##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
fix(encryption): don't be strict on enc format when no enc headers are missing....
super-admin -
r5381:0a39631e default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -43,6 +43,7 b' class InvalidDecryptedValue(str):'
43 content = f'<{cls.__name__}({content[:16]}...)>'
43 content = f'<{cls.__name__}({content[:16]}...)>'
44 return str.__new__(cls, content)
44 return str.__new__(cls, content)
45
45
46
46 KEY_FORMAT = b'enc$aes_hmac${1}'
47 KEY_FORMAT = b'enc$aes_hmac${1}'
47
48
48
49
Show file before | Show file after | Hide comments
@@ -29,12 +29,16 b' class Encryptor(object):'
29 @classmethod
29 @classmethod
30 def detect_enc_algo(cls, enc_data: bytes):
30 def detect_enc_algo(cls, enc_data: bytes):
31 parts = enc_data.split(b'$', 3)
31 parts = enc_data.split(b'$', 3)
32 if len(parts) != 3:
33 raise ValueError(f'Encrypted Data has invalid format, expected {cls.key_format}, got {parts}')
34
32
35 if b'enc$aes_hmac$' in enc_data:
33 if b'enc$aes_hmac$' in enc_data:
34 # we expect this data is encrypted, so validate the header
35 if len(parts) != 3:
36 raise ValueError(f'Encrypted Data has invalid format, expected {cls.key_format}, got `{parts}`')
36 return 'aes'
37 return 'aes'
37 elif b'enc2$salt' in enc_data:
38 elif b'enc2$salt' in enc_data:
39 # we expect this data is encrypted, so validate the header
40 if len(parts) != 3:
41 raise ValueError(f'Encrypted Data has invalid format, expected {cls.key_format}, got `{parts}`')
38 return 'fernet'
42 return 'fernet'
39 return None
43 return None
40
44
@@ -65,7 +69,7 b' class Encryptor(object):'
65 def _get_parts(self, enc_data):
69 def _get_parts(self, enc_data):
66 parts = enc_data.split(b'$', 3)
70 parts = enc_data.split(b'$', 3)
67 if len(parts) != 3:
71 if len(parts) != 3:
68 raise ValueError(f'Encrypted Data has invalid format, expected {self.key_format}, got {parts}')
72 raise ValueError(f'Encrypted Data has invalid format, expected {self.key_format}, got `{parts}`')
69 prefix, salt, enc_data = parts
73 prefix, salt, enc_data = parts
70
74
71 try:
75 try:
General Comments 0
You need to be logged in to leave comments. Login now