Developing Crypto Code in Python

I am currently doing a research on how to develop crypto code in Python programming language.

Based on my research, there are several crypto libraries that’s suitable for my purpose. They are Python Cryptography Toolkit and ezPyCrypto as my main libraries.

Python Cryptography Toolkit will be the low-level crypto library, while ezPyCrypto will act as a high-level crypto library.

Before installing those two libraries, make sure you have have the following packages :

  • python
  • python-devel

Here are the steps to install those libraries :

– Install Python Cryptography Toolkit (python-crypto) :

# rpm -Uvh python-crypto-2.0.1-15.i586.rpm
Preparing… ########################################### [100%]
1:python-crypto ########################################### [100%]

– Install ezPyCrypto :

$ tar xvzpf ezPyCrypto-0.1.1.tar.gz

$ cd ezPyCrypto-0.1.1/

$ su -c “python setup.py install”
Password:

running install

running build

running build_py

creating build

creating build/lib

copying ezPyCrypto.py -> build/lib

running install_lib

creating /usr/local/lib/python2.4

creating /usr/local/lib/python2.4/site-packages

copying build/lib/ezPyCrypto.py -> /usr/local/lib/python2.4/site-packages

byte-compiling /usr/local/lib/python2.4/site-packages/ezPyCrypto.py to ezPyCrypto.pyc

Having Fun with PySQLite

I had a chance to test pysqlite, a Python wrapper for SQLite Database System. pysqlite needs the following dependencies :

  • Operating System and C Compiler
  • SQLite version 3.0.8 or later (for pysqlite 2.2.0)
  • Python 2.3 or later

After download the latest version (2.2.2) I did the followings to install pysqlite to my system :

$ tar xvzpf pysqlite-2.2.2.tar.gz
pysqlite-2.2.2/

pysqlite-2.2.2/doc/

pysqlite-2.2.2/doc/code


pysqlite-2.2.2/setup.cfg

pysqlite-2.2.2/setup.py

pysqlite-2.2.2/PKG-INFO

$ cd pysqlite-2.2.2/

$ python setup.py build
running build

running build_py

creating build

creating build/lib.linux-i686-2.4

creating build/lib.linux-i686-2.4/pysqlite2

# python setup.py install
running install

running build

running build_py

running build_ext

running install_lib

In my system, the above command will install pysqlite to /usr/lib/python2.4/site-packages directory

Next I test whether the installation success or not :

$ python
Python 2.4 (#1, Mar 22 2005, 21:42:42)
[GCC 3.3.5 20050117 (prerelease) (SUSE Linux)] on linux2
Type “help”, “copyright”, “credits” or “license” for more information.
>>> from pysqlite2 import test
>>> test.test()
…………………………………………………………….
———————————————————————-
Ran 164 tests in 1.060s
OK

>>>

Next I type several lines of Python code to test PySQLite. Here is the code. Please beware this is just a simple application :


#!/usr/bin/env python

from pysqlite2 import dbapi2 as sqlite
import os

DB_FILE = "mydb"

musics = [
("Michael W Smith", "In My Arms Again"),
("Chayanne", "Ye Te Amo"),
("Marc Anthony", "Everything You Do")
]

if os.path.exists(DB_FILE):
os.remove(DB_FILE)

con = sqlite.connect(DB_FILE)

# create table
con.execute("""
create table music
(
singer varchar(30),
song varchar(30)
)
""")
print "Success creating table",'"%s"' % DB_FILE

# insert table
con.executemany("insert into music(singer,song) values (?,?)", musics)

# print table contents
print "\nThe content of", DB_FILE
print "=" * 20,"\n"

for row in con.execute("select singer,song from music"):
print '%s : %s' % (row[0],row[1])

con.close()

First Encounter with Scapy

After read several papers and presentations in network security field that mentioning scapy, I decided to try it.

