[Nym3-commit] r178 - trunk/nym3/Client

laurent at conuropsis.org laurent at conuropsis.org
Fri Apr 8 21:43:57 CEST 2005 

Author: laurent
Date: 2005-04-08 21:43:54 +0200 (Fri, 08 Apr 2005)
New Revision: 178

Modified:
   trunk/nym3/Client/Keyring.py
   trunk/nym3/Client/Main.py
Log:
Make Keyring.decrypt/save consistent, fix Keyring usage in Main.


Modified: trunk/nym3/Client/Keyring.py
===================================================================
--- trunk/nym3/Client/Keyring.py	2005-04-08 15:20:25 UTC (rev 177)
+++ trunk/nym3/Client/Keyring.py	2005-04-08 19:43:54 UTC (rev 178)
@@ -26,7 +26,7 @@
 import pickle
 import random
 import nym3.Mail as Mail
-from mixminion.Crypto import sha1, ctr_crypt, AES_KEY_LEN
+from mixminion.Crypto import sha1, ctr_crypt, AES_KEY_LEN, DIGEST_LEN
 
 SALT_LEN = 8
 
@@ -53,21 +53,6 @@
 		self.status = "clear"
 	    else: raise NewKeyring()
 
-    def decrypt(self, passphrase):
-	"""Decrypt the keyring"""
-	salt = self.datastring[:SALT_LEN]
-	key = sha1(salt + passphrase + salt)
-	key = key[:AES_KEY_LEN]
-	clear = ctr_crypt(self.datastring[SALT_LEN:], key)
-	digest = clear[:-DIGEST_LEN]
-	# Should digest really be a digest, or merely a fixed MAGIC
-	# string ? TODO.
-	if sha1(clear + salt) != digest:
-	    raise "Bad password"
-	self.data = pickle.loads(clear)
-	self.status = 'clear'
-	self.passphrase = passphrase
-
     def _get_unused_handle(self):
 	handle = "42"
 	while self.data.has_key(handle):
@@ -92,11 +77,27 @@
 	    salt = salt + chr(random.randint(0, 255))
 	key = sha1(salt + passphrase + salt)[:AES_KEY_LEN]
 	clear = pickle.dumps(self.data)
-	encrypted = ctr_crypt(clear, key)
 	digest = sha1(clear + salt)
+	encrypted = ctr_crypt(clear + digest, key)
 	try:
 	    f = open(self.keyfile, 'w')
-	    f.write(salt + encrypted + digest)
+	    f.write(salt + encrypted)
 	    f.close
 	except IOError:
 	    raise "Duh"
+
+    def decrypt(self, passphrase):
+	"""Decrypt the keyring"""
+	salt = self.datastring[:SALT_LEN]
+	key = sha1(salt + passphrase + salt)
+	key = key[:AES_KEY_LEN]
+	clear = ctr_crypt(self.datastring[SALT_LEN:], key)
+	digest = clear[-DIGEST_LEN:]
+	clear = clear[:-DIGEST_LEN]
+	if sha1(clear + salt) != digest:
+	    return False
+	self.data = pickle.loads(clear)
+	self.status = 'clear'
+	self.passphrase = passphrase
+	return True
+

Modified: trunk/nym3/Client/Main.py
===================================================================
--- trunk/nym3/Client/Main.py	2005-04-08 15:20:25 UTC (rev 177)
+++ trunk/nym3/Client/Main.py	2005-04-08 19:43:54 UTC (rev 178)
@@ -129,9 +129,16 @@
     secring = None
     try:
 	pubring = Keyring.Keyring(config.pubring_path, create = True)
+	pubring.decrypt("nym3")
     except: pass
     try:
 	secring = Keyring.Keyring(config.secring_path)
+	ui.display("You need to provide your passphrase to unlock your keyring")
+	while True:
+		passphrase1 = ui.prompthidden("Passphrase")
+		if secring.decrypt(passphrase1): break
+		ui.display("wrong passphrase")
+
     except Keyring.NewKeyring:
 	# The Keyring is new. We need to ask the user for a password.
 	# Twice.

More information about the Nym3-commit mailing list