From 8569a1df5a7e869ec61807466afd83e7b0e199e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
Date: Tue, 23 Jul 2013 12:19:45 +0100
Subject: [PATCH] avoid the uneeded dependency on Crypto.Random

Crypto.Random was added in python-crypto-2.1.0 to replace
the problematic randpool in 2.0.1: http://www.pycrypto.org/randpool-broken
However on Linux os.urandom() should be fine to set IV.

I'm not sure it's necessary to pad with random bytes,
but I'm leaving that as is for now:
http://www.codekoala.com/blog/2009/aes-encryption-python-using-pycrypto/#comment-25921785
http://eli.thegreenplace.net/2010/06/25/aes-encryption-of-files-in-python-with-pycrypto/
---
 glance/common/crypt.py |    8 ++------
 1 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/glance/common/crypt.py b/glance/common/crypt.py
index ee5f2dd..ef6496b 100644
--- a/glance/common/crypt.py
+++ b/glance/common/crypt.py
@@ -21,10 +21,7 @@ Routines for URL-safe encrypting/decrypting
 """
 
 import base64
-
 from Crypto.Cipher import AES
-from Crypto import Random
-from Crypto.Random import random
 
 
 def urlsafe_encrypt(key, plaintext, blocksize=16):
@@ -41,13 +38,12 @@ def urlsafe_encrypt(key, plaintext, blocksize=16):
         Pads text to be encrypted
         """
         pad_length = (blocksize - len(text) % blocksize)
-        sr = random.StrongRandom()
-        pad = ''.join(chr(sr.randint(1, 0xFF)) for i in range(pad_length - 1))
+        pad = os.urandom(pad_length - 1)
         # We use chr(0) as a delimiter between text and padding
         return text + chr(0) + pad
 
     # random initial 16 bytes for CBC
-    init_vector = Random.get_random_bytes(16)
+    init_vector = os.urandom(16)
     cypher = AES.new(key, AES.MODE_CBC, init_vector)
     padded = cypher.encrypt(pad(str(plaintext)))
     return base64.urlsafe_b64encode(init_vector + padded)