diff options
Diffstat (limited to 'src/leap/soledad/backends/leap_backend.py')
-rw-r--r-- | src/leap/soledad/backends/leap_backend.py | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py index 51c471eb..9750ffad 100644 --- a/src/leap/soledad/backends/leap_backend.py +++ b/src/leap/soledad/backends/leap_backend.py @@ -39,6 +39,10 @@ from leap.common.keymanager import KeyManager from leap.common.check import leap_assert +# +# Exceptions +# + class NoDefaultKey(Exception): """ Exception to signal that there's no default OpenPGP key configured. @@ -84,6 +88,11 @@ class EncryptionSchemes(object): # Crypto utilities for a LeapDocument. # +ENC_JSON_KEY = '_enc_json' +ENC_SCHEME_KEY = '_enc_scheme' +MAC_KEY = '_mac' + + def encrypt_doc_json(crypto, doc_id, doc_json): """ Return a valid JSON string containing the C{doc} content encrypted to @@ -92,7 +101,7 @@ def encrypt_doc_json(crypto, doc_id, doc_json): The returned JSON string is the serialization of the following dictionary: { - '_encrypted_json': encrypt_sym(doc_content), + ENC_JSON_KEY: encrypt_sym(doc_content), '_encryption_scheme: 'symkey', } @@ -112,8 +121,8 @@ def encrypt_doc_json(crypto, doc_id, doc_json): if not crypto.is_encrypted_sym(ciphertext): raise DocumentNotEncrypted('Failed encrypting document.') return json.dumps({ - '_encrypted_json': ciphertext, - '_encryption_scheme': EncryptionSchemes.SYMKEY, + ENC_JSON_KEY: ciphertext, + ENC_SCHEME_KEY: EncryptionSchemes.SYMKEY, }) @@ -126,8 +135,8 @@ def decrypt_doc_json(crypto, doc_id, doc_json): following dictionary: { - '_encrypted_json': enc_blob, - '_encryption_scheme': enc_scheme, + ENC_JSON_KEY: enc_blob, + ENC_SCHEME_KEY: enc_scheme, } C{enc_blob} is the encryption of the JSON serialization of the document's @@ -150,8 +159,8 @@ def decrypt_doc_json(crypto, doc_id, doc_json): leap_assert(isinstance(doc_json, str)) leap_assert(doc_json != '') content = json.loads(doc_json) - ciphertext = content['_encrypted_json'] - enc_scheme = content['_encryption_scheme'] + ciphertext = content[ENC_JSON_KEY] + enc_scheme = content[ENC_SCHEME_KEY] plainjson = None if enc_scheme == EncryptionSchemes.SYMKEY: if not crypto.is_encrypted_sym(ciphertext): @@ -315,8 +324,8 @@ class LeapSyncTarget(HTTPSyncTarget): # if arriving content was symmetrically encrypted, we decrypt # it. doc = LeapDocument(entry['id'], entry['rev'], entry['content']) - if doc.content and '_encryption_scheme' in doc.content: - if doc.content['_encryption_scheme'] == \ + if doc.content and ENC_SCHEME_KEY in doc.content: + if doc.content[ENC_SCHEME_KEY] == \ EncryptionSchemes.SYMKEY: doc.set_json( decrypt_doc_json( |