use aes_256 instead of des

Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
2025-12-06 12:57:35 +01:00 · 2024-07-06 08:17:22 +02:00
parent 837541dab9
commit e1113f0052
1 changed files with 2 additions and 14 deletions
--- a/smtprd_ng/smtprd.py
+++ b/smtprd_ng/smtprd.py
@@ -172,13 +172,7 @@ class SMTPClient(SMTP):
        Returns:
            bytes: Encrypted message
        """
        # Make a MemoryBuffer of the message.
        buf = BIO.MemoryBuffer(message)
        # Seed the PRNG.
        # Rand.load_file('randpool.dat', -1)
        # Instantiate an SMIME object.
        s = SMIME.SMIME()
        # Load target cert to encrypt to.
@@ -187,9 +181,7 @@ class SMTPClient(SMTP):
        sk.push(x509)
        s.set_x509_stack(sk)
-        # Set cipher: 3-key triple-DES in CBC mode.
+        s.set_cipher(SMIME.Cipher("aes_256_cbc"))
        # TODO: Evaluate later
        s.set_cipher(SMIME.Cipher("des_ede3_cbc"))
        # Encrypt the buffer.
        p7 = s.encrypt(buf)
@@ -197,16 +189,12 @@ class SMTPClient(SMTP):
        # Output p7 in mail-friendly format.
        out = BIO.MemoryBuffer()
        # Add header
        out.write("From: " + self._config.sender + "\r\n")
        out.write("To: " + ", ".join(self._config.recipients) + "\r\n")
        out.write("Subject: " + subject + "\r\n")
        s.write(out, p7)
        # print(out.read().decode())
        # Save the PRNG's state.
        # Rand.save_file('randpool.dat')
        return out.read()
    def _sign(self, message: Message) -> bytes: