Mercurial > libervia-backend

diff sat/memory/sqlite.py @ 3160:330a5f1d9eea

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
core (memory/crypto): replaced `PyCrypto` by `cryptography`: `PyCrypto` is unmaintained for years but was used in SàT for password hashing. This patch fixes that by replacing `PyCrypto` by the reference `cryptography` module which is well maintained. The behaviour stays the same (except that previously async `hash`, `encrypt` and `decrypt` methods are now synchronous, as they are quick and using a deferToThread may actually be more resource intensive than using blocking methods). It is planed to improve `memory.crypto` by using more up-to-date cryptography/hashing algorithms in the future. PyCrypto is no more a dependency of SàT
author Goffi <goffi@goffi.org>
date Sun, 09 Feb 2020 23:50:26 +0100
parents 559a625a236b
children 7255286a298a
line wrap: on
line diff
--- a/sat/memory/sqlite.py	Sun Feb 09 23:50:21 2020 +0100
+++ b/sat/memory/sqlite.py	Sun Feb 09 23:50:26 2020 +0100
@@ -1633,23 +1633,20 @@
                     return defer.succeed(None)
 
                 sat_password = xmpp_password
-                d1 = PasswordHasher.hash(sat_password)
+                sat_cipher = PasswordHasher.hash(sat_password)
                 personal_key = BlockCipher.getRandomKey(base64=True)
-                d2 = BlockCipher.encrypt(sat_password, personal_key)
-                d3 = BlockCipher.encrypt(personal_key, xmpp_password)
+                personal_cipher = BlockCipher.encrypt(sat_password, personal_key)
+                xmpp_cipher = BlockCipher.encrypt(personal_key, xmpp_password)
 
-                def gotValues(res):
-                    sat_cipher, personal_cipher, xmpp_cipher = res[0][1], res[1][1], res[2][1]
-                    ret.append("INSERT INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
-                               (C.PROFILE_PASS_PATH[0], C.PROFILE_PASS_PATH[1], id_, sat_cipher))
+                ret.append("INSERT INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
+                           (C.PROFILE_PASS_PATH[0], C.PROFILE_PASS_PATH[1], id_, sat_cipher))
 
-                    ret.append("INSERT INTO private_ind(namespace,key,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
-                               (C.MEMORY_CRYPTO_NAMESPACE, C.MEMORY_CRYPTO_KEY, id_, personal_cipher))
+                ret.append("INSERT INTO private_ind(namespace,key,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
+                           (C.MEMORY_CRYPTO_NAMESPACE, C.MEMORY_CRYPTO_KEY, id_, personal_cipher))
 
-                    ret.append("REPLACE INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
-                               (xmpp_pass_path[0], xmpp_pass_path[1], id_, xmpp_cipher))
+                ret.append("REPLACE INTO param_ind(category,name,profile_id,value) VALUES ('%s','%s',%s,'%s')" %
+                           (xmpp_pass_path[0], xmpp_pass_path[1], id_, xmpp_cipher))
 
-                return defer.DeferredList([d1, d2, d3]).addCallback(gotValues)
 
             for profile_id, xmpp_password in values:
                 d = self.dbpool.runQuery("SELECT id FROM profiles WHERE id=?", (profile_id,))