tahoe-lafs/tahoe-lafs
tahoe-lafs
/
tahoe-lafs
2
0
Fork 0
Code Issues Pull Requests 23 Packages Projects Releases 1 Wiki Activity

dirnode.py/_encrypt_rwcap: rename IV to "salt", which is more accurate

This commit is contained in:
Brian Warner 2009-07-13 00:50:25 +01:00
parent c1d5717cf0
commit 7f1d8b7c46
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/allmydata/dirnode.py
View File

@ -195,19 +195,20 @@ class NewDirectoryNode:
def _encrypt_rwcap(self, rwcap): def _encrypt_rwcap(self, rwcap):
assert isinstance(rwcap, str) assert isinstance(rwcap, str)
IV = hashutil.mutable_rwcap_iv_hash(rwcap) salt = hashutil.mutable_rwcap_iv_hash(rwcap)
key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey()) key = hashutil.mutable_rwcap_key_hash(salt, self._node.get_writekey())
cryptor = AES(key) cryptor = AES(key)
crypttext = cryptor.process(rwcap) crypttext = cryptor.process(rwcap)
mac = hashutil.hmac(key, IV + crypttext) mac = hashutil.hmac(key, salt + crypttext)
assert len(mac) == 32 assert len(mac) == 32
return IV + crypttext + mac return salt + crypttext + mac
# The MAC is not checked by readers in Tahoe >= 1.3.0, but we still produce it for the sake of older readers. # The MAC is not checked by readers in Tahoe >= 1.3.0, but we still
# produce it for the sake of older readers.
def _decrypt_rwcapdata(self, encwrcap): def _decrypt_rwcapdata(self, encwrcap):
IV = encwrcap[:16] salt = encwrcap[:16]
crypttext = encwrcap[16:-32] crypttext = encwrcap[16:-32]
key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey()) key = hashutil.mutable_rwcap_key_hash(salt, self._node.get_writekey())
cryptor = AES(key) cryptor = AES(key)
plaintext = cryptor.process(crypttext) plaintext = cryptor.process(crypttext)
return plaintext return plaintext