using new perl crypt module Crypt::CBC

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8044 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/contrib/daemon/gosa-sc b/contrib/daemon/gosa-sc
index 1cc276f11718b023d4c6e85410f681bb02ca30c0..3be13292237f7992d20e250ee5b2f374ea35b0e5 100755 (executable)
--- a/contrib/daemon/gosa-sc
+++ b/contrib/daemon/gosa-sc
@@ -27,7 +27,8 @@ use Time::HiRes qw( gettimeofday );
 
 use Fcntl;
 use IO::Socket::INET;
-use Crypt::Rijndael;
+use Crypt::CBC;
+use Digest::MD5  qw(md5 md5_hex md5_base64);
 use XML::Simple;
 use Data::Dumper;
 use Sys::Syslog qw( :DEFAULT setlogsock);
@@ -506,13 +507,9 @@ sub get_content_from_xml_hash {
 sub encrypt_msg {
     my ($msg, $my_cipher) = @_;
     if(not defined $my_cipher) { print "no cipher object\n"; }
-    $msg =~ s/[\n]+//g;
-    my $msg_length = length($msg);
-    my $multiplier = int($msg_length / 16) + 1;
-    my $extension = 16*$multiplier - $msg_length;
-    $msg = "0"x$extension.$msg;
+
     my $crypted_msg = $my_cipher->encrypt($msg);
-    #my $crypted_msg = $msg;
+
     return $crypted_msg;
 }
 
@@ -524,9 +521,8 @@ sub encrypt_msg {
 #  DESCRIPTION:
 #===============================================================================
 sub decrypt_msg {
-    my ($crypted_msg, $my_cipher) =@_;
-    my $msg = $my_cipher->decrypt($crypted_msg);
-    $msg =~ s/^0*$//g;
+    my ($crypted_msg, $my_cipher) = @_ ;
+    my $msg = $my_cipher->decrypt($crypted_msg); 
     return $msg;
 }
 
@@ -540,8 +536,15 @@ sub decrypt_msg {
 sub create_ciphering {
     my ($passwd) = @_;
     $passwd = substr("$passwd" x 32, 0, 32);
+    daemon_log("create_ciphering: new passwd: $passwd", 7);
+
+    my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
 
-    my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC );
+    my $my_cipher = Crypt::CBC->new(-key=>$passwd ,
+                                    -cipher => 'Rijndael',
+                                    -iv => $iv,
+                                    -header => "none",
+                                    );
     return $my_cipher;
 }
 

diff --git a/contrib/daemon/gosa-sd b/contrib/daemon/gosa-sd
index 48fc1a4ed1e8c6c5f012c13b8872222572f701fb..22d7ed7d31d018bab4455bfe676699ec49193f54 100755 (executable)
--- a/contrib/daemon/gosa-sd
+++ b/contrib/daemon/gosa-sd
@@ -28,7 +28,8 @@ use Time::HiRes qw( gettimeofday );
 
 use Fcntl;
 use IO::Socket::INET;
-use Crypt::Rijndael;
+use Crypt::CBC;
+use Digest::MD5  qw(md5 md5_hex md5_base64);
 use XML::Simple;
 use Data::Dumper;
 use Sys::Syslog qw( :DEFAULT setlogsock);
@@ -903,13 +904,9 @@ sub get_content_from_xml_hash {
 sub encrypt_msg {
     my ($msg, $my_cipher) = @_;
     if(not defined $my_cipher) { print "no cipher object\n"; }
-    $msg =~ s/[\n]+//g;
-    my $msg_length = length($msg);
-    my $multiplier = int($msg_length / 16) + 1;
-    my $extension = 16*$multiplier - $msg_length;
-    $msg = "0"x$extension.$msg;
+
     my $crypted_msg = $my_cipher->encrypt($msg);
-    #my $crypted_msg = $msg;
+
     return $crypted_msg;
 }
 
@@ -923,8 +920,7 @@ sub encrypt_msg {
 #===============================================================================
 sub decrypt_msg {
     my ($crypted_msg, $my_cipher) = @_ ;
-    my $msg = $my_cipher->decrypt($crypted_msg);
-    $msg =~ s/^0*//g;
+    my $msg = $my_cipher->decrypt($crypted_msg); 
     return $msg;
 }
 
@@ -938,8 +934,15 @@ sub decrypt_msg {
 sub create_ciphering {
     my ($passwd) = @_;
     $passwd = substr("$passwd" x 32, 0, 32);
+    daemon_log("create_ciphering: new passwd: $passwd", 7);
 
-    my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC );
+    my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
+
+    my $my_cipher = Crypt::CBC->new(-key=>$passwd ,
+                                    -cipher => 'Rijndael',
+                                    -iv => $iv,
+                                    -header => "none",
+                                    );
     return $my_cipher;
 }
 
