From 26d5b4f30aff0bb3435b516cde8d188c0af334e2 Mon Sep 17 00:00:00 2001 From: drebs Date: Sun, 9 Jun 2013 15:17:51 -0300 Subject: Use pycryptopp for symmetric encryption. --- soledad/src/leap/soledad/crypto.py | 15 ++++++--------- soledad/src/leap/soledad/target.py | 2 +- 2 files changed, 7 insertions(+), 10 deletions(-) (limited to 'soledad/src') diff --git a/soledad/src/leap/soledad/crypto.py b/soledad/src/leap/soledad/crypto.py index bfad66d1..6187b1ab 100644 --- a/soledad/src/leap/soledad/crypto.py +++ b/soledad/src/leap/soledad/crypto.py @@ -27,8 +27,7 @@ import hmac import hashlib -from Crypto.Cipher import AES -from Crypto.Util import Counter +from pycryptopp.cipher.aes import AES from leap.soledad import ( @@ -99,10 +98,9 @@ class SoledadCrypto(object): len(key) == 32, # 32 x 8 = 256 bits. 'Wrong key size: %s bits (must be 256 bits long).' % (len(key) * 8)) - iv = os.urandom(8) - ctr = Counter.new(64, prefix=iv) - cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr) - return binascii.b2a_base64(iv), cipher.encrypt(data) + iv = os.urandom(16) + ciphertext = AES(key=key, iv=iv).process(data) + return binascii.b2a_base64(iv), ciphertext # raise if method is unknown raise UnknownEncryptionMethod('Unkwnown method: %s' % method) @@ -137,9 +135,8 @@ class SoledadCrypto(object): soledad_assert( 'iv' in kwargs, 'AES-256-CTR needs an initial value.') - ctr = Counter.new(64, prefix=binascii.a2b_base64(kwargs['iv'])) - cipher = AES.new(key=key, mode=AES.MODE_CTR, counter=ctr) - return cipher.decrypt(data) + return AES( + key=key, iv=binascii.a2b_base64(kwargs['iv'])).process(data) # raise if method is unknown raise UnknownEncryptionMethod('Unkwnown method: %s' % method) diff --git a/soledad/src/leap/soledad/target.py b/soledad/src/leap/soledad/target.py index 9fac9f54..cad51b74 100644 --- a/soledad/src/leap/soledad/target.py +++ b/soledad/src/leap/soledad/target.py @@ -168,7 +168,7 @@ def encrypt_doc(crypto, doc): soledad_assert(doc.is_tombstone() is False) # encrypt content using AES-256 CTR mode iv, ciphertext = crypto.encrypt_sym( - doc.get_json(), + str(doc.get_json()), # encryption/decryption routines expect str crypto.doc_passphrase(doc.doc_id), method=EncryptionMethods.AES_256_CTR) # Return a representation for the encrypted content. In the following, we -- cgit v1.2.3