Commit 0479aa57 authored by Ibouniyamine Nabihoudine's avatar Ibouniyamine Nabihoudine
Browse files

No commit message

No commit message
parent bafb8279
This diff is collapsed.
......@@ -24,6 +24,9 @@ import argparse
import os
import fnmatch
import tempfile
import urllib.parse
import random
from argparse import _ensure_value
from urllib.request import urlopen
import copy as _copy
......@@ -31,7 +34,7 @@ from urllib.parse import urlparse
import pickle
from jflow.config_reader import JFlowConfigReader
from jflow.utils import get_octet_string_representation, get_nb_octet, display_error_message, encrypt, decrypt
from jflow.utils import get_octet_string_representation, get_nb_octet, display_error_message
# import custom types and custom formats
from workflows.types import *
......@@ -121,7 +124,7 @@ def regexpfiles(files_pattern):
return files_pattern
def password(pwd):
return pwd
return PasswordParameter.encrypt(pwd)
def create_test_function(itype):
try:
......@@ -746,6 +749,43 @@ class PasswordParameter(StrParameter):
StrParameter.__init__(self, name, help, flag=flag, default=default, type=type, choices=choices, required=required,
sub_parameters=sub_parameters, group=group, display_name=display_name, cmd_format=cmd_format, argpos=argpos)
@staticmethod
def __rc4(data, key):
S = list(range(256))
j = 0
out = []
#KSA Phase
for i in range(256):
j = (j + S[i] + ord( key[i % len(key)] )) % 256
S[i] , S[j] = S[j] , S[i]
#PRGA Phase
i = j = 0
for char in data:
i = ( i + 1 ) % 256
j = ( j + S[i] ) % 256
S[i] , S[j] = S[j] , S[i]
out.append(chr(ord(char) ^ S[(S[i] + S[j]) % 256]))
return ''.join(out)
@staticmethod
def encrypt(data, key="anything", salt_length=16):
salt = ''
for n in range(salt_length):
salt += chr(random.randrange(256))
data = salt + PasswordParameter.__rc4(data, key + salt)
return urllib.parse.quote(data)
@staticmethod
def decrypt(data, key="anything", salt_length=16):
#data = base64.b64decode(data.encode()).decode()
data = urllib.parse.unquote(data)
salt = data[:salt_length]
return PasswordParameter.__rc4(data[salt_length:], key + salt)
class DateParameter(datetime.datetime, AbstractParameter):
def __new__(self, name, help, default=None, type=date, choices=None, required=False,
......
......@@ -31,11 +31,11 @@ from argparse import ArgumentTypeError
from .workflows_manager import WorkflowsManager
from .config_reader import JFlowConfigReader
from .workflow import Workflow
from .parameter import password, browsefile, localfile, urlfile, inputfile, create_test_function, MiltipleAction, MiltipleAppendAction, MultipleParameters, MultiParameter
from .parameter import browsefile, localfile, urlfile, inputfile, create_test_function, MiltipleAction, MiltipleAppendAction, MultipleParameters
from workflows.types import *
from . import utils
from cctools.util import time_format
from .utils import get_octet_string_representation, rc4_decrypt
from .utils import get_octet_string_representation
# function in charge to upload large files
class UploadFieldStorage(cgi.FieldStorage):
......@@ -302,18 +302,6 @@ class JFlowServer (object):
@jsonify
def run_workflow(self, **kwargs):
try:
# get parameters types for password decryption
instance = self.wfmanager.get_workflow_by_class(kwargs["workflow_class"])
parameters_types = {}
instance_parameters = instance.get_parameters()
for param in instance_parameters :
# handle only multiparameter, password cannot be in handsontable
if param.__class__ == MultiParameter:
for sub_param in param.sub_parameters :
parameters_types[sub_param.name] = sub_param.type
else:
parameters_types[param.name] = param.type
kwargs_modified = {}
# handle MultiParameterList
......@@ -337,15 +325,9 @@ class JFlowServer (object):
new_values = new_values[0]
# if this is a classic Parameter
if len(parts) == 1:
# password decrypt
if key in parameters_types and (parameters_types[key] == "password" or parameters_types[key] == password):
new_values = rc4_decrypt(new_values)
kwargs_modified[key] = new_values
# if this is a MultiParameter
elif len(parts) == 2:
# password decrypt
if parts[1] in parameters_types and ( parameters_types[parts[1]] == "password" or parameters_types[parts[1]] == password):
new_values = rc4_decrypt(new_values)
if parts[0] in kwargs_modified:
kwargs_modified[parts[0]].append((parts[1], new_values))
else:
......
