Age | Commit message (Collapse) | Author |
|
We have been discussing about this merge for a while.
Its main goal is to simplify things: code navigation, but also
packaging.
The rationale is that the code is more cohesive in this way, and there's
only one source package to install.
Dependencies that are only for the server or the client will not be
installed by default, and they are expected to be provided by the
environment. There are setuptools extras defined for the client and the
server.
Debianization is still expected to split the single source package into
3 binaries.
Another avantage is that the documentation can now install a single
package with a single step, and therefore include the docstrings into
the generated docs.
- Resolves: #8896
|
|
|
|
|
|
Issue #8758 rounded doc size considering we would add some kind of
padding to the document. Since we arent removing the pad, this commit
makes the client discover the size from the decrypted amount. Proper
padding and strip should be done in the future.
- Related: #8758
- Related: #8814
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
use a powers of two ceiling for the reported size in the preamble.
for this to be effective against a passive adversary, cover traffic
should be used in the uploads too.
This is just a first-stop measure; proper research should be done to
determine a good tradeoff between avoiding information leakage and
saving some storage and bandwidth..
- Documentation: #8759
- Related: #8759
|
|
|
|
|
|
Motivation is that I need to pass partial data to the decryptor, mainly.
|
|
With this commit all tests on py34 tox environment
are collected.
|
|
|
|
That's necessary for blobs-io. Current code includes backwards
compatibility branching and tests, which shall be removed on next
releases.
|
|
|
|
Integrated the secrets's JSON key that specifies ciphers into _crypto
and added optional GCM. Also added a test to check if both cipher types
can be imported.
Resolves: #8680
Signed-off-by: Victor Shyba <victor1984@riseup.net>
|
|
Resolves: #8668 - client: substitute usage of CTR mode + HMAC by GCM
cipher mode
Signed-off-by: Victor Shyba <victor1984@riseup.net>
|
|
Our magic value wasn't being used and were represented as a string.
Refactored it to a constant, increased it's size to 2 bytes and optimzed
is_symmetrically_encrypted to look for the magic and symmetrically
encrypted flag under base64 encoding. Most file types will use this
feature to help identifying themselves, so it got refactored to serve
the purpose it was created.
|
|
Naming, interfaces and other details.
|
|
AESWriter and HMACWriter are just applying hmac or aes into a flow of
data. Abstracted the application of those operations into a super class
and highlighted just the difference on each implementation.
|
|
VerifiedEncryptor and VerifiedDecryptor are just a pipe and a fan-out.
This class provides both behaviors to two distinct writeable things.
|
|
After adding the streaming decrypt, some classes were doing almost the
same thing. Unified them.
Also fixed some module level variables to upper case and some class name
to camel case.
|
|
We are already doing this on encryption, now we can stream also from
decryption. This unblocks the reactor and will be valuable for blobs-io.
|
|
We now encode preamble and ciphertext+hmac in two distinct payloads
separated by a space. This allows metadata to be extracted and used
before decoding the whole document.
It also introduces a single packer for packing and unpacking of data
instead of reads and writes. Downside: doc_id and rev are limited to 255
chars now.
|
|
IV was being set during tests and this required some defensive coding to
avoid IV being set in production. This commits makes the test use the
generated IV and "hides" it using a read-only property to let it clear
this should never happen.
Also refactored out some parameters that are generated automatically to
reduce some lines of code and enhance readability.
|
|
Also explaining how we are using Twisted's consumer interfaces.
|
|
Will be removed when we have the proper tool to migrate data.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|