This Python library handles Portable Symmetric Key Container (PSKC) files as defined in RFC 6030. PSKC files are used to transport and provision symmetric keys (seed files) to different types of crypto modules, commonly one-time password tokens or other authentication devices.
This module can be used to extract keys from PSKC files for use in an OTP authentication system. The module can also be used for authoring PSKC files.
The following prints all keys, decrypting the file using a password:
from pskc import PSKC pskc = PSKC('seedfile.pskcxml') pskc.encryption.derive_key('password') for key in pskc.keys: print('%s %s' % (key.serial, b2a_hex(key.secret)))
Creating an encrypted PSKC file can be done using:
pskc = PSKC() pskc.encryption.setup_pbkdf2('password') key = pskc.add_key( id='456', secret='987654321', manufacturer='Manufacturer', algorithm = 'urn:ietf:params:xml:ns:keyprov:pskc:hotp') pskc.write('output.pskcxml')
The module should be able to handle most common PSKC files. More information is available in the online documentation. Support for asymmetric keys, document signatures and supporting older formats is on the wishlist (patches welcome).
Feedback and patches are more than welcome. Please use the python-pskc-users mailing list.
The python-pskc development repository is available through Git with:
git clone https://arthurdejong.org/git/python-pskc
Copyright © 2014-2017 Arthur de Jong
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU Lesser General Public License for more details.
A copy of the GNU Lesser General Public License is available in the download and can be found on the World Wide Web at http://www.gnu.org/licenses/lgpl.html. You can also obtain it by writing to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.