diff options
author | Arthur de Jong <arthur@arthurdejong.org> | 2016-04-05 18:19:10 +0200 |
---|---|---|
committer | Arthur de Jong <arthur@arthurdejong.org> | 2016-04-05 18:22:09 +0200 |
commit | 0d7caf150e646724fbca54ac60f4d027b2b34aad (patch) | |
tree | aca4d1f9801b14d8868eb9dcd04d89f1354ec037 /pskc | |
parent | 22ba9f158825bd0916552af4d88ec83847d77c38 (diff) |
Move algorithm uri handling to separate module
Diffstat (limited to 'pskc')
-rw-r--r-- | pskc/algorithms.py | 72 | ||||
-rw-r--r-- | pskc/encryption.py | 52 | ||||
-rw-r--r-- | pskc/mac.py | 2 |
3 files changed, 75 insertions, 51 deletions
diff --git a/pskc/algorithms.py b/pskc/algorithms.py new file mode 100644 index 0000000..99760d4 --- /dev/null +++ b/pskc/algorithms.py @@ -0,0 +1,72 @@ +# algorithms.py - module for handling algorithm URIs +# coding: utf-8 +# +# Copyright (C) 2016 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +"""Utility module that handles algorthm URIs.""" + + +# cannonical URIs of known algorithms +_algorithms = { + 'tripledes-cbc': 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc', + 'kw-tripledes': 'http://www.w3.org/2001/04/xmlenc#kw-tripledes', + 'aes128-cbc': 'http://www.w3.org/2001/04/xmlenc#aes128-cbc', + 'aes192-cbc': 'http://www.w3.org/2001/04/xmlenc#aes192-cbc', + 'aes256-cbc': 'http://www.w3.org/2001/04/xmlenc#aes256-cbc', + 'kw-aes128': 'http://www.w3.org/2001/04/xmlenc#kw-aes128', + 'kw-aes192': 'http://www.w3.org/2001/04/xmlenc#kw-aes192', + 'kw-aes256': 'http://www.w3.org/2001/04/xmlenc#kw-aes256', + 'camellia128': 'http://www.w3.org/2001/04/xmldsig-more#camellia128', + 'camellia192': 'http://www.w3.org/2001/04/xmldsig-more#camellia192', + 'camellia256': 'http://www.w3.org/2001/04/xmldsig-more#camellia256', + 'kw-camellia128': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia128', + 'kw-camellia192': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia192', + 'kw-camellia256': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia256', + 'hmac-md5': 'http://www.w3.org/2001/04/xmldsig-more#hmac-md5', + 'hmac-sha1': 'http://www.w3.org/2000/09/xmldsig#hmac-sha1', + 'hmac-sha224': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha224', + 'hmac-sha256': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256', + 'hmac-sha384': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha384', + 'hmac-sha512': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha512', + 'hmac-ripemd160': 'http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160', + 'pbkdf2': 'http://www.rsasecurity.com/rsalabs/pkcs/schemas/' + + 'pkcs-5v2-0#pbkdf2', +} + +# translation table to change old encryption names to new names +_algorithm_aliases = { + '3des-cbc': 'tripledes-cbc', + '3des112-cbc': 'tripledes-cbc', + '3des168-cbc': 'tripledes-cbc', + 'kw-3des': 'kw-tripledes', + 'pbe-3des112-cbc': 'tripledes-cbc', + 'pbe-3des168-cbc': 'tripledes-cbc', + 'pbe-aes128-cbc': 'aes128-cbc', + 'pbe-aes192-cbc': 'aes192-cbc', + 'pbe-aes256-cbc': 'aes256-cbc', + 'rsa-1_5': 'rsa-1_5', + 'rsa-oaep-mgf1p': 'rsa-oaep-mgf1p', +} + + +def normalise_algorithm(algorithm): + """Return the canonical URI for the provided algorithm.""" + if not algorithm or algorithm.lower() == 'none': + return None + algorithm = _algorithm_aliases.get(algorithm.lower(), algorithm) + return _algorithms.get(algorithm.rsplit('#', 1)[-1].lower(), algorithm) diff --git a/pskc/encryption.py b/pskc/encryption.py index a68169a..aeeb33c 100644 --- a/pskc/encryption.py +++ b/pskc/encryption.py @@ -28,56 +28,6 @@ The encryption key can be derived using the KeyDerivation class. import base64 -# cannonical URIs of known algorithms -_algorithms = { - 'tripledes-cbc': 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc', - 'kw-tripledes': 'http://www.w3.org/2001/04/xmlenc#kw-tripledes', - 'aes128-cbc': 'http://www.w3.org/2001/04/xmlenc#aes128-cbc', - 'aes192-cbc': 'http://www.w3.org/2001/04/xmlenc#aes192-cbc', - 'aes256-cbc': 'http://www.w3.org/2001/04/xmlenc#aes256-cbc', - 'kw-aes128': 'http://www.w3.org/2001/04/xmlenc#kw-aes128', - 'kw-aes192': 'http://www.w3.org/2001/04/xmlenc#kw-aes192', - 'kw-aes256': 'http://www.w3.org/2001/04/xmlenc#kw-aes256', - 'camellia128': 'http://www.w3.org/2001/04/xmldsig-more#camellia128', - 'camellia192': 'http://www.w3.org/2001/04/xmldsig-more#camellia192', - 'camellia256': 'http://www.w3.org/2001/04/xmldsig-more#camellia256', - 'kw-camellia128': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia128', - 'kw-camellia192': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia192', - 'kw-camellia256': 'http://www.w3.org/2001/04/xmldsig-more#kw-camellia256', - 'hmac-md5': 'http://www.w3.org/2001/04/xmldsig-more#hmac-md5', - 'hmac-sha1': 'http://www.w3.org/2000/09/xmldsig#hmac-sha1', - 'hmac-sha224': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha224', - 'hmac-sha256': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha256', - 'hmac-sha384': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha384', - 'hmac-sha512': 'http://www.w3.org/2001/04/xmldsig-more#hmac-sha512', - 'hmac-ripemd160': 'http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160', - 'pbkdf2': 'http://www.rsasecurity.com/rsalabs/pkcs/schemas/' + - 'pkcs-5v2-0#pbkdf2', -} - -# translation table to change old encryption names to new names -_algorithm_aliases = { - '3des-cbc': 'tripledes-cbc', - '3des112-cbc': 'tripledes-cbc', - '3des168-cbc': 'tripledes-cbc', - 'kw-3des': 'kw-tripledes', - 'pbe-3des112-cbc': 'tripledes-cbc', - 'pbe-3des168-cbc': 'tripledes-cbc', - 'pbe-aes128-cbc': 'aes128-cbc', - 'pbe-aes192-cbc': 'aes192-cbc', - 'pbe-aes256-cbc': 'aes256-cbc', - 'rsa-1_5': 'rsa-1_5', - 'rsa-oaep-mgf1p': 'rsa-oaep-mgf1p', -} - - -def normalise_algorithm(algorithm): - """Return the canonical URI for the provided algorithm.""" - if not algorithm or algorithm.lower() == 'none': - return None - algorithm = _algorithm_aliases.get(algorithm.lower(), algorithm) - return _algorithms.get(algorithm.rsplit('#', 1)[-1].lower(), algorithm) - class KeyDerivation(object): """Handle key derivation. @@ -167,6 +117,7 @@ class KeyDerivation(object): def setup_pbkdf2(self, password, salt=None, salt_length=16, key_length=None, iterations=None, prf=None): from Crypto import Random + from pskc.algorithms import normalise_algorithm self.algorithm = normalise_algorithm('pbkdf2') if salt is None: salt = Random.get_random_bytes(salt_length) @@ -252,6 +203,7 @@ class Encryption(object): @algorithm.setter def algorithm(self, value): + from pskc.algorithms import normalise_algorithm self._algorithm = normalise_algorithm(value) def derive_key(self, password): diff --git a/pskc/mac.py b/pskc/mac.py index b4ddd53..56e8cfa 100644 --- a/pskc/mac.py +++ b/pskc/mac.py @@ -126,7 +126,7 @@ class MAC(object): @algorithm.setter def algorithm(self, value): - from pskc.encryption import normalise_algorithm + from pskc.algorithms import normalise_algorithm self._algorithm = normalise_algorithm(value) @property |