diff options
| author | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-08-05 20:35:14 +0200 |
|---|---|---|
| committer | Folker Bernitt <fbernitt@thoughtworks.com> | 2015-08-11 17:00:32 +0200 |
| commit | b4b5a6d10d71208fa5ae2b2ef6e61845d63c5047 (patch) | |
| tree | b26540f4995eef860004b8f03c56ca42e5a53028 | |
| parent | f29447b4fbed2328f976fdfacd554f051e40b8db (diff) | |
Removed XSALSA20 dependency.
- Use crypto algorithm prefered by soledad instead
| -rw-r--r-- | service/pixelated/support/encrypted_file_storage.py | 6 | ||||
| -rw-r--r-- | service/test/unit/support/test_encrypted_file_storage.py | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/service/pixelated/support/encrypted_file_storage.py b/service/pixelated/support/encrypted_file_storage.py index 3f3e47d6..567a348a 100644 --- a/service/pixelated/support/encrypted_file_storage.py +++ b/service/pixelated/support/encrypted_file_storage.py @@ -56,16 +56,16 @@ class EncryptedFileStorage(FileStorage): return hmac.new(self.signkey, verifiable_payload, sha256).digest() def encrypt(self, content): - iv, ciphertext = encrypt_sym(content, self.masterkey, EncryptionMethods.XSALSA20) + iv, ciphertext = encrypt_sym(content, self.masterkey) mac = self.gen_mac(iv, ciphertext) return ''.join((mac, iv, ciphertext)) def decrypt(self, payload): - payload_mac, iv, ciphertext = payload[:32], payload[32:65], payload[65:] + payload_mac, iv, ciphertext = payload[:32], payload[32:57], payload[57:] generated_mac = self.gen_mac(iv, ciphertext) if sha256(payload_mac).digest() != sha256(generated_mac).digest(): raise Exception("EncryptedFileStorage - Error opening file. Wrong MAC") - return decrypt_sym(ciphertext, self.masterkey, EncryptionMethods.XSALSA20, iv=iv) + return decrypt_sym(ciphertext, self.masterkey, iv) def _encrypt_index_on_close(self, name): def wrapper(struct_file): diff --git a/service/test/unit/support/test_encrypted_file_storage.py b/service/test/unit/support/test_encrypted_file_storage.py index 2a6735c3..69b82f3d 100644 --- a/service/test/unit/support/test_encrypted_file_storage.py +++ b/service/test/unit/support/test_encrypted_file_storage.py @@ -25,9 +25,13 @@ class EncryptedFileStorageTest(unittest.TestCase): self.key = '2\x06\xf87F:\xd2\xe2]w\xc9\x0c\xb8\x9b\x8e\xd3\x92\t\xabHu\xa6\xa3\x9a\x8d\xec\x0c\xab<8\xbb\x12\xfbP\xf2\x83"\xa1\xcf7\x92\xb0!\xfe\xebM\x80\x8a\x14\xe6\xf9xr\xf5#\x8f\x1bs\xb3#\x0e)a\xd8' self.msg = 'this is a very, very secret binary message: \xbe\xba\xca\xfe' self.path = os.path.join('tmp', 'search_test') + self._cleanup_path() self.storage = EncryptedFileStorage(self.path, self.key) def tearDown(self): + self._cleanup_path() + + def _cleanup_path(self): if os.path.exists(self.path): shutil.rmtree(self.path) |