Package keyczar :: Module keyinfo
[hide private]
[frames] | no frames]

Source Code for Module keyczar.keyinfo

  1  #!/usr/bin/python2.4 
  2  # 
  3  # Copyright 2008 Google Inc. 
  4  # 
  5  # Licensed under the Apache License, Version 2.0 (the "License"); 
  6  # you may not use this file except in compliance with the License. 
  7  # You may obtain a copy of the License at 
  8  #  
  9  #      http://www.apache.org/licenses/LICENSE-2.0 
 10  #  
 11  # Unless required by applicable law or agreed to in writing, software 
 12  # distributed under the License is distributed on an "AS IS" BASIS, 
 13  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
 14  # See the License for the specific language governing permissions and 
 15  # limitations under the License. 
 16   
 17  """ 
 18  Defines several 'enums' encoding information about keys, such as type, 
 19  status, purpose, and the cipher mode. 
 20   
 21  @author: arkajit.dey@gmail.com (Arkajit Dey) 
 22  """ 
 23   
24 -class _NameId(object):
25 - def __init__(self, name, id):
26 self.name = name 27 self.id = id
28
29 - def __str__(self):
30 return self.name
31
32 -class KeyType(_NameId):
33 """ 34 Encodes different key types and their properties: 35 - AES 36 - HMAC-SHA1 37 - DSA Private 38 - DSA Public 39 - RSA Private 40 - RSA Public 41 """ 42 43 sizes = property(lambda self: self.__sizes, 44 doc="""List of valid key sizes for this key type.""") 45 # clients can't modify sizes 46
47 - def __init__(self, name, id, sizes, output_size):
48 _NameId.__init__(self, name, id) 49 self.__sizes = sizes 50 self.output_size = output_size 51 self.default_size = self.__sizes[0]
52
53 - def IsValidSize(self, size):
54 return size in self.__sizes
55 56 AES = KeyType("AES", 0, [128, 192, 256], 0) 57 HMAC_SHA1 = KeyType("HMAC_SHA1", 1, [256], 20) 58 DSA_PRIV = KeyType("DSA_PRIV", 2, [1024], 48) 59 DSA_PUB = KeyType("DSA_PUB", 3, [1024], 48) 60 RSA_PRIV = KeyType("RSA_PRIV", 4, [2048, 1024, 768, 512], 256) 61 RSA_PUB = KeyType("RSA_PUB", 4, [2048, 1024, 768, 512], 256) 62 types = {"AES": AES, "HMAC_SHA1": HMAC_SHA1, "DSA_PRIV": DSA_PRIV, 63 "DSA_PUB": DSA_PUB, "RSA_PRIV": RSA_PRIV, "RSA_PUB": RSA_PUB} 64
65 -def GetType(name):
66 if name in types: 67 return types[name]
68
69 -class KeyStatus(_NameId):
70 """ 71 Encodes the different possible statuses of a key: 72 - Primary: can be used to encrypt and sign new data 73 - Active: can be used to decrypt or verify data signed previously 74 - Inactive: can do the same functions as an active key, but about 75 to be revoked 76 """
77 78 PRIMARY = KeyStatus("PRIMARY", 0) 79 ACTIVE = KeyStatus("ACTIVE", 1) 80 INACTIVE = KeyStatus("INACTIVE", 2) 81 statuses = {"PRIMARY": PRIMARY, "ACTIVE": ACTIVE, "INACTIVE": INACTIVE} 82
83 -def GetStatus(value):
84 if value in statuses: 85 return statuses[value]
86
87 -class KeyPurpose(_NameId):
88 """ 89 Encodes the different possible purposes for which a key can be used: 90 - Decrypt and Encrypt 91 - Encrypt (only) 92 - Sign and Verify 93 - Verify (only) 94 """
95 96 DECRYPT_AND_ENCRYPT = KeyPurpose("DECRYPT_AND_ENCRYPT", 0) 97 ENCRYPT = KeyPurpose("ENCRYPT", 1) 98 SIGN_AND_VERIFY = KeyPurpose("SIGN_AND_VERIFY", 2) 99 VERIFY = KeyPurpose("VERIFY", 3) 100 purposes = {"DECRYPT_AND_ENCRYPT": DECRYPT_AND_ENCRYPT, "ENCRYPT": ENCRYPT, 101 "SIGN_AND_VERIFY": SIGN_AND_VERIFY, "VERIFY": VERIFY} 102
103 -def GetPurpose(name):
104 if name in purposes: 105 return purposes[name]
106
107 -class CipherMode(_NameId):
108 """ 109 Encodes the different possible modes for a cipher: 110 - Cipher Block Chaining (CBC) 111 - Counter (CTR) 112 - Electronic Code Book (ECB) 113 - Cipher Block Chaining without IV (DET-CBC) 114 """ 115
116 - def __init__(self, name, id, use_iv, OutputSizeFn):
117 _NameId.__init__(self, name, id) 118 self.use_iv = use_iv 119 self.GetOutputSize = OutputSizeFn
120 121 CBC = CipherMode("CBC", 0, True, lambda b, i: (i/b + 2) * b) 122 CTR = CipherMode("CTR", 1, True, lambda b, i: i + b / 2) 123 ECB = CipherMode("ECB", 2, False, lambda b, i: b) 124 DET_CBC = CipherMode("DET_CBC", 3, False, lambda b, i: (i / b + 1) * b) 125 modes = {"CBC": CBC, "CTR": CTR, "ECB": ECB, "DET_CBC": DET_CBC} 126
127 -def GetMode(name):
128 if name in modes: 129 return modes[name]
130