From 550dfd44cbf98b3b8d0348303b32e7ac1fa8b4b8 Mon Sep 17 00:00:00 2001 From: Mark Qvist Date: Tue, 8 Mar 2022 00:38:51 +0100 Subject: [PATCH] Improved cryptography API compatibility --- RNS/Identity.py | 12 ++++++++++-- RNS/Link.py | 7 ++++++- RNS/_version.py | 2 +- RNS/vendor/platformutils.py | 7 +++++++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/RNS/Identity.py b/RNS/Identity.py index a5bd059..b241cb6 100644 --- a/RNS/Identity.py +++ b/RNS/Identity.py @@ -14,6 +14,8 @@ from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey, X from cryptography.hazmat.primitives.kdf.hkdf import HKDF from cryptography.fernet import Fernet +cio_default_backend = default_backend() + class Identity: """ This class is used to manage identities in Reticulum. It provides methods @@ -392,11 +394,14 @@ class Identity: ) shared_key = ephemeral_key.exchange(self.pub) - derived_key = derived_key = HKDF( + + # TODO: Improve this re-allocation of HKDF + derived_key = HKDF( algorithm=hashes.SHA256(), length=32, salt=self.get_salt(), info=self.get_context(), + backend=cio_default_backend, ).derive(shared_key) fernet = Fernet(base64.urlsafe_b64encode(derived_key)) @@ -424,11 +429,14 @@ class Identity: peer_pub = X25519PublicKey.from_public_bytes(peer_pub_bytes) shared_key = self.prv.exchange(peer_pub) - derived_key = derived_key = HKDF( + + # TODO: Improve this re-allocation of HKDF + derived_key = HKDF( algorithm=hashes.SHA256(), length=32, salt=self.get_salt(), info=self.get_context(), + backend=cio_default_backend, ).derive(shared_key) fernet = Fernet(base64.urlsafe_b64encode(derived_key)) diff --git a/RNS/Link.py b/RNS/Link.py index 9386b84..98a4082 100644 --- a/RNS/Link.py +++ b/RNS/Link.py @@ -15,6 +15,8 @@ import RNS import traceback +cio_default_backend = default_backend() + class LinkCallbacks: def __init__(self): self.link_established = None @@ -199,11 +201,14 @@ class Link: def handshake(self): self.status = Link.HANDSHAKE self.shared_key = self.prv.exchange(self.peer_pub) + + # TODO: Improve this re-allocation of HKDF self.derived_key = HKDF( algorithm=hashes.SHA256(), length=32, salt=self.get_salt(), info=self.get_context(), + backend=cio_default_backend, ).derive(self.shared_key) def prove(self): @@ -1064,4 +1069,4 @@ class RequestReceiptCallbacks: def __init__(self): self.response = None self.failed = None - self.progress = None \ No newline at end of file + self.progress = None diff --git a/RNS/_version.py b/RNS/_version.py index 26eaa49..e19434e 100644 --- a/RNS/_version.py +++ b/RNS/_version.py @@ -1 +1 @@ -__version__ = "0.3.3" \ No newline at end of file +__version__ = "0.3.3" diff --git a/RNS/vendor/platformutils.py b/RNS/vendor/platformutils.py index cb322d0..d8cc705 100644 --- a/RNS/vendor/platformutils.py +++ b/RNS/vendor/platformutils.py @@ -36,3 +36,10 @@ def platform_checks(): RNS.log("On Windows, Reticulum requires Python 3.8 or higher.", RNS.LOG_ERROR) RNS.log("Please update Python to run Reticulum.", RNS.LOG_ERROR) RNS.panic() + +def cryptography_old_api(): + import cryptography + if cryptography.__version__ == "2.8": + return True + else: + return False \ No newline at end of file