Mercurial > libervia-backend
comparison sat/plugins/plugin_sec_otr.py @ 3160:330a5f1d9eea
core (memory/crypto): replaced `PyCrypto` by `cryptography`:
`PyCrypto` is unmaintained for years but was used in SàT for password hashing. This patch
fixes that by replacing `PyCrypto` by the reference `cryptography` module which is well
maintained.
The behaviour stays the same (except that previously async `hash`, `encrypt` and `decrypt`
methods are now synchronous, as they are quick and using a deferToThread may actually be
more resource intensive than using blocking methods).
It is planed to improve `memory.crypto` by using more up-to-date cryptography/hashing
algorithms in the future.
PyCrypto is no more a dependency of SàT
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sun, 09 Feb 2020 23:50:26 +0100 |
| parents | 559a625a236b |
| children | dcebc585c29f |
comparison
equal
deleted
inserted
replaced
| 3159:30e08d904208 | 3160:330a5f1d9eea |
|---|---|
| 246 def savePrivkey(self): | 246 def savePrivkey(self): |
| 247 log.debug("savePrivkey") | 247 log.debug("savePrivkey") |
| 248 if self.privkey is None: | 248 if self.privkey is None: |
| 249 raise exceptions.InternalError(_("Save is called but privkey is None !")) | 249 raise exceptions.InternalError(_("Save is called but privkey is None !")) |
| 250 priv_key = hexlify(self.privkey.serializePrivateKey()) | 250 priv_key = hexlify(self.privkey.serializePrivateKey()) |
| 251 d = self.host.memory.encryptValue(priv_key, self.client.profile) | 251 encrypted_priv_key = self.host.memory.encryptValue(priv_key, self.client.profile) |
| 252 | 252 self.client._otr_data[PRIVATE_KEY] = encrypted_priv_key |
| 253 def save_encrypted_key(encrypted_priv_key): | |
| 254 self.client._otr_data[PRIVATE_KEY] = encrypted_priv_key | |
| 255 | |
| 256 d.addCallback(save_encrypted_key) | |
| 257 | 253 |
| 258 def loadTrusts(self): | 254 def loadTrusts(self): |
| 259 trust_data = self.client._otr_data.get("trust", {}) | 255 trust_data = self.client._otr_data.get("trust", {}) |
| 260 for jid_, jid_data in trust_data.items(): | 256 for jid_, jid_data in trust_data.items(): |
| 261 for fingerprint, trust_level in jid_data.items(): | 257 for fingerprint, trust_level in jid_data.items(): |
| 375 ctxMng = client._otr_context_manager = ContextManager(self, client) | 371 ctxMng = client._otr_context_manager = ContextManager(self, client) |
| 376 client._otr_data = persistent.PersistentBinaryDict(NS_OTR, client.profile) | 372 client._otr_data = persistent.PersistentBinaryDict(NS_OTR, client.profile) |
| 377 yield client._otr_data.load() | 373 yield client._otr_data.load() |
| 378 encrypted_priv_key = client._otr_data.get(PRIVATE_KEY, None) | 374 encrypted_priv_key = client._otr_data.get(PRIVATE_KEY, None) |
| 379 if encrypted_priv_key is not None: | 375 if encrypted_priv_key is not None: |
| 380 priv_key = yield self.host.memory.decryptValue( | 376 priv_key = self.host.memory.decryptValue( |
| 381 encrypted_priv_key, client.profile | 377 encrypted_priv_key, client.profile |
| 382 ) | 378 ) |
| 383 ctxMng.account.privkey = potr.crypt.PK.parsePrivateKey( | 379 ctxMng.account.privkey = potr.crypt.PK.parsePrivateKey( |
| 384 unhexlify(priv_key.encode('utf-8')) | 380 unhexlify(priv_key.encode('utf-8')) |
| 385 )[0] | 381 )[0] |