From 6ab1064939308386a489f064b87380578f8b4ab2 Mon Sep 17 00:00:00 2001 From: rettenbe Date: Thu, 6 Dec 2007 12:48:19 +0000 Subject: [PATCH] using new perl crypt module Crypt::CBC git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8044 594d385d-05f5-0310-b6e9-bd551577e9d8 --- contrib/daemon/gosa-sc | 25 +++++++++++---------- contrib/daemon/gosa-sd | 30 +++++++++++++++----------- contrib/daemon/gosa-sd-bus | 28 +++++++++++++----------- contrib/daemon/modules/GosaPackages.pm | 5 +++-- 4 files changed, 50 insertions(+), 38 deletions(-) diff --git a/contrib/daemon/gosa-sc b/contrib/daemon/gosa-sc index 1cc276f11..3be132922 100755 --- a/contrib/daemon/gosa-sc +++ b/contrib/daemon/gosa-sc @@ -27,7 +27,8 @@ use Time::HiRes qw( gettimeofday ); use Fcntl; use IO::Socket::INET; -use Crypt::Rijndael; +use Crypt::CBC; +use Digest::MD5 qw(md5 md5_hex md5_base64); use XML::Simple; use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); @@ -506,13 +507,9 @@ sub get_content_from_xml_hash { sub encrypt_msg { my ($msg, $my_cipher) = @_; if(not defined $my_cipher) { print "no cipher object\n"; } - $msg =~ s/[\n]+//g; - my $msg_length = length($msg); - my $multiplier = int($msg_length / 16) + 1; - my $extension = 16*$multiplier - $msg_length; - $msg = "0"x$extension.$msg; + my $crypted_msg = $my_cipher->encrypt($msg); - #my $crypted_msg = $msg; + return $crypted_msg; } @@ -524,9 +521,8 @@ sub encrypt_msg { # DESCRIPTION: #=============================================================================== sub decrypt_msg { - my ($crypted_msg, $my_cipher) =@_; - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/^0*$//g; + my ($crypted_msg, $my_cipher) = @_ ; + my $msg = $my_cipher->decrypt($crypted_msg); return $msg; } @@ -540,8 +536,15 @@ sub decrypt_msg { sub create_ciphering { my ($passwd) = @_; $passwd = substr("$passwd" x 32, 0, 32); + daemon_log("create_ciphering: new passwd: $passwd", 7); + + my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC ); + my $my_cipher = Crypt::CBC->new(-key=>$passwd , + -cipher => 'Rijndael', + -iv => $iv, + -header => "none", + ); return $my_cipher; } diff --git a/contrib/daemon/gosa-sd b/contrib/daemon/gosa-sd index 48fc1a4ed..22d7ed7d3 100755 --- a/contrib/daemon/gosa-sd +++ b/contrib/daemon/gosa-sd @@ -28,7 +28,8 @@ use Time::HiRes qw( gettimeofday ); use Fcntl; use IO::Socket::INET; -use Crypt::Rijndael; +use Crypt::CBC; +use Digest::MD5 qw(md5 md5_hex md5_base64); use XML::Simple; use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); @@ -903,13 +904,9 @@ sub get_content_from_xml_hash { sub encrypt_msg { my ($msg, $my_cipher) = @_; if(not defined $my_cipher) { print "no cipher object\n"; } - $msg =~ s/[\n]+//g; - my $msg_length = length($msg); - my $multiplier = int($msg_length / 16) + 1; - my $extension = 16*$multiplier - $msg_length; - $msg = "0"x$extension.$msg; + my $crypted_msg = $my_cipher->encrypt($msg); - #my $crypted_msg = $msg; + return $crypted_msg; } @@ -923,8 +920,7 @@ sub encrypt_msg { #=============================================================================== sub decrypt_msg { my ($crypted_msg, $my_cipher) = @_ ; - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/^0*//g; + my $msg = $my_cipher->decrypt($crypted_msg); return $msg; } @@ -938,8 +934,15 @@ sub decrypt_msg { sub create_ciphering { my ($passwd) = @_; $passwd = substr("$passwd" x 32, 0, 32); + daemon_log("create_ciphering: new passwd: $passwd", 7); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC ); + my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); + + my $my_cipher = Crypt::CBC->new(-key=>$passwd , + -cipher => 'Rijndael', + -iv => $iv, + -header => "none", + ); return $my_cipher; } @@ -1909,7 +1912,7 @@ while(1) { } else { my ($port, $iaddr) = unpack_sockaddr_in($other_end); my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client from $actual_ip", 5); + daemon_log("accept client at daemon socket from $actual_ip", 5); my $in_msg = &read_from_socket($client); if(defined $in_msg){ chomp($in_msg); @@ -1953,10 +1956,11 @@ while(1) { } else { my ($port, $iaddr) = unpack_sockaddr_in($other_end); my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client from $actual_ip", 5); + daemon_log("accept client at gosa socket from $actual_ip", 5); my $in_msg = <$client>; #my $in_msg = &read_from_socket($client); - #daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n$in_msg\n",1); + + daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n!$in_msg!\n",1); if(defined $in_msg){ chomp($in_msg); &activating_child($in_msg, $actual_ip, $client); diff --git a/contrib/daemon/gosa-sd-bus b/contrib/daemon/gosa-sd-bus index 483d3d1bf..b1e118f0e 100755 --- a/contrib/daemon/gosa-sd-bus +++ b/contrib/daemon/gosa-sd-bus @@ -26,7 +26,8 @@ use POSIX; use Time::HiRes qw( gettimeofday ); use IO::Socket::INET; -use Crypt::Rijndael; +use Crypt::CBC; +use Digest::MD5 qw(md5 md5_hex md5_base64); use XML::Simple; use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); @@ -580,7 +581,15 @@ sub create_passwd { sub create_ciphering { my ($passwd) = @_; $passwd = substr("$passwd" x 32, 0, 32); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC ); + daemon_log("create_ciphering: new passwd: $passwd", 7); + + my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); + + my $my_cipher = Crypt::CBC->new(-key=>$passwd , + -cipher => 'Rijndael', + -iv => $iv, + -header => "none", + ); return $my_cipher; } @@ -594,13 +603,10 @@ sub create_ciphering { #=============================================================================== sub encrypt_msg { my ($msg, $my_cipher) = @_; - $msg =~ s/[\n]+//g; - my $msg_length = length($msg); - my $multiplier = int($msg_length / 16) + 1; - my $extension = 16*$multiplier - $msg_length; - $msg = "0"x$extension.$msg; + if(not defined $my_cipher) { print "no cipher object\n"; } + my $crypted_msg = $my_cipher->encrypt($msg); - #my $crypted_msg = $msg; + return $crypted_msg; } @@ -613,10 +619,8 @@ sub encrypt_msg { # DESCRIPTION: decrypts the incoming message with the Crypt::Rijndael module #=============================================================================== sub decrypt_msg { - my ($crypted_msg, $my_cipher) =@_; - my $len = length $crypted_msg; - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/^0*//g; + my ($crypted_msg, $my_cipher) = @_ ; + my $msg = $my_cipher->decrypt($crypted_msg); return $msg; } diff --git a/contrib/daemon/modules/GosaPackages.pm b/contrib/daemon/modules/GosaPackages.pm index cb22a9c5c..2435161c9 100644 --- a/contrib/daemon/modules/GosaPackages.pm +++ b/contrib/daemon/modules/GosaPackages.pm @@ -8,6 +8,7 @@ use Exporter; use strict; use warnings; +use Crypt::CBC; BEGIN{ @@ -23,7 +24,7 @@ END{} # create general settings for this module my $gosa_cipher = &main::create_ciphering($main::gosa_passwd); - +#$gosa_cipher->set_iv("hallo"); sub get_module_tags { @@ -66,8 +67,8 @@ sub process_incoming_msg { my $msg_hash; eval{ $msg = &main::decrypt_msg($crypted_msg, $gosa_cipher); - &main::daemon_log("GosaPackages: decrypted_msg: $msg", 7); + $msg_hash = $main::xml->XMLin($msg, ForceArray=>1); }; if($@) { -- 2.30.2