summaryrefslogtreecommitdiff
path: root/src/leap/soledad/crypto.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/soledad/crypto.py')
-rw-r--r--src/leap/soledad/crypto.py11
1 files changed, 7 insertions, 4 deletions
diff --git a/src/leap/soledad/crypto.py b/src/leap/soledad/crypto.py
index 0a459293..e020eee6 100644
--- a/src/leap/soledad/crypto.py
+++ b/src/leap/soledad/crypto.py
@@ -95,9 +95,10 @@ class SoledadCrypto(object):
Generate a passphrase for symmetric encryption of document's contents.
The password is derived using HMAC having sha256 as underlying hash
- function. The key used for HMAC is Soledad's storage secret stripped
- from the first MAC_KEY_LENGTH characters. The HMAC message is
- C{doc_id}.
+ function. The key used for HMAC are the first
+ C{soledad.REMOTE_STORAGE_SECRET_KENGTH} bytes of Soledad's storage
+ secret stripped from the first MAC_KEY_LENGTH characters. The HMAC
+ message is C{doc_id}.
@param doc_id: The id of the document that will be encrypted using
this passphrase.
@@ -111,7 +112,9 @@ class SoledadCrypto(object):
if self.secret is None:
raise NoSymmetricSecret()
return hmac.new(
- self.secret[self.MAC_KEY_LENGTH:],
+ self.secret[
+ self.MAC_KEY_LENGTH:
+ self._soledad.REMOTE_STORAGE_SECRET_LENGTH],
doc_id,
hashlib.sha256).digest()
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 09:10:32 +0000