1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 """
18 Defines several 'enums' encoding information about keys, such as type,
19 status, purpose, and the cipher mode.
20
21 @author: arkajit.dey@gmail.com (Arkajit Dey)
22 """
23
26 self.name = name
27 self.id = id
28
31
33 """
34 Encodes different key types and their properties:
35 - AES
36 - HMAC-SHA1
37 - DSA Private
38 - DSA Public
39 - RSA Private
40 - RSA Public
41 """
42
43 sizes = property(lambda self: self.__sizes,
44 doc="""List of valid key sizes for this key type.""")
45
46
47 - def __init__(self, name, id, sizes, output_size):
48 _NameId.__init__(self, name, id)
49 self.__sizes = sizes
50 self.output_size = output_size
51 self.default_size = self.__sizes[0]
52
54 return size in self.__sizes
55
56 AES = KeyType("AES", 0, [128, 192, 256], 0)
57 HMAC_SHA1 = KeyType("HMAC_SHA1", 1, [256], 20)
58 DSA_PRIV = KeyType("DSA_PRIV", 2, [1024], 48)
59 DSA_PUB = KeyType("DSA_PUB", 3, [1024], 48)
60 RSA_PRIV = KeyType("RSA_PRIV", 4, [2048, 1024, 768, 512], 256)
61 RSA_PUB = KeyType("RSA_PUB", 4, [2048, 1024, 768, 512], 256)
62 types = {"AES": AES, "HMAC_SHA1": HMAC_SHA1, "DSA_PRIV": DSA_PRIV,
63 "DSA_PUB": DSA_PUB, "RSA_PRIV": RSA_PRIV, "RSA_PUB": RSA_PUB}
64
68
70 """
71 Encodes the different possible statuses of a key:
72 - Primary: can be used to encrypt and sign new data
73 - Active: can be used to decrypt or verify data signed previously
74 - Inactive: can do the same functions as an active key, but about
75 to be revoked
76 """
77
78 PRIMARY = KeyStatus("PRIMARY", 0)
79 ACTIVE = KeyStatus("ACTIVE", 1)
80 INACTIVE = KeyStatus("INACTIVE", 2)
81 statuses = {"PRIMARY": PRIMARY, "ACTIVE": ACTIVE, "INACTIVE": INACTIVE}
82
86
88 """
89 Encodes the different possible purposes for which a key can be used:
90 - Decrypt and Encrypt
91 - Encrypt (only)
92 - Sign and Verify
93 - Verify (only)
94 """
95
96 DECRYPT_AND_ENCRYPT = KeyPurpose("DECRYPT_AND_ENCRYPT", 0)
97 ENCRYPT = KeyPurpose("ENCRYPT", 1)
98 SIGN_AND_VERIFY = KeyPurpose("SIGN_AND_VERIFY", 2)
99 VERIFY = KeyPurpose("VERIFY", 3)
100 purposes = {"DECRYPT_AND_ENCRYPT": DECRYPT_AND_ENCRYPT, "ENCRYPT": ENCRYPT,
101 "SIGN_AND_VERIFY": SIGN_AND_VERIFY, "VERIFY": VERIFY}
102
106
108 """
109 Encodes the different possible modes for a cipher:
110 - Cipher Block Chaining (CBC)
111 - Counter (CTR)
112 - Electronic Code Book (ECB)
113 - Cipher Block Chaining without IV (DET-CBC)
114 """
115
116 - def __init__(self, name, id, use_iv, OutputSizeFn):
117 _NameId.__init__(self, name, id)
118 self.use_iv = use_iv
119 self.GetOutputSize = OutputSizeFn
120
121 CBC = CipherMode("CBC", 0, True, lambda b, i: (i/b + 2) * b)
122 CTR = CipherMode("CTR", 1, True, lambda b, i: i + b / 2)
123 ECB = CipherMode("ECB", 2, False, lambda b, i: b)
124 DET_CBC = CipherMode("DET_CBC", 3, False, lambda b, i: (i / b + 1) * b)
125 modes = {"CBC": CBC, "CTR": CTR, "ECB": ECB, "DET_CBC": DET_CBC}
126
130