Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/pskc
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2016-04-05 18:19:10 +0200
committerArthur de Jong <arthur@arthurdejong.org>2016-04-05 18:22:09 +0200
commit0d7caf150e646724fbca54ac60f4d027b2b34aad (patch)
treeaca4d1f9801b14d8868eb9dcd04d89f1354ec037 /pskc
parent22ba9f158825bd0916552af4d88ec83847d77c38 (diff)
Move algorithm uri handling to separate module
Diffstat (limited to 'pskc')
-rw-r--r--pskc/algorithms.py72
-rw-r--r--pskc/encryption.py52
-rw-r--r--pskc/mac.py2
3 files changed, 75 insertions, 51 deletions
diff --git a/pskc/algorithms.py b/pskc/algorithms.py
new file mode 100644
index 0000000..99760d4
--- /dev/null
+++ b/pskc/algorithms.py
@@ -0,0 +1,72 @@
+# algorithms.py - module for handling algorithm URIs
+# coding: utf-8
+#
+# Copyright (C) 2016 Arthur de Jong
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA
+
+"""Utility module that handles algorthm URIs."""
+
+
+# cannonical URIs of known algorithms
+_algorithms = {
+ 'tripledes-cbc': 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc',
+ 'kw-tripledes': 'http://www.w3.org/2001/04/xmlenc#kw-tripledes',
+ 'aes128-cbc': 'http://www.w3.org/2001/04/xmlenc#aes128-cbc',
+ 'aes192-cbc': 'http://www.w3.org/2001/04/xmlenc#aes192-cbc',
+ 'aes256-cbc': 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
+ 'kw-aes128': 'http://www.w3.org/2001/04/xmlenc#kw-aes128',
+ 'kw-aes192': 'http://www.w3.org/2001/04/xmlenc#kw-aes192',
+ 'kw-aes256': 'http://www.w3.org/2001/04/xmlenc#kw-aes256',
+ 'camellia128': 'http://www.w3.org/2001/04/xmldsig-more#camellia128',
+ 'camellia192': 'http://www.w3.org/2001/04/xmldsig-more#camellia192',
+ 'camellia256': 'http://www.w3.org/2001/04/xmldsig-more#camellia256',
+ 'kw-camellia128': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia128',
+ 'kw-camellia192': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia192',
+ 'kw-camellia256': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia256',
+ 'hmac-md5': 'http://www.w3.org/2001/04/xmldsig-more#hmac-md5',
+ 'hmac-sha1': 'http://www.w3.org/2000/09/xmldsig#hmac-sha1',
+ 'hmac-sha224': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha224',
+ 'hmac-sha256': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256',
+ 'hmac-sha384': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha384',
+ 'hmac-sha512': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha512',
+ 'hmac-ripemd160': 'http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160',
+ 'pbkdf2': 'http://www.rsasecurity.com/rsalabs/pkcs/schemas/' +
+ 'pkcs-5v2-0#pbkdf2',
+}
+
+# translation table to change old encryption names to new names
+_algorithm_aliases = {
+ '3des-cbc': 'tripledes-cbc',
+ '3des112-cbc': 'tripledes-cbc',
+ '3des168-cbc': 'tripledes-cbc',
+ 'kw-3des': 'kw-tripledes',
+ 'pbe-3des112-cbc': 'tripledes-cbc',
+ 'pbe-3des168-cbc': 'tripledes-cbc',
+ 'pbe-aes128-cbc': 'aes128-cbc',
+ 'pbe-aes192-cbc': 'aes192-cbc',
+ 'pbe-aes256-cbc': 'aes256-cbc',
+ 'rsa-1_5': 'rsa-1_5',
+ 'rsa-oaep-mgf1p': 'rsa-oaep-mgf1p',
+}
+
+
+def normalise_algorithm(algorithm):
+ """Return the canonical URI for the provided algorithm."""
