Yeah, I just checked. Unluckily, I can't get the correct result even I use
the test code in aggregator handler.py.
Also I want to give a comment on the AES key. See the lines below:
103<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L103>
def decodeAES(self, encodedData, secret):
104<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L104>
# base64 decode secret
105<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L105>
secret = base64.b64decode(secret)
106<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L106>
# generate cipher from secret
107<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L107>
cipher = AES.new(secret)
108<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L108>
# decode data
109<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L109>
data =
cipher.decrypt(base64.b64decode(encodedData)).rstrip(self.padding)
110<http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py#L110>
return data
Seems the aggregator makes an assumption, that the AES key is base64
encoded. Actually it's no need to do that. We could make the secret just a
plain text string like 'ABC'.
On Fri, Oct 14, 2011 at 11:32 PM, Luis A. Bastiao Silva
<luis....@gmail.com>wrote:
> Yes.
>
> Did you check the test that Diogo wrote?
>
> 2011/10/14 Zhongjie Wang <wzj...@gmail.com>
>
>> Hi, I think it's not because the status field. The peer_info table schema
>> has been changed since the authentication approach changed, but the
>> save_to_db function remains unchanged. also the ciphered_public_key will be
>> replaced by public_key_hash soon. By the way, I think the status field is no
>> longer needed for us.
>>
>> According to my previous email, I can't register agent with the API
>> provided by aggregator. Could anyone help me?
>>
>>
>> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
>>
>>> Alan,
>>>
>>> Check this two changes. I've swapped order between Token and Public Key.
>>> Can you confirm it? Also I added the status. It was triggering an error
>>> during quit agent.
>>>
>>>
>>>
>>> http://dev.umitproject.org/projects/desktop-agent/repository/revisions/c49784ae01164cf6583eca02b5946db4e56f1186/diff/umit/icm/agent/core/PeerManager.py
>>>
>>>
>>>
>>> http://dev.umitproject.org/projects/desktop-agent/repository/revisions/00c43d4dcf8c7253ebce5f248d72025b162350b9/diff/umit/icm/agent/utils/CreateDB.py
>>>
>>>
>>> 2011/10/11 Zhongjie Wang <wzj...@gmail.com>
>>>
>>>> Just fixed. This key should be generated during the registration phase
>>>> according to current solution. I think maybe generated when logged in is
>>>> better.
>>>>
>>>>
>>>> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
>>>>
>>>>> [INFO] - 2011-10-11 09:43:58,299 - Sending GetSuperPeerList message to
>>>>> aggregator
>>>>> Unhandled error in Deferred:
>>>>> Traceback (most recent call last):
>>>>> File
>>>>> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/gtk2reactor.py",
>>>>> line 249, in run
>>>>> self.__run()
>>>>> File
>>>>> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/gtk2reactor.py",
>>>>> line 293, in simulate
>>>>> self.runUntilCurrent()
>>>>> File
>>>>> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/base.py",
>>>>> line 778, in runUntilCurrent
>>>>> call.func(*call.args, **call.kw)
>>>>> File
>>>>> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/task.py",
>>>>> line 194, in __call__
>>>>> d = defer.maybeDeferred(self.f, *self.a, **self.kw)
>>>>> --- <exception caught here> ---
>>>>> File
>>>>> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/defer.py",
>>>>> line 117, in maybeDeferred
>>>>> result = f(*args, **kw)
>>>>> File
>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/core/PeerManager.py",
>>>>> line 303, in maintain
>>>>> theApp.aggregator.get_super_peer_list(required_num)
>>>>> File
>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
>>>>> line
>>>>> 167, in get_super_peer_list
>>>>> defer_ = self._send_message(request_msg, GetSuperPeerListResponse)
>>>>> File
>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
>>>>> line
>>>>> 394, in _send_message
>>>>> postdata['msg'] = self._aes_encrypt(message)
>>>>> File
>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
>>>>> line
>>>>> 349, in _aes_encrypt
>>>>> assert theApp.key_manager.aggregator_aes_key
>>>>> exceptions.AssertionError:
>>>>> [INFO] - 2011-10-11 09:43:58,375 - Sending 0 reports to the
>>>>> aggregator.
