Databases
StackOverflow2013
Postsdbo
POGoogle App Engine + PyCrypto = /dev/urandom not accessible
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POGoogle App Engine + PyCrypto = /dev/urandom not accessible
    text
    copied!<p>I am using Google App Engine and PyCrypto to do some encryption. The error I am getting, which is below, occurs <em>only on my local developement server,</em> which is running Linux Mint Maya (13). I deployed the same code to the GAE cloud, and it runs without error.</p> <pre><code>ERROR 2012-06-29 16:04:20,717 webapp2.py:1553] [Errno 13] file not accessible: '/dev/urandom' Traceback (most recent call last): File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 1536, in __call__ rv = self.handle_exception(request, response, e) File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 1530, in __call__ rv = self.router.dispatch(request, response) File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 1278, in default_dispatcher return route.handler_adapter(request, response) File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 1102, in __call__ return handler.dispatch() File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 572, in dispatch return self.handle_exception(e, self.app.debug) File "/home/eric/google_appengine/lib/webapp2/webapp2.py", line 570, in dispatch return method(*args, **kwargs) File "/home/eric/workspace/commentbox/src/controller/api.py", line 55, in get self.response.out.write(encrypt(json.dumps(to_json))) File "/home/eric/workspace/commentbox/src/controller/api.py", line 27, in encrypt iv = Random.new().read(AES.block_size) File "/usr/lib/python2.7/dist-packages/Crypto/Random/__init__.py", line 33, in new return _UserFriendlyRNG.new(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 206, in new return RNGFile(_get_singleton()) File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 200, in _get_singleton _singleton = _LockingUserFriendlyRNG() File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 144, in __init__ _UserFriendlyRNG.__init__(self) File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 86, in __init__ self._ec = _EntropyCollector(self._fa) File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 53, in __init__ self._osrng = OSRNG.new() File "/usr/lib/python2.7/dist-packages/Crypto/Random/OSRNG/posix.py", line 60, in new return DevURandomRNG(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/Crypto/Random/OSRNG/posix.py", line 42, in __init__ f = open(self.name, "rb", 0) File "/home/eric/google_appengine/google/appengine/tools/dev_appserver_import_hook.py", line 592, in __init__ raise IOError(errno.EACCES, 'file not accessible', filename) IOError: [Errno 13] file not accessible: '/dev/urandom' ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] Exception ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] AttributeError ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] : ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] "'DevURandomRNG' object has no attribute 'closed'" ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] in ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] &lt;bound method DevURandomRNG.__del__ of &lt;Crypto.Random.OSRNG.posix.DevURandomRNG object at 0x52707d0&gt;&gt; ERROR 2012-06-29 16:04:20,721 webapp2.py:1549] ignored </code></pre> <p>The python code that is throwing the error is the second line in this block:</p> <pre><code>from Crypto.Cipher import AES from Crypto import Random key = b'Sixteen byte key' iv = Random.new().read(AES.block_size) cipher = AES.new(key, AES.MODE_CBC, iv) return iv + cipher.encrypt(plaintext) </code></pre> <p>After seeing this error, <a href="https://serverfault.com/questions/391386/why-is-dev-urandom-only-readable-by-root-since-ubuntu-12-04-and-how-can-i-fix">I realized it might be a permissions error</a>. So then I did a quick check of the permissions on /dev/urandom: </p> <pre><code>eric@eric-Latitude-E5400 ~ $ dpkg -L udev | xargs grep urandom /lib/udev/rules.d/50-udev-default.rules:KERNEL=="null|zero|full|random|urandom", MODE="0666" eric@eric-Latitude-E5400 ~ $ ls -lart /dev/*random crw-rw-rw- 1 root root 1, 9 Jun 29 10:53 /dev/urandom crw-rw-rw- 1 root root 1, 8 Jun 29 10:53 /dev/random </code></pre> <p>So it looks like my permissions are fine. I have also tried running the development server as root, but I get the same error. For some reason this only happens with the development server, and not when deployed to google's cloud. Any ideas on what to try next?</p> <p>Thanks!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload