summaryrefslogtreecommitdiff
path: root/src/leap/soledad/__init__.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/__init__.py')
-rw-r--r--src/leap/soledad/__init__.py34
1 files changed, 22 insertions, 12 deletions
diff --git a/src/leap/soledad/__init__.py b/src/leap/soledad/__init__.py
index 3b7aadea..6ae82b4d 100644
--- a/src/leap/soledad/__init__.py
+++ b/src/leap/soledad/__init__.py
@@ -28,9 +28,6 @@ remote storage in the server side.
import os
import string
-import hashlib
-import configparser
-import re
import binascii
import logging
try:
@@ -43,6 +40,7 @@ from hashlib import sha256
from leap.common import events
+from leap.common.check import leap_assert
from leap.soledad.config import SoledadConfig
from leap.soledad.backends import sqlcipher
from leap.soledad.backends.leap_backend import (
@@ -121,6 +119,12 @@ class Soledad(object):
The length of the secret used for symmetric encryption.
"""
+ SYMKEY_KEY = '_symkey'
+ ADDRESS_KEY = '_address'
+ """
+ Key used to access symmetric keys in recovery documents.
+ """
+
def __init__(self, address, passphrase, config_path=None,
secret_path=None, local_db_path=None,
shared_db_url=None, auth_token=None, bootstrap=True):
@@ -208,7 +212,7 @@ class Soledad(object):
else:
self._set_symkey(
self._crypto.decrypt_sym(
- doc.content['_symkey'],
+ doc.content[self.KEY_SYMKEY],
passphrase=self._address_hash()))
# Stage 2 - Keys synchronization
self._assert_server_keys()
@@ -416,20 +420,26 @@ class Soledad(object):
"""
Assert our key copies are the same as server's ones.
"""
- assert self._has_keys()
+ leap_assert(
+ self._has_keys(),
+ 'Tried to send keys to server but they don\'t exist in local '
+ 'storage.')
if not self._shared_db:
return
doc = self._fetch_keys_from_shared_db()
if doc:
remote_symkey = self.decrypt_sym(
- doc.content['_symkey'],
+ doc.content[self.SYMKEY_KEY],
passphrase=self._address_hash())
- assert remote_symkey == self._symkey
+ leap_assert(
+ remote_symkey == self._symkey,
+ 'Local and remote symmetric secrets differ!')
else:
events.signal(
events.events_pb2.SOLEDAD_UPLOADING_KEYS, self._address)
content = {
- '_symkey': self.encrypt_sym(self._symkey, self._passphrase),
+ self.SYMKEY_KEY: self.encrypt_sym(
+ self._symkey, self._passphrase),
}
doc = LeapDocument(doc_id=self._address_hash())
doc.content = content
@@ -744,8 +754,8 @@ class Soledad(object):
@rtype: str
"""
data = json.dumps({
- 'address': self._address,
- 'symkey': self._symkey,
+ self.ADDRESS_KEY: self._address,
+ self.SYMKEY_KEY: self._symkey,
})
if passphrase:
data = self._crypto.encrypt_sym(data, passphrase)
@@ -770,8 +780,8 @@ class Soledad(object):
if passphrase:
data = self._crypto.decrypt_sym(data, passphrase=passphrase)
data = json.loads(data)
- self._address = data['address']
- self._symkey = data['symkey']
+ self._address = data[self.ADDRESS_KEY]
+ self._symkey = data[self.SYMKEY_KEY]
self._crypto.symkey = self._symkey
self._store_symkey()
# TODO: make this work well with bootstrap.