summaryrefslogtreecommitdiff
path: root/src/leap/soledad/backends/leap_backend.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/backends/leap_backend.py')
-rw-r--r--src/leap/soledad/backends/leap_backend.py27
1 files changed, 18 insertions, 9 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py
index 51c471eb..9750ffad 100644
--- a/src/leap/soledad/backends/leap_backend.py
+++ b/src/leap/soledad/backends/leap_backend.py
@@ -39,6 +39,10 @@ from leap.common.keymanager import KeyManager
from leap.common.check import leap_assert
+#
+# Exceptions
+#
+
class NoDefaultKey(Exception):
"""
Exception to signal that there's no default OpenPGP key configured.
@@ -84,6 +88,11 @@ class EncryptionSchemes(object):
# Crypto utilities for a LeapDocument.
#
+ENC_JSON_KEY = '_enc_json'
+ENC_SCHEME_KEY = '_enc_scheme'
+MAC_KEY = '_mac'
+
+
def encrypt_doc_json(crypto, doc_id, doc_json):
"""
Return a valid JSON string containing the C{doc} content encrypted to
@@ -92,7 +101,7 @@ def encrypt_doc_json(crypto, doc_id, doc_json):
The returned JSON string is the serialization of the following dictionary:
{
- '_encrypted_json': encrypt_sym(doc_content),
+ ENC_JSON_KEY: encrypt_sym(doc_content),
'_encryption_scheme: 'symkey',
}
@@ -112,8 +121,8 @@ def encrypt_doc_json(crypto, doc_id, doc_json):
if not crypto.is_encrypted_sym(ciphertext):
raise DocumentNotEncrypted('Failed encrypting document.')
return json.dumps({
- '_encrypted_json': ciphertext,
- '_encryption_scheme': EncryptionSchemes.SYMKEY,
+ ENC_JSON_KEY: ciphertext,
+ ENC_SCHEME_KEY: EncryptionSchemes.SYMKEY,
})
@@ -126,8 +135,8 @@ def decrypt_doc_json(crypto, doc_id, doc_json):
following dictionary:
{
- '_encrypted_json': enc_blob,
- '_encryption_scheme': enc_scheme,
+ ENC_JSON_KEY: enc_blob,
+ ENC_SCHEME_KEY: enc_scheme,
}
C{enc_blob} is the encryption of the JSON serialization of the document's
@@ -150,8 +159,8 @@ def decrypt_doc_json(crypto, doc_id, doc_json):
leap_assert(isinstance(doc_json, str))
leap_assert(doc_json != '')
content = json.loads(doc_json)
- ciphertext = content['_encrypted_json']
- enc_scheme = content['_encryption_scheme']
+ ciphertext = content[ENC_JSON_KEY]
+ enc_scheme = content[ENC_SCHEME_KEY]
plainjson = None
if enc_scheme == EncryptionSchemes.SYMKEY:
if not crypto.is_encrypted_sym(ciphertext):
@@ -315,8 +324,8 @@ class LeapSyncTarget(HTTPSyncTarget):
# if arriving content was symmetrically encrypted, we decrypt
# it.
doc = LeapDocument(entry['id'], entry['rev'], entry['content'])
- if doc.content and '_encryption_scheme' in doc.content:
- if doc.content['_encryption_scheme'] == \
+ if doc.content and ENC_SCHEME_KEY in doc.content:
+ if doc.content[ENC_SCHEME_KEY] == \
EncryptionSchemes.SYMKEY:
doc.set_json(
decrypt_doc_json(