From 1d7d6a4a3979c7fd19bdbdfdb05f39f7c7d432d1 Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Thu, 13 Dec 2012 13:29:17 -0200
Subject: Change name of cyphertext field to something more meaningful.

---
 backends/leap.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'backends')

diff --git a/backends/leap.py b/backends/leap.py
index ce00c8f3..c113f5c2 100644
--- a/backends/leap.py
+++ b/backends/leap.py
@@ -43,13 +43,13 @@ class LeapDocument(Document):
                                        self._default_key,
                                        always_trust = True)
                                        # TODO: always trust?
-        return json.dumps({'cyphertext' : str(cyphertext)})
+        return json.dumps({'_encrypted_json' : str(cyphertext)})
 
     def set_encrypted_json(self, encrypted_json):
         """
         Set document's content based on encrypted version of json string.
         """
-        cyphertext = json.loads(encrypted_json)['cyphertext']
+        cyphertext = json.loads(encrypted_json)['_encrypted_json']
         plaintext = str(self._gpg.decrypt(cyphertext))
         return self.set_json(plaintext)
 
@@ -97,6 +97,7 @@ class LeapSyncTarget(HTTPSyncTarget):
                     raise BrokenSyncStream
                 line, comma = utils.check_and_strip_comma(entry)
                 entry = json.loads(line)
+                # decrypt after receiving from server.
                 doc = LeapDocument(entry['id'], entry['rev'],
                                    encrypted_json=entry['content'])
                 return_doc_cb(doc, entry['gen'], entry['trans_id'])
@@ -142,6 +143,7 @@ class LeapSyncTarget(HTTPSyncTarget):
             ensure=ensure_callback is not None)
         comma = ','
         for doc, gen, trans_id in docs_by_generations:
+            # encrypt before sending to server.
             size += prepare(id=doc.doc_id, rev=doc.rev,
                             content=doc.get_encrypted_json(),
                             gen=gen, trans_id=trans_id)
-- 
cgit v1.2.3


From a6c935968310ff643d02198e4017d6aba0697e18 Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Thu, 13 Dec 2012 13:46:27 -0200
Subject: Enforce password on SQLCipher backend.

---
 backends/sqlcipher.py | 27 ++++++++++++---------------
 1 file changed, 12 insertions(+), 15 deletions(-)

(limited to 'backends')

diff --git a/backends/sqlcipher.py b/backends/sqlcipher.py
index 301d4a7f..6fd6e619 100644
--- a/backends/sqlcipher.py
+++ b/backends/sqlcipher.py
@@ -54,7 +54,7 @@ def open(path, create, document_factory=None, password=None):
     """
     from u1db.backends import sqlite_backend
     return sqlite_backend.SQLCipherDatabase.open_database(
-        path, create=create, document_factory=document_factory, password=password)
+        path, password, create=create, document_factory=document_factory)
 
 
 class SQLCipherDatabase(SQLitePartialExpandDatabase):
@@ -67,17 +67,16 @@ class SQLCipherDatabase(SQLitePartialExpandDatabase):
     def set_pragma_key(cls, db_handle, key):
        db_handle.cursor().execute("PRAGMA key = '%s'" % key)
 
-    def __init__(self, sqlite_file, document_factory=None, password=None):
+    def __init__(self, sqlite_file, password, document_factory=None):
         """Create a new sqlite file."""
         self._db_handle = dbapi2.connect(sqlite_file)
-        if password:
-            SQLiteDatabase.set_pragma_key(self._db_handle, password)
+        SQLCipherDatabase.set_pragma_key(self._db_handle, password)
         self._real_replica_uid = None
         self._ensure_schema()
         self._factory = document_factory or Document
 
     @classmethod
-    def _open_database(cls, sqlite_file, document_factory=None, password=None):
+    def _open_database(cls, sqlite_file, password, document_factory=None):
         if not os.path.isfile(sqlite_file):
             raise errors.DatabaseDoesNotExist()
         tries = 2
@@ -86,8 +85,7 @@ class SQLCipherDatabase(SQLitePartialExpandDatabase):
             #       where without re-opening the database on Windows, it
             #       doesn't see the transaction that was just committed
             db_handle = dbapi2.connect(sqlite_file)
-            if password:
-                SQLiteDatabase.set_pragma_key(db_handle, password)
+            SQLCipherDatabase.set_pragma_key(db_handle, password)
             c = db_handle.cursor()
             v, err = cls._which_index_storage(c)
             db_handle.close()
@@ -100,23 +98,22 @@ class SQLCipherDatabase(SQLitePartialExpandDatabase):
             tries -= 1
             time.sleep(cls.WAIT_FOR_PARALLEL_INIT_HALF_INTERVAL)
         return SQLCipherDatabase._sqlite_registry[v](
-            sqlite_file, document_factory=document_factory)
+            sqlite_file, password, document_factory=document_factory)
 
     @classmethod
-    def open_database(cls, sqlite_file, create, backend_cls=None,
-                      document_factory=None, password=None):
+    def open_database(cls, sqlite_file, password, create, backend_cls=None,
+                      document_factory=None):
         try:
-            return cls._open_database(sqlite_file,
-                                      document_factory=document_factory,
-                                      password=password)
+            return cls._open_database(sqlite_file, password,
+                                      document_factory=document_factory)
         except errors.DatabaseDoesNotExist:
             if not create:
                 raise
             if backend_cls is None:
                 # default is SQLCipherPartialExpandDatabase
                 backend_cls = SQLCipherDatabase
-            return backend_cls(sqlite_file, document_factory=document_factory,
-                               password=password)
+            return backend_cls(sqlite_file, password,
+                               document_factory=document_factory)
 
     @staticmethod
     def register_implementation(klass):
-- 
cgit v1.2.3