| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
This enables support for Python 3 together with Python 2 support with a
single codebase.
On Python 3 key data is passed around as bytestrings which makes the
doctests a little harder to maintain across Python versions.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The find() utility functions now allow specifying multiple paths to be
searched where the first match is returned.
This allows handling PSKC files where the PBKDF2 salt, iteration count,
key length and PRF elements are prefixed with the xenc11 namespace.
A test including such a PSKC file has been included.
Thanks to Eric Plet for reporting this.
|
|
|
|
|
|
| |
This moves the encryption functions under the pskc.crypto package to
more clearly separate it from the other code. Ideally this should be
replaced by third-party library code.
|
|
|
|
|
| |
This makes a simple doctest that checks the writing of the XML
representation of the PSKC data.
|
|
|
|
|
|
| |
This supports setters for the secret, counter, time_offset,
time_interval and time_drift properties. Setting these values stores the
values unencrypted internally.
|
|
|
|
| |
This tests for incomplete, unknown or invalid MACs in PSKC files.
|
|
|
|
|
| |
This adds hmac-sha224, hmac-sha256, hmac-sha384 and hmac-sha512 tests
for values that are encrypted using CBC block cypher modes.
|
|
|
|
|
| |
This adds support for key unwrapping using the RFC 3217 Triple DES key
wrap algorithm if the PSKC file uses this.
|
| |
|
| |
|
|
|
|
|
| |
The test is taken from draft-hoyer-keyprov-pskc-algorithm-profiles-01
modified to fit the schema as described in RFC 6030.
|
|
|
|
|
| |
The test is taken from draft-hoyer-keyprov-pskc-algorithm-profiles-01
modified to be valid XML and to fit the schema as described in RFC 6030.
|
|
|
|
|
| |
The test is taken from draft-hoyer-keyprov-pskc-algorithm-profiles-01
modified to fit the schema as described in RFC 6030.
|
|
|
|
|
| |
The test is taken from draft-hoyer-keyprov-pskc-algorithm-profiles-01
modified to fit the schema as described in RFC 6030.
|
| |
|
|
|
|
|
| |
This adds support for key unwrapping using the RFC 3394 or RFC 5649
algorithm if the PSKC file uses this.
|
|
|
|
| |
This adds a pad argument with which padding can be forced or disabled.
|
| |
|
|
|
|
| |
This also introduces an EncryptionError exception.
|
| |
|
| |
|
|
|
|
|
| |
This tests for unknown or missing algorithms and unknown derivation
parameters.
|
|
|
|
|
| |
This also introduces a toplevel PSKCError exception that all exceptions
have as parent.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
This is the extension that is suggested in RFC6030.
|
|
|
|
|
| |
This tests that, before the PSKC ecnryption is key available, the secret
from the key cannot be extracted.
|
|
|
|
|
|
|
|
|
| |
This documents most of the information that is available per key and
adds a few other minor cosmetic changes.
This also re-organises the key properties to be in a slightly more
logical order and renames the userid key property to key_userid to more
clearly distinguish it from device_userid.
|
| |
|
|
|
|
|
| |
This tests encrypted key derivation using PBKDF2 and a pre-shared
passphrase.
|
|
|
|
| |
This test key encryption with a pre-shared key and MAC checks.
|
|
|
|
| |
This test extraction of key policy information and cross-key references.
|
|
|
|
|
| |
This tests for key profile and key reference properties that can be used
to reference external keys.
|
|
|
|
|
| |
This tests Figure 3 from RFC6030 with a very basic plain text secret key
and some supplementary data.
|
|
|
|
|
| |
This tests Figure 2 from RFC6030 with a very basic plain text secret
key.
|
|
This adds a doctest for the absolute minimum PSKC file that does not
contain any useful information.
|