Indeed, base64 might be a bit too much. It decreases the size of the key, but I
guess it isn't worth the processing time (mobile and aggregator wise, mainly)
On Oct 14, 2011, at 1:46 PM, Zhongjie Wang wrote:
> Yeah, I just checked. Unluckily, I can't get the correct result even I use
> the test code in aggregator handler.py.
> Also I want to give a comment on the AES key. See the lines below:
>
> 103
> def decodeAES(self, encodedData, secret):
> 104
> # base64 decode secret
> 105
> secret = base64.b64decode(secret)
> 106
> # generate cipher from secret
> 107
> cipher = AES.new(secret)
> 108
> # decode data
> 109
> data =
> cipher.decrypt(base64.b64decode(encodedData)).rstrip(self.padding)
> 110
> return data
>
> Seems the aggregator makes an assumption, that the AES key is base64 encoded.
> Actually it's no need to do that. We could make the secret just a plain text
> string like 'ABC'.
>
>
> On Fri, Oct 14, 2011 at 11:32 PM, Luis A. Bastiao Silva <luis....@gmail.com>
> wrote:
> Yes.
>
> Did you check the test that Diogo wrote?
>
> 2011/10/14 Zhongjie Wang <wzj...@gmail.com>
> Hi, I think it's not because the status field. The peer_info table schema has
> been changed since the authentication approach changed, but the save_to_db
> function remains unchanged. also the ciphered_public_key will be replaced by
> public_key_hash soon. By the way, I think the status field is no longer
> needed for us.
>
> According to my previous email, I can't register agent with the API provided
> by aggregator. Could anyone help me?
>
>
> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
> Alan,
>
> Check this two changes. I've swapped order between Token and Public Key. Can
> you confirm it? Also I added the status. It was triggering an error during
> quit agent.
>
>
> http://dev.umitproject.org/projects/desktop-agent/repository/revisions/c49784ae01164cf6583eca02b5946db4e56f1186/diff/umit/icm/agent/core/PeerManager.py
>
>
> http://dev.umitproject.org/projects/desktop-agent/repository/revisions/00c43d4dcf8c7253ebce5f248d72025b162350b9/diff/umit/icm/agent/utils/CreateDB.py
>
>
> 2011/10/11 Zhongjie Wang <wzj...@gmail.com>
> Just fixed. This key should be generated during the registration phase
> according to current solution. I think maybe generated when logged in is
> better.
>
>
> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
> [INFO] - 2011-10-11 09:43:58,299 - Sending GetSuperPeerList message to
> aggregator
> Unhandled error in Deferred:
> Traceback (most recent call last):
> File
> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/gtk2reactor.py",
> line 249, in run
> self.__run()
> File
> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/gtk2reactor.py",
> line 293, in simulate
> self.runUntilCurrent()
> File
> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/base.py",
> line 778, in runUntilCurrent
> call.func(*call.args, **call.kw)
> File
> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/task.py",
> line 194, in __call__
> d = defer.maybeDeferred(self.f, *self.a, **self.kw)
> --- <exception caught here> ---
> File
> "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/Twisted-10.0.0-py2.6-macosx-10.6-i386.egg/twisted/internet/defer.py",
> line 117, in maybeDeferred
> result = f(*args, **kw)
> File
> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/core/PeerManager.py", line
> 303, in maintain
> theApp.aggregator.get_super_peer_list(required_num)
> File "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
> line 167, in get_super_peer_list
> defer_ = self._send_message(request_msg, GetSuperPeerListResponse)
> File "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
> line 394, in _send_message
> postdata['msg'] = self._aes_encrypt(message)
> File "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/rpc/aggregator.py",
> line 349, in _aes_encrypt
> assert theApp.key_manager.aggregator_aes_key
> exceptions.AssertionError:
> [INFO] - 2011-10-11 09:43:58,375 - Sending 0 reports to the aggregator.
> [INFO] - 2011-10-11 09:44:28,302 - Sending 0 reports to the aggregator.
>
> Something is going on now.. Is it now with encryption message right? I
> checked and this key is not in db I guess. Can you do a quick fix?
>
> Moreover, this key shouldn't be pseudo-random generated per session?
>
> Thanks in advance.
>
> 2011/10/11 Zhongjie Wang <wzj...@gmail.com>
> Hi,
> I've just committed the code. Please delete the sqlite database and
> try again.
> What I've encountered is a HTTP 500 error from the aggregator, and I
> have no idea about that.
> Shall we fix a time to test the function together, so we can know
> what's wrong with it.
>
> Thanks!
>
> 2011/10/11 Luís A. Bastião Silva <l...@umitproject.org>
>
> Hi Folks,
>
> This message is mainly directly to Alan and Zubair. We need some help to put
> the new authentication mechanism to work ASAP (i.e., next day).
>
> I was checking Desktop Agent and the public key is missing.
>
> [WARNING] - 2011-10-11 01:07:10,142 - No value found for key
> 'aggregator_public_key' in db kvp.
> Traceback (most recent call last):
> File "bin/icm-agent.py", line 55, in main
> theApp.start()
> File "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/Application.py",
> line 114, in start
> self._init_components()
> File "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/Application.py",
> line 68, in _init_components
> self.key_manager = KeyManager()
> File
> "/Volumes/Extend/Umit/git/icm-agent/umit/icm/agent/secure/KeyManager.py",
> line 36, in __init__
> raise InitializationError("Missing aggregator public key.")
> InitializationError: Missing aggregator public key.
>
> I tried to put it working, but still it is missing, even adding
> aggregator_public_key to agent.cfg.
>
> Check the Diogo code:
>
> http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/agents/CryptoLib.py
> - Abstraction to work with Asymmetric cipher keys
> http://dev.umitproject.org/projects/icm-aggregator/repository/revisions/master/entry/api/handlers.py
> - check TestsHandler, code to test register/authentication
>
>
> Best Regards,
> --
> Luís A. Bastião Silva
> Umit Project Developer
> Skype: koplabs
> http://www.umitproject.org
> http://www.bastiao.org
>
>
>
>
>
> --
> Zhongjie Wang
> Master Candidate
> Computer System Architecture
> Peking University, China
>
>
>
> --
> Luís A. Bastião Silva
> Umit Project Developer
> Skype: koplabs
> http://www.umitproject.org
> http://www.bastiao.org
>
>
>
>
>
> --
> Zhongjie Wang
> Master Candidate
> Computer System Architecture
> Peking University, China
>
>
>
> --
> Luís A. Bastião Silva
> Umit Project Developer
> Skype: koplabs
> http://www.umitproject.org
> http://www.bastiao.org
>
>
>
>
>
> --
> Zhongjie Wang
> Master Candidate
> Computer System Architecture
> Peking University, China
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> Umit-devel mailing list
> Umit-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/umit-devel
>
>
>
>
> --
> Luís A. Bastião Silva
> Skype: koplabs
> http://www.bastiao.org
>
>
>
>
> --
> Zhongjie Wang
> Master Candidate
> Computer System Architecture
> Peking University, China
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct_______________________________________________
> Umit-devel mailing list
> Umit-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/umit-devel
---
Adriano Monteiro Marques
http://www.thoughtspad.com
http://www.openmonitor.org
http://www.umitproject.org
http://blog.umitproject.org
"Don't stay in bed, unless you can make money in bed." - George Burns
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Umit-devel mailing list
Umit-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/umit-devel
