"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/Tardis/TardisCrypto.py" between
Tardis-1.1.5.tar.gz and Tardis-1.2.1.tar.gz

About: Tardis is a system for making encrypted, incremental backups of filesystems.

TardisCrypto.py  (Tardis-1.1.5):TardisCrypto.py  (Tardis-1.2.1)
skipping to change at line 280 skipping to change at line 280
def getContentCipher(self, iv): def getContentCipher(self, iv):
return NullCipher() return NullCipher()
def getContentEncryptor(self, iv=None): def getContentEncryptor(self, iv=None):
return NullEncryptor() return NullEncryptor()
def encryptFilename(self, name): def encryptFilename(self, name):
return name return name
def decryptFilename(self, name): def decryptFilename(self, name):
return name if isinstance(name, bytes):
return name.decode('utf8')
else:
return name
def getHash(self, func=hashlib.md5): def getHash(self, func=hashlib.md5):
return func() return func()
def getIV(self): def getIV(self):
return None return None
def pad(self, data, length=None): def pad(self, data, length=None):
return data return data
skipping to change at line 309 skipping to change at line 312
def encryptPath(self, path): def encryptPath(self, path):
return path return path
def decryptPath(self, path): def decryptPath(self, path):
return path return path
def encryptFilename(self, name): def encryptFilename(self, name):
return name return name
def decryptFilename(self, name):
return name
def genKeys(self): def genKeys(self):
pass pass
def setKeys(self, filenameKey, contentKey): def setKeys(self, filenameKey, contentKey):
pass pass
def getKeys(self): def getKeys(self):
return (None, None) return (None, None)
class Crypto_AES_CBC_HMAC__AES_ECB(Crypto_Null): class Crypto_AES_CBC_HMAC__AES_ECB(Crypto_Null):
""" Original Crypto Scheme. """ Original Crypto Scheme.
AES-256 CBC encyrption for files, with HMAC/SHA-512 for authentication. AES-256 CBC encyrption for files, with HMAC/SHA-512 for authentication.
AES-256 ECB for filenames with no authentictaion. AES-256 ECB for filenames with no authentictaion.
No authentication of key values. No authentication of key values.
For backwards compatibility only. For backwards compatibility only.
""" """
_cryptoScheme = '1' _cryptoScheme = '1'
_cryptoName = 'AES-CBC-HMAC/AES-ECB' _cryptoName = 'AES-CBC-HMAC/AES-ECB/PBKDF2'
_contentKey = None _contentKey = None
_filenameKey = None _filenameKey = None
_keyKey = None _keyKey = None
_random = None _random = None
_filenameEnc = None _filenameEnc = None
_fsEncoding = None _fsEncoding = None
_blocksize = AES.block_size _blocksize = AES.block_size
_keysize = AES.key_size[-1] # last (largest) acceptable _keysize _keysize = AES.key_size[-1] # last (largest) acceptable _keysize
_altchars = b'#@' _altchars = b'#@'
skipping to change at line 462 skipping to change at line 462
class Crypto_AES_CBC_HMAC__AES_SIV(Crypto_AES_CBC_HMAC__AES_ECB): class Crypto_AES_CBC_HMAC__AES_SIV(Crypto_AES_CBC_HMAC__AES_ECB):
""" """
Improved crypto scheme. Improved crypto scheme.
Still uses AES-256 CBC with HMAC/SHA-512 Authentication. Still uses AES-256 CBC with HMAC/SHA-512 Authentication.
Changes Filename encryption to using AES-256 SIV encryption and authenticati on. On upgraded systems (ie, Changes Filename encryption to using AES-256 SIV encryption and authenticati on. On upgraded systems (ie,
those formerly using Crypto_AES_CBC_HMAC__AES_ECB), AES-128 SIV encryption a nd authentication is used. those formerly using Crypto_AES_CBC_HMAC__AES_ECB), AES-128 SIV encryption a nd authentication is used.
Uses AES-128 SIV encryption and validation on the keys. Uses AES-128 SIV encryption and validation on the keys.
""" """
_cryptoScheme = '2' _cryptoScheme = '2'
_cryptoName = 'AES-CBC-HMAC/AES-SIV' _cryptoName = 'AES-CBC-HMAC/AES-SIV/scrypt'
def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()): def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()):
super().__init__(password, client, fsencoding) super().__init__(password, client, fsencoding)
def genKeyKey(self, password): def genKeyKey(self, password):
return scrypt(password, self.salt, 32, 65536, 8, 1) return scrypt(password, self.salt, 32, 65536, 8, 1)
def _encryptSIV(self, key, value, name=None): def _encryptSIV(self, key, value, name=None):
cipher = AES.new(key, AES.MODE_SIV) cipher = AES.new(key, AES.MODE_SIV)
if name: if name:
skipping to change at line 522 skipping to change at line 522
else: else:
return (None, None) return (None, None)
class Crypto_AES_GCM__AES_SIV(Crypto_AES_CBC_HMAC__AES_SIV): class Crypto_AES_GCM__AES_SIV(Crypto_AES_CBC_HMAC__AES_SIV):
""" """
Improved crypto scheme. Improved crypto scheme.
Still uses AES-256 GCM for encryption and authentication Still uses AES-256 GCM for encryption and authentication
Uses ASE-256 SIV encryption and authentaction for files Uses ASE-256 SIV encryption and authentaction for files
""" """
_cryptoScheme = '3' _cryptoScheme = '3'
_cryptoName = 'AES-GCM/AES-SIV' _cryptoName = 'AES-GCM/AES-SIV/scrypt'
def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()): def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()):
super().__init__(password, client, fsencoding) super().__init__(password, client, fsencoding)
def getContentCipher(self, iv=None): def getContentCipher(self, iv=None):
if iv is None: if iv is None:
iv = self.getIV() iv = self.getIV()
return AES.new(self._contentKey, AES.MODE_GCM, nonce=iv) return AES.new(self._contentKey, AES.MODE_GCM, nonce=iv)
def getContentEncryptor(self, iv=None): def getContentEncryptor(self, iv=None):
return StreamEncryptor(self.getContentCipher(iv)) return StreamEncryptor(self.getContentCipher(iv))
class Crypto_ChaCha20_Poly1305__AES_SIV(Crypto_AES_CBC_HMAC__AES_SIV): class Crypto_ChaCha20_Poly1305__AES_SIV(Crypto_AES_CBC_HMAC__AES_SIV):
""" """
Improved crypto scheme. Improved crypto scheme.
Uses ChaCha20/Poly1305 for encryption and authentication Uses ChaCha20/Poly1305 for encryption and authentication
Uses ASE-256 SIV encryption and authentaction for files Uses ASE-256 SIV encryption and authentaction for files
""" """
_cryptoScheme = '4' _cryptoScheme = '4'
_cryptoName = 'ChaCha20-Poly1305/AES-SIV' _cryptoName = 'ChaCha20-Poly1305/AES-SIV/scrypt'
ivLength = 12 ivLength = 12
def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()): def __init__(self, password, client=None, fsencoding=sys.getfilesystemencodi ng()):
super().__init__(password, client, fsencoding) super().__init__(password, client, fsencoding)
def getContentCipher(self, iv): def getContentCipher(self, iv):
return ChaCha20_Poly1305.new(key=self._contentKey, nonce=iv) return ChaCha20_Poly1305.new(key=self._contentKey, nonce=iv)
def getContentEncryptor(self, iv=None): def getContentEncryptor(self, iv=None):
 End of changes. 6 change blocks. 
8 lines changed or deleted 8 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)