosen_meme = meme_list[-1]
            logger.info('{}/#{} - Latest meme requested by {}'.format(
                ctx.message.guild.name, ctx.message.channel.name,
                ctx.message.author.display_name))
        else:
            random.seed(os.getrandom(10))
            chosen_meme = random.choice(meme_list)
            await ctx.send(
                f'{option} is not a valid option. Just giving you a random meme so you don\'t leave empty handed.'
            )
            logger.info(f'Invalid {option} for command meme')

        await ctx.channel.send(file=discord.File(chosen_meme))
        logger.info('{}/#{} - Sending meme {} requested by {}'.format(
            ctx.message.guild.name, ctx.message.channel.name, chosen_meme,
            ctx.message.author.display_name))
예제 #2
0
def hello_world(request):
    """Responds to any HTTP request.
    Args:
        request (flask.Request): HTTP request object.
    Returns:
        The response text or any set of values that can be turned into a
        Response object using
        `make_response <http://flask.pocoo.org/docs/1.0/api/#flask.Flask.make_response>`.
    """
    proc = subprocess.Popen(["cat /proc/sys/kernel/random/boot_id"], stdout=subprocess.PIPE, shell=True)
    output = ""
    proc = subprocess.Popen(["cat /proc/uptime"], stdout=subprocess.PIPE, shell=True)
    (out, err) = proc.communicate()
    output = output + "uptime: " + str(out) + "\n"
    proc = subprocess.Popen(["cat /proc/meminfo"], stdout=subprocess.PIPE, shell=True)
    (out, err) = proc.communicate()
    output = output + "meminfo: " + str(out) + "\n"
    print(out)
    mac = ':'.join(['{:02x}'.format((uuid.getnode() >> ele) & 0xff) for ele in range(0,8*6,8)][::-1])
    output = output + "mac: " + mac + "\n"
    print (os.uname())
    device = os.stat("/home").st_dev

    # Print the raw device number 
    print("Raw device number:", device)
    # Extract the device minor number 
    # from the above raw device number 
    output = output + "times: " + str(os.times()) + "\n"
    print (os.getrandom(200, os.GRND_RANDOM))
    return output
예제 #3
0
def _reset_user_password(email, user):
    with app.app_context():
        import random
        from os import getrandom

        random.seed(getrandom(100))
        new_password = "".join([
            chr(random.randint(33, 126))
            for _ in range((random.randint(14, 20)))
        ])

        user.set_password(new_password)
        user.save_to_db(db)
        if os.getenv("ENV") == "production":
            send_email(
                to=[email],
                subject="Forgot your password?",
                template_name="password_reset",
                payload={"new_password": new_password},
            )

        else:
            print(new_password)
            # This is just to simulate network errors in a dev environemnt
            requests.get("https://www.mysecretsanta.io/math")
예제 #4
0
파일: crypto.py 프로젝트: barleyj/tfc
def keygen() -> bytes:
    """Generate list of random keys for use in different encryption functions.

    Hash chain is used to add strong pre-image resistance to internal state or
    /dev/urandom that that only uses SHA1 to compress output.

    As of Python3.6.0, os.urandom is a wrapper for best available CSPRNG. Linux
    3.17 and older kernels do not support the GETRANDOM call, thus on such
    kernels, Python3.6's os.urandom will fallback to non-blocking /dev/urandom
    that is not secure on live distros that have low entropy at the start of
    session.

    TFC uses os.getrandom(32, flags=0) explicitly. This forces the version of
    Python interpreter to version 3.6 or later and Linux kernel version to 3.17
    or later. The flag 0 will block urandom if internal state has less than 128
    bits of entropy. Secure key entropy is thus enforced on all platforms.

    Since kernel 4.8, /dev/urandom has been upgraded to use ChaCha20 instead
    of SHA1.

    :return: Cryptographically secure 256-bit random key
    """
    # Fallback to urandom on Travis' Python3.6 that currently lacks os.getrandom call.
    if "TRAVIS" in os.environ and os.environ["TRAVIS"] == "true":
        return hash_chain(os.urandom(32))
    else:
        return hash_chain(os.getrandom(32, flags=0))
예제 #5
0
파일: server.py 프로젝트: metricq/aionsca
    async def _on_client_connected(self, reader: StreamReader,
                                   writer: StreamWriter):
        timestamp = int(datetime.now().timestamp())
        iv = getrandom(128)

        crypter = get_crypter_by_method(method=self.encryption_method,
                                        iv=iv,
                                        password=self.password,
                                        rng=getrandom)

        init_packet = InitPacket.pack(iv, timestamp)
        writer.write(init_packet)
        await writer.drain()

        for packet_num in count(1):
            try:
                report_packet = crypter.decrypt(await reader.readexactly(
                    ReportPacket.SIZE))
                logger.debug(
                    f"Received report #{packet_num} for on socket {writer.get_extra_info('socket', '???')}"
                )
                report = ReportPacket.unpack(report_packet)
                self._received_reports.put_nowait(report)
            except IncompleteReadError as e:
                if len(e.partial) != 0:
                    logger.warning(
                        f"IncompleteReadError for packet #{packet_num}: {e}")
                break
            except PacketDecodeError:
                logger.exception(
                    f"Failed to decode packet ({report_packet!r})")
                break
예제 #6
0
    def gencase(*, LC, LE):
        assert (LC < 0x10000)
        assert (LE <= 0x10000)
        data = os.getrandom(LC)
        hexstr = "00112233"
        if LC > 0:
            if LC > 0xFF:
                hexstr += "00%04X" % LC
            else:
                hexstr += "%02X" % LC
            hexstr += pysatl.Utils.hexstr(data, separator="")
        if LE > 0:
            if LE == 0x10000:
                hexstr += "000000"
            elif LE > 0x100:
                hexstr += "00%04X" % LE
            elif LE == 0x100:
                hexstr += "00"
            else:
                hexstr += "%02X" % LE
        expected = hexstr
        capdu = CAPDU(CLA=0x00, INS=0x11, P1=0x22, P2=0x33, DATA=data, LE=LE)
        hexstr = capdu.to_hexstr()
        if hexstr != expected:
            raise Exception("Mismatch for LC=%d, LE=%d" % (LC, LE) +
                            "\nActual:   " + hexstr + "\nExpected: " +
                            expected)

        b = capdu.to_bytes()
        assert (type(b) is bytes)
        return (hexstr, capdu)
예제 #7
0
def cbd_pick_files_and_fragments_random(file_set, frag_sizes, runs):
    """Generate a structure random data with injected fragments to be compared
        Return: [[(f1, f2), (f1, f2), ...],
                 [(f1, f2), (f1, f2), ...], ... ]
    """
    file_set_sorted = [(f, os.path.getsize(f)) for f in file_set]
    # print(f"file_set_sorted: {file_set_sorted}")
    res = []
    for _ in range(runs):
        # pick src file randomly
        f_src = random.choice(file_set_sorted)
        file_set_sorted.remove(f_src)

        # select random fragments
        fragments = get_fragment_indices(f_src[0], frag_sizes, random_pos=True)
        with open(f_src[0], "rb") as f:
            fdata = f.read()

        # generate random data for sinks
        data_sinks = [os.getrandom(f_src[1]) for _ in range(2)]

        run = []
        p0 = random.randint(0, len(data_sinks[0]))
        p1 = random.randint(0, len(data_sinks[1]))
        for (s, e) in fragments:
            run.append((data_sinks[0][0:p0] + fdata[s:e] + data_sinks[0][p0:],
                        data_sinks[1][0:p1] + fdata[s:e] + data_sinks[1][p1:]))
        res.append(run)
    return res
예제 #8
0
파일: routes.py 프로젝트: tds-1/yaask
def oauth_callback(provider):
    print("callback", provider)
    if not current_user.is_anonymous():
        return redirect(url_for('main.home'))
    oauth = OAuthSignIn.get_provider(provider)
    name, username, email, picture = oauth.callback()

    if email is None:
        # I need a valid email address for my user identification
        flash('Authentication failed.')
        return redirect(url_for('main.home'))

    # Look if the user already exists
    que = User.query.filter(User.email == email).first()
    email = str(email)
    if (que is None):
        user = User(name=name,
                    username=username,
                    email=email,
                    email_verified=True,
                    phone_no="",
                    phone_verified=False,
                    password=os.getrandom(10, os.GRND_NONBLOCK),
                    role="student",
                    score=0,
                    picture=picture)
        user.email_verified_on = datetime.datetime.now()
        db.session.add(user)
        db.session.commit()
    else:
        user = que
    login_user(user)
    return redirect(url_for('main.home'))
예제 #9
0
def connect(url=None, *, create=False):
    """Connect to the database using an environment variable.
    """
    logger.info("Connecting to SQL database")
    if url is None:
        url = 'postgresql://{user}:{password}@{host}/{database}'.format(
            user=os.environ['POSTGRES_USER'],
            password=os.environ['POSTGRES_PASSWORD'],
            host=os.environ['POSTGRES_HOST'],
            database=os.environ['POSTGRES_DB'],
        )
        engine = create_engine(url, connect_args={'connect_timeout': 10})
    else:
        engine = create_engine(url)

    start = time.perf_counter()
    while True:
        try:
            conn = engine.connect()
        except OperationalError as e:
            # Retry for 2 minutes
            if time.perf_counter() < start + 120:
                logger.info("Could not connect to database, retrying; %s", e)
                time.sleep(5)
            else:
                raise
        else:
            break

    tables_exist = engine.dialect.has_table(conn, 'experiments')

    if not tables_exist:
        if create:
            logger.warning("The tables don't seem to exist; creating")
            Base.metadata.create_all(bind=engine)
        else:
            logger.warning("The tables don't seem to exist; exiting!")
            sys.exit(1)

    DBSession = sessionmaker(bind=engine)
    db = DBSession()
    if not tables_exist:
        shortids_salt = os.getrandom(64)
        db.add(
            Setting(
                name='shortids_salt',
                value=b64encode(shortids_salt).decode('ascii'),
            ))
        db.commit()
    else:
        shortids_salt = db.query(Setting).get('shortids_salt')
        if shortids_salt is None:
            raise RuntimeError("Database exists but no shortids_salt set")
        shortids_salt = b64decode(shortids_salt.value.encode('ascii'))

    global run_short_ids, upload_short_ids
    run_short_ids = ShortIDs(b'run' + shortids_salt)
    upload_short_ids = ShortIDs(b'upload' + shortids_salt)

    return DBSession
예제 #10
0
 def random_gen(fs):
     b = 4 * 1024 * 1024
     fsize = fs
     while fsize:
         tw = min(fsize, b)
         fsize -= tw
         print(fsize)
         yield os.getrandom(tw)
예제 #11
0
def collect_urandom(info_add):
    import os

    if hasattr(os, 'getrandom'):
        # PEP 524: Check if system urandom is initialized
        try:
            try:
                os.getrandom(1, os.GRND_NONBLOCK)
                state = 'ready (initialized)'
            except BlockingIOError as exc:
                state = 'not seeded yet (%s)' % exc
            info_add('os.getrandom', state)
        except OSError as exc:
            # Python was compiled on a more recent Linux version
            # than the current Linux kernel: ignore OSError(ENOSYS)
            if exc.errno != errno.ENOSYS:
                raise
 def getRandomNumber():
     """
     gets random data from os.getrandom
     :return:
     """
     bytes = os.getrandom((int)(ACCURACY / 8))
     integer = int.from_bytes(bytes, byteorder='big')
     return integer
예제 #13
0
 def PKCS1_Pad(self: object, message: bytes) -> bytes:
     """
     Pads the given binary data conforming to the PKCS 1.5 format.
     """
     
     (e, n) = self.pub
     byte_length = (n.bit_length() + 7) // 8
     padding_string = os.getrandom(byte_length - 3 - len(message))
     return b"\x00\x02" + padding_string + b'\x00' + message
예제 #14
0
 def generate_data(self, file_size: int):
     """Generates random bytes into each file."""
     for directory, _, files in walk(self.root_directory):
         for file_name in files:
             current_file = Path(directory) / file_name
             self.logger.debug(f"writing to file:\n{current_file}")
             for _ in progressbar(range(file_size)):
                 with open(current_file, mode="ab") as write_file:
                     write_file.write(getrandom(size=MEGABYTE))
예제 #15
0
def check(idx, config):
    test_id = generate_id()
    test_name = f"{test_id}_{idx}"
    dump_dir = OUTPUT_DIR.joinpath(f"dmp_{test_name}")
    util.check_dir(dump_dir)
    log_file = dump_dir.joinpath(f"{test_name}.log")
    p4_file = dump_dir.joinpath(f"{test_name}.p4")
    seed = int.from_bytes(os.getrandom(8), "big")
    log.info("Testing P4 program: %s - Seed: %s", p4_file.name, seed)
    # generate a random program
    result, p4_file = generate_p4_prog(P4RANDOM_BIN, p4_file, config, seed)
    if result.returncode != util.EXIT_SUCCESS:
        log.error("Failed generate P4 code!")
        dump_result(result, GENERATOR_BUG_DIR, p4_file)
        # reset the dump directory
        util.del_dir(dump_dir)
        return result.returncode
    # check compilation
    result = compile_p4_prog(config["compiler_bin"], p4_file, dump_dir)
    if result.returncode != util.EXIT_SUCCESS:
        if not is_known_bug(result):
            log.error("Failed to compile the P4 code!")
            log.error("Found a new bug!")
            dump_result(result, CRASH_BUG_DIR, p4_file)
            dump_file(CRASH_BUG_DIR, p4_file)
            if config["do_prune"]:
                info_file = CRASH_BUG_DIR.joinpath(f"{p4_file.stem}_info.json")
                info = validation.INFO
                # customize the main info with the new information
                info["compiler"] = str(config["compiler_bin"])
                info["exit_code"] = result.returncode
                info["p4z3_bin"] = str(P4Z3_BIN)
                info["out_dir"] = str(CRASH_BUG_DIR)
                info["input_file"] = str(p4_file)
                info["allow_undef"] = False
                info["err_string"] = result.stderr.decode("utf-8")
                log.error("Dumping configuration to %s.", info_file)
                with open(info_file, 'w') as json_file:
                    json.dump(info, json_file, indent=2, sort_keys=True)
                p4_cmd = f"{PRUNER_BIN} "
                p4_cmd += f"--config {info_file} "
                p4_cmd += f" {CRASH_BUG_DIR.joinpath(f'{p4_file.stem}.p4')} "
                log.error("Pruning P4 file with command %s ", p4_cmd)
                util.start_process(p4_cmd)
        # reset the dump directory
        util.del_dir(dump_dir)
        return result
    # check validation
    if config["do_validate"]:
        result = validate(dump_dir, p4_file, log_file, config)
    elif config["use_blackbox"]:
        result = run_p4_test(dump_dir, p4_file, log_file, config)

