6
Refactor encryption logic to fix type-checking and improve tests (CryptoUtil 3/3...
source link: https://github.com/freedomofpress/securedrop/pull/6160
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Status
Ready.
Description of Changes
This is the last PR for refactoring CryptoUtil and fixing type-checking, as described in #5599.
More specifically:
- It hides the low-level encryption and decryption methods (
encrypt()
anddecrypt()
) by making them private. Instead, only higher-level, public methods can be used such asencrypt_source_file()
,decrypt_journalist_reply()
, etc.- This makes it easier to understand the crypto-related code, and also to write/maintain it. Previously, it was easy to make a mistake when using
encrypt()
ordecrypt()
, for example by providing the wrong fingerprints.
- This makes it easier to understand the crypto-related code, and also to write/maintain it. Previously, it was easy to make a mistake when using
- It makes the test suite for the crypto-related code a bit more comprehensive. For example:
- It ensures that encrypted data can only be decrypted by the specific keys that were the intended recipients. This is what uncovered the issue described in #6174 .
- It no longer imports the journalist secret key when setting up GPG for the test suite. Instead the secret key is imported (and then removed) in the specific tests that need it.
All reactions
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK