diff options
author | drebs <drebs@leap.se> | 2013-05-21 16:47:18 -0300 |
---|---|---|
committer | drebs <drebs@leap.se> | 2013-05-21 17:43:22 -0300 |
commit | e048f0e7e6a56e289188b02e1205fbb025cb38a6 (patch) | |
tree | 3a21302b6a3c392dacc8b04d6e343b1df06e8709 /src/leap/soledad | |
parent | 0f822e6b75e842bbc086cbcbdd096316533ca7ca (diff) |
Add check for encryption method.
Diffstat (limited to 'src/leap/soledad')
-rw-r--r-- | src/leap/soledad/backends/leap_backend.py | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py index 8fa662e9..bb8ee548 100644 --- a/src/leap/soledad/backends/leap_backend.py +++ b/src/leap/soledad/backends/leap_backend.py @@ -38,6 +38,7 @@ from u1db.remote.http_target import HTTPSyncTarget from leap.common.crypto import ( EncryptionMethods, + UnknownEncryptionMethod, encrypt_sym, decrypt_sym, ) @@ -242,12 +243,16 @@ def decrypt_doc(crypto, doc): enc_scheme = doc.content[ENC_SCHEME_KEY] plainjson = None if enc_scheme == EncryptionSchemes.SYMKEY: - leap_assert(ENC_IV_KEY in doc.content) - plainjson = decrypt_sym( - ciphertext, - crypto.doc_passphrase(doc.doc_id), - method=doc.content[ENC_METHOD_KEY], - iv=doc.content[ENC_IV_KEY]) + enc_method = doc.content[ENC_METHOD_KEY] + if enc_method == EncryptionMethods.AES_256_CTR: + leap_assert(ENC_IV_KEY in doc.content) + plainjson = decrypt_sym( + ciphertext, + crypto.doc_passphrase(doc.doc_id), + method=enc_method, + iv=doc.content[ENC_IV_KEY]) + else: + raise UnknownEncryptionMethod(enc_method) else: raise UnknownEncryptionScheme(enc_scheme) return plainjson |