    # reset the dump directory
    util.del_dir(dump_dir)
    return result
예제 #16
0
def main(args):

    if args.randomize_input:
        seed = int.from_bytes(os.getrandom(8), "big")
        z3.set_param(
            "smt.phase_selection",
            5,
            "smt.random_seed",
            seed,
            "smt.arith.random_initial_value",
            True,
            "sat.phase",
            "random",
        )

    config = {}
    config["arch"] = args.arch
    if config["arch"] == "tna":
        config["pipe_name"] = "pipe0_ingress"
        config["ingress_var"] = "ingress"
    elif config["arch"] == "v1model":
        config["pipe_name"] = "ig"
        config["ingress_var"] = "ig"
    elif config["arch"] == "psa":
        config["pipe_name"] = "ingress_ig"
        config["ingress_var"] = "ig"
    else:
        raise RuntimeError("Unsupported test arch \"%s\"!" % config["arch"])

    if args.p4_input:
        p4_input = Path(args.p4_input)
        out_base_dir = Path(args.out_dir)
    else:
        out_base_dir = Path(args.out_dir).joinpath("rnd_test")
        util.check_dir(out_base_dir)
        p4_input = out_base_dir.joinpath("rnd_test.p4")
        # generate a random program from scratch
        generate_p4_prog(P4RANDOM_BIN, p4_input, config)

    if os.path.isfile(p4_input):
        out_dir = out_base_dir.joinpath(p4_input.stem)
        util.del_dir(out_dir)
        config["out_dir"] = out_dir
        config["p4_input"] = p4_input
        result = perform_blackbox_test(config)
    else:
        util.check_dir(out_base_dir)
        for p4_file in list(p4_input.glob("**/*.p4")):
            out_dir = out_base_dir.joinpath(p4_file.stem)
            util.del_dir(out_dir)
            config["out_dir"] = out_dir
            config["p4_input"] = p4_file
            result = perform_blackbox_test(config)
    sys.exit(result)
예제 #17
0
def service_request():

    form = ServiceRequestForm()
    try:
        form.phone.data = current_user.phone
        form.email.data = current_user.email
        form.first_name.data = current_user.first_name
        form.last_name.data = current_user.last_name
    except Exception:
        pass
    if form.validate_on_submit():
        service_request = ServiceRequest(service=form.service.data,
                                         add_info=form.add_info.data,
                                         first_name=form.first_name.data,
                                         last_name=form.last_name.data,
                                         email=form.email.data,
                                         phone=form.phone.data)
        db.session.add(service_request)
        if not User.query.filter_by(email=form.email.data):
            rand_id = int.from_bytes(os.getrandom(8), 'big')
            rand_pass = int.from_bytes(os.getrandom(16), 'big')
            hashed_pass = bcrypt.generate_password_hash(rand_pass).decode(
                'utf-8')
            user = User(id=rand_id,
                        first_name=form.first_name.data,
                        last_name=form.last_name.data,
                        email=form.email.data,
                        phone=form.phone.data,
                        password=hashed_pass,
                        picture='')
            db.session.add(user)

        db.session.commit()
        flash(
            'Request created! Let our pros a bit of time to respond with a quote.',
            'success')
        return redirect(url_for('index'))
    return render_template('service-request.html',
                           title='Find Pros',
                           form=form,
                           beta=beta)
예제 #18
0
 def setUp(self) -> None:
     self.total = sum(
         (10**5, sum(range(10**2, 10**3)), 10**5, sum(range(10**2, 10**3)),
          os.path.getsize(PATH_IMAGE)))
     self.binary = os.getrandom(10**5)
     self.bufsize = 8192
     self.iter = BufferedConcatIterator(self.binary,
                                        test_generator(),
                                        self.binary,
                                        test_generator(),
                                        BufferedFileIterator(PATH_IMAGE),
                                        bufsize=self.bufsize)
예제 #19
0
def EncryptZippedOutput(pubKeyObj):
    try:
        input = open(zippedOutputPath, 'rb')
        output = open('/iexec_out/result.zip.aes', 'wb+')

        #generate initalization vector for AES and prepend it to output
        iv = os.getrandom(16)
        output.write(iv)
        WriteInitializationVector(iv)

        #generate AES key and encrypt it/write it on disk
        key = os.getrandom(32)
        WriteEncryptedKey(key, pubKeyObj)

        aes = AES.new(key, AES.MODE_CBC, iv)
        buffer_size = 8192

        #chunks = iter(lambda: input.read(buffer_size), '')
        result = input.read()
        #for chunk in chunks:
        output.write(aes.encrypt(result))

    except Exception as ex:
        traceback.print_exc()
예제 #20
0
def twofactorauth():
    if request.method == 'POST' and request.form['submit_button'] == 'update':
        random_str = os.getrandom(32, os.GRND_NONBLOCK)
        otp_secret = base64.b32encode(random_str).decode('utf-8')

        sql = ("UPDATE users " "SET otp_secret = %s " "WHERE username = %s")
        db.engine.execute(sql, otp_secret, current_user.username)
        s = u'OTP secret been updated. Capture new QRCode with camera.'
        flash(s, 'success')

    return render_template('twofactorauth.html'), 200, {
        'Cache-Control': 'no-cache, no-store, must-revalidate',
        'Pragma': 'no-cache',
        'Expires': '0'
    }
예제 #21
0
def set_vnc_password():
    default_password = binascii.hexlify(os.getrandom(16)).decode()
    os.environ.setdefault('VNC_PASSWORD', default_password)

    os.makedirs(os.path.expanduser('~/.vnc'), exist_ok=True)
    with open(os.path.expanduser('~/.vnc/passwd'), 'w') as fp:
        proc = subprocess.Popen(
            args=['vncpasswd', '-f'],
            stdout=fp,
            stdin=subprocess.PIPE,
        )
        proc.communicate(input=os.environ['VNC_PASSWORD'].encode())
        proc.wait()
        assert proc.returncode == 0