@@ -1909,7 +1912,7 @@ while(1) {
         } else {
             my ($port, $iaddr) = unpack_sockaddr_in($other_end);
             my $actual_ip = inet_ntoa($iaddr);
-            daemon_log("accept client from $actual_ip", 5);
+            daemon_log("accept client at daemon socket from $actual_ip", 5);
             my $in_msg = &read_from_socket($client);
             if(defined $in_msg){
                 chomp($in_msg);
@@ -1953,10 +1956,11 @@ while(1) {
         } else {
             my ($port, $iaddr) = unpack_sockaddr_in($other_end);
             my $actual_ip = inet_ntoa($iaddr);
-            daemon_log("accept client from $actual_ip", 5);
+            daemon_log("accept client at gosa socket from $actual_ip", 5);
             my $in_msg = <$client>;
             #my $in_msg = &read_from_socket($client);
-            #daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n$in_msg\n",1);
+            
+            daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n!$in_msg!\n",1);
             if(defined $in_msg){
                 chomp($in_msg);
                 &activating_child($in_msg, $actual_ip, $client);

diff --git a/contrib/daemon/gosa-sd-bus b/contrib/daemon/gosa-sd-bus
index 483d3d1bf29ab8237ca38e208f5e884b2b23126f..b1e118f0e258fe82824f761c1cc33bf5d6ff5fca 100755 (executable)
--- a/contrib/daemon/gosa-sd-bus
+++ b/contrib/daemon/gosa-sd-bus
@@ -26,7 +26,8 @@ use POSIX;
 use Time::HiRes qw( gettimeofday );
 
 use IO::Socket::INET;
-use Crypt::Rijndael;
+use Crypt::CBC;
+use Digest::MD5  qw(md5 md5_hex md5_base64);
 use XML::Simple;
 use Data::Dumper;
 use Sys::Syslog qw( :DEFAULT setlogsock);
@@ -580,7 +581,15 @@ sub create_passwd {
 sub create_ciphering {
     my ($passwd) = @_;
     $passwd = substr("$passwd" x 32, 0, 32);
-    my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC );
+    daemon_log("create_ciphering: new passwd: $passwd", 7);
+
+    my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
+
+    my $my_cipher = Crypt::CBC->new(-key=>$passwd ,
+                                    -cipher => 'Rijndael',
+                                    -iv => $iv,
+                                    -header => "none",
+                                    );
     return $my_cipher;
 }
 
@@ -594,13 +603,10 @@ sub create_ciphering {
 #===============================================================================
 sub encrypt_msg {
     my ($msg, $my_cipher) = @_;
-    $msg =~ s/[\n]+//g;
-    my $msg_length = length($msg);
-    my $multiplier = int($msg_length / 16) + 1;
-    my $extension = 16*$multiplier - $msg_length;
-    $msg = "0"x$extension.$msg;
+    if(not defined $my_cipher) { print "no cipher object\n"; }
+
     my $crypted_msg = $my_cipher->encrypt($msg);
-    #my $crypted_msg = $msg;
+
     return $crypted_msg;
 }
 
@@ -613,10 +619,8 @@ sub encrypt_msg {
 #  DESCRIPTION:  decrypts the incoming message with the Crypt::Rijndael module
 #===============================================================================
 sub decrypt_msg {
-    my ($crypted_msg, $my_cipher) =@_;
-    my $len = length $crypted_msg;
-    my $msg = $my_cipher->decrypt($crypted_msg);
-    $msg =~ s/^0*//g;
+    my ($crypted_msg, $my_cipher) = @_ ;
+    my $msg = $my_cipher->decrypt($crypted_msg); 
     return $msg;
 }
 

diff --git a/contrib/daemon/modules/GosaPackages.pm b/contrib/daemon/modules/GosaPackages.pm
index cb22a9c5c8b756e219f54cbdea2cebc92cca079d..2435161c9b1891123a782cef45e0da36e75b60f9 100644 (file)
--- a/contrib/daemon/modules/GosaPackages.pm
+++ b/contrib/daemon/modules/GosaPackages.pm
@@ -8,6 +8,7 @@ use Exporter;
 
 use strict;
 use warnings;
+use Crypt::CBC;
 
 
 BEGIN{
@@ -23,7 +24,7 @@ END{}
 
 # create general settings for this module
 my $gosa_cipher = &main::create_ciphering($main::gosa_passwd);
-
+#$gosa_cipher->set_iv("hallo");
 
 sub get_module_tags {
     
@@ -66,8 +67,8 @@ sub process_incoming_msg {
     my $msg_hash;
     eval{
         $msg = &main::decrypt_msg($crypted_msg, $gosa_cipher);
-
         &main::daemon_log("GosaPackages: decrypted_msg: $msg", 7);
+
         $msg_hash = $main::xml->XMLin($msg, ForceArray=>1);
     };
     if($@) {