very broken, can't decrypt

author: dakkar <dakkar@thenautilus.net> 2011-03-25 23:54:14 +0000
committer: dakkar <dakkar@thenautilus.net> 2011-03-25 23:54:14 +0000
commit: e1872c5028937753e0ecbebcded8a312d5eb7ce4 (patch)
tree: 38cfdbbf3cda37cc23bb760b39d478e9c29a6676 /lib/DeWeave
parent: it might even complie (diff)
download: DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.tar.gz
DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.tar.bz2
DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.zip
5 files changed, 98 insertions, 28 deletions
diff --git a/lib/DeWeave/Collection.pm b/lib/DeWeave/Collection.pm
new file mode 100644
index 0000000..803a8cc
--- /dev/null
+++ b/lib/DeWeave/Collection.pm
@@ -0,0 +1,30 @@
+package DeWeave::Collection;
+use Moose;
+use namespace::autoclean;
+use MooseX::Types::Moose qw(ArrayRef Int Str Num);
+use JSON::Any;
+use DeWeave::EDO;
+
+has items => (
+    isa => ArrayRef['DeWeave::WBO'],
+    is => 'ro',
+    required => 1,
+);
+
+sub from_json {
+    my ($class,$json,$crypt)=@_;
+
+    my $j = JSON::Any->new;
+
+    my $args = $j->decode($json);
+    use Data::Dump 'pp';warn pp $args;
+
+    my @items = map {
+        DeWeave::EDO->new({%$_,__crypt=>$crypt})
+      } @$args;
+    return $class->new({
+        items => \@items,
+    });
+}
+
+1;
diff --git a/lib/DeWeave/Crypto.pm b/lib/DeWeave/Crypto.pm
index 618e095..e21e141 100644
--- a/lib/DeWeave/Crypto.pm
+++ b/lib/DeWeave/Crypto.pm
@@ -8,6 +8,8 @@ use Try::Tiny;
 use Digest::SHA ();
 use MIME::Base32 'RFC';
 use Crypt::CBC;
+use MIME::Base64 ();
+use Data::Dump 'pp';
 
 has storage => (
     isa => 'DeWeave::Storage',
@@ -25,8 +27,10 @@ sub _byte_sync_key {
     my ($self) = @_;
 
     my $key = $self->sync_key;
-    $key =~ y{89}{lo};
-    return MIME::Base32::decode($key);
+    $key =~ y{89}{LO};
+    $key =~ s{-}{}g;
+    $key = MIME::Base32::decode($key);
+    return substr($key,0,16);
 }
 
 has _hmac_input => (
@@ -46,6 +50,9 @@ sub _build__encryption_key {
 
     my $secret = $self->_hmac_input
         . $self->storage->username . "\x01";
+
+warn "enc key: ",pp($secret,$self->_byte_sync_key,length($self->_byte_sync_key));
+
     return Digest::SHA::hmac_sha256($secret, $self->_byte_sync_key);
 }
 
@@ -80,8 +87,21 @@ sub _build__keys {
 
     my $j = JSON::Any->new;
 
-    my $keys_payload = $self->storage->get_item('crypto/keys');
-    my $struct = $j->decode($keys_payload);
+    my $keys_raw = $self->storage->get_item('storage/crypto/keys');
+
+    my $keys_struct = $j->decode($keys_raw);
+
+    my $payload = $j->decode($keys_struct->{payload});
+
+warn "payload: ", pp $payload;
+warn "key: ",pp $self->_encryption_key, length($self->_encryption_key);
+
+    my $struct = $j->decode($self->decrypt({
+        %$payload,
+        key => $self->_encryption_key,
+    }));
+
+warn "keys: ",pp $struct;
 
     my $keys = {
         default => $struct->{default},
@@ -105,16 +125,18 @@ sub keys_for_collection {
 sub decrypt {
     my ($self,$args) = @_;
 
-    my $iv = $args->{IV};
+    my $iv = MIME::Base64::decode($args->{IV});
     my $hmac = $args->{hmac};
-    my $ct = $args->{ciphertext};
+    my $ct = MIME::Base64::decode($args->{ciphertext});
+    my $key = $args->{key} || $self->keys_for_collection('default');
+
+warn "Crypto ", pp($iv,$ct, length($ct), $key);
 
     my $cipher = Crypt::CBC->new(
-        -key => $self->_encryption_key,
+        -key => $key,
         -cipher => 'Crypt::OpenSSL::AES',
         -iv => $iv,
         -header => 'none',
-        -padding => 'null',
         -literal_key => 1,
     );
 
diff --git a/lib/DeWeave/EDO.pm b/lib/DeWeave/EDO.pm
index 30fdbf2..f7a605f 100644
--- a/lib/DeWeave/EDO.pm
+++ b/lib/DeWeave/EDO.pm
@@ -4,10 +4,11 @@ use namespace::autoclean;
 use MooseX::Types::Moose qw(Int Str Num);
 use JSON::Any;
 use Try::Tiny;
+use Data::Dump 'pp';
 
 extends 'DeWeave::WBO';
 
