From 4f6405d6d0cf90b0422cbbf90f924522c7e7f891 Mon Sep 17 00:00:00 2001 From: Philipp Gesang Date: Tue, 27 Jun 2017 10:24:00 +0200 Subject: [PATCH] actually default to i2n mode with crypto.py scrypt And adapt the relevant unit test to explicitly request the full parameters output. --- deltatar/crypto.py | 5 +++-- testing/test_encryption.py | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/deltatar/crypto.py b/deltatar/crypto.py index 18b72f5..1c03742 100755 --- a/deltatar/crypto.py +++ b/deltatar/crypto.py @@ -111,7 +111,7 @@ encryption key from the password ‘foo’ and the salt of the first object in a PDT encrypted file: :: $ crypto.py scrypt foo -i some-file.pdtcrypt - {"scrypt_params": {"r": 8, "dkLen": 16, "p": 1, "N": 65536}, "hash": "b'c2941dfc6e3e65e8e887f1702b1091a3'", "salt": "b'd270b03100d187e2c946610d7b7f7e5f'"} + {"paramversion": 1, "salt": "Cqzbk48e3peEjzWto8D0yA==", "key": "JH9EkMwaM4x9F5aim5gK/Q=="} The computed 16 byte key is given in hexadecimal notation in the value to ``hash`` and can be fed into Python’s ``binascii.unhexlify()`` to obtain the @@ -1237,6 +1237,7 @@ PDTCRYPT_DEFAULT_PVER = 1 # scrypt hashing output control PDTCRYPT_SCRYPT_INTRANATOR = 0 PDTCRYPT_SCRYPT_PARAMETERS = 1 +PDTCRYPT_SCRYPT_DEFAULT = PDTCRYPT_SCRYPT_INTRANATOR PDTCRYPT_SCRYPT_FORMAT = \ { "i2n" : PDTCRYPT_SCRYPT_INTRANATOR @@ -1587,7 +1588,7 @@ def parse_argv (argv): insspec = None outsspec = None nacl = None - scrypt_format = None + scrypt_format = PDTCRYPT_SCRYPT_DEFAULT argvi = iter (argv) SELF = os.path.basename (next (argvi)) diff --git a/testing/test_encryption.py b/testing/test_encryption.py index 5fb328a..26e62e0 100644 --- a/testing/test_encryption.py +++ b/testing/test_encryption.py @@ -193,8 +193,9 @@ class EncryptionTest(BaseTest): # decrypt outer archive layer with crypto.py assert os.path.exists("sample.tar.gz.pdtcrypt") - with subprocess.Popen ( [ "python3", "./deltatar/crypto.py" - , "scrypt", "-i", "sample.tar.gz.pdtcrypt" ] + with subprocess.Popen ( [ "python3", "./deltatar/crypto.py", "scrypt" + , "-f", "params" + , "-i", "sample.tar.gz.pdtcrypt" ] , env={ "PDTCRYPT_PASSWORD" : pw } , stdout=subprocess.PIPE ) as p: @@ -202,7 +203,7 @@ class EncryptionTest(BaseTest): info = json.loads (raw) assert nacl == binascii.unhexlify (info ["salt"]) - key = binascii.unhexlify (info ["hash"]) + key = binascii.unhexlify (info ["key"]) kdf = crypto.kdf_by_version (1) assert key, nacl == kdf (pw.encode (), nacl) -- 1.7.1