......@@ -21,10 +21,6 @@ import smtplib
import socket
import math
import shutil
import urllib.parse
import random
import base64
from hashlib import sha1
try:
import DNS
......@@ -33,47 +29,6 @@ except:
DNS = None
class ServerError(Exception): pass
def __rc4(data, key = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXZY_" ):
S = list(range(256))
j = 0
out = []
#KSA Phase
for i in range(256):
j = (j + S[i] + ord( key[i % len(key)] )) % 256
S[i] , S[j] = S[j] , S[i]
#PRGA Phase
i = j = 0
for char in data:
i = ( i + 1 ) % 256
j = ( j + S[i] ) % 256
S[i] , S[j] = S[j] , S[i]
out.append(chr(ord(char) ^ S[(S[i] + S[j]) % 256]))
return ''.join(out)
# only used to decrypt from server which is rc4 encrypted
def rc4_decrypt(encrypted) :
encrypted = urllib.parse.unquote(encrypted)
return __rc4(encrypted)
# encrypt with salt (command line)
def encrypt(data, key="anything", salt_length=16):
"""RC4 encryption with random salt and final encoding"""
salt = ''
for n in range(salt_length):
salt += chr(random.randrange(256))
data = salt + __rc4(data, sha1((key + salt).encode()).hexdigest())
return base64.b64encode(data.encode()).decode()
def decrypt(data, key="anything", salt_length=16):
"""RC4 decryption of encoded data"""
data = base64.b64decode(data.encode()).decode()
salt = data[:salt_length]
return __rc4(data[salt_length:], sha1((key + salt).encode()).hexdigest())
def robust_rmtree(path, logger=None, max_retries=6):
"""Robustly tries to delete paths.
Retries several times (with increasing delays) if an OSError
......
......@@ -73,7 +73,17 @@ var rc4_encrypt = function(data){
}
return res;
}
return encodeURIComponent(rc4(data, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXZY_")).replace(/\(/g, "%28").replace(/\)/g, "%29");
var randomString = function (length, chars) {
var result = '';
for (var i = length; i > 0; --i) result += chars[Math.round(Math.random() * (chars.length - 1))];
return result;
}
var salt = randomString(16, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'),
key = "anything";
return encodeURIComponent(salt + rc4(data, key + salt)).replace(/\(/g, "%28").replace(/\)/g, "%29");
}
......@@ -432,29 +442,12 @@ Handsontable.cellTypes["bootdate"] = Handsontable.BootstrapDateCell;
}
}
});
var parametersDescription = {};
$.each($this.workflow.parameters, function(__, parameter){
// multi parameter
if ( parameter.hasOwnProperty('sub_parameters')){
$.each(parameter.sub_parameters, function(___, subparameter){
parametersDescription[subparameter.name] = subparameter ;
});
}
// simple
else {
parametersDescription[parameter.name] = parameter ;
}
});
// when serializing, multiple data are repeated, so build a hash to gather values from the same parameter
$.each ( $('#workflow_form').serializeArray(), function(_, kv) {
if ($('#'+kv.name).is(":visible") || !$('#content_'+kv.name).hasClass("hidden-exclude")) { // visible or not exists content_NAME or content_NAME hasn't the hidden-exclude class
if (kv.value != ""){
if (parametersDescription.hasOwnProperty(kv.name) && parametersDescription[kv.name].type == "password"){
if (kv.value != "" && $('#'+kv.name).attr("type") == "password" ){
kv.value = rc4_encrypt(kv.value)
}
}
if (hash_param.hasOwnProperty(kv.name)) {
......
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment