python-pskc branch master updated. 0.4-30-ga5e2343
[Date Prev][
Date Next]
[Thread Prev][
Thread Next]
python-pskc branch master updated. 0.4-30-ga5e2343
- From: Commits of the python-pskc project <python-pskc-commits [at] lists.arthurdejong.org>
- To: python-pskc-commits [at] lists.arthurdejong.org
- Reply-to: python-pskc-users [at] lists.arthurdejong.org
- Subject: python-pskc branch master updated. 0.4-30-ga5e2343
- Date: Wed, 11 Jan 2017 23:33:49 +0100 (CET)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-pskc".
The branch, master has been updated
via a5e23430c1e96e773c087b5f9683f021954413d1 (commit)
from 2f7cb1ab571e4415cb652fea095ccbaa052d689a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://arthurdejong.org/git/python-pskc/commit/?id=a5e23430c1e96e773c087b5f9683f021954413d1
commit a5e23430c1e96e773c087b5f9683f021954413d1
Author: Arthur de Jong <arthur@arthurdejong.org>
Date: Wed Jan 11 23:03:07 2017 +0100
Use original examples from old profiles Internet Draft
This updates the tests to use the original examples from
draft-hoyer-keyprov-pskc-algorithm-profiles-01 instead of modifying them
to fit the RFC 6030 schema (but does include some minor changes to make
them valid XML).
This adds a few additions to the parser to handle legacy challenge and
resposne encoding and a few key policy properties.
This also includes a fix for 0b757ec in the handling of the
<ChallengeFormat> element under a <Usage> element.
diff --git a/pskc/parser.py b/pskc/parser.py
index 94d9849..5ba014f 100644
--- a/pskc/parser.py
+++ b/pskc/parser.py
@@ -1,7 +1,7 @@
# parser.py - PSKC file parsing functions
# coding: utf-8
#
-# Copyright (C) 2016 Arthur de Jong
+# Copyright (C) 2016-2017 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -154,9 +154,11 @@ class PSKCParser(object):
challenge_format = find(
key_elm,
- 'AlgorithmParameters/ChallengeFormat', 'Usage/ResponseFormat')
+ 'AlgorithmParameters/ChallengeFormat', 'Usage/ChallengeFormat')
if challenge_format is not None:
- key.challenge_encoding = challenge_format.get('Encoding')
+ key.challenge_encoding = (
+ challenge_format.get('Encoding') or
+ challenge_format.get('Format'))
key.challenge_min_length = getint(challenge_format, 'Min')
key.challenge_max_length = getint(challenge_format, 'Max')
key.challenge_check = getbool(
@@ -167,7 +169,9 @@ class PSKCParser(object):
key_elm,
'AlgorithmParameters/ResponseFormat', 'Usage/ResponseFormat')
if response_format is not None:
- key.response_encoding = response_format.get('Encoding')
+ key.response_encoding = (
+ response_format.get('Encoding') or
+ response_format.get('Format'))
key.response_length = getint(response_format, 'Length')
key.response_check = getbool(
response_format, 'CheckDigits', getbool(
@@ -175,6 +179,16 @@ class PSKCParser(object):
cls.parse_policy(key.policy, find(key_elm, 'Policy'))
+ usage = find(key_elm, 'Usage')
+ if usage is not None:
+ for att in ('OTP', 'CR', 'Integrity', 'Encrypt', 'Unlock'):
+ if getbool(usage, att):
+ key.policy.key_usage.append(att)
+ key.policy.start_date = (
+ findtime(key_elm, 'StartDate') or key.policy.start_date)
+ key.policy.expiry_date = (
+ findtime(key_elm, 'ExpiryDate') or key.policy.expiry_date)
+
@classmethod
def parse_encrypted_value(cls, encrypted_value):
"""Read encryption value from <EncryptedValue> element."""
diff --git
a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml
index 209070a..de8c9f1 100644
---
a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml
+++
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/actividentity-3des.pskcxml
@@ -2,43 +2,41 @@
<!--
ActivIdentity-3DES example from section 8 of
- draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit the schema
- as described in RFC 6030.
+ draft-hoyer-keyprov-pskc-algorithm-profiles-01.
-->
-<KeyContainer Version="1.0" xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
- <KeyPackage>
- <DeviceInfo>
- <Manufacturer>ActivIdentity</Manufacturer>
- <SerialNo>34567890</SerialNo>
- </DeviceInfo>
- <Key
Algorithm="http://www.actividentity.com/2008/04/algorithms/algorithms#ActivIdentity-3DES";
Id="12345677">
- <Issuer>Issuer</Issuer>
- <AlgorithmParameters>
- <ResponseFormat Length="8" Encoding="DECIMAL"/>
- </AlgorithmParameters>
- <Data>
- <Secret>
- <PlainValue>
- MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
- </PlainValue>
- </Secret>
- <Counter>
- <PlainValue>0</PlainValue>
- </Counter>
- <Time>
- <PlainValue>0</PlainValue>
- </Time>
- <TimeInterval>
- <PlainValue>32</PlainValue>
- </TimeInterval>
- <TimeDrift>
- <PlainValue>0</PlainValue>
- </TimeDrift>
- </Data>
- <Policy>
- <KeyUsage>OTP</KeyUsage>
- </Policy>
- </Key>
- </KeyPackage>
+<KeyContainer Version="1.0"
+xmlns="urn:ietf:params:xml:ns:keyprov:pskc:1.0">
+ <Device>
+ <DeviceInfo>
+ <Manufacturer>ActivIdentity</Manufacturer>
+ <SerialNo>34567890</SerialNo>
+ </DeviceInfo>
+ <Key
KeyAlgorithm="http://www.actividentity.com/2008/04/algorithms/algorithms#ActivIdentity-3DES";
+ KeyId="12345677">
+ <Issuer>Issuer</Issuer>
+ <Usage OTP="true">
+ <ResponseFormat Length="8" Format="DECIMAL"/>
+ </Usage>
+ <Data>
+ <Secret>
+ <PlainValue>
+ MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
+ </PlainValue>
+ </Secret>
+ <Counter>
+ <PlainValue>0</PlainValue>
+ </Counter>
+ <Time>
+ <PlainValue>0</PlainValue>
+ </Time>
+ <TimeInterval>
+ <PlainValue>32</PlainValue>
+ </TimeInterval>
+ <TimeDrift>
+ <PlainValue>0</PlainValue>
+ </TimeDrift>
+ </Data>
+ </Key>
+ </Device>
</KeyContainer>
diff --git a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml
index 5519159..3fec51d 100644
--- a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml
+++ b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/ocra.pskcxml
@@ -2,33 +2,32 @@
<!--
OCRA (OATH Challenge Response Algorithm) example from section 3 of
- draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit the schema
- as described in RFC 6030.
+ draft-hoyer-keyprov-pskc-algorithm-profiles-01.
-->
-<KeyContainer Version="1.0" xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
- <KeyPackage>
- <DeviceInfo>
- <Manufacturer>TokenVendorAcme</Manufacturer>
- <SerialNo>987654322</SerialNo>
- </DeviceInfo>
- <Key Id="12345678"
Algorithm="urn:ietf:params:xml:ns:keyprov:pskc#OCRA-1:HOTP-SHA512-8:C-QN08">
- <Issuer>Issuer</Issuer>
- <AlgorithmParameters>
- <ChallengeFormat Min="8" Max="8" Encoding="DECIMAL"/>
- <ResponseFormat Length="8" Encoding="DECIMAL"/>
- </AlgorithmParameters>
- <Data>
- <Secret>
- <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=</PlainValue>
- </Secret>
- <Counter>
- <PlainValue>0</PlainValue>
- </Counter>
- </Data>
- <Policy>
- <KeyUsage>CR</KeyUsage>
- </Policy>
- </Key>
- </KeyPackage>
+<KeyContainer Version="1.0"
+xmlns="urn:ietf:params:xml:ns:keyprov:pskc:1.0">
+ <Device>
+ <DeviceInfo>
+ <Manufacturer>TokenVendorAcme</Manufacturer>
+ <SerialNo>987654322</SerialNo>
+ </DeviceInfo>
+ <Key KeyId="12345678"
+ KeyAlgorithm=
+ "urn:ietf:params:xml:ns:keyprov:pskc#OCRA-1:HOTP-SHA512-8:C-QN08">
+ <Issuer>Issuer</Issuer>
+ <Usage CR="true">
+ <ChallengeFormat Min="8" Max="8" Format="DECIMAL"/>
+ <ResponseFormat Length="8" Format="DECIMAL"/>
+ </Usage>
+ <Data>
+ <Secret>
+ <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=</PlainValue>
+ </Secret>
+ <Counter>
+ <PlainValue>0</PlainValue>
+ </Counter>
+ </Data>
+ </Key>
+ </Device>
</KeyContainer>
diff --git
a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml
index b66bb4c..de1ebb3 100644
---
a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml
+++
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/securid-aes-counter.pskcxml
@@ -2,35 +2,34 @@
<!--
SecurID-AES-Counter example from section 6 of
- draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit the schema
- as described in RFC 6030 and to be valid XML.
+ draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to be valid XML.
-->
-<KeyContainer Version="1.0" xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
- <KeyPackage>
- <DeviceInfo>
- <Manufacturer>RSA, The Security Division of EMC</Manufacturer>
- <SerialNo>123456798</SerialNo>
- </DeviceInfo>
- <Key
Algorithm="http://www.rsa.com/names/2008/04/algorithms/SecurID/SecurID-AES128-Counter";
Id="23456789">
- <Issuer>Issuer</Issuer>
- <AlgorithmParameters>
- <ResponseFormat Length="6" Encoding="DECIMAL"/>
- </AlgorithmParameters>
- <Data>
- <Secret>
- <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
- </PlainValue>
- </Secret>
- <Counter>
- <PlainValue>0</PlainValue>
- </Counter>
- </Data>
- <Policy>
- <KeyUsage>OTP</KeyUsage>
- <StartDate>2006-04-14T00:00:00Z</StartDate>
- <ExpiryDate>2010-09-30T00:00:00Z</ExpiryDate>
- </Policy>
- </Key>
- </KeyPackage>
+<KeyContainer Version="1.0"
+ xmlns="urn:ietf:params:xml:ns:keyprov:pskc:1.0">
+ <Device>
+ <DeviceInfo>
+ <Manufacturer>RSA, The Security Division of EMC</Manufacturer>
+ <SerialNo>123456798</SerialNo>
+ </DeviceInfo>
+ <Key
+
KeyAlgorithm="http://www.rsa.com/names/2008/04/algorithms/SecurID/SecurID-AES128-Counter";
+ KeyId="23456789">
+ <Issuer>Issuer</Issuer>
+ <Usage OTP="true">
+ <ResponseFormat Length="6" Format="DECIMAL"/>
+ </Usage>
+ <StartDate>2006-04-14T00:00:00Z</StartDate>
+ <ExpiryDate>2010-09-30T00:00:00Z</ExpiryDate>
+ <Data>
+ <Secret>
+ <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
+ </PlainValue>
+ </Secret>
+ <Counter>
+ <PlainValue>0</PlainValue>
+ </Counter>
+ </Data>
+ </Key>
+ </Device>
</KeyContainer>
diff --git a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml
b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml
index 16c065b..d4c6efc 100644
--- a/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml
+++ b/tests/draft-hoyer-keyprov-pskc-algorithm-profiles-01/totp.pskcxml
@@ -2,38 +2,38 @@
<!--
TOTP (OATH Time based OTP) example from section 4 of
- draft-hoyer-keyprov-pskc-algorithm-profiles-01 modified to fit the schema
- as described in RFC 6030.
+ draft-hoyer-keyprov-pskc-algorithm-profiles-01.
-->
-<KeyContainer Version="1.0" xmlns="urn:ietf:params:xml:ns:keyprov:pskc">
- <KeyPackage>
- <DeviceInfo>
- <Manufacturer>TokenVendorAcme</Manufacturer>
- <SerialNo>987654323</SerialNo>
- </DeviceInfo>
- <Key Algorithm="urn:ietf:params:xml:ns:keyprov:pskc#totp" Id="987654323">
- <Issuer>Issuer</Issuer>
- <AlgorithmParameters>
- <ResponseFormat Length="6" Encoding="DECIMAL"/>
- </AlgorithmParameters>
- <Data>
- <Secret>
- <PlainValue>MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=</PlainValue>
- </Secret>
- <Time>
- <PlainValue>0</PlainValue>
- </Time>
- <TimeInterval>
- <PlainValue>30</PlainValue>
- </TimeInterval>
- <TimeDrift>
- <PlainValue>4</PlainValue>
- </TimeDrift>
- </Data>
- <Policy>
- <KeyUsage>OTP</KeyUsage>
- </Policy>
- </Key>
- </KeyPackage>
+<KeyContainer Version="1.0"
+xmlns="urn:ietf:params:xml:ns:keyprov:pskc:1.0">
+ <Device>
+ <DeviceInfo>
+ <Manufacturer>TokenVendorAcme</Manufacturer>
+ <SerialNo>987654323</SerialNo>
+ </DeviceInfo>
+ <Key KeyAlgorithm="urn:ietf:params:xml:ns:keyprov:pskc#totp"
+ KeyId="987654323">
+ <Issuer>Issuer</Issuer>
+ <Usage OTP="true">
+ <ResponseFormat Length="6" Format="DECIMAL"/>
+ </Usage>
+ <Data>
+ <Secret>
+ <PlainValue>
+ MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=
+ </PlainValue>
+ </Secret>
+ <Time>
+ <PlainValue>0</PlainValue>
+ </Time>
+ <TimeInterval>
+ <PlainValue>30</PlainValue>
+ </TimeInterval>
+ <TimeDrift>
+ <PlainValue>4</PlainValue>
+ </TimeDrift>
+ </Data>
+ </Key>
+ </Device>
</KeyContainer>
-----------------------------------------------------------------------
Summary of changes:
pskc/parser.py | 22 +++++--
.../actividentity-3des.pskcxml | 72 +++++++++++-----------
.../ocra.pskcxml | 53 ++++++++--------
.../securid-aes-counter.pskcxml | 57 +++++++++--------
.../totp.pskcxml | 64 +++++++++----------
5 files changed, 139 insertions(+), 129 deletions(-)
hooks/post-receive
--
python-pskc
--
To unsubscribe send an email to
python-pskc-commits-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/python-pskc-commits/
- python-pskc branch master updated. 0.4-30-ga5e2343,
Commits of the python-pskc project
