Exemple #1
0
 def parse_encryption(cls, encryption, key_info):
     """Read encryption information from the <EncryptionKey> XML tree."""
     if key_info is None:
         return
     encryption.id = key_info.get('Id')
     encryption.algorithm = (
         key_info.get('Algorithm') or
         key_info.get('algorithm') or
         encryption.algorithm)
     for name in findall(key_info,
                         'KeyName', 'DerivedKey/MasterKeyName',
                         'DerivedKey/CarriedKeyName'):
         encryption.key_names.append(findtext(name, '.'))
     encryption.iv = findbin(key_info, 'IV') or encryption.iv
     cls.parse_key_derivation(encryption.derivation, find(
         key_info, 'DerivedKey/KeyDerivationMethod'))
     encryption.derivation.pbkdf2_salt = (
         findbin(key_info, 'PBESalt') or encryption.derivation.pbkdf2_salt)
     encryption.derivation.pbkdf2_iterations = (
         findint(key_info, 'PBEIterationCount') or
         encryption.derivation.pbkdf2_iterations)
     algorithm = (
         key_info.get('Algorithm') or key_info.get('algorithm') or '')
     if (algorithm.lower().startswith('pbe') and
             not encryption.derivation.algorithm):
         encryption.derivation.algorithm = 'pbkdf2'
         encryption.derivation.pbkdf2_key_length = (
             encryption.derivation.pbkdf2_key_length or
             encryption.algorithm_key_lengths[0])
Exemple #2
0
 def parse_key_derivation(cls, derivation, key_derivation):
     """Read derivation parameters from a <KeyDerivationMethod> element."""
     if key_derivation is None:
         return
     derivation.algorithm = key_derivation.get('Algorithm')
     # PBKDF2 properties
     pbkdf2 = find(key_derivation, 'PBKDF2-params')
     if pbkdf2 is not None:
         # get used salt
         derivation.pbkdf2_salt = findbin(pbkdf2, 'Salt/Specified')
         # required number of iterations
         derivation.pbkdf2_iterations = findint(pbkdf2, 'IterationCount')
         # key length
         derivation.pbkdf2_key_length = findint(pbkdf2, 'KeyLength')
         # pseudorandom function used
         prf = find(pbkdf2, 'PRF')
         if prf is not None:
             derivation.pbkdf2_prf = prf.get('Algorithm')
Exemple #3
0
 def parse(self, key_deriviation):
     """Read derivation parameters from a <KeyDerivationMethod> element."""
     from pskc.xml import find, findint, findbin
     if key_deriviation is None:
         return
     self.algorithm = key_deriviation.get('Algorithm')
     # PBKDF2 properties
     pbkdf2 = find(
         key_deriviation, 'xenc11:PBKDF2-params', 'pkcs5:PBKDF2-params')
     if pbkdf2 is not None:
         # get used salt
         self.pbkdf2_salt = findbin(
             pbkdf2, 'Salt/Specified', 'xenc11:Salt/xenc11:Specified')
         # required number of iterations
         self.pbkdf2_iterations = findint(
             pbkdf2, 'IterationCount', 'xenc11:IterationCount')
         # key length
         self.pbkdf2_key_length = findint(
             pbkdf2, 'KeyLength', 'xenc11:KeyLength')
         # pseudorandom function used
         prf = find(pbkdf2, 'PRF', 'xenc11:PRF')
         if prf is not None:
             self.pbkdf2_prf = prf.get('Algorithm')
Exemple #4
0
    def parse_policy(cls, policy, policy_elm):
        """Read key policy information from the provided <Policy> tree."""
        if policy_elm is None:
            return

        policy.start_date = findtime(policy_elm, 'StartDate')
        policy.expiry_date = findtime(policy_elm, 'ExpiryDate')
        policy.number_of_transactions = findint(
            policy_elm, 'NumberOfTransactions')
        for key_usage in findall(policy_elm, 'KeyUsage'):
            policy.key_usage.append(findtext(key_usage, '.'))

        pin_policy_elm = find(policy_elm, 'PINPolicy')
        if pin_policy_elm is not None:
            policy.pin_key_id = pin_policy_elm.get('PINKeyId')
            policy.pin_usage = pin_policy_elm.get('PINUsageMode')
            policy.pin_max_failed_attempts = getint(
                pin_policy_elm, 'MaxFailedAttempts')
            policy.pin_min_length = getint(pin_policy_elm, 'MinLength')
            policy.pin_max_length = getint(pin_policy_elm, 'MaxLength')
            policy.pin_encoding = pin_policy_elm.get('PINEncoding')
            # check for child elements
            if list(pin_policy_elm):
                policy.unknown_policy_elements = True
            # check for unknown attributes
            known_attributes = set([
                'PINKeyId', 'PINUsageMode', 'MaxFailedAttempts', 'MinLength',
                'MaxLength', 'PINEncoding'])
            if set(pin_policy_elm.keys()) - known_attributes:
                policy.unknown_policy_elements = True

        # check for other child elements
        known_children = set([
            'StartDate', 'ExpiryDate', 'NumberOfTransactions', 'KeyUsage',
            'PINPolicy'])
        for child in policy_elm:
            if child.tag not in known_children:
                policy.unknown_policy_elements = True
Exemple #5
0
    def parse(self, policy):
        """Read key policy information from the provided <Policy> tree."""
        from pskc.xml import (
            find, findall, findtext, findint, findtime, getint)
        if policy is None:
            return

        self.start_date = findtime(policy, 'pskc:StartDate')
        self.expiry_date = findtime(policy, 'pskc:ExpiryDate')
        self.number_of_transactions = findint(
            policy, 'pskc:NumberOfTransactions')
        for key_usage in findall(policy, 'pskc:KeyUsage'):
            self.key_usage.append(findtext(key_usage, '.'))

        pin_policy = find(policy, 'pskc:PINPolicy')
        if pin_policy is not None:
            self.pin_key_id = pin_policy.get('PINKeyId')
            self.pin_usage = pin_policy.get('PINUsageMode')
            self.pin_max_failed_attemtps = getint(
                pin_policy, 'MaxFailedAttempts')
            self.pin_min_length = getint(pin_policy, 'MinLength')
            self.pin_max_length = getint(pin_policy, 'MaxLength')
            self.pin_encoding = pin_policy.get('PINEncoding')