| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Related to https://github.com/arthurdejong/python-pskc/issues/5
|
| |
|
|
|
|
|
|
|
|
| |
In some cases a PSKC file can be written with a MAC algorithm but
without a MAC key. This is possible when the MAC key is not supplied
(allowed in older PSKC versions) and a fallback to the encryption key is
done. If we have not yet decrypted the file the MAC key is not yet
available and so can't be included in the written file.
|
|
|
|
|
|
|
| |
This ensures that the encryption IV, which should be per encrypted value
is written out per encrypted value instead of globally. This is mostly
useful for when reading an old format PSKC file and writing out a RFC
6030 compliant one.
|
|
|
|
|
| |
This adds a function to decrypt all values and remove the encryption of
an encrypted PSKC file.
|
|
|
|
|
|
| |
This ignores the namespace declarations in the generated XML files
because not all implementations on all environments write these in the
same order.
|
|
|
|
|
| |
This makes the old name (pin_max_failed_attemtps) available as a
deprecated property.
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the way encrypted values are stored internally before being
decrypted. For example, the internal _secret property can now be a
decrypted plain value or an EncryptedValue instance instead of always
being a DataType, simplifying some things (e.g. all XML
encoding/decoding is now done in the corresponding module).
This should not change the public API but does have consequences for
those who use custom serialisers or parsers.
|
|
|
|
|
|
| |
This uses os.urandom() as a source for random data and replaces other
utility functions. This also removes one import for getting the lengths
of Tripple DES keys.
|
|
|
|
|
|
| |
This avoids a using xml.dom.minidom to indent the XML tree and keep the
attributes ordered alphabetically. This also allows for customisations
to the XML formatting.
|
|
|
|
|
|
|
| |
The PBKDF2 salt was saved in the wrong way (b'base64encodeddata' instead
of base64encodeddata) when using Python 3. This fixes that problem and
tests that saving and loading of a file that uses PBKDF2 key derivation
works.
|
|
|
|
|
| |
This ensures that the files that are read in the test suite are properly
closed to avoid leaking open file descriptors.
|
|
|
|
|
|
|
|
| |
This allows having multiple keys per device while also maintaining the
previous API.
Note that having multiple keys per device is not allowed by the RFC 6030
schema but is allowed by some older internet drafts.
|
|
|
|
| |
This enables branch coverage testing and adds tests to improve coverage.
|
| |
|
| |
|
|
|
|
|
|
| |
This writes information about a pre-shared key or PBKDF2 key derivation
in the PSKC file. This also means that writing a decrypted version of a
previously encrypted file requires actively removing the encryption.
|
| |
|
|
|
|
|
| |
This supports writing the XML output to binary streams as well as text
streams in Python 3.
|
|
|
|
|
|
|
|
|
|
| |
This adds tests to ensure that incorrect attribute and value types in
the PSKC file raise a ValueError exception and extends the tests for
invalid encryption options.
This removes some code or adds no cover directives to a few places that
have unreachable code or are Python version specific and places doctest
directives inside the doctests where needed.
|
|
|
|
|
| |
This puts the test PSKC files in subdirectories so they can be organised
more cleanly.
|
|
|
|
|
| |
This fixes a problem with writing a PSKC file that is based on a read
file that was encrypted.
|
|
|
|
|
|
|
|
| |
This enables support for Python 3 together with Python 2 support with a
single codebase.
On Python 3 key data is passed around as bytestrings which makes the
doctests a little harder to maintain across Python versions.
|
|
This makes a simple doctest that checks the writing of the XML
representation of the PSKC data.
|