-has cyhpertext => (
+has ciphertext => (
     isa => Str,
     required => 1,
     is => 'ro',
@@ -31,17 +32,16 @@ around BUILDARGS => sub {
 
     my $args = $class->$orig(@_);
     return $args unless defined $args->{__crypt};
+    return $args unless exists $args->{ciphertext};
 
     my $decrypted_payload = $args->{__crypt}->decrypt($args);
 
     if (defined $decrypted_payload) {
-        try {
-            my $j = JSON::Any->new;
-            my $extra_args = $j->decode($decrypted_payload);
+        my $j = JSON::Any->new;
+        my $extra_args = $j->decode($decrypted_payload);
 
-            @$args{keys %$extra_args} =
-                values %$extra_args;
-        };
+        @$args{keys %$extra_args} =
+            values %$extra_args;
     }
     return $args;
 };
diff --git a/lib/DeWeave/Storage.pm b/lib/DeWeave/Storage.pm
index 0786b7c..d8e62c9 100644
--- a/lib/DeWeave/Storage.pm
+++ b/lib/DeWeave/Storage.pm
@@ -1,4 +1,4 @@
-package DeWeave::Crypto;
+package DeWeave::Storage;
 use Moose;
 use namespace::autoclean;
 use MooseX::Types::Moose qw(Str);
@@ -34,9 +34,12 @@ has _useragent => (
 sub _build__useragent {
     my ($self) = @_;
 
-    my $ua = LWP::UserAgent->new();
+    my $ua = LWP::UserAgent->new(
+        ssl_opts => { SSL_verify_mode => 0 },
+    );
     $ua->env_proxy;
     $ua->credentials($self->server_uri->host_port,
+                     'Weave',
                      $self->username,
                      $self->password);
     $ua->protocols_allowed(['https']);
@@ -47,10 +50,11 @@ sub _build__useragent {
 sub get_item {
     my ($self,$path) = @_;
 
-    my $relative = sprintf '1.0/%s/storage/%s',
+    my $relative = sprintf '1.0/%s/%s',
         $self->username,$path;
     my $uri = URI->new_abs($relative,$self->server_uri);
     $uri->query_param(full => 1);
+warn $uri;
     my $response = $self->_useragent->get($uri);
 
     if ($response->is_success) {
diff --git a/lib/DeWeave/WBO.pm b/lib/DeWeave/WBO.pm
index 3f551dd..bdfb027 100644
--- a/lib/DeWeave/WBO.pm
+++ b/lib/DeWeave/WBO.pm
@@ -4,6 +4,7 @@ use namespace::autoclean;
 use MooseX::Types::Moose qw(Int Str Num);
 use JSON::Any;
 use Try::Tiny;
+use Data::Dump 'pp';
 
 has id => (
     isa => Str,
@@ -19,7 +20,7 @@ has modified => (
 
 has sortindex => (
     isa => Num,
-    required => 1,
+    required => 0,
     is => 'ro',
 );
 
@@ -41,17 +42,30 @@ sub from_json {
     my $j = JSON::Any->new;
 
     my $args = $j->decode($json);
-    if (exists $args->{payload}) {
-        try {
-            my $extra_args = $j->decode($args->{payload});
-
-            @$args{keys %$extra_args} =
-                values %$extra_args;
-            $args->{__crypt}=$crypt;
-        };
+    use Data::Dump 'pp';warn pp $args;
+    if (defined $args->{payload}) {
+        $args->{__crypt}=$crypt;
     }
 
-    $class->new($args);
+    return $class->new($args);
 }
 
+around BUILDARGS => sub {
+    my $orig = shift;
+    my $class = shift;
+
+    my $args = $class->$orig(@_);
+
+    return $args unless defined $args->{payload};
+
+    my $j = JSON::Any->new;
+    my $extra_args = $j->decode($args->{payload});
+
+    @$args{keys %$extra_args} =
+        values %$extra_args;
+
+    return $args;
+};
+
+
 1;
author	dakkar <dakkar@thenautilus.net>	2011-03-25 23:54:14 +0000
committer	dakkar <dakkar@thenautilus.net>	2011-03-25 23:54:14 +0000
commit	e1872c5028937753e0ecbebcded8a312d5eb7ce4 (patch)
tree	38cfdbbf3cda37cc23bb760b39d478e9c29a6676 /lib/DeWeave
parent	it might even complie (diff)
download	DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.tar.gz DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.tar.bz2 DeWeave-e1872c5028937753e0ecbebcded8a312d5eb7ce4.zip