open.source/magic-wormhole
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

internally, _derive_key now takes bytes

Browse Source 
The w.derive_key(purpose) API still requires unicode.
This commit is contained in:
Brian Warner 2016-05-24 13:31:03 -07:00
parent 7c8e5fb062
commit 97c5d08b6a
1 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/wormhole/wormhole.py
View File

@ -534,7 +534,7 @@ class _Wormhole:
self._event_established_key() self._event_established_key()
def _derive_confirmation_key(self): def _derive_confirmation_key(self):
return self._derive_key(u"wormhole:confirmation") return self._derive_key(b"wormhole:confirmation")
def _event_established_key(self): def _event_established_key(self):
self._timing.add("key established") self._timing.add("key established")
@ -545,7 +545,7 @@ class _Wormhole:
confmsg = make_confmsg(confkey, nonce) confmsg = make_confmsg(confkey, nonce)
self._msg_send(u"confirm", confmsg) self._msg_send(u"confirm", confmsg)
verifier = self._derive_key(u"wormhole:verifier") verifier = self._derive_key(b"wormhole:verifier")
self._event_computed_verifier(verifier) self._event_computed_verifier(verifier)
self._maybe_send_phase_messages() self._maybe_send_phase_messages()
@ -594,7 +594,9 @@ class _Wormhole:
#def _derive_phase_key(self, side, phase): #def _derive_phase_key(self, side, phase):
def _derive_phase_key(self, phase): def _derive_phase_key(self, phase):
return self._derive_key(u"wormhole:phase:%s" % phase) assert isinstance(phase, type(b"")), type(phase)
purpose = b"wormhole:phase:" + phase
return self._derive_key(purpose)
def _maybe_send_phase_messages(self): def _maybe_send_phase_messages(self):
# TODO: deal with reentrant call # TODO: deal with reentrant call
@ -607,7 +609,8 @@ class _Wormhole:
for pm in plaintexts: for pm in plaintexts:
(phase, plaintext) = pm (phase, plaintext) = pm
assert isinstance(phase, int), type(phase) assert isinstance(phase, int), type(phase)
data_key = self._derive_phase_key(u"%d" % phase) phase_bytes = (u"%d" % phase).encode("ascii")
data_key = self._derive_phase_key(phase_bytes)
encrypted = self._encrypt_data(data_key, plaintext) encrypted = self._encrypt_data(data_key, plaintext)
self._msg_send(u"%d" % phase, encrypted) self._msg_send(u"%d" % phase, encrypted)
@ -644,13 +647,14 @@ class _Wormhole:
def _API_derive_key(self, purpose, length): def _API_derive_key(self, purpose, length):
if self._error: raise self._error if self._error: raise self._error
return self._derive_key(purpose, length) if not isinstance(purpose, type(u"")): raise TypeError(type(purpose))
return self._derive_key(to_bytes(purpose), length)
def _derive_key(self, purpose, length=SecretBox.KEY_SIZE): def _derive_key(self, purpose, length=SecretBox.KEY_SIZE):
if not isinstance(purpose, type(u"")): raise TypeError(type(purpose)) if not isinstance(purpose, type(b"")): raise TypeError(type(purpose))
if self._key is None: if self._key is None:
raise UsageError # call derive_key after get_verifier() or get() raise UsageError # call derive_key after get_verifier() or get()
return HKDF(self._key, length, CTXinfo=to_bytes(purpose)) return HKDF(self._key, length, CTXinfo=purpose)
def _response_handle_message(self, msg): def _response_handle_message(self, msg):
side = msg["side"] side = msg["side"]
@ -678,8 +682,9 @@ class _Wormhole:
# It's a phase message, aimed at the application above us. Decrypt # It's a phase message, aimed at the application above us. Decrypt
# and deliver upstairs, notifying anyone waiting on it # and deliver upstairs, notifying anyone waiting on it
phase_bytes = phase.encode("ascii")
try: try:
data_key = self._derive_phase_key(phase) data_key = self._derive_phase_key(phase_bytes)
plaintext = self._decrypt_data(data_key, body) plaintext = self._decrypt_data(data_key, body)
except CryptoError: except CryptoError:
e = WrongPasswordError() e = WrongPasswordError()