From 2ef514b02fa37a0a2ebac0bb9668543e29033a7f Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Thu, 25 Apr 2013 19:38:44 -0300
Subject: Fix symmetric encryption when syncing.

Also does:

  * Remove all crypto methods from LeapDocument.
  * Encode 'encryption_scheme' inside the document JSON.
  * Add functions for encrypting and decrypting.
  * Fix LeapSyncTarget so its connection actually returns a LeapSyncTarget.
  * Fix symmetric encryption when syncing:
    - don't try to encrypt tombstone documents.
  * Fix symmetric decryption when syncing:
    - Only try do decrypt if the incoming document has an '_encryption_scheme'
      entry with value equal to EncryptionSchemes.PUBKEY.
  * Fix doc skipping for non-syncable docs.
  * Fix tests that compared raw content with encrypted content.
---
 src/leap/soledad/backends/sqlcipher.py | 19 +++++--------------
 1 file changed, 5 insertions(+), 14 deletions(-)

(limited to 'src/leap/soledad/backends/sqlcipher.py')

diff --git a/src/leap/soledad/backends/sqlcipher.py b/src/leap/soledad/backends/sqlcipher.py
index fb5c3e79..f840d809 100644
--- a/src/leap/soledad/backends/sqlcipher.py
+++ b/src/leap/soledad/backends/sqlcipher.py
@@ -100,14 +100,10 @@ class SQLCipherDatabase(sqlite_backend.SQLitePartialExpandDatabase):
         self._crypto = crypto
 
         def factory(doc_id=None, rev=None, json='{}', has_conflicts=False,
-                    encrypted_json=None, syncable=True,
-                    encryption_scheme=EncryptionSchemes.NONE):
+                    syncable=True):
             return LeapDocument(doc_id=doc_id, rev=rev, json=json,
                                 has_conflicts=has_conflicts,
-                                encrypted_json=encrypted_json,
-                                crypto=self._crypto,
-                                syncable=syncable,
-                                encryption_scheme=encryption_scheme)
+                                syncable=syncable)
         self.set_document_factory(factory)
 
     def _check_if_db_is_encrypted(self, sqlcipher_file):
@@ -248,10 +244,6 @@ class SQLCipherDatabase(sqlite_backend.SQLitePartialExpandDatabase):
         c.execute(
             'ALTER TABLE document '
             'ADD COLUMN syncable BOOL NOT NULL DEFAULT TRUE')
-        c.execute(
-            'ALTER TABLE document '
-            'ADD COLUMN encryption_scheme TEXT NOT NULL DEFAULT \'%s\'' %
-            EncryptionSchemes.NONE)
 
     def _put_and_update_indexes(self, old_doc, doc):
         """
@@ -265,9 +257,9 @@ class SQLCipherDatabase(sqlite_backend.SQLitePartialExpandDatabase):
         sqlite_backend.SQLitePartialExpandDatabase._put_and_update_indexes(
             self, old_doc, doc)
         c = self._db_handle.cursor()
-        c.execute('UPDATE document SET syncable=?, encryption_scheme=? '
+        c.execute('UPDATE document SET syncable=? '
                   'WHERE doc_id=?',
-                  (doc.syncable, doc.encryption_scheme, doc.doc_id))
+                  (doc.syncable, doc.doc_id))
 
     def _get_doc(self, doc_id, check_for_conflicts=False):
         """
@@ -287,12 +279,11 @@ class SQLCipherDatabase(sqlite_backend.SQLitePartialExpandDatabase):
             self, doc_id, check_for_conflicts)
         if doc:
             c = self._db_handle.cursor()
-            c.execute('SELECT syncable, encryption_scheme FROM document '
+            c.execute('SELECT syncable FROM document '
                       'WHERE doc_id=?',
                       (doc.doc_id,))
             result = c.fetchone()
             doc.syncable = bool(result[0])
-            doc.encryption_scheme = result[1]
         return doc
 
 sqlite_backend.SQLiteDatabase.register_implementation(SQLCipherDatabase)
-- 
cgit v1.2.3