summaryrefslogtreecommitdiff
path: root/client/src/leap
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2016-12-24 14:05:15 -0200
committerKali Kaneko <kali@leap.se>2017-02-09 17:41:27 +0100
commit8d9782c689daa14aca495d7b6b2598b2743c4e7c (patch)
tree1ed7f1ac3f8d8bd6638cae0a09e2c230bb740c89 /client/src/leap
parentff85c2a41fe933d9959fb84a0df2a13a6e199cec (diff)
[bug] use derived key for local storage
Diffstat (limited to 'client/src/leap')
-rw-r--r--client/src/leap/soledad/client/_secrets/__init__.py36
-rw-r--r--client/src/leap/soledad/client/_secrets/crypto.py6
-rw-r--r--client/src/leap/soledad/client/api.py4
3 files changed, 32 insertions, 14 deletions
diff --git a/client/src/leap/soledad/client/_secrets/__init__.py b/client/src/leap/soledad/client/_secrets/__init__.py
index f9da8423..42fe5a2d 100644
--- a/client/src/leap/soledad/client/_secrets/__init__.py
+++ b/client/src/leap/soledad/client/_secrets/__init__.py
@@ -16,6 +16,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
+import scrypt
from collections import namedtuple
@@ -34,10 +35,12 @@ SecretLength = namedtuple('SecretLength', 'name length')
class Secrets(object):
+ # remote secret is used
+
lengths = {
- 'remote': 512,
- 'salt': 64,
- 'local': 448,
+ 'remote_secret': 512, # remote_secret is used to encrypt remote data.
+ 'local_salt': 64, # local_salt is used in conjunction with
+ 'local_secret': 448, # local_secret to derive a local_key for storage
}
def __init__(self, uuid, passphrase, url, local_path, creds, userid,
@@ -119,14 +122,29 @@ class Secrets(object):
self.storage.save_local(encrypted)
self.storage.save_remote(encrypted)
+ #
+ # secrets
+ #
+
+ @property
+ def remote_secret(self):
+ return self._secrets.get('remote_secret')
+
@property
- def remote(self):
- return self._secrets.get('remote')
+ def local_salt(self):
+ return self._secrets.get('local_salt')
@property
- def salt(self):
- return self._secrets.get('salt')
+ def local_secret(self):
+ return self._secrets.get('local_secret')
@property
- def local(self):
- return self._secrets.get('local')
+ def local_key(self):
+ # local storage key is scrypt-derived from `local_secret` and
+ # `local_salt` above
+ secret = scrypt.hash(
+ password=self.local_secret,
+ salt=self.local_salt,
+ buflen=32, # we need a key with 256 bits (32 bytes)
+ )
+ return secret
diff --git a/client/src/leap/soledad/client/_secrets/crypto.py b/client/src/leap/soledad/client/_secrets/crypto.py
index 76e80222..88f32507 100644
--- a/client/src/leap/soledad/client/_secrets/crypto.py
+++ b/client/src/leap/soledad/client/_secrets/crypto.py
@@ -92,9 +92,9 @@ class SecretsCrypto(object):
plaintext = self._decrypt(
key, iv, ciphertext, encrypted, ENC_METHOD.aes_256_ctr)
secrets = {
- 'remote': plaintext[0:512],
- 'salt': plaintext[512:576],
- 'local': plaintext[576:1024],
+ 'remote_secret': plaintext[0:512],
+ 'local_salt': plaintext[512:576],
+ 'local_secret': plaintext[576:1024],
}
return secrets
diff --git a/client/src/leap/soledad/client/api.py b/client/src/leap/soledad/client/api.py
index 2e1d1cd3..54cbcd9d 100644
--- a/client/src/leap/soledad/client/api.py
+++ b/client/src/leap/soledad/client/api.py
@@ -196,7 +196,7 @@ class Soledad(object):
self._init_secrets(shared_db=shared_db)
- self._crypto = SoledadCrypto(self._secrets.remote)
+ self._crypto = SoledadCrypto(self._secrets.remote_secret)
try:
# initialize database access, trap any problems so we can shutdown
@@ -268,7 +268,7 @@ class Soledad(object):
"""
tohex = binascii.b2a_hex
# sqlcipher only accepts the hex version
- key = tohex(self._secrets.local)
+ key = tohex(self._secrets.local_key)
opts = sqlcipher.SQLCipherOptions(
self._local_db_path, key,