+ if not algorithm or algorithm.lower() == 'none':
+ return None
+ algorithm = _algorithm_aliases.get(algorithm.lower(), algorithm)
+ return _algorithms.get(algorithm.rsplit('#', 1)[-1].lower(), algorithm)
diff --git a/pskc/encryption.py b/pskc/encryption.py
index a68169a..aeeb33c 100644
--- a/pskc/encryption.py
+++ b/pskc/encryption.py
@@ -28,56 +28,6 @@ The encryption key can be derived using the KeyDerivation class.
import base64
-# cannonical URIs of known algorithms
-_algorithms = {
- 'tripledes-cbc': 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc',
- 'kw-tripledes': 'http://www.w3.org/2001/04/xmlenc#kw-tripledes',
- 'aes128-cbc': 'http://www.w3.org/2001/04/xmlenc#aes128-cbc',
- 'aes192-cbc': 'http://www.w3.org/2001/04/xmlenc#aes192-cbc',
- 'aes256-cbc': 'http://www.w3.org/2001/04/xmlenc#aes256-cbc',
- 'kw-aes128': 'http://www.w3.org/2001/04/xmlenc#kw-aes128',
- 'kw-aes192': 'http://www.w3.org/2001/04/xmlenc#kw-aes192',
- 'kw-aes256': 'http://www.w3.org/2001/04/xmlenc#kw-aes256',
- 'camellia128': 'http://www.w3.org/2001/04/xmldsig-more#camellia128',
- 'camellia192': 'http://www.w3.org/2001/04/xmldsig-more#camellia192',
- 'camellia256': 'http://www.w3.org/2001/04/xmldsig-more#camellia256',
- 'kw-camellia128': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia128',
- 'kw-camellia192': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia192',
- 'kw-camellia256': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia256',
- 'hmac-md5': 'http://www.w3.org/2001/04/xmldsig-more#hmac-md5',
- 'hmac-sha1': 'http://www.w3.org/2000/09/xmldsig#hmac-sha1',
- 'hmac-sha224': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha224',
- 'hmac-sha256': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256',
- 'hmac-sha384': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha384',
- 'hmac-sha512': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha512',
- 'hmac-ripemd160': 'http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160',
- 'pbkdf2': 'http://www.rsasecurity.com/rsalabs/pkcs/schemas/' +
- 'pkcs-5v2-0#pbkdf2',
-}
-
-# translation table to change old encryption names to new names
-_algorithm_aliases = {
- '3des-cbc': 'tripledes-cbc',
- '3des112-cbc': 'tripledes-cbc',
- '3des168-cbc': 'tripledes-cbc',
- 'kw-3des': 'kw-tripledes',
- 'pbe-3des112-cbc': 'tripledes-cbc',
- 'pbe-3des168-cbc': 'tripledes-cbc',
- 'pbe-aes128-cbc': 'aes128-cbc',
- 'pbe-aes192-cbc': 'aes192-cbc',
- 'pbe-aes256-cbc': 'aes256-cbc',
- 'rsa-1_5': 'rsa-1_5',
- 'rsa-oaep-mgf1p': 'rsa-oaep-mgf1p',
-}
-
-
-def normalise_algorithm(algorithm):
- """Return the canonical URI for the provided algorithm."""
- if not algorithm or algorithm.lower() == 'none':
- return None
- algorithm = _algorithm_aliases.get(algorithm.lower(), algorithm)
- return _algorithms.get(algorithm.rsplit('#', 1)[-1].lower(), algorithm)
-
class KeyDerivation(object):
"""Handle key derivation.
@@ -167,6 +117,7 @@ class KeyDerivation(object):
def setup_pbkdf2(self, password, salt=None, salt_length=16,
key_length=None, iterations=None, prf=None):
from Crypto import Random
+ from pskc.algorithms import normalise_algorithm
self.algorithm = normalise_algorithm('pbkdf2')
if salt is None:
salt = Random.get_random_bytes(salt_length)
@@ -252,6 +203,7 @@ class Encryption(object):
@algorithm.setter
def algorithm(self, value):
+ from pskc.algorithms import normalise_algorithm
self._algorithm = normalise_algorithm(value)
def derive_key(self, password):
diff --git a/pskc/mac.py b/pskc/mac.py
index b4ddd53..56e8cfa 100644
--- a/pskc/mac.py
+++ b/pskc/mac.py
@@ -126,7 +126,7 @@ class MAC(object):
@algorithm.setter
def algorithm(self, value):
- from pskc.encryption import normalise_algorithm
+ from pskc.algorithms import normalise_algorithm
self._algorithm = normalise_algorithm(value)
@property