lists.arthurdejong.org
RSS feed

Re: PSKC XML ActivIdentity format

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: PSKC XML ActivIdentity format



On Sat, 2016-12-17 at 19:30 +0000, Jaap Ruijgrok wrote:
> I try to use python-pskc/0.4 to read a PSKC XML file provided with
> OATH compliant ActivIdentity tokens; see attachment.
> It is supposed to be RFC 6020 compliant and the encryption method is
> AES 128 CBC.
> I do have the corresponding ‘transport key’.
> However, I’m not sure how to process this using the python-pskc tool.
> Output received so far:
> >>> from pskc import PSKC
> >>> pskc = PSKC('test.pskc')
> Traceback (most recent call last):
>   File "<stdin>", line 1, in <module>
>   File "/usr/local/lib/python2.7/dist-packages/pskc/__init__.py",
> line 79, in __init__
>     self.parse(tree.getroot())
>   File "/usr/local/lib/python2.7/dist-packages/pskc/__init__.py",
> line 93, in parse
>     raise ParseError('Unsupported version %r' % self.version)
> pskc.exceptions.ParseError: Unsupported version None

The problem is that the KeyContainer element in the provided PSKC file
has a version attribute (all lower case) while RFC 6030 specifies a
Version attribute (first letter should be a capital). I'll look into
making the attribute name matching case insensitive.

As a work-around for now you can comment out raising of ParseError on
line 93 of __init__.py.

You should then be able to do something like:

>>> from binascii import a2b_hex, b2a_hex
>>> from pskc import PSKC
>>> pskc = PSKC('test.pskc')
>>> pskc.encryption.key = a2b_hex('12345678901234567890123456789012')
>>> for key in pskc.keys:
...     print key.id, b2a_hex(key.secret), key.counter

You have to replace the value you pass to set up the encryption key
correctly (transport key). The example above is for a hex-encoded
value. The PSKC module expects a binary value for the key.

I would like to add the ActivIdentity file to the test suite. Do you
have one with a corresponding transport key?

Kind regards,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --
-- 
To unsubscribe send an email to
python-pskc-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/python-pskc-users/