summaryrefslogtreecommitdiff
path: root/src/leap/soledad/backends/leap_backend.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/backends/leap_backend.py')
-rw-r--r--src/leap/soledad/backends/leap_backend.py17
1 files changed, 11 insertions, 6 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py
index 8fa662e9..bb8ee548 100644
--- a/src/leap/soledad/backends/leap_backend.py
+++ b/src/leap/soledad/backends/leap_backend.py
@@ -38,6 +38,7 @@ from u1db.remote.http_target import HTTPSyncTarget
from leap.common.crypto import (
EncryptionMethods,
+ UnknownEncryptionMethod,
encrypt_sym,
decrypt_sym,
)
@@ -242,12 +243,16 @@ def decrypt_doc(crypto, doc):
enc_scheme = doc.content[ENC_SCHEME_KEY]
plainjson = None
if enc_scheme == EncryptionSchemes.SYMKEY:
- leap_assert(ENC_IV_KEY in doc.content)
- plainjson = decrypt_sym(
- ciphertext,
- crypto.doc_passphrase(doc.doc_id),
- method=doc.content[ENC_METHOD_KEY],
- iv=doc.content[ENC_IV_KEY])
+ enc_method = doc.content[ENC_METHOD_KEY]
+ if enc_method == EncryptionMethods.AES_256_CTR:
+ leap_assert(ENC_IV_KEY in doc.content)
+ plainjson = decrypt_sym(
+ ciphertext,
+ crypto.doc_passphrase(doc.doc_id),
+ method=enc_method,
+ iv=doc.content[ENC_IV_KEY])
+ else:
+ raise UnknownEncryptionMethod(enc_method)
else:
raise UnknownEncryptionScheme(enc_scheme)
return plainjson