    subprocess.check_call(['chmod', '-R', 'go=', os.path.expanduser('~/.vnc')])
    print('VNC password is:', os.environ['VNC_PASSWORD'])
예제 #22
0
def make_bigdata() -> None:
    if not os.path.isfile(PATH_BIGDATA_1KB):
        with open(PATH_BIGDATA_1KB, "wb") as f_1k:
            f_1k.write(os.getrandom(10**3))

    if not os.path.isfile(PATH_BIGDATA_1MB):
        with open(PATH_BIGDATA_1MB, "wb") as f_1m:
            with open(PATH_BIGDATA_1KB, "rb") as f_1k:
                data_1k = f_1k.read()

            for _ in range(10**3):
                f_1m.write(data_1k)

    if not os.path.isfile(PATH_BIGDATA_1GB):
        with open(PATH_BIGDATA_1GB, "wb") as f_1g:
            with open(PATH_BIGDATA_1MB, "rb") as f_1m:
                data_1m = f_1m.read()

            for _ in range(10**3):
                f_1g.write(data_1m)
예제 #23
0
    def new_part_account(self):
        "create a key pair and send a bunch of algos to the addr so it can participate"
        privkey_b64, addr_b32 = algosdk.account.generate_account()
        with open(addr_b32 + '.json', 'wt') as fout:
            json.dump({'a': addr_b32, 'p': privkey_b64}, fout)

        pubw, maxpubaddr = self.get_pub_wallet()
        algod, kmd = self.connect()
        params = algod.suggested_params()
        destAmount = int(self.maxaddramount / 30)
        txn = algosdk.transaction.PaymentTxn(sender=maxpubaddr,
                                             fee=params.min_fee,
                                             first=params.first,
                                             last=params.last,
                                             gh=params.gh,
                                             gen=params.gen,
                                             receiver=addr_b32,
                                             amt=destAmount,
                                             note=os.getrandom(8),
                                             flat_fee=True)
        logger.debug('%s -> %s %d', maxpubaddr, addr_b32, destAmount)
        logger.debug('%s', json.dumps(db64(txn.dictify())))
        tries = 3
        stxn = None
        while True:
            try:
                pubw = kmd.init_wallet_handle(self.pubwid, '')
                stxn = kmd.sign_transaction(pubw, '', txn)
                break
            except Exception as e:
                # kmd might have just timed out
                tries -= 1
                if tries <= 0:
                    raise
                logger.warning('kmd sign fail, retrying... (%s)', e)
                kmd, pubw = self.re_kmd()
        txid = algod.send_transaction(stxn)
        logger.info('fund %d %s -> %s', destAmount, maxpubaddr, addr_b32)
        self.maxaddramount -= destAmount

        return privkey_b64, addr_b32
예제 #24
0
def signup():
    form = SignupForm()
    if form.validate_on_submit():
        hashed_pass = bcrypt.generate_password_hash(
            form.password.data).decode('utf-8')
        rand_id = int.from_bytes(os.getrandom(8), 'big')
        user = User(id=rand_id,
                    first_name=form.first_name.data,
                    last_name=form.last_name.data,
                    email=form.email.data,
                    phone=form.phone.data,
                    password=hashed_pass,
                    picture='')
        db.session.add(user)
        db.session.commit()
        flash('Sign up step is finished!', 'success')
        return redirect(url_for('login'))
    return render_template('signup.html',
                           title='Sign Up',
                           form=form,
                           beta=beta)
예제 #25
0
def connect(url=None):
    """Connect to the database using an environment variable.
    """
    logging.info("Connecting to SQL database")
    if url is None:
        url = 'postgresql://{user}:{password}@{host}/{database}'.format(
            user=os.environ['POSTGRES_USER'],
            password=os.environ['POSTGRES_PASSWORD'],
            host=os.environ['POSTGRES_HOST'],
            database=os.environ['POSTGRES_DB'],
        )
    engine = create_engine(url, echo=False)

    tables_exist = engine.dialect.has_table(engine.connect(), 'experiments')

    if not tables_exist:
        logging.warning("The tables don't seem to exist; creating")
        Base.metadata.create_all(bind=engine)

    DBSession = sessionmaker(bind=engine)
    db = DBSession()
    if not tables_exist:
        shortids_salt = os.getrandom(64)
        db.add(
            Setting(
                name='shortids_salt',
                value=shortids_salt.decode('iso-8859-15'),
            ))
        db.commit()
    else:
        shortids_salt = db.query(Setting).get('shortids_salt')
        if shortids_salt is None:
            raise RuntimeError("Database exists but no shortids_salt set")
        shortids_salt = shortids_salt.value.encode('iso-8859-15')

    global run_short_ids, upload_short_ids
    run_short_ids = ShortIDs(b'run' + shortids_salt)
    upload_short_ids = ShortIDs(b'upload' + shortids_salt)

    return DBSession
예제 #26
0
    def random_phrase(self, key=None):
        '''Return random phrase from key list'''

        random.seed(os.getrandom(10))

        # If no key is given, choose randomly from all found in database
        if key is None:
            _key = random.choice(self.keys)
        else:
            _key = key

        if _key not in self.keys:
            return {
                'key': _key,
                'phrase': 'Error: key {} not found in database'.format(_key),
                'prefix': None
            }

        return {
            'key': _key,
            'phrase': random.choice(self.phrases[_key]),
            'prefix': self.PREFIXES.get(_key)
        }
예제 #27
0
def csprng() -> bytes:
    """Generate a cryptographically secure, 256-bit random key.

