Mercurial > libervia-backend
comparison sat/memory/sqlite.py @ 3160:330a5f1d9eea
core (memory/crypto): replaced `PyCrypto` by `cryptography`:
`PyCrypto` is unmaintained for years but was used in SàT for password hashing. This patch
fixes that by replacing `PyCrypto` by the reference `cryptography` module which is well
maintained.
The behaviour stays the same (except that previously async `hash`, `encrypt` and `decrypt`
methods are now synchronous, as they are quick and using a deferToThread may actually be
more resource intensive than using blocking methods).
It is planed to improve `memory.crypto` by using more up-to-date cryptography/hashing
algorithms in the future.
PyCrypto is no more a dependency of SàT
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sun, 09 Feb 2020 23:50:26 +0100 |
| parents | 559a625a236b |
| children | 7255286a298a |
comparison
equal
deleted
inserted
replaced
| 3159:30e08d904208 | 3160:330a5f1d9eea |
|---|---|
| 1631 except IndexError: | 1631 except IndexError: |
| 1632 log.error("Profile of id %d is referenced in 'param_ind' but it doesn't exist!" % profile_id) | 1632 log.error("Profile of id %d is referenced in 'param_ind' but it doesn't exist!" % profile_id) |
| 1633 return defer.succeed(None) | 1633 return defer.succeed(None) |
| 1634 | 1634 |
| 1635 sat_password = xmpp_password | 1635 sat_password = xmpp_password |
| 1636 d1 = PasswordHasher.hash(sat_password) | 1636 sat_cipher = PasswordHasher.hash(sat_password) |
| 1637 personal_key = BlockCipher.getRandomKey(base64=True) | 1637 personal_key = BlockCipher.getRandomKey(base64=True) |
| 1638 d2 = BlockCipher.encrypt(sat_password, personal_key) | 1638 personal_cipher = BlockCipher.encrypt(sat_password, personal_key) |
| 1639 d3 = BlockCipher.encrypt(personal_key, xmpp_password) | 1639 xmpp_cipher = BlockCipher.encrypt(personal_key, xmpp_password) |
| 1640 | 1640 |
| 1641 def gotValues(res): | 1641 ret.append("INSERT INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" % |
| 1642 sat_cipher, personal_cipher, xmpp_cipher = res[0][1], res[1][1], res[2][1] | 1642 (C.PROFILE_PASS_PATH[0], C.PROFILE_PASS_PATH[1], id_, sat_cipher)) |
| 1643 ret.append("INSERT INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" % | 1643 |
| 1644 (C.PROFILE_PASS_PATH[0], C.PROFILE_PASS_PATH[1], id_, sat_cipher)) | 1644 ret.append("INSERT INTO private_ind(namespace,key,profile_id,value) VALUES ('%s','%s',%s,'%s')" % |
| 1645 | 1645 (C.MEMORY_CRYPTO_NAMESPACE, C.MEMORY_CRYPTO_KEY, id_, personal_cipher)) |
| 1646 ret.append("INSERT INTO private_ind(namespace,key,profile_id,value) VALUES ('%s','%s',%s,'%s')" % | 1646 |
| 1647 (C.MEMORY_CRYPTO_NAMESPACE, C.MEMORY_CRYPTO_KEY, id_, personal_cipher)) | 1647 ret.append("REPLACE INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" % |
| 1648 | 1648 (xmpp_pass_path[0], xmpp_pass_path[1], id_, xmpp_cipher)) |
| 1649 ret.append("REPLACE INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" % | 1649 |
| 1650 (xmpp_pass_path[0], xmpp_pass_path[1], id_, xmpp_cipher)) | |
| 1651 | |
| 1652 return defer.DeferredList([d1, d2, d3]).addCallback(gotValues) | |
| 1653 | 1650 |
| 1654 for profile_id, xmpp_password in values: | 1651 for profile_id, xmpp_password in values: |
| 1655 d = self.dbpool.runQuery("SELECT id FROM profiles WHERE id=?", (profile_id,)) | 1652 d = self.dbpool.runQuery("SELECT id FROM profiles WHERE id=?", (profile_id,)) |
| 1656 d.addCallback(prepare_queries, xmpp_password) | 1653 d.addCallback(prepare_queries, xmpp_password) |
| 1657 list_.append(d) | 1654 list_.append(d) |