From d41c6f61a23b1042d2fd3b75686f12033a856cc2 Mon Sep 17 00:00:00 2001 From: Gregory LANG Date: Mon, 27 May 2024 08:46:29 +0200 Subject: [PATCH 1/6] symmetric encryption fixed security issue --- ocean_lib/ocean/crypto.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocean_lib/ocean/crypto.py b/ocean_lib/ocean/crypto.py index 8bf6f2e30..b9b38d664 100644 --- a/ocean_lib/ocean/crypto.py +++ b/ocean_lib/ocean/crypto.py @@ -18,7 +18,7 @@ def calc_symkey(base_str: str) -> str: """Compute a symmetric private key that's a function of the base_str""" base_b = base_str.encode("utf-8") # bytes - hash_b = sha256(base_b) + hash_b = sha256(base_b).hexdigest() symkey_b = b64encode(str(hash_b).encode("ascii"))[:43] + b"=" # bytes symkey = symkey_b.decode("ascii") return symkey From b6ec67530c1344f61c248c5fe88312d49388ba67 Mon Sep 17 00:00:00 2001 From: Gregory LANG Date: Mon, 27 May 2024 16:53:18 +0200 Subject: [PATCH 2/6] Update test_crypto.py add test wrong sym key --- ocean_lib/ocean/test/test_crypto.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ocean_lib/ocean/test/test_crypto.py b/ocean_lib/ocean/test/test_crypto.py index cfc121041..429ee6aaa 100644 --- a/ocean_lib/ocean/test/test_crypto.py +++ b/ocean_lib/ocean/test/test_crypto.py @@ -12,6 +12,8 @@ def test_symkey(): base_str = "foo" symkey = crypto.calc_symkey(base_str) assert isinstance(symkey, str) + wrong_sym_key = calc_symkey("testwrong") + assert wrong_sym_key != sym_key, "NOK : wrong_sym_key is the same as sym_key" @enforce_types From 7b70365592fb90a9da7f134591501b1a925b1bf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C4=83lina=20Cenan?= Date: Tue, 4 Jun 2024 13:59:49 +0300 Subject: [PATCH 3/6] Update crypto.py --- ocean_lib/ocean/crypto.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocean_lib/ocean/crypto.py b/ocean_lib/ocean/crypto.py index b9b38d664..f45289c0b 100644 --- a/ocean_lib/ocean/crypto.py +++ b/ocean_lib/ocean/crypto.py @@ -19,7 +19,7 @@ def calc_symkey(base_str: str) -> str: """Compute a symmetric private key that's a function of the base_str""" base_b = base_str.encode("utf-8") # bytes hash_b = sha256(base_b).hexdigest() - symkey_b = b64encode(str(hash_b).encode("ascii"))[:43] + b"=" # bytes + symkey_b = b64encode(hash_b.encode("ascii"))[:43] + b"=" # bytes symkey = symkey_b.decode("ascii") return symkey From 9cf349b201eff372dc9e443ad60965663c6669e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C4=83lina=20Cenan?= Date: Tue, 4 Jun 2024 14:21:49 +0300 Subject: [PATCH 4/6] Update test_crypto.py --- ocean_lib/ocean/test/test_crypto.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocean_lib/ocean/test/test_crypto.py b/ocean_lib/ocean/test/test_crypto.py index 429ee6aaa..9d21d9348 100644 --- a/ocean_lib/ocean/test/test_crypto.py +++ b/ocean_lib/ocean/test/test_crypto.py @@ -12,7 +12,7 @@ def test_symkey(): base_str = "foo" symkey = crypto.calc_symkey(base_str) assert isinstance(symkey, str) - wrong_sym_key = calc_symkey("testwrong") + wrong_sym_key = crypto.calc_symkey("testwrong") assert wrong_sym_key != sym_key, "NOK : wrong_sym_key is the same as sym_key" From bf03eee169b260a7336678d8cce89d905d0ae49f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C4=83lina=20Cenan?= Date: Tue, 4 Jun 2024 15:17:36 +0300 Subject: [PATCH 5/6] Update test_crypto.py --- ocean_lib/ocean/test/test_crypto.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ocean_lib/ocean/test/test_crypto.py b/ocean_lib/ocean/test/test_crypto.py index 9d21d9348..4c952e072 100644 --- a/ocean_lib/ocean/test/test_crypto.py +++ b/ocean_lib/ocean/test/test_crypto.py @@ -12,8 +12,8 @@ def test_symkey(): base_str = "foo" symkey = crypto.calc_symkey(base_str) assert isinstance(symkey, str) - wrong_sym_key = crypto.calc_symkey("testwrong") - assert wrong_sym_key != sym_key, "NOK : wrong_sym_key is the same as sym_key" + wrong_symkey = crypto.calc_symkey("testwrong") + assert wrong_sym_ey != symkey, "NOK : wrong_sym_key is the same as sym_key" @enforce_types From 79fd9106e7a6b2ee98c329e2554eecae55f5b0b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C4=83lina=20Cenan?= Date: Tue, 4 Jun 2024 15:17:58 +0300 Subject: [PATCH 6/6] Update test_crypto.py --- ocean_lib/ocean/test/test_crypto.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ocean_lib/ocean/test/test_crypto.py b/ocean_lib/ocean/test/test_crypto.py index 4c952e072..a4b4533d7 100644 --- a/ocean_lib/ocean/test/test_crypto.py +++ b/ocean_lib/ocean/test/test_crypto.py @@ -13,7 +13,7 @@ def test_symkey(): symkey = crypto.calc_symkey(base_str) assert isinstance(symkey, str) wrong_symkey = crypto.calc_symkey("testwrong") - assert wrong_sym_ey != symkey, "NOK : wrong_sym_key is the same as sym_key" + assert wrong_symkey != symkey, "NOK : wrong_sym_key is the same as sym_key" @enforce_types