From the Scapy website :

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

What interest me are :

  • scapy is written in Python. I am quite familiar with this computer language. I code translation tools in this language about 4 years ago.
  • it supports many network protocol even wifi (you need Wifitap tool :D)

I download the latest scapy version from http://www.secdev.org/projects/scapy/.
And the installation process is a breeze. I just put it in my working directory. BTW, scapy needs several optional package to work as advertised. But in my system I don’t follow that. :D

I just put http://www.iana.org/assignments/ethernet-numbers to /etc/ethertypes.

You need to run scapy as root.

In this first encounter, I will try to ping to other host :

>>> sr(IP(dst=”192.168.198.128″)/ICMP())
Begin emission:
*Finished to send 1 packets.

Received 1 packets, got 1 answers, remaining 0 packets
(, )

Looks good.

Next I tried to ping localhost :

# python scapy.py
INFO: did not find python gnuplot wrapper . Won’t be able to plot
INFO: Can’t import PyX. Won’t be able to use psdump() or pdfdump()
Welcome to Scapy (1.0.3.1beta)

>>> sr1(IP(dst=”127.0.0.1″)/ICMP())
Begin emission:
.Finished to send 1 packets.

Received 1 packets, got 0 answers, remaining 1 packets

It looks like there is an error, but I don’t know where.

If you know what’s wrong and how to fix that, please let me know.

Deferred concept: I Finally Got It

I have been struggling with the deferred concept in TwistedMatrix since last night. At that time, I read the deferred concept from : Generalization of Deferred Execution in Python. Unfortunately, I didn’t get it. I couldn’t do more because I was too tired, so I went to bed.

I wake up early this morning to go to the office and googling about deferred concept.

Luckily, I saw a documentation entitled Asynchronous Programming with Twisted (yes, I’ve put this article on my last entry blog, but I haven’t read it yet). After thinkering the doc for about 2 hours, I finally GOT IT. Now I “quite” understand about the Deferred concept in Twisted.

Kudos to the TwistedMatrix team for writing such a superb and easy to understand documentation.

Berkenalan Dengan Twisted

Beberapa malam lalu, saya akhirnya berhasil juga cobain Twisted. Proses instalasinya tidak sesulit yang saya perkirakan, gampang banget. Cuma kemaren-kemaren ada kesalahan, saya mendownload paket Twisted secara terpisah-pisah, dan ternyata ada paket yang dibutuhkan yang belum didownload. Jadi gak bisa dibuild dah.

Untunglah kemaren tahu triknya, ambil aja paket bernama TwistedSumo, paket itu udah komplit..plit..plit….Di dalamnya terdapat Twisted Core, Zope Interface, dan modul-modul Twisted lain (TwistedMail, TwistedConch, de el el). Versi terakhirnya saat saya menulis blog ini adalah 2.1.0.

Proses instalasinya juga gampang :

* bongkar tarball TwistedSumo
* terus instalasi Zope Interface
* instalasi Twisted
* instalasi modul python pendukung lainnya, misalnya kalo mau dukungan untuk SSH dan SSL, harus instalasi PyCrypto dan PyOpenSSL.

Saya udah membuat draft tulisan proses yang saya lakukan untuk menginstalasi Twisted ini. Cuma belum sempet dirapihkan dan ditambah-tambahin biar jadi banyak. :D

Framework jaringan Twisted menggunakan pendekatan pemrograman event-driven. Dalam pendekatan model ini, ada bagian program yang dipanggil dan bertugas bila ada sebuah event terjadi, biasanya bagian itu disebut handler. Event tersebut bisa berupa initial koneksi, koneksi gagal, dan semacamnya.

Dari baca buku Twisted Network Programming Essentials, terdapat beberapa class yang penting dalam Twisted yaitu : reactor (untuk menangani event loop), deferred (untuk menangani asynchronous stuffs), serta protocol (untuk menangani bila sudah terjadi koneksi alias untuk menangani pengiriman/penerimaan data).

Sekian dulu laporan dari saya, karena pelajaran saya baru sampai situ. See you. :D