Improved cryptography API compatibility

This commit is contained in:
Mark Qvist 2022-03-08 00:38:51 +01:00
parent 95d3346da6
commit 550dfd44cb
4 changed files with 24 additions and 4 deletions

View File

@ -14,6 +14,8 @@ from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey, X
from cryptography.hazmat.primitives.kdf.hkdf import HKDF from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.fernet import Fernet from cryptography.fernet import Fernet
cio_default_backend = default_backend()
class Identity: class Identity:
""" """
This class is used to manage identities in Reticulum. It provides methods This class is used to manage identities in Reticulum. It provides methods
@ -392,11 +394,14 @@ class Identity:
) )
shared_key = ephemeral_key.exchange(self.pub) shared_key = ephemeral_key.exchange(self.pub)
derived_key = derived_key = HKDF(
# TODO: Improve this re-allocation of HKDF
derived_key = HKDF(
algorithm=hashes.SHA256(), algorithm=hashes.SHA256(),
length=32, length=32,
salt=self.get_salt(), salt=self.get_salt(),
info=self.get_context(), info=self.get_context(),
backend=cio_default_backend,
).derive(shared_key) ).derive(shared_key)
fernet = Fernet(base64.urlsafe_b64encode(derived_key)) fernet = Fernet(base64.urlsafe_b64encode(derived_key))
@ -424,11 +429,14 @@ class Identity:
peer_pub = X25519PublicKey.from_public_bytes(peer_pub_bytes) peer_pub = X25519PublicKey.from_public_bytes(peer_pub_bytes)
shared_key = self.prv.exchange(peer_pub) shared_key = self.prv.exchange(peer_pub)
derived_key = derived_key = HKDF(
# TODO: Improve this re-allocation of HKDF
derived_key = HKDF(
algorithm=hashes.SHA256(), algorithm=hashes.SHA256(),
length=32, length=32,
salt=self.get_salt(), salt=self.get_salt(),
info=self.get_context(), info=self.get_context(),
backend=cio_default_backend,
).derive(shared_key) ).derive(shared_key)
fernet = Fernet(base64.urlsafe_b64encode(derived_key)) fernet = Fernet(base64.urlsafe_b64encode(derived_key))

View File

@ -15,6 +15,8 @@ import RNS
import traceback import traceback
cio_default_backend = default_backend()
class LinkCallbacks: class LinkCallbacks:
def __init__(self): def __init__(self):
self.link_established = None self.link_established = None
@ -199,11 +201,14 @@ class Link:
def handshake(self): def handshake(self):
self.status = Link.HANDSHAKE self.status = Link.HANDSHAKE
self.shared_key = self.prv.exchange(self.peer_pub) self.shared_key = self.prv.exchange(self.peer_pub)
# TODO: Improve this re-allocation of HKDF
self.derived_key = HKDF( self.derived_key = HKDF(
algorithm=hashes.SHA256(), algorithm=hashes.SHA256(),
length=32, length=32,
salt=self.get_salt(), salt=self.get_salt(),
info=self.get_context(), info=self.get_context(),
backend=cio_default_backend,
).derive(self.shared_key) ).derive(self.shared_key)
def prove(self): def prove(self):

View File

@ -36,3 +36,10 @@ def platform_checks():
RNS.log("On Windows, Reticulum requires Python 3.8 or higher.", RNS.LOG_ERROR) RNS.log("On Windows, Reticulum requires Python 3.8 or higher.", RNS.LOG_ERROR)
RNS.log("Please update Python to run Reticulum.", RNS.LOG_ERROR) RNS.log("Please update Python to run Reticulum.", RNS.LOG_ERROR)
RNS.panic() RNS.panic()
def cryptography_old_api():
import cryptography
if cryptography.__version__ == "2.8":
return True
else:
return False