From e578d28184f609242c0d7f7f647659063bac8fa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20Borgstr=C3=B6m?= Date: Mon, 8 Jul 2013 14:00:22 +0200 Subject: [PATCH] Remove hashing from PlaintextKey. Not needed since silent disk corruption will be detected by the repository segment checksum. --- darc/key.py | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/darc/key.py b/darc/key.py index 490eef4cd..ef234854c 100644 --- a/darc/key.py +++ b/darc/key.py @@ -73,19 +73,12 @@ def id_hash(self, data): return sha256(data).digest() def encrypt(self, data): - cdata = zlib.compress(data) - hash = sha256(cdata).digest() - return b''.join([self.TYPE_STR, hash, cdata]) + return b''.join([self.TYPE_STR, zlib.compress(data)]) def decrypt(self, id, data): if data[0] != self.TYPE: raise IntegrityError('Invalid encryption envelope') - # This is just a hash and not a hmac but it will at least - # stop unintentionally corrupted data from hitting zlib.decompress() - hash = memoryview(data)[1:33] - if memoryview(sha256(memoryview(data)[33:]).digest()) != hash: - raise IntegrityError('Payload checksum mismatch') - data = zlib.decompress(memoryview(data)[33:]) + data = zlib.decompress(memoryview(data)[1:]) if id and sha256(data).digest() != id: raise IntegrityError('Chunk id verification failed') return data