diff --git a/MANIFEST.in b/MANIFEST.in old mode 100755 new mode 100644 diff --git a/PKG-INFO b/PKG-INFO old mode 100755 new mode 100644 index 8a5e911..3056990 --- a/PKG-INFO +++ b/PKG-INFO @@ -1,12 +1,11 @@ Metadata-Version: 1.1 Name: http_ece -Version: 1.0.5 +Version: 1.1.0 Summary: Encrypted Content Encoding for HTTP Home-page: https://github.com/martinthomson/encrypted-content-encoding Author: Martin Thomson Author-email: martin.thomson@gmail.com License: MIT -Description-Content-Type: UNKNOWN Description: Encipher HTTP Messages Keywords: crypto http Platform: UNKNOWN diff --git a/README.rst b/README.rst old mode 100755 new mode 100644 index 7923369..54ac90a --- a/README.rst +++ b/README.rst @@ -2,7 +2,7 @@ encrypted-content-encoding ========================== A simple implementation of the `HTTP encrypted -content-encoding `_ +content-encoding `_ Use --- diff --git a/debian/changelog b/debian/changelog index 68cdc07..cd4c8f6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +http-ece (1.1.0-1) UNRELEASED; urgency=medium + + * import tarball for version 1.1.0 + + -- Benjamin Dauvergne Thu, 07 Dec 2023 11:05:09 +0100 + http-ece (1.0.5-1) unstable; urgency=low * source package automatically created by stdeb 0.8.5 diff --git a/debian/control b/debian/control index 8ddfbdd..95139fc 100644 --- a/debian/control +++ b/debian/control @@ -7,7 +7,7 @@ Build-Depends: debhelper-compat (= 12), flake8, python3-all, python3-coverage, - python3-cryptography, + python3-cryptography (>= 2.5), python3-flake8, python3-mock, python3-nose, diff --git a/http_ece.egg-info/PKG-INFO b/http_ece.egg-info/PKG-INFO old mode 100755 new mode 100644 index 5f71d86..9e9de07 --- a/http_ece.egg-info/PKG-INFO +++ b/http_ece.egg-info/PKG-INFO @@ -1,12 +1,11 @@ Metadata-Version: 1.1 Name: http-ece -Version: 1.0.5 +Version: 1.1.0 Summary: Encrypted Content Encoding for HTTP Home-page: https://github.com/martinthomson/encrypted-content-encoding Author: Martin Thomson Author-email: martin.thomson@gmail.com License: MIT -Description-Content-Type: UNKNOWN Description: Encipher HTTP Messages Keywords: crypto http Platform: UNKNOWN diff --git a/http_ece.egg-info/SOURCES.txt b/http_ece.egg-info/SOURCES.txt old mode 100755 new mode 100644 diff --git a/http_ece.egg-info/dependency_links.txt b/http_ece.egg-info/dependency_links.txt old mode 100755 new mode 100644 diff --git a/http_ece.egg-info/requires.txt b/http_ece.egg-info/requires.txt old mode 100755 new mode 100644 index 8884489..34d60e5 --- a/http_ece.egg-info/requires.txt +++ b/http_ece.egg-info/requires.txt @@ -1 +1 @@ -cryptography>=1.9 +cryptography>=2.5 diff --git a/http_ece.egg-info/top_level.txt b/http_ece.egg-info/top_level.txt old mode 100755 new mode 100644 diff --git a/http_ece/__init__.py b/http_ece/__init__.py old mode 100755 new mode 100644 index 8f12a09..cab6ada --- a/http_ece/__init__.py +++ b/http_ece/__init__.py @@ -9,6 +9,9 @@ from cryptography.hazmat.primitives.kdf.hkdf import HKDF from cryptography.hazmat.primitives.ciphers import ( Cipher, algorithms, modes ) +from cryptography.hazmat.primitives.serialization import ( + Encoding, PublicFormat +) from cryptography.hazmat.primitives.asymmetric import ec MAX_RECORD_SIZE = pow(2, 31) - 1 @@ -24,11 +27,13 @@ versions = { "aesgcm128": {"pad": 1}, } + class ECEException(Exception): """Exception for ECE encryption functions""" def __init__(self, message): self.message = message + def derive_key(mode, version, salt, key, private_key, dh, auth_secret, keyid, keylabel="P-256"): @@ -64,15 +69,20 @@ def derive_key(mode, version, salt, key, def derive_dh(mode, version, private_key, dh, keylabel): def length_prefix(key): return struct.pack("!H", len(key)) + key - if isinstance(dh, ec.EllipticCurvePublicKey): pubkey = dh - dh = dh.public_numbers().encode_point() + dh = dh.public_bytes( + Encoding.X962, + PublicFormat.UncompressedPoint) else: - numbers = ec.EllipticCurvePublicNumbers.from_encoded_point(ec.SECP256R1(), dh) - pubkey = numbers.public_key(default_backend()) + pubkey = ec.EllipticCurvePublicKey.from_encoded_point( + ec.SECP256R1(), + dh + ) - encoded = private_key.public_key().public_numbers().encode_point() + encoded = private_key.public_key().public_bytes( + Encoding.X962, + PublicFormat.UncompressedPoint) if mode == "encrypt": sender_pub_key = encoded receiver_pub_key = dh @@ -243,7 +253,7 @@ def decrypt(content, salt=None, key=None, if version == "aes128gcm": try: content_header = parse_content_header(content) - except: + except Exception: raise ECEException("Could not parse the content header") salt = content_header['salt'] rs = content_header['rs'] @@ -386,7 +396,9 @@ def encrypt(content, salt=None, key=None, counter += 1 if version == "aes128gcm": if keyid is None and private_key is not None: - kid = private_key.public_key().public_numbers().encode_point() + kid = private_key.public_key().public_bytes( + Encoding.X962, + PublicFormat.UncompressedPoint) else: kid = (keyid or '').encode('utf-8') return compose_aes128gcm(salt, result, rs, keyid=kid) diff --git a/setup.cfg b/setup.cfg old mode 100755 new mode 100644 diff --git a/setup.py b/setup.py index e343360..3757b0f 100755 --- a/setup.py +++ b/setup.py @@ -10,7 +10,7 @@ with io.open(os.path.join(here, 'README.rst'), encoding='utf8') as f: setup( name='http_ece', - version='1.0.5', + version='1.1.0', author='Martin Thomson', author_email='martin.thomson@gmail.com', scripts=[], @@ -27,7 +27,7 @@ setup( ], keywords='crypto http', install_requires=[ - 'cryptography>=1.9', + 'cryptography>=2.5', ], tests_require=[ 'nose',