>>>>> [INFO] - 2011-10-11 09:44:28,302 - Sending 0 reports to the
>>>>> aggregator.
>>>>>
>>>>> Something is going on now.. Is it now with encryption message right? I
>>>>> checked and this key is not in db I guess. Can you do a quick fix?
>>>>>
>>>>> Moreover, this key shouldn't be pseudo-random generated per session?
>>>>>
>>>>> Thanks in advance.
>>>>>
>>>>> 2011/10/11 Zhongjie Wang <wzj...@gmail.com>
>>>>>
>>>>>> Hi,
>>>>>> I've just committed the code. Please delete the sqlite database
>>>>>> and try again.
>>>>>> What I've encountered is a HTTP 500 error from the aggregator,
>>>>>> and I have no idea about that.
>>>>>> Shall we fix a time to test the function together, so we can
>>>>>> know what's wrong with it.
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
>>>>>>
>>>>>> Hi Folks,
>>>>>>>
>>>>>>> This message is mainly directly to Alan and Zubair. We need some help
>>>>>>> to put the new authentication mechanism to work ASAP (i.e., next day).
>>>>>>>
>>>>>>> I was checking Desktop Agent and the public key is missing.
>>>>>>>
>>>>>>> [WARNING] - 2011-10-11 01:07:10,142 - No value found for key
>>>>>>> 'aggregator_public_key' in db kvp.
>>>>>>> Traceback (most recent call last):
>>>>>>> File "bin/icm-agent.py", line 55, in main
>>>>>>> theApp.start()
>>>>>>> File
>>>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/Application.py", line
>>>>>>> 114, in start
>>>>>>> self._init_components()
>>>>>>> File
>>>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/Application.py",
>>>>>>> line 68,
>>>>>>> in _init_components
>>>>>>> self.key_manager = KeyManager()
>>>>>>> File
>>>>>>> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/secure/KeyManager.py",
>>>>>>> line 36, in __init__
>>>>>>> raise InitializationError("Missing aggregator public key.")
>>>>>>> InitializationError: Missing aggregator public key.
>>>>>>>
>>>>>>> I tried to put it working, but still it is missing, even
>>>>>>> adding aggregator_public_key to agent.cfg.
>>>>>>>
>>>>>>> Check the Diogo code:
>>>>>>>
>>>>>>>
>>>>>>> http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py-
>>>>>>> Abstraction to work with Asymmetric cipher keys
>>>>>>>
>>>>>>> http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/api/handlers.py-
>>>>>>> check TestsHandler, code to test register/authentication
>>>>>>>
>>>>>>>
>>>>>>> Best Regards,
>>>>>>> --
>>>>>>> Luís A. Bastião Silva
>>>>>>> Umit Project Developer
>>>>>>> Skype: koplabs
>>>>>>> http://www.umitproject.org
>>>>>>> http://www.bastiao.org
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Zhongjie Wang
>>>>>> Master Candidate
>>>>>> Computer System Architecture
>>>>>> Peking University, China
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Luís A. Bastião Silva
>>>>> Umit Project Developer
>>>>> Skype: koplabs
>>>>> http://www.umitproject.org
>>>>> http://www.bastiao.org
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Zhongjie Wang
>>>> Master Candidate
>>>> Computer System Architecture
>>>> Peking University, China
>>>>
>>>
>>>
>>>
>>> --
>>> Luís A. Bastião Silva
>>> Umit Project Developer
>>> Skype: koplabs
>>> http://www.umitproject.org
>>> http://www.bastiao.org
>>>
>>>
>>>
>>
>>
>> --
>> Zhongjie Wang
>> Master Candidate
>> Computer System Architecture
>> Peking University, China
>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure contains a
>> definitive record of customers, application performance, security
>> threats, fraudulent activity and more. Splunk takes this data and makes
>> sense of it. Business sense. IT sense. Common sense.
>> http://p.sf.net/sfu/splunk-d2d-oct
>> _______________________________________________
>> Umit-devel mailing list
>> Umit-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/umit-devel
>>
>>
>
>
> --
> Luís A. Bastião Silva
> Skype: koplabs
> http://www.bastiao.org
>
>
--
Zhongjie Wang
Master Candidate
Computer System Architecture
Peking University, China
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Umit-devel mailing list
Umit-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/umit-devel