    Key is generated with kernel CSPRNG, the output of which is further
    compressed with hash_chain. This increases preimage resistance that
    protects the internal state of the entropy pool. Additional hashing
    is done as per the recommendation of djb:
        https://media.ccc.de/v/32c3-7210-pqchacks#video&t=1116

    Since Python3.6.0, os.urandom is a wrapper for best available
    CSPRNG. The 3.17 and earlier versions of Linux kernel do not support
    the GETRANDOM call, and Python3.6's os.urandom will in those cases
    fallback to non-blocking /dev/urandom that is not secure on live
    distros as they have low entropy at the start of the session.

    TFC uses os.getrandom(32, flags=0) explicitly. This forces use of
    recent enough Python interpreter (3.6 or later) and limits Linux
    kernel version to 3.17 or later.* The flag 0 will block urandom if
    internal state of CSPRNG has less than 128 bits of entropy.

    * Since kernel 4.8, ChaCha20 has replaced SHA-1 as the compressor
      for /dev/urandom. As a good practice, TFC runs the
      check_kernel_version to ensure minimum version is actually 4.8,
      not 3.17.

    :return: Cryptographically secure 256-bit random key
    """
    # As Travis CI lacks GETRANDOM syscall, fallback to urandom.
    if 'TRAVIS' in os.environ and os.environ['TRAVIS'] == 'true':
        entropy = os.urandom(KEY_LENGTH)
    else:
        entropy = os.getrandom(KEY_LENGTH, flags=0)

    assert len(entropy) == KEY_LENGTH

    return hash_chain(entropy)
예제 #28
0
def collect_os(info_add):
    import os

    def format_attr(attr, value):
        if attr in ('supports_follow_symlinks', 'supports_fd',
                    'supports_effective_ids'):
            return str(sorted(func.__name__ for func in value))
        else:
            return value

    attributes = (
        'name',
        'supports_bytes_environ',
        'supports_effective_ids',
        'supports_fd',
        'supports_follow_symlinks',
    )
    copy_attributes(info_add, os, 'os.%s', attributes, formatter=format_attr)

    call_func(info_add, 'os.cwd', os, 'getcwd')

    call_func(info_add, 'os.uid', os, 'getuid')
    call_func(info_add, 'os.gid', os, 'getgid')
    call_func(info_add, 'os.uname', os, 'uname')

    def format_groups(groups):
        return ', '.join(map(str, groups))

    call_func(info_add, 'os.groups', os, 'getgroups', formatter=format_groups)

    if hasattr(os, 'getlogin'):
        try:
            login = os.getlogin()
        except OSError:
            # getlogin() fails with "OSError: [Errno 25] Inappropriate ioctl
            # for device" on Travis CI
            pass
        else:
            info_add("os.login", login)

    call_func(info_add, 'os.cpu_count', os, 'cpu_count')
    call_func(info_add, 'os.loadavg', os, 'getloadavg')

    # Get environment variables: filter to list
    # to not leak sensitive information
    ENV_VARS = (
        "CC",
        "COMSPEC",
        "DISPLAY",
        "DISTUTILS_USE_SDK",
        "DYLD_LIBRARY_PATH",
        "HOME",
        "HOMEDRIVE",
        "HOMEPATH",
        "LANG",
        "LD_LIBRARY_PATH",
        "MACOSX_DEPLOYMENT_TARGET",
        "MAKEFLAGS",
        "MSSDK",
        "PATH",
        "SDK_TOOLS_BIN",
        "SHELL",
        "TEMP",
        "TERM",
        "TMP",
        "TMPDIR",
        "USERPROFILE",
        "WAYLAND_DISPLAY",
    )
    for name, value in os.environ.items():
        uname = name.upper()
        if (uname in ENV_VARS
           # Copy PYTHON* and LC_* variables
           or uname.startswith(("PYTHON", "LC_"))
           # Visual Studio: VS140COMNTOOLS
           or (uname.startswith("VS") and uname.endswith("COMNTOOLS"))):
            info_add('os.environ[%s]' % name, value)

    if hasattr(os, 'umask'):
        mask = os.umask(0)
        os.umask(mask)
        info_add("os.umask", '%03o' % mask)

    if hasattr(os, 'getrandom'):
        # PEP 524: Check if system urandom is initialized
        try:
            try:
                os.getrandom(1, os.GRND_NONBLOCK)
                state = 'ready (initialized)'
            except BlockingIOError as exc:
                state = 'not seeded yet (%s)' % exc
            info_add('os.getrandom', state)
        except OSError as exc:
            # Python was compiled on a more recent Linux version
            # than the current Linux kernel: ignore OSError(ENOSYS)
            if exc.errno != errno.ENOSYS:
                raise
예제 #29
0
def collect_os(info_add):
    import os

    def format_attr(attr, value):
        if attr in ('supports_follow_symlinks', 'supports_fd',
                    'supports_effective_ids'):
            return str(sorted(func.__name__ for func in value))
        else:
            return value

