Improved cryptography API compatibility
This commit is contained in:
parent
95d3346da6
commit
550dfd44cb
@ -14,6 +14,8 @@ from cryptography.hazmat.primitives.asymmetric.x25519 import X25519PrivateKey, X
|
|||||||
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
|
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
|
||||||
from cryptography.fernet import Fernet
|
from cryptography.fernet import Fernet
|
||||||
|
|
||||||
|
cio_default_backend = default_backend()
|
||||||
|
|
||||||
class Identity:
|
class Identity:
|
||||||
"""
|
"""
|
||||||
This class is used to manage identities in Reticulum. It provides methods
|
This class is used to manage identities in Reticulum. It provides methods
|
||||||
@ -392,11 +394,14 @@ class Identity:
|
|||||||
)
|
)
|
||||||
|
|
||||||
shared_key = ephemeral_key.exchange(self.pub)
|
shared_key = ephemeral_key.exchange(self.pub)
|
||||||
derived_key = derived_key = HKDF(
|
|
||||||
|
# TODO: Improve this re-allocation of HKDF
|
||||||
|
derived_key = HKDF(
|
||||||
algorithm=hashes.SHA256(),
|
algorithm=hashes.SHA256(),
|
||||||
length=32,
|
length=32,
|
||||||
salt=self.get_salt(),
|
salt=self.get_salt(),
|
||||||
info=self.get_context(),
|
info=self.get_context(),
|
||||||
|
backend=cio_default_backend,
|
||||||
).derive(shared_key)
|
).derive(shared_key)
|
||||||
|
|
||||||
fernet = Fernet(base64.urlsafe_b64encode(derived_key))
|
fernet = Fernet(base64.urlsafe_b64encode(derived_key))
|
||||||
@ -424,11 +429,14 @@ class Identity:
|
|||||||
peer_pub = X25519PublicKey.from_public_bytes(peer_pub_bytes)
|
peer_pub = X25519PublicKey.from_public_bytes(peer_pub_bytes)
|
||||||
|
|
||||||
shared_key = self.prv.exchange(peer_pub)
|
shared_key = self.prv.exchange(peer_pub)
|
||||||
derived_key = derived_key = HKDF(
|
|
||||||
|
# TODO: Improve this re-allocation of HKDF
|
||||||
|
derived_key = HKDF(
|
||||||
algorithm=hashes.SHA256(),
|
algorithm=hashes.SHA256(),
|
||||||
length=32,
|
length=32,
|
||||||
salt=self.get_salt(),
|
salt=self.get_salt(),
|
||||||
info=self.get_context(),
|
info=self.get_context(),
|
||||||
|
backend=cio_default_backend,
|
||||||
).derive(shared_key)
|
).derive(shared_key)
|
||||||
|
|
||||||
fernet = Fernet(base64.urlsafe_b64encode(derived_key))
|
fernet = Fernet(base64.urlsafe_b64encode(derived_key))
|
||||||
|
@ -15,6 +15,8 @@ import RNS
|
|||||||
|
|
||||||
import traceback
|
import traceback
|
||||||
|
|
||||||
|
cio_default_backend = default_backend()
|
||||||
|
|
||||||
class LinkCallbacks:
|
class LinkCallbacks:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.link_established = None
|
self.link_established = None
|
||||||
@ -199,11 +201,14 @@ class Link:
|
|||||||
def handshake(self):
|
def handshake(self):
|
||||||
self.status = Link.HANDSHAKE
|
self.status = Link.HANDSHAKE
|
||||||
self.shared_key = self.prv.exchange(self.peer_pub)
|
self.shared_key = self.prv.exchange(self.peer_pub)
|
||||||
|
|
||||||
|
# TODO: Improve this re-allocation of HKDF
|
||||||
self.derived_key = HKDF(
|
self.derived_key = HKDF(
|
||||||
algorithm=hashes.SHA256(),
|
algorithm=hashes.SHA256(),
|
||||||
length=32,
|
length=32,
|
||||||
salt=self.get_salt(),
|
salt=self.get_salt(),
|
||||||
info=self.get_context(),
|
info=self.get_context(),
|
||||||
|
backend=cio_default_backend,
|
||||||
).derive(self.shared_key)
|
).derive(self.shared_key)
|
||||||
|
|
||||||
def prove(self):
|
def prove(self):
|
||||||
|
7
RNS/vendor/platformutils.py
vendored
7
RNS/vendor/platformutils.py
vendored
@ -36,3 +36,10 @@ def platform_checks():
|
|||||||
RNS.log("On Windows, Reticulum requires Python 3.8 or higher.", RNS.LOG_ERROR)
|
RNS.log("On Windows, Reticulum requires Python 3.8 or higher.", RNS.LOG_ERROR)
|
||||||
RNS.log("Please update Python to run Reticulum.", RNS.LOG_ERROR)
|
RNS.log("Please update Python to run Reticulum.", RNS.LOG_ERROR)
|
||||||
RNS.panic()
|
RNS.panic()
|
||||||
|
|
||||||
|
def cryptography_old_api():
|
||||||
|
import cryptography
|
||||||
|
if cryptography.__version__ == "2.8":
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return False
|
Loading…
Reference in New Issue
Block a user