summaryrefslogtreecommitdiff
path: root/src/leap
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2013-05-21 16:47:18 -0300
committerdrebs <drebs@leap.se>2013-05-21 17:43:22 -0300
commite048f0e7e6a56e289188b02e1205fbb025cb38a6 (patch)
tree3a21302b6a3c392dacc8b04d6e343b1df06e8709 /src/leap
parent0f822e6b75e842bbc086cbcbdd096316533ca7ca (diff)
Add check for encryption method.
Diffstat (limited to 'src/leap')
-rw-r--r--src/leap/soledad/backends/leap_backend.py17
1 files changed, 11 insertions, 6 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py
index 8fa662e9..bb8ee548 100644
--- a/src/leap/soledad/backends/leap_backend.py
+++ b/src/leap/soledad/backends/leap_backend.py
@@ -38,6 +38,7 @@ from u1db.remote.http_target import HTTPSyncTarget
from leap.common.crypto import (
EncryptionMethods,
+ UnknownEncryptionMethod,
encrypt_sym,
decrypt_sym,
)
@@ -242,12 +243,16 @@ def decrypt_doc(crypto, doc):
enc_scheme = doc.content[ENC_SCHEME_KEY]
plainjson = None
if enc_scheme == EncryptionSchemes.SYMKEY:
- leap_assert(ENC_IV_KEY in doc.content)
- plainjson = decrypt_sym(
- ciphertext,
- crypto.doc_passphrase(doc.doc_id),
- method=doc.content[ENC_METHOD_KEY],
- iv=doc.content[ENC_IV_KEY])
+ enc_method = doc.content[ENC_METHOD_KEY]
+ if enc_method == EncryptionMethods.AES_256_CTR:
+ leap_assert(ENC_IV_KEY in doc.content)
+ plainjson = decrypt_sym(
+ ciphertext,
+ crypto.doc_passphrase(doc.doc_id),
+ method=enc_method,
+ iv=doc.content[ENC_IV_KEY])
+ else:
+ raise UnknownEncryptionMethod(enc_method)
else:
raise UnknownEncryptionScheme(enc_scheme)
return plainjson