    attributes = (
        'name',
        'supports_bytes_environ',
        'supports_effective_ids',
        'supports_fd',
        'supports_follow_symlinks',
    )
    copy_attributes(info_add, os, 'os.%s', attributes, formatter=format_attr)

    call_func(info_add, 'os.cwd', os, 'getcwd')

    call_func(info_add, 'os.uid', os, 'getuid')
    call_func(info_add, 'os.gid', os, 'getgid')
    call_func(info_add, 'os.uname', os, 'uname')

    def format_groups(groups):
        return ', '.join(map(str, groups))

    call_func(info_add, 'os.groups', os, 'getgroups', formatter=format_groups)

    if hasattr(os, 'getlogin'):
        try:
            login = os.getlogin()
        except OSError:
            # getlogin() fails with "OSError: [Errno 25] Inappropriate ioctl
            # for device" on Travis CI
            pass
        else:
            info_add("os.login", login)

    call_func(info_add, 'os.cpu_count', os, 'cpu_count')
    call_func(info_add, 'os.loadavg', os, 'getloadavg')

    # Get environment variables: filter to list
    # to not leak sensitive information
    ENV_VARS = (
        "CC",
        "COMSPEC",
        "DISPLAY",
        "DISTUTILS_USE_SDK",
        "DYLD_LIBRARY_PATH",
        "HOME",
        "HOMEDRIVE",
        "HOMEPATH",
        "LANG",
        "LD_LIBRARY_PATH",
        "MACOSX_DEPLOYMENT_TARGET",
        "MAKEFLAGS",
        "MSSDK",
        "PATH",
        "SDK_TOOLS_BIN",
        "SHELL",
        "TEMP",
        "TERM",
        "TMP",
        "TMPDIR",
        "USERPROFILE",
        "WAYLAND_DISPLAY",
    )
    for name, value in os.environ.items():
        uname = name.upper()
        if (uname in ENV_VARS
                # Copy PYTHON* and LC_* variables
                or uname.startswith(("PYTHON", "LC_"))
                # Visual Studio: VS140COMNTOOLS
                or (uname.startswith("VS") and uname.endswith("COMNTOOLS"))):
            info_add('os.environ[%s]' % name, value)

    if hasattr(os, 'umask'):
        mask = os.umask(0)
        os.umask(mask)
        info_add("os.umask", '%03o' % mask)

    if hasattr(os, 'getrandom'):
        # PEP 524: Check if system urandom is initialized
        try:
            try:
                os.getrandom(1, os.GRND_NONBLOCK)
                state = 'ready (initialized)'
            except BlockingIOError as exc:
                state = 'not seeded yet (%s)' % exc
            info_add('os.getrandom', state)
        except OSError as exc:
            # Python was compiled on a more recent Linux version
            # than the current Linux kernel: ignore OSError(ENOSYS)
            if exc.errno != errno.ENOSYS:
                raise
예제 #30
0
def collect_os(info_add):
    import os

    def format_attr(attr, value):
        if attr in ('supports_follow_symlinks', 'supports_fd',
                    'supports_effective_ids'):
            return str(sorted(func.__name__ for func in value))
        else:
            return value

    attributes = (
        'name',
        'supports_bytes_environ',
        'supports_effective_ids',
        'supports_fd',
        'supports_follow_symlinks',
    )
    copy_attributes(info_add, os, 'os.%s', attributes, formatter=format_attr)

    call_func(info_add, 'os.cwd', os, 'getcwd')

    call_func(info_add, 'os.uid', os, 'getuid')
    call_func(info_add, 'os.gid', os, 'getgid')
    call_func(info_add, 'os.uname', os, 'uname')

    def format_groups(groups):
        return ', '.join(map(str, groups))

    call_func(info_add, 'os.groups', os, 'getgroups', formatter=format_groups)

    if hasattr(os, 'getlogin'):
        try:
            login = os.getlogin()
        except OSError:
            # getlogin() fails with "OSError: [Errno 25] Inappropriate ioctl
            # for device" on Travis CI
            pass
        else:
            info_add("os.login", login)

    call_func(info_add, 'os.cpu_count', os, 'cpu_count')
    call_func(info_add, 'os.loadavg', os, 'getloadavg')

    # Environment variables used by the stdlib and tests. Don't log the full
    # environment: filter to list to not leak sensitive information.
    #
    # HTTP_PROXY is not logged because it can contain a password.
    ENV_VARS = frozenset((
        "APPDATA",
        "AR",
        "ARCHFLAGS",
        "ARFLAGS",
        "AUDIODEV",
        "CC",
        "CFLAGS",
        "COLUMNS",
        "COMPUTERNAME",
        "COMSPEC",
        "CPP",
        "CPPFLAGS",
        "DISPLAY",
        "DISTUTILS_DEBUG",
        "DISTUTILS_USE_SDK",
        "DYLD_LIBRARY_PATH",
        "ENSUREPIP_OPTIONS",
        "HISTORY_FILE",
        "HOME",
        "HOMEDRIVE",
        "HOMEPATH",
        "IDLESTARTUP",
        "LANG",
        "LDFLAGS",
        "LDSHARED",
        "LD_LIBRARY_PATH",
        "LINES",
        "MACOSX_DEPLOYMENT_TARGET",
        "MAILCAPS",
        "MAKEFLAGS",
        "MIXERDEV",
        "MSSDK",
        "PATH",
        "PATHEXT",
        "PIP_CONFIG_FILE",
        "PLAT",
        "POSIXLY_CORRECT",
        "PY_SAX_PARSER",
        "ProgramFiles",
        "ProgramFiles(x86)",
        "RUNNING_ON_VALGRIND",
        "SDK_TOOLS_BIN",
        "SERVER_SOFTWARE",
        "SHELL",
        "SOURCE_DATE_EPOCH",
        "SYSTEMROOT",
        "TEMP",
        "TERM",
        "TILE_LIBRARY",
        "TIX_LIBRARY",
        "TMP",
        "TMPDIR",
        "TRAVIS",
        "TZ",
        "USERPROFILE",
        "VIRTUAL_ENV",
        "WAYLAND_DISPLAY",
        "WINDIR",
        "_PYTHON_HOST_PLATFORM",
        "_PYTHON_PROJECT_BASE",
        "_PYTHON_SYSCONFIGDATA_NAME",
        "__PYVENV_LAUNCHER__",
    ))
    for name, value in os.environ.items():
        uname = name.upper()
        if (uname in ENV_VARS
           # Copy PYTHON* and LC_* variables
           or uname.startswith(("PYTHON", "LC_"))
           # Visual Studio: VS140COMNTOOLS
           or (uname.startswith("VS") and uname.endswith("COMNTOOLS"))):
            info_add('os.environ[%s]' % name, value)

    if hasattr(os, 'umask'):
        mask = os.umask(0)
        os.umask(mask)
        info_add("os.umask", '%03o' % mask)

    if hasattr(os, 'getrandom'):
        # PEP 524: Check if system urandom is initialized
        try:
            try:
                os.getrandom(1, os.GRND_NONBLOCK)
                state = 'ready (initialized)'
            except BlockingIOError as exc:
                state = 'not seeded yet (%s)' % exc
            info_add('os.getrandom', state)
        except OSError as exc:
            # Python was compiled on a more recent Linux version
            # than the current Linux kernel: ignore OSError(ENOSYS)
            if exc.errno != errno.ENOSYS:
                raise
예제 #31
0
if len(sys.argv) != 2:
    print("Usage: ./encryption_test.py <path to whitebox binary>")
    sys.exit(-1)

# This is a test bed for testing the correctness and performance
# of the white box AES cipher implementation
# In order to do this, a random AES key and IV is generated
# and then a chunk of data is encrypted and compared

AES_key = Random.new().read(AES.block_size)
AES_iv = Random.new().read(AES.block_size)

# Generate a random file as a testbed
out_file = tempfile.NamedTemporaryFile()
out_file_name = out_file.name
out_file.write(os.getrandom(1024 * 1024))
out_file.flush()

# Generate white box tables
whitebox_table_name_encryption = next(tempfile._get_candidate_names())
whitebox_table_name_decryption = next(tempfile._get_candidate_names())
subprocess.run([
    sys.argv[1], "--create-encryption-tables", whitebox_table_name_encryption,
    '--key',
    AES_key.hex()
])
subprocess.run([
    sys.argv[1], '--create-decryption-tables', whitebox_table_name_decryption,
    '--key',
    AES_key.hex()
])
예제 #32
0
def handler(context, events):
    proc = subprocess.Popen(["cat /proc/sys/kernel/random/boot_id"],
                            stdout=subprocess.PIPE,
                            shell=True)
    output = ""
    (out, err) = proc.communicate()
    output = output + "bootId: " + str(out) + "\n"
    print("bootId: " + str(out))
    proc = subprocess.Popen(["cat /proc/uptime"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "uptime: " + str(out) + "\n"
    print("uptime: " + str(out))
    proc = subprocess.Popen(["cat /proc/stat"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "stat: " + str(out) + "\n"
    print("stat: " + str(out))
    proc = subprocess.Popen(["cat /proc/softirqs"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "softirqs: " + str(out) + "\n"
    print("softirqs: " + str(out))
    proc = subprocess.Popen(["cat /proc/interrupts"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "interrupts: " + str(out) + "\n"
    print("interrupts: " + str(out))
    proc = subprocess.Popen(["cat /proc/zoneinfo"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "zoneinfo: " + str(out) + "\n"
    print("zoneinfo: " + str(out))
    proc = subprocess.Popen(["cat /proc/sys/fs/file-nr"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "file-nr: " + str(out) + "\n"
    print("file-nr: " + str(out))
    proc = subprocess.Popen(["cat /proc/meminfo"],
                            stdout=subprocess.PIPE,
                            shell=True)
    (out, err) = proc.communicate()
    output = output + "meminfo: " + str(out) + "\n"
    print("meminfo: " + str(out))
    mac = ':'.join([
        '{:02x}'.format((uuid.getnode() >> ele) & 0xff)
        for ele in range(0, 8 * 6, 8)
    ][::-1])
    output = output + "mac: " + mac + "\n"
    print("osname: " + str(os.uname()))
    device = os.stat("/home").st_dev

    # Print the raw device number
    print("Raw device number:", device)
    # Extract the device minor number
    # from the above raw device number
    output = output + "times: " + str(os.times()) + "\n"
    print(os.getrandom(200, os.GRND_RANDOM))
    print("times: " + str(os.times()))
    return output